NetBSD Problem Report #33777
From simonb@thistledown.com.au Tue Jun 20 16:29:02 2006
Return-Path: <simonb@thistledown.com.au>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by narn.NetBSD.org (Postfix) with ESMTP id 0809A63B888
for <gnats-bugs@gnats.NetBSD.org>; Tue, 20 Jun 2006 16:29:02 +0000 (UTC)
Message-Id: <20060620143845.7D44C23989@thoreau.thistledown.com.au>
Date: Wed, 21 Jun 2006 00:38:45 +1000 (EST)
From: Simon Burge <simonb@netbsd.org>
Reply-To: Simon Burge <simonb@netbsd.org>
To: gnats-bugs@NetBSD.org
Subject: ftruncate broken on extend on ffs with large page size
X-Send-Pr-Version: 3.95
>Number: 33777
>Category: kern
>Synopsis: ftruncate broken on extend on ffs with large page size
>Confidential: no
>Severity: serious
>Priority: low
>Responsible: yamt
>State: analyzed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Jun 20 16:30:00 +0000 2006
>Closed-Date:
>Last-Modified: Tue Dec 12 06:27:14 +0000 2006
>Originator: Simon Burge <simonb@netbsd.org>
>Release: All? Observerd on alpha with 1.6ZG and walnut with 3.99.21
>Organization:
>Environment:
>Description:
ftruncate has a problem where it doesn't zero-fill data when a
file is extended under some circumstances. It appears to be if
you extend a file to a page sized boundary on a filesystem where
the ffs block size is half the page size. I've observed this
on a Walnut (16kB page size on ffs with 8kB block size) running
NetBSD 3.99.21 and an Alpha (8kB page size on an ffs with 4kB
block size) running NetBSD 1.6ZG.
>How-To-Repeat:
Run the following program on a system where the pagesize is
double the size of the ffs block size, and observe output of
non-zeros.
#include <err.h>
#include <fcntl.h>
#include <string.h>
#include <unistd.h>
#define BUFLEN 0x10
main(int argc, char **argv)
{
int fd, i, pgsize;
char buf[BUFLEN];
pgsize = getpagesize();
if (argc < 2)
errx(1, "usage");
unlink(argv[1]);
fd = open(argv[1], O_RDWR | O_CREAT | O_TRUNC, 0644);
if (fd < 0)
err(1, "open: %s", argv[1]);
for (i = 0; i < sizeof(buf); i++)
buf[i] = i + 'A';
pwrite(fd, buf, sizeof(buf), pgsize - 0x10);
ftruncate(fd, pgsize / 2);
ftruncate(fd, pgsize);
pread(fd, buf, sizeof(buf), pgsize - 0x10);
printf("buf =");
for (i = 0; i < BUFLEN; i++)
printf(" %02x", buf[i]);
printf("\n");
close(fd);
exit(0);
}
>Fix:
None given...
ffs_truncate() calls ufs_balloc_range() then basically returns.
The comment above ufs_balloc_range() says
* after this function returns, any page entirely contained within the range
* will map to invalid data and thus must be overwritten before it is made
* accessible to others.
which seems to indicate we should be zero'ing something
somewhere. I've no idea why this problem is showing up only
with certain specific page size and block size combinations.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: kern-bug-people->yamt
Responsible-Changed-By: yamt@netbsd.org
Responsible-Changed-When: Mon, 16 Oct 2006 08:59:24 +0000
Responsible-Changed-Why:
i'll take a look.
From: YAMAMOTO Takashi <yamt@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: PR/33777 CVS commit: src/sys/ufs/ffs
Date: Tue, 17 Oct 2006 11:39:18 +0000 (UTC)
Module Name: src
Committed By: yamt
Date: Tue Oct 17 11:39:18 UTC 2006
Modified Files:
src/sys/ufs/ffs: ffs_inode.c
Log Message:
ffs_truncate: don't forget to zero the past eof in the case of
blocksize < pagesize. PR/33777 from Simon Burge.
XXX check other filesystems, esp. lfs.
To generate a diff of this commit:
cvs rdiff -r1.84 -r1.85 src/sys/ufs/ffs/ffs_inode.c
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: open->feedback
State-Changed-By: yamt@netbsd.org
State-Changed-When: Tue, 17 Oct 2006 11:41:11 +0000
State-Changed-Why:
please try ffs_inode.c rev.1.85.
From: Simon Burge <simonb@NetBSD.org>
To: gnats-bugs@NetBSD.org
Cc: yamt@NetBSD.org, gnats-admin@netbsd.org, netbsd-bugs@netbsd.org
Subject: Re: PR/33777 CVS commit: src/sys/ufs/ffs
Date: Sat, 21 Oct 2006 23:19:07 +1000
YAMAMOTO Takashi wrote:
> The following reply was made to PR kern/33777; it has been noted by GNATS.
>
> From: YAMAMOTO Takashi <yamt@netbsd.org>
> To: gnats-bugs@NetBSD.org
> Cc:
> Subject: PR/33777 CVS commit: src/sys/ufs/ffs
> Date: Tue, 17 Oct 2006 11:39:18 +0000 (UTC)
>
> Module Name: src
> Committed By: yamt
> Date: Tue Oct 17 11:39:18 UTC 2006
>
> Modified Files:
> src/sys/ufs/ffs: ffs_inode.c
>
> Log Message:
> ffs_truncate: don't forget to zero the past eof in the case of
> blocksize < pagesize. PR/33777 from Simon Burge.
> XXX check other filesystems, esp. lfs.
I can confirm that a -current kernel (with this change) doesn't have the
problem on a Walnut.
Should the PR be closed before other filesystems have been checked?
Thanks,
Simon.
State-Changed-From-To: feedback->analyzed
State-Changed-By: yamt@netbsd.org
State-Changed-When: Tue, 12 Dec 2006 06:27:14 +0000
State-Changed-Why:
have already gotten a feedback.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.