On 2/5/21 12:24 AM, Zygo Blaxell wrote:
On Mon, Feb 01, 2021 at 10:28:20PM +0100, Goffredo Baroncelli wrote:
From: Goffredo Baroncelli <kreij...@inwind.it>
[...]
Hi Zygo
Well, I guess if you're going to keep putting the mount option in each
new patch version, then I'm going to keep saying "please remove the
mount option" from each new patch version.
The right side of this || can be deleted, and the entire patch 4/5
(which adds the mount option).
In the next iteration I will move the "mount option" patch at the end of the
chain; this will help you to remove this part of the patch that you don't like.
[...]
(gdb) l *(btrfs_alloc_chunk+0x74b)
0xffffffff8190c3ab is in btrfs_alloc_chunk (fs/btrfs/volumes.c:5047).
5042 ndevs = 0;
5043 while (ndevs < ctl->ndevs) {
5044 hint = devices_info[ndevs++].alloc_hint;
5045 while (devices_info[ndevs].alloc_hint == hint &&
5046 ndevs < ctl->ndevs)
this check is WRONG. The left and right side of && have to be swapped.
Otherwise it is possible
an access to the last element+1 of the array before the out of bound check.
My fault.
5047 ndevs++;
5048 if (ndevs >= ctl->devs_min)
5049 break;
5050 }
5051
BR
G.Baroncelli
+ if (ndevs >= ctl->devs_min)
+ break;
+ }
+
+ BUG_ON(ndevs > ctl->ndevs);
+ ctl->ndevs = ndevs;
+
return 0;
}
diff --git a/fs/btrfs/volumes.h b/fs/btrfs/volumes.h
index d776b7f55d56..31a3e4cf93b5 100644
--- a/fs/btrfs/volumes.h
+++ b/fs/btrfs/volumes.h
@@ -364,6 +364,7 @@ struct btrfs_device_info {
u64 dev_offset;
u64 max_avail;
u64 total_avail;
+ int alloc_hint;
};
struct btrfs_raid_attr {
--
2.30.0
--
gpg @keyserver.linux.it: Goffredo Baroncelli <kreijackATinwind.it>
Key fingerprint BBF5 1610 0B64 DAC6 5F7D 17B2 0EDA 9B37 8B82 E0B5
