On Fri, May 13, 2016 at 05:07:02PM -0700, Liu Bo wrote: > Thanks to fuzz testing, we can have invalid btree root node height.
Shouldn't we do this kind of sanity checks earlier? Not at the search slot time but when it's read from disk. The check that you're adding can stay, but without the early check we could hit it very often thus making it very noisy. > Btrfs limits btree height to 7 and if the given height is 9, then btrfs > will have problems in both releasing root node's lock and freeing the node. > > Signed-off-by: Liu Bo <[email protected]> > --- > fs/btrfs/ctree.c | 7 +++++++ > 1 file changed, 7 insertions(+) > > diff --git a/fs/btrfs/ctree.c b/fs/btrfs/ctree.c > index ec7928a..3fccbcc 100644 > --- a/fs/btrfs/ctree.c > +++ b/fs/btrfs/ctree.c > @@ -2756,6 +2756,13 @@ again: > } > } > } > + if (level > BTRFS_MAX_LEVEL - 1 || level < 0) { > + WARN_ONCE(1, KERN_WARNING "Invalid btree height %d\n", level); > + if (!p->skip_locking) > + btrfs_tree_unlock_rw(b, root_lock); > + free_extent_buffer(b); > + return -EINVAL; > + } > p->nodes[level] = b; > if (!p->skip_locking) > p->locks[level] = root_lock; > -- > 2.5.5 > > -- > To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in > the body of a message to [email protected] > More majordomo info at http://vger.kernel.org/majordomo-info.html -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
