From owner-freebsd-current@FreeBSD.ORG Tue Apr 22 07:37:42 2014 Return-Path: Delivered-To: freebsd-current@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 8F12E872 for ; Tue, 22 Apr 2014 07:37:42 +0000 (UTC) Received: from smtp.mei.co.jp (smtp.mei.co.jp [133.183.100.20]) by mx1.freebsd.org (Postfix) with ESMTP id 33DAD1F39 for ; Tue, 22 Apr 2014 07:37:41 +0000 (UTC) Received: from mail-gw.jp.panasonic.com ([157.8.1.157]) by smtp.mei.co.jp (8.12.11.20060614/3.7W/kc-maile11) with ESMTP id s3M7MBDw008269 for ; Tue, 22 Apr 2014 16:22:11 +0900 (JST) Received: from epochmail.jp.panasonic.com ([157.8.1.130]) by mail.jp.panasonic.com (8.11.6p2/3.7W/kc-maili16) with ESMTP id s3M7MBM07444 for ; Tue, 22 Apr 2014 16:22:11 +0900 Received: by epochmail.jp.panasonic.com (8.12.11.20060308/3.7W/lomi15) id s3M7MBbT017173 for freebsd-current@freebsd.org; Tue, 22 Apr 2014 16:22:11 +0900 From: takehara.mikihito@jp.panasonic.com Received: from jp.panasonic.com by lomi15.jp.panasonic.com (8.12.11.20060308/3.7W) with SMTP id s3M7M9oI017114 for ; Tue, 22 Apr 2014 16:22:09 +0900 To: freebsd-current@freebsd.org Subject: uninitialized journal data written in SU+J ? Date: Tue, 22 Apr 2014 16:21:43 +0900 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit X-Mailer: HidemaruMail 6.22 (WinNT,601) Message-Id: X-BeenThere: freebsd-current@freebsd.org X-Mailman-Version: 2.1.17 Precedence: list List-Id: Discussions about the use of FreeBSD-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Apr 2014 07:37:42 -0000 Hello, I'm testing UFS with SU+J. But it seems sometimes broken journal data has written. In softdep_process_journal (ffs_softdep.c), there is a while code to build jsegrec and each entry. But by my test, sometimes there is no entry then break this while code without building jsegrec. If this happens, bp->b_data is not initialized but this bp is written, I think. I checked this behavior by following patch. ============================================================================================ diff --git a/sys/ufs/ffs/ffs_softdep.c b/sys/ufs/ffs/ffs_softdep.c index 585af50..2d4939c 100644 --- a/sys/ufs/ffs/ffs_softdep.c +++ b/sys/ufs/ffs/ffs_softdep.c @@ -3421,6 +3421,15 @@ softdep_process_journal(mp, needwk, flags) data = bp->b_data + off; cnt--; } + +#if 1 + if (off == 0) { + struct jsegrec *tmp = (struct jsegrec*)bp->b_data; + if (tmp->jsr_seq != jseg->js_seq) { + panic("test test"); + } + } +#endif /* * Write this one buffer and continue. */ ============================================================================================ If uninitialized data is "valid" by fsck suj, this may result filesystem corruption, I think. I think it's better to clear b_data before using it.