Message ID | 20170907022825.19334-1-suy.fnst@cn.fujitsu.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
On Thu, Sep 07, 2017 at 10:28:25AM +0800, Su Yue wrote: > From: Zhang Yu <zhangyu-fnst@cn.fujitsu.com> > > In fuzz-tests/004-simple-dump-tree: > Since there is one wrong item(DATA_RELOC_TREE CHUNK_ITEM 0) in root > tree. > It fails as follow: > > ctree.h:317: btrfs_chunk_item_size: BUG_ON `num_stripes == 0` triggered, value 1 > btrfs-progs/btrfs(+0x2496f)[0x564a031e996f] > btrfs-progs/btrfs(print_chunk+0x20f)[0x564a031ea091] > btrfs-progs/btrfs(btrfs_print_leaf+0xfcb)[0x564a031ebaea] > btrfs-progs/btrfs(btrfs_print_tree+0x3d)[0x564a031ec311] > btrfs-progs/btrfs(cmd_inspect_dump_tree+0x4e6)[0x564a0323a6e1] > btrfs-progs/btrfs(handle_command_group+0x44)[0x564a031d6414] > btrfs-progs/btrfs(cmd_inspect+0x15)[0x564a03211b98] > btrfs-progs/btrfs(main+0x88)[0x564a031d65d0] > /usr/lib/libc.so.6(__libc_start_main+0xea)[0x7f2c7fa584ca] > btrfs-progs/btrfs(_start+0x2a)[0x564a031d616a] > item 8 key (DATA_RELOC_TREE CHUNK_ITEM 0) itemoff 1574 itemsize 439 > failed (ignored, ret=134): btrfs-progs/btrfs inspect-internal dump-tree btrfs-progs/tes\ > ts/fuzz-tests/images/bko-155201-wrong-chunk-item-in-root-tree.raw.restored > mayfail: returned code 134 (SIGABRT), not ignored > test failed for case 004-simple-dump-tree > > Solve it by checking on num_stripes in print_chunk(). > > Signed-off-by: Zhang Yu <zhangyu-fnst@cn.fujitsu.com> Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/print-tree.c b/print-tree.c index 5927ed35..ca7b3aa1 100644 --- a/print-tree.c +++ b/print-tree.c @@ -199,9 +199,19 @@ void print_chunk(struct extent_buffer *eb, struct btrfs_chunk *chunk) { u16 num_stripes = btrfs_chunk_num_stripes(eb, chunk); int i; - u32 chunk_item_size = btrfs_chunk_item_size(num_stripes); + u32 chunk_item_size; char chunk_flags_str[32] = {0}; + /* + * check on num_stripes + * Btrfs_chunk contains at least one stripes + */ + if (num_stripes < 1) { + printf("\t\tinvalid num_stripes: %u\n", num_stripes); + return; + } + + chunk_item_size = btrfs_chunk_item_size(num_stripes); if ((unsigned long)chunk + chunk_item_size > eb->len) { printf("\t\tchunk item invalid\n"); return;