Re: [git pull] vfs part 2

From: Andrey Ryabinin
Date: Mon Jun 22 2015 - 08:02:24 EST

Next message: Luis de Bethencourt: "[PATCH v2] staging: comedi: das08_cs: don't split Author string"
Previous message: Xi Ruoyao: "Re: [PATCH] Bluetooth: btusb: Add Realtek devices into module device table"
In reply to: Al Viro: "Re: [git pull] vfs part 2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On 06/22/2015 12:12 AM, Al Viro wrote:
> On Thu, Apr 23, 2015 at 01:16:15PM +0300, Andrey Ryabinin wrote:
>> This change caused following:
>
>> This could happen when p9pdu_readf() changes 'count' to some value > iov_iter_count(from):
>>
>> p9_client_write():
>> <...>
>> int count = iov_iter_count(from);
>> <...>
>> *err = p9pdu_readf(req->rc, clnt->proto_version, "d", &count);
>> <...>
>> iov_iter_advance(from, count);
>
> *blink*
>
> That's a bug, all right, but I would love to see how you trigger it.
> It would require server to respond to "write that many bytes" with "OK,
> <greater number> bytes written". We certainly need to cope with that
> (we can't trust the server to be sane), but if that's what is going on,
> you've got a server bug as well.
>
> Could you check if the patch below triggers WARN_ON() in it on your
> reproducer? p9_client_read() has a similar issue as well...
>

I've tried something like your patch before to check the read side
and I haven't seen anything before and don't see it right now.
Though, this doesn't mean that there is no problem with read.
I mean that trinity hits this on write and may just not hit this on read.

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
Please read the FAQ at http://www.tux.org/lkml/

Next message: Luis de Bethencourt: "[PATCH v2] staging: comedi: das08_cs: don't split Author string"
Previous message: Xi Ruoyao: "Re: [PATCH] Bluetooth: btusb: Add Realtek devices into module device table"
In reply to: Al Viro: "Re: [git pull] vfs part 2"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]