Hello Jaegeuk Kim,
The patch 7bc0900347e0: "f2fs: add garbage collection functions" from
Nov 2, 2012, has an off-by-one bug.
429 block_t start_bidx_of_node(unsigned int node_ofs)
430 {
431 unsigned int indirect_blks = 2 * NIDS_PER_BLOCK + 4;
432 unsigned int bidx;
433
434 if (node_ofs == 0)
435 return 0;
436
437 if (node_ofs <= 2) {
438 bidx = node_ofs - 1;
439 } else if (node_ofs <= indirect_blks) {
440 int dec = (node_ofs - 4) / (NIDS_PER_BLOCK + 1);
If node_ofs == 3 here then (node_ofs - 4) is a very high positive
number. We divide by 1019 and we get another still very high number but
not so high that it is negative when cast as an int.
441 bidx = node_ofs - 2 - dec;
It means that bidx is much higher than intended here (4290752413).
I thought maybe there is an off by one somewhere. Perhaps the 4 should
be a 3.
442 } else {
443 int dec = (node_ofs - indirect_blks - 3) /
(NIDS_PER_BLOCK + 1);
444 bidx = node_ofs - 5 - dec;
445 }
446 return bidx * ADDRS_PER_BLOCK + ADDRS_PER_INODE;
447 }
regards,
dan carpenter
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
