Hello community,
here is the log from the commit of package btrfsprogs for openSUSE:Factory
checked in at 2015-09-24 07:18:06
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/btrfsprogs (Old)
and /work/SRC/openSUSE:Factory/.btrfsprogs.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "btrfsprogs"
Changes:
--------
--- /work/SRC/openSUSE:Factory/btrfsprogs/btrfsprogs.changes 2015-09-08
17:38:14.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.btrfsprogs.new/btrfsprogs.changes
2015-09-24 07:18:08.000000000 +0200
@@ -1,0 +2,19 @@
+Tue Sep 22 00:00:00 CEST 2015 - dste...@suse.cz
+
+- update to 4.2.1
+ - fix an off-by-one error in cross-stripe boundary check
+ - convert: don't write uninitialized data to image
+ - image: don't loop with option -t0
+ - image: don't create threads if compression is not requested
+- Removed patches:
+ * 0001-btrfs-progs-fix-cross-stripe-boundary-check.patch
+
+-------------------------------------------------------------------
+Thu Sep 17 00:00:00 CEST 2015 - dste...@suse.cz
+
+- make mkfs work with 64k nodesize again, notably fixes mkfs on ppc64
+ (bsc#945229)
+- Added patch:
+ * 0001-btrfs-progs-fix-cross-stripe-boundary-check.patch
+
+-------------------------------------------------------------------
Old:
----
btrfs-progs-v4.2.tar.gz
New:
----
btrfs-progs-v4.2.1.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ btrfsprogs.spec ++++++
--- /var/tmp/diff_new_pack.1RUMsi/_old 2015-09-24 07:18:09.000000000 +0200
+++ /var/tmp/diff_new_pack.1RUMsi/_new 2015-09-24 07:18:09.000000000 +0200
@@ -17,7 +17,7 @@
Name: btrfsprogs
-Version: 4.2
+Version: 4.2.1
Release: 0
Summary: Utilities for the Btrfs filesystem
License: GPL-2.0
++++++ btrfs-progs-v4.2.tar.gz -> btrfs-progs-v4.2.1.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/Documentation/btrfs-mount.asciidoc
new/btrfs-progs-v4.2.1/Documentation/btrfs-mount.asciidoc
--- old/btrfs-progs-v4.2/Documentation/btrfs-mount.asciidoc 2015-09-03
14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/Documentation/btrfs-mount.asciidoc 2015-09-20
14:50:06.000000000 +0200
@@ -20,12 +20,17 @@
Default is 1MB.
*autodefrag*::
+*noautodefrag*::
+ (since: 3.0, default: off) +
Disable/enable auto defragmentation.
Auto defragmentation detects small random writes into files and queue
them up for the defrag process. Works best for small files;
Not well suited for large database workloads.
-*check_int*|*check_int_data*|*check_int_print_mask='value'*::
+*check_int*::
+*check_int_data*::
+*check_int_print_mask='value'*::
+ (since: 3.0, default: off) +
These debugging options control the behavior of the integrity checking
module (the BTRFS_FS_CHECK_INTEGRITY config option required). +
+
@@ -44,19 +49,25 @@
for more info.
*commit='seconds'*::
- Set the interval of periodic commit, 30 seconds by default. Higher
+ (since: 3.12, default: 30) +
+ Set the interval of periodic commit. Higher
values defer data being synced to permanent storage with obvious
consequences when the system crashes. The upper bound is not forced,
but a warning is printed if it's more than 300 seconds (5 minutes).
-*compress*|*compress='type'*|*compress-force*|*compress-force='type'*::
- Control BTRFS file data compression. Type may be specified as "zlib"
- "lzo" or "no" (for no compression, used for remounting). If no type
- is specified, zlib is used. If compress-force is specified,
+*compress*::
+*compress='type'*::
+*compress-force*::
+*compress-force='type'*::
+ (default: off) +
+ Control BTRFS file data compression. Type may be specified as 'zlib',
+ 'lzo' or 'no' (for no compression, used for remounting). If no type
+ is specified, 'zlib' is used. If compress-force is specified,
all files will be compressed, whether or not they compress well.
- If compression is enabled, nodatacow and nodatasum are disabled.
+ NOTE: If compression is enabled, 'nodatacow' and 'nodatasum' are
disabled.
*degraded*::
+ (default: off) +
Allow mounts to continue with missing devices. A read-write mount may
fail with too many devices missing, for example if a stripe member
is completely missing.
@@ -67,6 +78,8 @@
setup as root. May be specified multiple times for multiple devices.
*discard*::
+*nodiscard*::
+ (default: off) +
Disable/enable discard mount option.
Discard issues frequent commands to let the block device reclaim space
freed by the filesystem.
@@ -76,14 +89,18 @@
initiate batch trims from userspace).
*enospc_debug*::
+ (default: off) +
Disable/enable debugging option to be more verbose in some ENOSPC
conditions.
*fatal_errors='action'*::
+ (since: 3.4, default: bug) +
Action to take when encountering a fatal error. +
- "bug" - BUG() on a fatal error. This is the default. +
+ "bug" - BUG() on a fatal error. +
"panic" - panic() on a fatal error.
*flushoncommit*::
+*noflushoncommit*::
+ (default: on) +
The `flushoncommit` mount option forces any data dirtied by a write in a
prior transaction to commit as part of the current commit. This makes
the committed state a fully consistent view of the file system from the
@@ -92,10 +109,13 @@
created.
*inode_cache*::
+*noinode_cache*::
+ (since: 3.0, default: off) +
Enable free inode number caching. Defaults to off due to an overflow
problem when the free space crcs don't fit inside a single page.
*max_inline='bytes'*::
+ (default: min(8192, page size) )
Specify the maximum amount of space, in bytes, that can be inlined in
a metadata B-tree leaf. The value is specified in bytes, optionally
with a K, M, or G suffix, case insensitive. In practice, this value
@@ -106,48 +126,64 @@
Specify that 1 metadata chunk should be allocated after every
'value' data chunks. Off by default.
+*acl*::
*noacl*::
+ (default: on) +
Enable/disable support for Posix Access Control Lists (ACLs). See the
`acl`(5) manual page for more information about ACLs.
+*barrier*::
*nobarrier*::
+ (default: on) +
ensure that certain IOs make it through the device cache and are on
persistent storage. If disabled on a device with a volatile
(non-battery-backed) write-back cache, nobarrier option will lead to
filesystem corruption on a system crash or power loss.
+*datacow*::
*nodatacow*::
+ (default: on) +
Enable/disable data copy-on-write for newly created files.
Nodatacow implies nodatasum, and disables all compression.
+*datasum*::
*nodatasum*::
+ (default: on) +
Enable/disable data checksumming for newly created files.
Datasum implies datacow.
+*treelog*::
*notreelog*::
+ (default: on) +
Enable/disable the tree logging used for fsync and O_SYNC writes.
*recovery*::
+ (since: 3.2, default: off) +
Enable autorecovery attempts if a bad tree root is found at mount time.
Currently this scans a list of several previous tree roots and tries to
use the first readable.
*rescan_uuid_tree*::
+ (since: 3.12, default: off) +
Force check and rebuild procedure of the UUID tree. This should not
normally be needed.
*skip_balance*::
+ (since: 3.3, default: off) +
Skip automatic resume of interrupted balance operation after mount.
May be resumed with "btrfs balance resume."
*nospace_cache*::
+ (since: 3.2) +
Disable freespace cache loading without clearing the cache.
*clear_cache*::
Force clearing and rebuilding of the disk space cache if something
has gone wrong.
-*ssd*|*nossd*|*ssd_spread*::
+*ssd*::
+*nossd*::
+*ssd_spread*::
Options to control ssd allocation schemes. By default, BTRFS will
enable or disable ssd allocation heuristics depending on whether a
rotational or nonrotational disk is in use. The ssd and nossd options
@@ -166,7 +202,8 @@
filesystem.
You can use "btrfs subvolume list" to see subvolume ID numbers.
-*subvolrootid='objectid' (deprecated)*::
+*subvolrootid='objectid'*::
+ (deprecated) +
Mount subvolume specified by 'objectid' rather than the root subvolume.
This allows mounting of subvolumes which are not in the root of the
mounted
filesystem.
@@ -177,6 +214,7 @@
to the number of CPUs + 2, or 8, whichever is smaller.
*user_subvol_rm_allowed*::
+ (default: off) +
Allow subvolumes to be deleted by a non-root user. Use with caution.
FILE ATTRIBUTES
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/INSTALL
new/btrfs-progs-v4.2.1/INSTALL
--- old/btrfs-progs-v4.2/INSTALL 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/INSTALL 2015-09-20 14:50:06.000000000 +0200
@@ -24,6 +24,10 @@
Please note that the package names may differ according to the distribution.
See
https://btrfs.wiki.kernel.org/index.php/Btrfs_source_repositories#Dependencies .
+
+Building from sources
+---------------------
+
To build from git sources you need to generate the configure script using the
autotools:
@@ -48,5 +52,28 @@
$ make EXTRA_CFLAGS=-ggdb3
+The build utilizes autotools, dependencies for generating the configure
+scripts are:
+
+* autconf, autoheader
+* automake, aclocal
+* pkg-config
+
+
+Staticly built binaries
+-----------------------
+
+The makefiles are ready to let you build static binaries of the utilities. This
+may be handy in rescue environments. Your system has to provide static version
+of the libraries.
+
+$ make static
+$ make btrfs.static
+$ make btrfs-convert.static
+
+The resulting static binaries have the '.static' suffix, the intermediate
object
+files do not conflict with the normal (dynamic) build.
+
+
References:
* https://btrfs.wiki.kernel.org
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/Makefile.in
new/btrfs-progs-v4.2.1/Makefile.in
--- old/btrfs-progs-v4.2/Makefile.in 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/Makefile.in 2015-09-20 14:50:06.000000000 +0200
@@ -199,7 +199,7 @@
$(libs_static): $(libbtrfs_objects)
@echo " [AR] $@"
- $(Q)$(AR) cru libbtrfs.a $(libbtrfs_objects)
+ $(Q)$(AR) cr libbtrfs.a $(libbtrfs_objects)
$(lib_links):
@echo " [LN] $@"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/autogen.sh
new/btrfs-progs-v4.2.1/autogen.sh
--- old/btrfs-progs-v4.2/autogen.sh 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/autogen.sh 2015-09-20 14:50:06.000000000 +0200
@@ -37,10 +37,19 @@
(automake --version) < /dev/null > /dev/null 2>&1 || {
echo
echo "You must have automake installed to generate btrfs-progs build
system."
- echo
+ echo
DIE=1
}
+(pkg-config --version) < /dev/null > /dev/null 2>&1 || {
+ echo
+ echo "You must have pkg-config installed to use btrfs-progs build
system."
+ echo "The pkg-config utility was not found in the standard location,
set"
+ echo "the PKG_CONFIG/PKG_CONFIG_PATH/PKG_CONFIG_LIBDIR variables at the"
+ echo "configure time."
+ echo
+}
+
if test "$DIE" -eq 1; then
exit 1
fi
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/btrfs-calc-size.c
new/btrfs-progs-v4.2.1/btrfs-calc-size.c
--- old/btrfs-progs-v4.2/btrfs-calc-size.c 2015-09-03 14:29:20.000000000
+0200
+++ new/btrfs-progs-v4.2.1/btrfs-calc-size.c 2015-09-20 14:50:06.000000000
+0200
@@ -421,7 +421,7 @@
return ret;
}
-static void usage()
+static void usage(void)
{
fprintf(stderr, "Usage: calc-size [-v] [-b] <device>\n");
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/btrfs-convert.c
new/btrfs-progs-v4.2.1/btrfs-convert.c
--- old/btrfs-progs-v4.2/btrfs-convert.c 2015-09-03 14:29:20.000000000
+0200
+++ new/btrfs-progs-v4.2.1/btrfs-convert.c 2015-09-20 14:50:06.000000000
+0200
@@ -1016,6 +1016,8 @@
struct ext2_inode *src, u32 blocksize)
{
btrfs_set_stack_inode_generation(dst, 1);
+ btrfs_set_stack_inode_sequence(dst, 0);
+ btrfs_set_stack_inode_transid(dst, 1);
btrfs_set_stack_inode_size(dst, src->i_size);
btrfs_set_stack_inode_nbytes(dst, 0);
btrfs_set_stack_inode_block_group(dst, 0);
@@ -1052,6 +1054,8 @@
new_decode_dev(src->i_block[1]));
}
}
+ memset(&dst->reserved, 0, sizeof(dst->reserved));
+
return 0;
}
@@ -1182,6 +1186,7 @@
}
ret = btrfs_commit_transaction(trans, root);
BUG_ON(ret);
+ ext2fs_close_inode_scan(ext2_scan);
return ret;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/btrfs-corrupt-block.c
new/btrfs-progs-v4.2.1/btrfs-corrupt-block.c
--- old/btrfs-progs-v4.2/btrfs-corrupt-block.c 2015-09-03 14:29:20.000000000
+0200
+++ new/btrfs-progs-v4.2.1/btrfs-corrupt-block.c 2015-09-20
14:50:06.000000000 +0200
@@ -33,8 +33,8 @@
#define FIELD_BUF_LEN 80
-struct extent_buffer *debug_corrupt_block(struct btrfs_root *root, u64 bytenr,
- u32 blocksize, u64 copy)
+static struct extent_buffer *debug_corrupt_block(struct btrfs_root *root,
+ u64 bytenr, u32 blocksize, u64 copy)
{
int ret;
struct extent_buffer *eb;
@@ -880,7 +880,7 @@
* If using COW, chunk recover will use the old item to recover,
* which is still OK but we want to check the ability to rebuild chunk
* not only restore the old ones */
-int corrupt_item_nocow(struct btrfs_trans_handle *trans,
+static int corrupt_item_nocow(struct btrfs_trans_handle *trans,
struct btrfs_root *root, struct btrfs_path *path,
int del)
{
@@ -913,7 +913,7 @@
}
return ret;
}
-int corrupt_chunk_tree(struct btrfs_trans_handle *trans,
+static int corrupt_chunk_tree(struct btrfs_trans_handle *trans,
struct btrfs_root *root)
{
int ret;
@@ -986,7 +986,7 @@
btrfs_free_path(path);
return ret;
}
-int find_chunk_offset(struct btrfs_root *root,
+static int find_chunk_offset(struct btrfs_root *root,
struct btrfs_path *path, u64 offset)
{
struct btrfs_key key;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/btrfs-image.c
new/btrfs-progs-v4.2.1/btrfs-image.c
--- old/btrfs-progs-v4.2/btrfs-image.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/btrfs-image.c 2015-09-20 14:50:06.000000000
+0200
@@ -2690,7 +2690,7 @@
{
char *source;
char *target;
- u64 num_threads = 1;
+ u64 num_threads = 0;
u64 compress_level = 0;
int create = 1;
int old_restore = 0;
@@ -2786,10 +2786,14 @@
}
}
- if (num_threads == 1 && compress_level > 0) {
- num_threads = sysconf(_SC_NPROCESSORS_ONLN);
- if (num_threads <= 0)
- num_threads = 1;
+ if (compress_level > 0 || create == 0) {
+ if (num_threads == 0) {
+ num_threads = sysconf(_SC_NPROCESSORS_ONLN);
+ if (num_threads <= 0)
+ num_threads = 1;
+ }
+ } else {
+ num_threads = 0;
}
if (create) {
@@ -2877,5 +2881,7 @@
}
}
+ btrfs_close_all_devices();
+
return !!ret;
}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/cmds-check.c
new/btrfs-progs-v4.2.1/cmds-check.c
--- old/btrfs-progs-v4.2/cmds-check.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/cmds-check.c 2015-09-20 14:50:06.000000000 +0200
@@ -186,7 +186,7 @@
return hole->start;
}
-int compare_hole(struct rb_node *node1, struct rb_node *node2)
+static int compare_hole(struct rb_node *node1, struct rb_node *node2)
{
struct file_extent_hole *hole1;
struct file_extent_hole *hole2;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/cmds-device.c
new/btrfs-progs-v4.2.1/cmds-device.c
--- old/btrfs-progs-v4.2/cmds-device.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/cmds-device.c 2015-09-20 14:50:06.000000000
+0200
@@ -471,7 +471,7 @@
return err;
}
-const char * const cmd_device_usage_usage[] = {
+static const char * const cmd_device_usage_usage[] = {
"btrfs device usage [options] <path> [<path>..]",
"Show detailed information about internal allocations in devices.",
HELPINFO_OUTPUT_UNIT_DF,
@@ -507,7 +507,7 @@
return ret;
}
-int cmd_device_usage(int argc, char **argv)
+static int cmd_device_usage(int argc, char **argv)
{
unsigned unit_mode;
int ret = 0;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/cmds-rescue.c
new/btrfs-progs-v4.2.1/cmds-rescue.c
--- old/btrfs-progs-v4.2/cmds-rescue.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/cmds-rescue.c 2015-09-20 14:50:06.000000000
+0200
@@ -33,7 +33,7 @@
int btrfs_recover_chunk_tree(char *path, int verbose, int yes);
int btrfs_recover_superblocks(char *path, int verbose, int yes);
-const char * const cmd_rescue_chunk_recover_usage[] = {
+static const char * const cmd_rescue_chunk_recover_usage[] = {
"btrfs rescue chunk-recover [options] <device>",
"Recover the chunk tree by scanning the devices one by one.",
"",
@@ -43,7 +43,7 @@
NULL
};
-const char * const cmd_rescue_super_recover_usage[] = {
+static const char * const cmd_rescue_super_recover_usage[] = {
"btrfs rescue super-recover [options] <device>",
"Recover bad superblocks from good copies",
"",
@@ -52,7 +52,7 @@
NULL
};
-int cmd_rescue_chunk_recover(int argc, char *argv[])
+static int cmd_rescue_chunk_recover(int argc, char *argv[])
{
int ret = 0;
char *file;
@@ -112,7 +112,7 @@
* 3 : Fail to Recover bad supeblocks
* 4 : Abort to recover bad superblocks
*/
-int cmd_rescue_super_recover(int argc, char **argv)
+static int cmd_rescue_super_recover(int argc, char **argv)
{
int ret;
int verbose = 0;
@@ -152,14 +152,14 @@
return ret;
}
-const char * const cmd_rescue_zero_log_usage[] = {
+static const char * const cmd_rescue_zero_log_usage[] = {
"btrfs rescue zero-log <device>",
"Clear the tree log. Usable if it's corrupted and prevents mount.",
"",
NULL
};
-int cmd_rescue_zero_log(int argc, char **argv)
+static int cmd_rescue_zero_log(int argc, char **argv)
{
struct btrfs_root *root;
struct btrfs_trans_handle *trans;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/configure
new/btrfs-progs-v4.2.1/configure
--- old/btrfs-progs-v4.2/configure 2015-09-03 14:30:29.000000000 +0200
+++ new/btrfs-progs-v4.2.1/configure 2015-09-20 14:51:42.000000000 +0200
@@ -1,6 +1,6 @@
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
-# Generated by GNU Autoconf 2.69 for btrfs-progs v4.2.
+# Generated by GNU Autoconf 2.69 for btrfs-progs v4.2.1.
#
# Report bugs to <linux-bt...@vger.kernel.org>.
#
@@ -580,8 +580,8 @@
# Identity of this package.
PACKAGE_NAME='btrfs-progs'
PACKAGE_TARNAME='btrfs-progs'
-PACKAGE_VERSION='v4.2'
-PACKAGE_STRING='btrfs-progs v4.2'
+PACKAGE_VERSION='v4.2.1'
+PACKAGE_STRING='btrfs-progs v4.2.1'
PACKAGE_BUGREPORT='linux-bt...@vger.kernel.org'
PACKAGE_URL='http://btrfs.wiki.kernel.org'
@@ -1287,7 +1287,7 @@
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
-\`configure' configures btrfs-progs v4.2 to adapt to many kinds of systems.
+\`configure' configures btrfs-progs v4.2.1 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
@@ -1352,7 +1352,7 @@
if test -n "$ac_init_help"; then
case $ac_init_help in
- short | recursive ) echo "Configuration of btrfs-progs v4.2:";;
+ short | recursive ) echo "Configuration of btrfs-progs v4.2.1:";;
esac
cat <<\_ACEOF
@@ -1461,7 +1461,7 @@
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
-btrfs-progs configure v4.2
+btrfs-progs configure v4.2.1
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
@@ -1830,7 +1830,7 @@
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
-It was created by btrfs-progs $as_me v4.2, which was
+It was created by btrfs-progs $as_me v4.2.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
@@ -6375,7 +6375,7 @@
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
-This file was extended by btrfs-progs $as_me v4.2, which was
+This file was extended by btrfs-progs $as_me v4.2.1, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
@@ -6438,7 +6438,7 @@
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //;
s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
-btrfs-progs config.status v4.2
+btrfs-progs config.status v4.2.1
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/ctree.h
new/btrfs-progs-v4.2.1/ctree.h
--- old/btrfs-progs-v4.2/ctree.h 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/ctree.h 2015-09-20 14:50:06.000000000 +0200
@@ -1423,7 +1423,9 @@
BTRFS_SETGET_STACK_FUNCS(stack_inode_generation,
struct btrfs_inode_item, generation, 64);
BTRFS_SETGET_STACK_FUNCS(stack_inode_sequence,
- struct btrfs_inode_item, generation, 64);
+ struct btrfs_inode_item, sequence, 64);
+BTRFS_SETGET_STACK_FUNCS(stack_inode_transid,
+ struct btrfs_inode_item, transid, 64);
BTRFS_SETGET_STACK_FUNCS(stack_inode_size,
struct btrfs_inode_item, size, 64);
BTRFS_SETGET_STACK_FUNCS(stack_inode_nbytes,
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/dir-item.c
new/btrfs-progs-v4.2.1/dir-item.c
--- old/btrfs-progs-v4.2/dir-item.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/dir-item.c 2015-09-20 14:50:06.000000000 +0200
@@ -277,7 +277,7 @@
return ret;
}
-int verify_dir_item(struct btrfs_root *root,
+static int verify_dir_item(struct btrfs_root *root,
struct extent_buffer *leaf,
struct btrfs_dir_item *dir_item)
{
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/disk-io.c
new/btrfs-progs-v4.2.1/disk-io.c
--- old/btrfs-progs-v4.2/disk-io.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/disk-io.c 2015-09-20 14:50:06.000000000 +0200
@@ -833,13 +833,13 @@
memset(fs_info, 0, sizeof(struct btrfs_fs_info));
- fs_info->tree_root = malloc(sizeof(struct btrfs_root));
- fs_info->extent_root = malloc(sizeof(struct btrfs_root));
- fs_info->chunk_root = malloc(sizeof(struct btrfs_root));
- fs_info->dev_root = malloc(sizeof(struct btrfs_root));
- fs_info->csum_root = malloc(sizeof(struct btrfs_root));
- fs_info->quota_root = malloc(sizeof(struct btrfs_root));
- fs_info->super_copy = malloc(BTRFS_SUPER_INFO_SIZE);
+ fs_info->tree_root = calloc(1, sizeof(struct btrfs_root));
+ fs_info->extent_root = calloc(1, sizeof(struct btrfs_root));
+ fs_info->chunk_root = calloc(1, sizeof(struct btrfs_root));
+ fs_info->dev_root = calloc(1, sizeof(struct btrfs_root));
+ fs_info->csum_root = calloc(1, sizeof(struct btrfs_root));
+ fs_info->quota_root = calloc(1, sizeof(struct btrfs_root));
+ fs_info->super_copy = calloc(1, BTRFS_SUPER_INFO_SIZE);
if (!fs_info->tree_root || !fs_info->extent_root ||
!fs_info->chunk_root || !fs_info->dev_root ||
@@ -847,14 +847,6 @@
!fs_info->super_copy)
goto free_all;
- memset(fs_info->super_copy, 0, BTRFS_SUPER_INFO_SIZE);
- memset(fs_info->tree_root, 0, sizeof(struct btrfs_root));
- memset(fs_info->extent_root, 0, sizeof(struct btrfs_root));
- memset(fs_info->chunk_root, 0, sizeof(struct btrfs_root));
- memset(fs_info->dev_root, 0, sizeof(struct btrfs_root));
- memset(fs_info->csum_root, 0, sizeof(struct btrfs_root));
- memset(fs_info->quota_root, 0, sizeof(struct btrfs_root));
-
extent_io_tree_init(&fs_info->extent_cache);
extent_io_tree_init(&fs_info->free_space_cache);
extent_io_tree_init(&fs_info->block_group_cache);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/qgroup.c
new/btrfs-progs-v4.2.1/qgroup.c
--- old/btrfs-progs-v4.2/qgroup.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/qgroup.c 2015-09-20 14:50:06.000000000 +0200
@@ -272,7 +272,7 @@
printf("\n");
}
-static void print_table_head()
+static void print_table_head(void)
{
int i;
int len;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/tests/convert-tests.sh
new/btrfs-progs-v4.2.1/tests/convert-tests.sh
--- old/btrfs-progs-v4.2/tests/convert-tests.sh 2015-09-03 14:29:20.000000000
+0200
+++ new/btrfs-progs-v4.2.1/tests/convert-tests.sh 2015-09-20
14:50:06.000000000 +0200
@@ -42,7 +42,7 @@
# create a file to check btrfs-convert can convert regular file
# correct
- run_check $SUDO_HELPER mount $IMAGE $TEST_MNT
+ run_check $SUDO_HELPER mount -o loop $IMAGE $TEST_MNT
run_check $SUDO_HELPER dd if=/dev/zero of=$TEST_MNT/test bs=$nodesize \
count=1 1>/dev/null 2>&1
run_check $SUDO_HELPER umount $TEST_MNT
Files old/btrfs-progs-v4.2/tests/fuzz-tests/images/bad-superblock-1.raw.xz and
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bad-superblock-1.raw.xz differ
Files old/btrfs-progs-v4.2/tests/fuzz-tests/images/bad-superblock-2.raw.xz and
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bad-superblock-2.raw.xz differ
Files old/btrfs-progs-v4.2/tests/fuzz-tests/images/bad-superblock-3.raw.xz and
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bad-superblock-3.raw.xz differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bad-superblock.txt
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bad-superblock.txt
--- old/btrfs-progs-v4.2/tests/fuzz-tests/images/bad-superblock.txt
1970-01-01 01:00:00.000000000 +0100
+++ new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bad-superblock.txt
2015-09-20 14:50:06.000000000 +0200
@@ -0,0 +1,17 @@
+bad-superblock-*.txt
+
+Crafted images from Jiri Slaby, produced by some symbolic execution framework
+that finds unhandled cases at mount time.
+
+Relevant kernel patches to backport:
+
+e3540eab29e1b2260bc4b9b3979a49a00e3e3af8
+btrfs: add more checks to btrfs_read_sys_array
+
+ce7fca5f57ed0fcd7e7b3d7b1a3e1791f8e56fa3
+btrfs: add checks for sys_chunk_array sizes
+
+75d6ad382bb91f363452119d34238e156589ca2d
+btrfs: more superblock checks, lower bounds on devices and sectorsize/nodesize
+
+(and more from fs/btrfs/super.c)
Files
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-104131-fsck-oob-read.raw.xz
and
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-104131-fsck-oob-read.raw.xz
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-104131-fsck-oob-read.txt
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-104131-fsck-oob-read.txt
--- old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-104131-fsck-oob-read.txt
1970-01-01 01:00:00.000000000 +0100
+++ new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-104131-fsck-oob-read.txt
2015-09-20 14:50:06.000000000 +0200
@@ -0,0 +1,31 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=104131
+Hanno Boeck 2015-09-07 07:24:32 UTC
+
+Created attachment 186941 [details]
+malformed btrfs filesystem causing oob read
+
+The attached malformed filesystem image will cause an invalid heap out of
bounds memory read in btrfsck.
+
+This was found while fuzzing btrfs-progs with american fuzzy lop.
+
+Stack trace from Address Sanitizer:
+==31289==ERROR: AddressSanitizer: heap-buffer-overflow on address
0x60f00000f003 at pc 0x0000005d0dbb bp 0x7ffdf444c180 sp 0x7ffdf444c178
+READ of size 8 at 0x60f00000f003 thread T0
+ #0 0x5d0dba in btrfs_header_bytenr
/mnt/ram/btrfs-progs-v4.1.2/./ctree.h:1797:1
+ #1 0x5d0dba in check_tree_block /mnt/ram/btrfs-progs-v4.1.2/disk-io.c:60
+ #2 0x5d0dba in read_tree_block /mnt/ram/btrfs-progs-v4.1.2/disk-io.c:337
+ #3 0x5dc00e in btrfs_setup_chunk_tree_and_device_map
/mnt/ram/btrfs-progs-v4.1.2/disk-io.c:1169:30
+ #4 0x5dcf89 in __open_ctree_fd /mnt/ram/btrfs-progs-v4.1.2/disk-io.c:1261:8
+ #5 0x5dc50a in open_ctree_fs_info
/mnt/ram/btrfs-progs-v4.1.2/disk-io.c:1302:9
+ #6 0x52f22f in cmd_check /mnt/ram/btrfs-progs-v4.1.2/cmds-check.c:9333:9
+ #7 0x4e7bcc in main /mnt/ram/btrfs-progs-v4.1.2/btrfs.c:245:7
+ #8 0x7f98bb101f9f in __libc_start_main
/var/tmp/portage/sys-libs/glibc-2.20-r2/work/glibc-2.20/csu/libc-start.c:289
+ #9 0x41f748 in _start (/mnt/ram/btrfs/btrfs+0x41f748)
+
+0x60f00000f003 is located 3 bytes to the right of 176-byte region
[0x60f00000ef50,0x60f00000f000)
+allocated by thread T0 here:
+ #0 0x4bade8 in malloc (/mnt/ram/btrfs/btrfs+0x4bade8)
+ #1 0x622c24 in __alloc_extent_buffer
/mnt/ram/btrfs-progs-v4.1.2/extent_io.c:541:7
+ #2 0x622c24 in alloc_extent_buffer
/mnt/ram/btrfs-progs-v4.1.2/extent_io.c:648
+ #3 0x5cf436 in btrfs_find_create_tree_block
/mnt/ram/btrfs-progs-v4.1.2/disk-io.c:186:9
+ #4 0x5cf436 in read_tree_block /mnt/ram/btrfs-progs-v4.1.2/disk-io.c:314
Files
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-104141-fsck-exception.raw.xz
and
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-104141-fsck-exception.raw.xz
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-104141-fsck-exception.txt
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-104141-fsck-exception.txt
--- old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-104141-fsck-exception.txt
1970-01-01 01:00:00.000000000 +0100
+++
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-104141-fsck-exception.txt
2015-09-20 14:50:06.000000000 +0200
@@ -0,0 +1,9 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=104141
+Hanno Boeck 2015-09-07 07:27:58 UTC
+
+Created attachment 186951 [details]
+malformed filesystem causing floating point exception
+
+The attacked file will cause a floating point exception in btrfsck.
+
+This was found while fuzzing btrfs-progs with american fuzzy lop.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-97191-btrfs-image.raw.txt
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-97191-btrfs-image.raw.txt
--- old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-97191-btrfs-image.raw.txt
1970-01-01 01:00:00.000000000 +0100
+++
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-97191-btrfs-image.raw.txt
2015-09-20 14:50:06.000000000 +0200
@@ -0,0 +1,137 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=97191
+Lukas Lueg 2015-04-23 22:20:35 UTC
+
+Running btrfs-progs v3.19.1
+
+The btrfs-image attached to this bug causes the btrfs-userland tool to
+overflow some data structures, leading to unallocated memory being written to
+and read from. A segfault results shortly after. Reproduced on x86-64 and
+i686.
+
+The kernel seems to be less affected and fails to mount the image. I didn't
+investigate whether the reads/writes could be used to gain control over $EIP.
+Since the first invalid write of 8 bytes seems to run into adjacent heap
+blocks (crash in unlink()), it may be possible though.
+
+gdb output:
+
+Program received signal SIGSEGV, Segmentation fault.
+malloc_consolidate (av=av@entry=0x32629b7cc0 <main_arena>) at malloc.c:4151
+4151 unlink(av, p, bck, fwd);
+(gdb) bt
+#0 malloc_consolidate (av=av@entry=0x32629b7cc0 <main_arena>) at malloc.c:4151
+#1 0x0000003262680628 in _int_malloc (av=av@entry=0x32629b7cc0 <main_arena>,
bytes=bytes@entry=4224) at malloc.c:3420
+#2 0x000000326268315e in __GI___libc_malloc (bytes=4224) at malloc.c:2896
+#3 0x0000000000449d15 in __alloc_extent_buffer (tree=0x88c078,
bytenr=4288512, blocksize=4096) at extent_io.c:541
+#4 0x000000000044a8b4 in alloc_extent_buffer (tree=0x88c078, bytenr=4288512,
blocksize=4096) at extent_io.c:648
+#5 0x000000000043b1a0 in btrfs_find_create_tree_block
(root=root@entry=0x895840, bytenr=<optimized out>,
+ blocksize=<optimized out>) at disk-io.c:159
+#6 0x000000000043ca4e in read_tree_block (root=root@entry=0x895840,
bytenr=<optimized out>, blocksize=<optimized out>,
+ parent_transid=13) at disk-io.c:287
+#7 0x000000000043ccb7 in find_and_setup_root (tree_root=0x88c250,
fs_info=<optimized out>, objectid=5, root=0x895840)
+ at disk-io.c:557
+#8 0x000000000043ce92 in btrfs_read_fs_root_no_cache
(fs_info=fs_info@entry=0x88c010, location=location@entry=0x7fffffffd960)
+ at disk-io.c:640
+#9 0x000000000043d060 in btrfs_read_fs_root (fs_info=fs_info@entry=0x88c010,
location=location@entry=0x7fffffffd960)
+ at disk-io.c:739
+#10 0x000000000043d48c in btrfs_setup_all_roots
(fs_info=fs_info@entry=0x88c010, root_tree_bytenr=<optimized out>,
+ root_tree_bytenr@entry=0, flags=flags@entry=OPEN_CTREE_EXCLUSIVE) at
disk-io.c:988
+#11 0x000000000043d802 in __open_ctree_fd (fp=fp@entry=3,
path=path@entry=0x7fffffffe20d "ramdisk/btrfs_fukked.bin",
+ sb_bytenr=65536, sb_bytenr@entry=0,
root_tree_bytenr=root_tree_bytenr@entry=0,
flags=flags@entry=OPEN_CTREE_EXCLUSIVE)
+ at disk-io.c:1199
+#12 0x000000000043d965 in open_ctree_fs_info (filename=0x7fffffffe20d
"ramdisk/btrfs_fukked.bin", sb_bytenr=sb_bytenr@entry=0,
+ root_tree_bytenr=root_tree_bytenr@entry=0,
flags=flags@entry=OPEN_CTREE_EXCLUSIVE) at disk-io.c:1231
+#13 0x0000000000427bf5 in cmd_check (argc=1, argv=0x7fffffffdea0) at
cmds-check.c:9326
+#14 0x000000000040e5a2 in main (argc=2, argv=0x7fffffffdea0) at btrfs.c:245
+
+
+valgrind output:
+
+==32463== Memcheck, a memory error detector
+==32463== Copyright (C) 2002-2013, and GNU GPL'd, by Julian Seward et al.
+==32463== Using Valgrind-3.10.1 and LibVEX; rerun with -h for copyright info
+==32463== Command: btrfs check ramdisk/btrfs_fukked.bin
+==32463==
+==32463== Invalid write of size 8
+==32463== at 0x4386FB: btrfs_search_slot (ctree.c:1119)
+==32463== by 0x4427F7: UnknownInlinedFun (extent-tree.c:3117)
+==32463== by 0x4427F7: btrfs_read_block_groups (extent-tree.c:3167)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
+==32463== Address 0x4c409f0 is 16 bytes after a block of size 144 alloc'd
+==32463== at 0x4A08946: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
+==32463== by 0x4427AB: btrfs_read_block_groups (extent-tree.c:3162)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
+==32463==
+==32463== Invalid read of size 8
+==32463== at 0x436E70: check_block.part.14 (ctree.c:548)
+==32463== by 0x438954: UnknownInlinedFun (kerncompat.h:91)
+==32463== by 0x438954: btrfs_search_slot (ctree.c:1120)
+==32463== by 0x4427F7: UnknownInlinedFun (extent-tree.c:3117)
+==32463== by 0x4427F7: btrfs_read_block_groups (extent-tree.c:3167)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
+==32463== Address 0x4c409f8 is 24 bytes after a block of size 144 in arena
"client"
+==32463==
+==32463== Invalid read of size 4
+==32463== at 0x436E84: UnknownInlinedFun (ctree.h:1605)
+==32463== by 0x436E84: UnknownInlinedFun (ctree.h:1612)
+==32463== by 0x436E84: check_block.part.14 (ctree.c:550)
+==32463== by 0x438954: UnknownInlinedFun (kerncompat.h:91)
+==32463== by 0x438954: btrfs_search_slot (ctree.c:1120)
+==32463== by 0x4427F7: UnknownInlinedFun (extent-tree.c:3117)
+==32463== by 0x4427F7: btrfs_read_block_groups (extent-tree.c:3167)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
+==32463== Address 0x4c409e4 is 4 bytes after a block of size 144 alloc'd
+==32463== at 0x4A08946: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
+==32463== by 0x4427AB: btrfs_read_block_groups (extent-tree.c:3162)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
+==32463==
+==32463== Invalid read of size 1
+==32463== at 0x4A0B3A0: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
+==32463== by 0x436E99: UnknownInlinedFun (ctree.h:1613)
+==32463== by 0x436E99: check_block.part.14 (ctree.c:550)
+==32463== by 0x438954: UnknownInlinedFun (kerncompat.h:91)
+==32463== by 0x438954: btrfs_search_slot (ctree.c:1120)
+==32463== by 0x4427F7: UnknownInlinedFun (extent-tree.c:3117)
+==32463== by 0x4427F7: btrfs_read_block_groups (extent-tree.c:3167)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
+==32463== Address 0x1b1 is not stack'd, malloc'd or (recently) free'd
+==32463==
+==32463==
+==32463== Process terminating with default action of signal 11 (SIGSEGV)
+==32463== Access not within mapped region at address 0x1B1
+==32463== at 0x4A0B3A0: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
+==32463== by 0x436E99: UnknownInlinedFun (ctree.h:1613)
+==32463== by 0x436E99: check_block.part.14 (ctree.c:550)
+==32463== by 0x438954: UnknownInlinedFun (kerncompat.h:91)
+==32463== by 0x438954: btrfs_search_slot (ctree.c:1120)
+==32463== by 0x4427F7: UnknownInlinedFun (extent-tree.c:3117)
+==32463== by 0x4427F7: btrfs_read_block_groups (extent-tree.c:3167)
+==32463== by 0x43D4F2: btrfs_setup_all_roots (disk-io.c:983)
+==32463== by 0x43D801: __open_ctree_fd (disk-io.c:1199)
+==32463== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==32463== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==32463== by 0x40E5A1: main (btrfs.c:245)
Files old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-97191-btrfs-image.raw.xz
and new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-97191-btrfs-image.raw.xz
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore'
old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-97271-btrfs-image.raw.txt
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-97271-btrfs-image.raw.txt
--- old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-97271-btrfs-image.raw.txt
1970-01-01 01:00:00.000000000 +0100
+++
new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-97271-btrfs-image.raw.txt
2015-09-20 14:50:06.000000000 +0200
@@ -0,0 +1,54 @@
+URL: https://bugzilla.kernel.org/show_bug.cgi?id=97271
+Lukas Lueg 2015-04-25 20:34:39 UTC
+
+The attached btrfs-image causes "btrfs check" to write outside of allocated
+memory locations and ultimately die due to a segfault. An adjacent heap block's
+control structure is overwritten with a `struct extent_buffer *`, which is not
+controllable by the user.
+
+"btrfs version" is v3.19.1. Running "btrfs check" immediately dies with
+
+*** Error in `btrfs': double free or corruption (!prev): 0x0000000002396ec0 ***
+*** Error in `btrfs': malloc(): memory corruption: 0x0000000002396f60 ***
+
+Debugging with valgrind and gdb gives
+
+==11670== Invalid write of size 8
+==11670== at 0x4386FB: btrfs_search_slot (ctree.c:1119)
+==11670== by 0x44E16E: btrfs_read_chunk_tree (volumes.c:1814)
+==11670== by 0x43D654: btrfs_setup_chunk_tree_and_device_map
(disk-io.c:1115)
+==11670== by 0x43D7D0: __open_ctree_fd (disk-io.c:1190)
+==11670== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==11670== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==11670== by 0x40E5A1: main (btrfs.c:245)
+==11670== Address 0x4c3bb98 is 8 bytes after a block of size 144 alloc'd
+==11670== at 0x4A08946: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
+==11670== by 0x44E133: btrfs_read_chunk_tree (volumes.c:1801)
+==11670== by 0x43D654: btrfs_setup_chunk_tree_and_device_map
(disk-io.c:1115)
+==11670== by 0x43D7D0: __open_ctree_fd (disk-io.c:1190)
+==11670== by 0x43D964: open_ctree_fs_info (disk-io.c:1231)
+==11670== by 0x427BF4: cmd_check (cmds-check.c:9326)
+==11670== by 0x40E5A1: main (btrfs.c:245)
+
+Program received signal SIGTRAP, Trace/breakpoint trap.
+btrfs_search_slot (trans=trans@entry=0x0, root=root@entry=0x4c36d30,
key=key@entry=0xffefff830, p=p@entry=0x4c3bb00,
+ ins_len=ins_len@entry=0, cow=cow@entry=0) at ctree.c:1119
+1119 p->nodes[level] = b;
+(gdb) p p->nodes
+$1 = {0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0, 0x0}
+(gdb) p p
+$2 = (struct btrfs_path *) 0x4c3bb00
+(gdb) p b
+$3 = (struct extent_buffer *) 0x4c3a990
+
+
+The corresponding part in ctree.c:btrfs_search_slot() seems to fail to check
if `level` overflows outside of `node`:
+
+level = btrfs_header_level(b);
+...
+if (level != btrfs_header_level(b))
+ WARN_ON(1);
+level = btrfs_header_level(b);
+p->nodes[level] = b; // <- Illegal write
+
+Maybe the repeated calls to btrfs_header_level() were meant to do something
once, they seem to be noise.
Files old/btrfs-progs-v4.2/tests/fuzz-tests/images/bko-97271-btrfs-image.raw.xz
and new/btrfs-progs-v4.2.1/tests/fuzz-tests/images/bko-97271-btrfs-image.raw.xz
differ
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/utils.c
new/btrfs-progs-v4.2.1/utils.c
--- old/btrfs-progs-v4.2/utils.c 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/utils.c 2015-09-20 14:50:06.000000000 +0200
@@ -2550,7 +2550,7 @@
return 0;
}
-int btrfs_scan_lblkid()
+int btrfs_scan_lblkid(void)
{
int fd = -1;
int ret;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/version.sh
new/btrfs-progs-v4.2.1/version.sh
--- old/btrfs-progs-v4.2/version.sh 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/version.sh 2015-09-20 14:50:06.000000000 +0200
@@ -6,7 +6,7 @@
# Copyright 2008, Oracle
# Released under the GNU GPLv2
-v="v4.2"
+v="v4.2.1"
opt=$1
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' old/btrfs-progs-v4.2/volumes.h
new/btrfs-progs-v4.2.1/volumes.h
--- old/btrfs-progs-v4.2/volumes.h 2015-09-03 14:29:20.000000000 +0200
+++ new/btrfs-progs-v4.2.1/volumes.h 2015-09-20 14:50:06.000000000 +0200
@@ -156,7 +156,7 @@
static inline int check_crossing_stripes(u64 start, u64 len)
{
return (start / BTRFS_STRIPE_LEN) !=
- ((start + len) / BTRFS_STRIPE_LEN);
+ ((start + len - 1) / BTRFS_STRIPE_LEN);
}
int __btrfs_map_block(struct btrfs_mapping_tree *map_tree, int rw,
++++++ local-version-override.patch ++++++
--- /var/tmp/diff_new_pack.1RUMsi/_old 2015-09-24 07:18:09.000000000 +0200
+++ /var/tmp/diff_new_pack.1RUMsi/_new 2015-09-24 07:18:09.000000000 +0200
@@ -6,8 +6,8 @@
# Copyright 2008, Oracle
# Released under the GNU GPLv2
--v="v4.2"
-+v="v4.2+20150903"
+-v="v4.2.1"
++v="v4.2+20150922"
opt=$1
