Re: [PATCH v2] xfs: use null daddr for unset first bad log block

From: Darrick J. Wong

Date: Tue Jun 30 2026 - 12:05:18 EST


On Tue, Jun 30, 2026 at 12:06:07PM +0200, Yousef Alhouseen wrote:
> xlog_do_recovery_pass() may return before setting first_bad. The caller
> must distinguish that case from an error at a valid log block, including
> block zero after the log wraps.
>
> Initialize first_bad to XFS_BUF_DADDR_NULL and test it explicitly before
> treating the error as a torn write.
>
> Fixes: 7088c4136fa1 ("xfs: detect and trim torn writes during log recovery")
> Suggested-by: Darrick J. Wong <djwong@xxxxxxxxxx>
> Reported-by: syzbot+b7dfbed0c6c2b5e9fd34@xxxxxxxxxxxxxxxxxxxxxxxxx
> Closes: https://syzkaller.appspot.com/bug?extid=b7dfbed0c6c2b5e9fd34
> Cc: stable@xxxxxxxxxxxxxxx

Cc: <stable@xxxxxxxxxxxxxxx> # v4.5

> Signed-off-by: Yousef Alhouseen <alhouseenyousef@xxxxxxxxx>

Much better now, thanks.
Reviewed-by: "Darrick J. Wong" <djwong@xxxxxxxxxx>

--D

> ---
> Changes in v2:
> - Use XFS_BUF_DADDR_NULL instead of zero as the unset sentinel.
> - Test the sentinel explicitly before handling a torn write.
>
> fs/xfs/xfs_log_recover.c | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>
> diff --git a/fs/xfs/xfs_log_recover.c b/fs/xfs/xfs_log_recover.c
> index 09e6678ca487..5f984bf5698a 100644
> --- a/fs/xfs/xfs_log_recover.c
> +++ b/fs/xfs/xfs_log_recover.c
> @@ -1028,7 +1028,7 @@ xlog_verify_head(
> {
> struct xlog_rec_header *tmp_rhead;
> char *tmp_buffer;
> - xfs_daddr_t first_bad;
> + xfs_daddr_t first_bad = XFS_BUF_DADDR_NULL;
> xfs_daddr_t tmp_rhead_blk;
> int found;
> int error;
> @@ -1057,7 +1057,8 @@ xlog_verify_head(
> */
> error = xlog_do_recovery_pass(log, *head_blk, tmp_rhead_blk,
> XLOG_RECOVER_CRCPASS, &first_bad);
> - if ((error == -EFSBADCRC || error == -EFSCORRUPTED) && first_bad) {
> + if ((error == -EFSBADCRC || error == -EFSCORRUPTED) &&
> + first_bad != XFS_BUF_DADDR_NULL) {
> /*
> * We've hit a potential torn write. Reset the error and warn
> * about it.
> @@ -3575,4 +3576,3 @@ xlog_recover_cancel(
> if (xlog_recovery_needed(log))
> xlog_recover_cancel_intents(log);
> }
> -
> --
> 2.54.0
>