On Fri, 2011-01-28 at 13:34 -0500, Trond Myklebust wrote: > On Fri, 2011-01-28 at 12:41 -0500, Chuck Lever wrote: > > On recent 2.6.38-rc kernels, connectathon basic test 6 fails on > > NFSv4 mounts of OpenSolaris with something like: > > > > > ./test6: readdir > > > ./test6: (/mnt/klimt/matisse.test) didn't read expected 'file.12' dir entry, pass 0 > > > ./test6: (/mnt/klimt/matisse.test) didn't read expected 'file.82' dir entry, pass 0 > > > ./test6: (/mnt/klimt/matisse.test) didn't read expected 'file.164' dir entry, pass 0 > > > ./test6: (/mnt/klimt/matisse.test) Test failed with 3 errors > > > basic tests failed > > > Tests failed, leaving /mnt/klimt mounted > > > [cel@matisse cthon04]$ > > > > I narrowed the problem down to nfs4_decode_direct() reporting that the > > decode buffer had overflowed while decoding the entries for those > > missing files. > > > > verify_attr_len() assumes both it's pointer arguments reside on the > > same page. When these arguments point to locations on two different > > pages, verify_attr_len() can report false errors. This can happen now > > that a large NFSv4 readdir result can span pages. > > > > We have reasonably good checking in nfs4_decode_dirent() anyway, so > > it should be safe to simply remove the extra checking. > > > > At a guess, this was introduced by commit 6650239a, "NFS: Don't use > > vm_map_ram() in readdir". > > > > Cc: stable@xxxxxxxxxx [2.6.37] > > Signed-off-by: Chuck Lever <chuck.lever@xxxxxxxxxx> > > --- > > > > fs/nfs/nfs4xdr.c | 3 --- > > 1 files changed, 0 insertions(+), 3 deletions(-) > > > > diff --git a/fs/nfs/nfs4xdr.c b/fs/nfs/nfs4xdr.c > > index 009aef9..4e2c168 100644 > > --- a/fs/nfs/nfs4xdr.c > > +++ b/fs/nfs/nfs4xdr.c > > @@ -6132,9 +6132,6 @@ int nfs4_decode_dirent(struct xdr_stream *xdr, struct nfs_entry *entry, > > if (entry->fattr->valid & NFS_ATTR_FATTR_TYPE) > > entry->d_type = nfs_umode_to_dtype(entry->fattr->mode); > > > > - if (verify_attr_len(xdr, p, len) < 0) > > - goto out_overflow; > > - > > return 0; > > > > out_overflow: > > > > I'm assuming that this is 'Cc: stable@xxxxxxxxxx [2.6.37]'? Duh... I didn't read the s.o.b.s before replying. Sorry... -- Trond Myklebust Linux NFS client maintainer NetApp Trond.Myklebust@xxxxxxxxxx www.netapp.com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
