The 48-bit chunk format flag was being set inside erofs_blob_write_chunked_file right after erofs_blob_getchunk returns. At that point chunk->blkaddr is the chunk's offset in the temporary blob buffer, not the final image address. The real address is only known after erofs_mkfs_dump_blobs applies remapped_base, so a chunk that lands above UINT32_MAX after remapping may not get flagged at all, producing a corrupt image.
Fix this by introducing erofs_inode_fixup_chunkformat() which walks the chunk array after remapped_base is finalized and sets the 48-bit flag if any chunk address exceeds UINT32_MAX. The fixup is called from erofs_iflush so that the correct chunkformat is written into the on-disk inode header. Both blob chunks (remapped_base + chunk->blkaddr) and device chunks (chunk->blkaddr directly) are handled. Signed-off-by: Puneeth Aditya <[email protected]> --- include/erofs/blobchunk.h | 1 + lib/blobchunk.c | 40 +++++++++++++++++++++++++++++++++++---- lib/inode.c | 1 + 3 files changed, 38 insertions(+), 4 deletions(-) diff --git a/include/erofs/blobchunk.h b/include/erofs/blobchunk.h index ef06773..48fca63 100644 --- a/include/erofs/blobchunk.h +++ b/include/erofs/blobchunk.h @@ -16,6 +16,7 @@ extern "C" struct erofs_blobchunk *erofs_get_unhashed_chunk(unsigned int device_id, erofs_blk_t blkaddr, erofs_off_t sourceoffset); +void erofs_inode_fixup_chunkformat(struct erofs_inode *inode); int erofs_write_chunk_indexes(struct erofs_inode *inode, struct erofs_vfile *vf, erofs_off_t off); int erofs_blob_write_chunked_file(struct erofs_inode *inode, int fd, diff --git a/lib/blobchunk.c b/lib/blobchunk.c index a051904..96c161b 100644 --- a/lib/blobchunk.c +++ b/lib/blobchunk.c @@ -136,6 +136,42 @@ static int erofs_blob_hashmap_cmp(const void *a, const void *b, sizeof(ec1->sha256)); } +void erofs_inode_fixup_chunkformat(struct erofs_inode *inode) +{ + unsigned int unit, src; + u64 extent_count; + bool _48bit; + + if (inode->u.chunkformat & EROFS_CHUNK_FORMAT_INDEXES) + unit = sizeof(struct erofs_inode_chunk_index); + else + unit = EROFS_BLOCK_MAP_ENTRY_SIZE; + + _48bit = inode->u.chunkformat & EROFS_CHUNK_FORMAT_48BIT; + if (_48bit) + return; + + extent_count = inode->extent_isize / unit; + for (src = 0; src < extent_count; ++src) { + struct erofs_blobchunk *chunk = + *(void **)(inode->chunkindexes + src * sizeof(void *)); + + if (chunk->blkaddr == EROFS_NULL_ADDR) + continue; + if (chunk->device_id) { + if (chunk->blkaddr > UINT32_MAX) { + _48bit = true; + break; + } + } else if (remapped_base + chunk->blkaddr > UINT32_MAX) { + _48bit = true; + break; + } + } + if (_48bit) + inode->u.chunkformat |= EROFS_CHUNK_FORMAT_48BIT; +} + int erofs_write_chunk_indexes(struct erofs_inode *inode, struct erofs_vfile *vf, erofs_off_t off) { @@ -380,10 +416,6 @@ int erofs_blob_write_chunked_file(struct erofs_inode *inode, int fd, goto err; } - /* FIXME! `chunk->blkaddr` is not the final blkaddr here */ - if (chunk->blkaddr != EROFS_NULL_ADDR && - chunk->blkaddr >= UINT32_MAX) - inode->u.chunkformat |= EROFS_CHUNK_FORMAT_48BIT; if (!erofs_blob_can_merge(sbi, lastch, chunk)) { erofs_update_minextblks(sbi, interval_start, pos, &minextblks); diff --git a/lib/inode.c b/lib/inode.c index 4a214f9..2cfc6c5 100644 --- a/lib/inode.c +++ b/lib/inode.c @@ -794,6 +794,7 @@ int erofs_iflush(struct erofs_inode *inode) } else if (is_inode_layout_compression(inode)) { u1.blocks_lo = cpu_to_le32(inode->u.i_blocks); } else if (inode->datalayout == EROFS_INODE_CHUNK_BASED) { + erofs_inode_fixup_chunkformat(inode); u1.c.format = cpu_to_le16(inode->u.chunkformat); } else { ret = erofs_inode_map_flat_blkaddr(inode); -- 2.52.0
