[BUG]
For fuzzed image whose DEV_ITEM has invalid total_bytes as 0, then
kernel will just panic:
BUG: unable to handle kernel NULL pointer dereference at 0098
#PF error: [normal kernel read fault]
PGD 80022b2bd067 P4D 80022b2bd067 PUD 22b2bc067 PMD 0
Oops: [#1] SMP
On 20/03/2019 07:37, Qu Wenruo wrote:
[...]
> +static int check_dev_item(struct btrfs_fs_info *fs_info,
> + struct extent_buffer *leaf,
> + struct btrfs_key *key, int slot)
> +{
> + struct btrfs_dev_item *ditem;
> + u64 max_devid = max(BTRFS_MAX_
On 2019/3/20 下午7:51, Johannes Thumshirn wrote:
> On 20/03/2019 07:37, Qu Wenruo wrote:
> [...]
>
>> +static int check_dev_item(struct btrfs_fs_info *fs_info,
>> + struct extent_buffer *leaf,
>> + struct btrfs_key *key, int slot)
>> +{
>> +struct btr
On Wed, Mar 20, 2019 at 07:53:18PM +0800, Qu Wenruo wrote:
> >> +error:
> >> + return -EUCLEAN;
> >> +}
> >> +
> >
> > Why aren't you directly returning -EUCLEAN instead of the gotos? There's
> > no cleanup pending so the additional jump label is unnecessary.
>
> Just a coding preference.
>
> W
On 2019/3/20 下午2:37, Qu Wenruo wrote:
[snip]
> +
> + /*
> + * Since btrfs device add doesn't check device size at all, we could
> + * have device item whose size is smaller than 1M which is useless, but
> + * still valid.
> + * So here we can only check the obviously wron
