svn commit: r304227 - head/sys/ufs/ffs

Konstantin Belousov Tue, 16 Aug 2016 09:50:51 -0700

Author: kib
Date: Tue Aug 16 16:49:56 2016
New Revision: 304227
URL: https://svnweb.freebsd.org/changeset/base/304227


Log:
  In ffs_balloc_ufs{1,2} routines, assert that unwind records do not
  overflow local arrays.  This is not immediately obvious from the
  static code inspection, due to retry logic.
  
  Reviewed by:  mckusick
  Tested by:    pho
  Sponsored by: The FreeBSD Foundation
  MFC after:    1 week

Modified:
  head/sys/ufs/ffs/ffs_balloc.c

Modified: head/sys/ufs/ffs/ffs_balloc.c
==============================================================================
--- head/sys/ufs/ffs/ffs_balloc.c       Tue Aug 16 15:53:05 2016        
(r304226)
+++ head/sys/ufs/ffs/ffs_balloc.c       Tue Aug 16 16:49:56 2016        
(r304227)
@@ -255,6 +255,8 @@ ffs_balloc_ufs1(struct vnode *vp, off_t 
                }
                pref = newb + fs->fs_frag;
                nb = newb;
+               MPASS(allocblk < allociblk + nitems(allociblk));
+               MPASS(lbns_remfree < lbns + nitems(lbns));
                *allocblk++ = nb;
                *lbns_remfree++ = indirs[1].in_lbn;
                bp = getblk(vp, indirs[1].in_lbn, fs->fs_bsize, 0, 0, gbflags);
@@ -325,6 +327,8 @@ retry:
                }
                pref = newb + fs->fs_frag;
                nb = newb;
+               MPASS(allocblk < allociblk + nitems(allociblk));
+               MPASS(lbns_remfree < lbns + nitems(lbns));
                *allocblk++ = nb;
                *lbns_remfree++ = indirs[i].in_lbn;
                nbp = getblk(vp, indirs[i].in_lbn, fs->fs_bsize, 0, 0, 0);
@@ -401,6 +405,8 @@ retry:
                        goto fail;
                }
                nb = newb;
+               MPASS(allocblk < allociblk + nitems(allociblk));
+               MPASS(lbns_remfree < lbns + nitems(lbns));
                *allocblk++ = nb;
                *lbns_remfree++ = lbn;
                nbp = getblk(vp, lbn, fs->fs_bsize, 0, 0, gbflags);
@@ -818,6 +824,8 @@ ffs_balloc_ufs2(struct vnode *vp, off_t 
                }
                pref = newb + fs->fs_frag;
                nb = newb;
+               MPASS(allocblk < allociblk + nitems(allociblk));
+               MPASS(lbns_remfree < lbns + nitems(lbns));
                *allocblk++ = nb;
                *lbns_remfree++ = indirs[1].in_lbn;
                bp = getblk(vp, indirs[1].in_lbn, fs->fs_bsize, 0, 0,
@@ -889,6 +897,8 @@ retry:
                }
                pref = newb + fs->fs_frag;
                nb = newb;
+               MPASS(allocblk < allociblk + nitems(allociblk));
+               MPASS(lbns_remfree < lbns + nitems(lbns));
                *allocblk++ = nb;
                *lbns_remfree++ = indirs[i].in_lbn;
                nbp = getblk(vp, indirs[i].in_lbn, fs->fs_bsize, 0, 0,
@@ -966,6 +976,8 @@ retry:
                        goto fail;
                }
                nb = newb;
+               MPASS(allocblk < allociblk + nitems(allociblk));
+               MPASS(lbns_remfree < lbns + nitems(lbns));
                *allocblk++ = nb;
                *lbns_remfree++ = lbn;
                nbp = getblk(vp, lbn, fs->fs_bsize, 0, 0, gbflags);
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"

svn commit: r304227 - head/sys/ufs/ffs

Reply via email to