bf21c82675
[BUG] When running lowmem mode with METADATA_ITEM which has invalid level, it will crash with the following backtrace: (gdb) bt #0 0x0000555555616b0b in btrfs_header_bytenr (eb=0x4) at ./kernel-shared/ctree.h:2134 #1 0x0000555555620c78 in check_tree_block_backref (root_id=5, bytenr=30457856, level=256) at check/mode-lowmem.c:3818 #2 0x0000555555621f6c in check_extent_item (path=0x7fffffffd9c0) at check/mode-lowmem.c:4334 #3 0x00005555556235a5 in check_leaf_items (root=0x555555688e10, path=0x7fffffffd9c0, nrefs=0x7fffffffda30, account_bytes=1) at check/mode-lowmem.c:4835 #4 0x0000555555623c6d in walk_down_tree (root=0x555555688e10, path=0x7fffffffd9c0, level=0x7fffffffd984, nrefs=0x7fffffffda30, check_all=1) at check/mode-lowmem.c:4967 #5 0x000055555562494f in check_btrfs_root (root=0x555555688e10, check_all=1) at check/mode-lowmem.c:5266 #6 0x00005555556254ee in check_chunks_and_extents_lowmem () at check/mode-lowmem.c:5556 #7 0x00005555555f0b82 in do_check_chunks_and_extents () at check/main.c:9114 #8 0x00005555555f50ea in cmd_check (cmd=0x55555567c640 <cmd_struct_check>, argc=3, argv=0x7fffffffdec0) at check/main.c:10892 #9 0x000055555556b2b1 in cmd_execute (argv=0x7fffffffdec0, argc=3, cmd=0x55555567c640 <cmd_struct_check>) at cmds/commands.h:125 [CAUSE] For function check_extent_item() it will go through inline extent items and then check their backrefs. But for METADATA_ITEM, it doesn't really validate key.offset, which is u64 and can contain value way larger than BTRFS_MAX_LEVEL (mostly caused by bit flip). In that case, if we have a larger value like 256 in key.offset, then later check_tree_block_backref() will use 256 as level, and overflow path->nodes[level] and crash. [FIX] Just verify the level, no matter if it's from btrfs_tree_block_level() (which is just u8), or it's from key.offset (which is u64). To do the check properly and detect higher bits corruption, also change the type of @level from u8 to u64. Now lowmem mode can detect the problem properly: ... [2/7] checking extents ERROR: tree block 30457856 has bad backref level, has 256 expect [0, 7] ERROR: extent[30457856 16384] level mismatch, wanted: 0, have: 256 ERROR: errors found in extent allocation tree or chunk allocation [3/7] checking free space tree ... Reviewed-by: Su Yue <l@damenly.su> Signed-off-by: Qu Wenruo <wqu@suse.com> Signed-off-by: David Sterba <dsterba@suse.com> |
||
|---|---|---|
| check | ||
| ci | ||
| cmds | ||
| common | ||
| convert | ||
| crypto | ||
| Documentation | ||
| image | ||
| kernel-lib | ||
| kernel-shared | ||
| libbtrfs | ||
| libbtrfsutil | ||
| m4 | ||
| mkfs | ||
| tests | ||
| .editorconfig | ||
| .gitignore | ||
| 64-btrfs-dm.rules | ||
| 64-btrfs-zoned.rules | ||
| autogen.sh | ||
| btrfs-completion | ||
| btrfs-corrupt-block.c | ||
| btrfs-crc.c | ||
| btrfs-debugfs | ||
| btrfs-find-root.c | ||
| btrfs-fragments.c | ||
| btrfs-map-logical.c | ||
| btrfs-sb-mod.c | ||
| btrfs-select-super.c | ||
| btrfs.c | ||
| btrfstune.c | ||
| CHANGES | ||
| configure.ac | ||
| COPYING | ||
| fsck.btrfs | ||
| INSTALL | ||
| ioctl.h | ||
| kerncompat.h | ||
| libbtrfs.sym | ||
| Makefile | ||
| Makefile.extrawarn | ||
| Makefile.inc.in | ||
| quick-test.c | ||
| random-test.c | ||
| README.md | ||
| show-blocks | ||
| VERSION | ||
| version.h.in | ||
Btrfs-progs 
Userspace utilities to manage btrfs filesystems. License: GPLv2.
Btrfs is a copy on write (COW) filesystem for Linux aimed at implementing advanced features while focusing on fault tolerance, repair and easy administration.
This repository hosts following utilities and also documentation:
- btrfs — the main administration tool (manual page)
- mkfs.btrfs — utility to create the filesystem (manual page)
- all-in-one binary in the busybox style with mkfs.btrfs, btrfs-image and other tools built-in (standalone tools)
- libbtrfsutil (LGPL v2.1) — C and python 3 bindings, see libbtrfsutil/README.md for more
- manual pages and documentation source published at btrfs.readthedocs.io
See INSTALL for build instructions and tests/README.md for testing information.
Release cycle
The major version releases are time-based and follow the cycle of the linux kernel releases. The cycle usually takes 2 months. A minor version releases may happen in the meantime if there are bug fixes or minor useful improvements queued.
The release tags are signed with a GPG key ID F2B4 1200 C54E FB30 380C 1756 C565 D5F9 D76D 583B,
release tarballs are hosted at kernel.org.
See file CHANGES or changelogs on wiki.
Reporting bugs
There are several ways, each has its own specifics and audience that can give feedback or work on a fix. The following list is sorted in the order of preference:
- github issue tracker
- to the mailing list linux-btrfs@vger.kernel.org -- (not required to subscribe), beware that the mail might get overlooked in other traffic
- IRC (irc.libera.chat #btrfs) -- good for discussions eg. if a bug is already known, but reports could miss developers' attention
- bugzilla.kernel.org -- (requires registration), set the product to Filesystems and component Btrfs, please put 'btrfs-progs' into the subject so it's clear that it's not a kernel bug report
Development
The patch submissions, development or general discussions take place at linux-btrfs@vger.kernel.org mailinglist, subsciption is not required to post.
The GitHub pull requests will not be accepted directly, the preferred way is to send patches to the mailinglist instead. You can link to a branch in any git repository if the mails do not make it to the mailinglist or just for convenience (makes it easier to test).
The development model of btrfs-progs shares a lot with the kernel model. The github way is different in some ways. We, the upstream community, expect that the patches meet some criteria (often lacking in github contributions):
- one logical change per patch: eg. not mixing bugfixes, cleanups, features etc., sometimes it's not clear and will be usually pointed out during reviews
- proper subject line: eg. prefix with btrfs-progs: subpart, ... ,
descriptive yet not too long, see
git log --onelinefor some inspiration - proper changelog: the changelogs are often missing or lacking explanation why the change was made, or how is something broken, what are user-visible effects of the bug or the fix, how does an improvement help or the intended usecase
- the Signed-off-by line: this documents who authored the change, you can read
more about the
The Developer's Certificate of Origin (chapter 11)
- if you are not used to the signed-off style, your contributions won't be rejected just because of it's missing, the Author: tag will be added as a substitute in order to allow contributions without much bothering with formalities
Source code coding style and preferences follow the
kernel coding style.
You can find the editor settings in .editorconfig and use the
EditorConfig plugin to let your editor use that,
or update your editor settings manually.
Testing
The testing documentation can be found in tests/ and continuous integration/container images in ci/.
Documentation updates
Documentation fixes or updates do not need much explanation so sticking to the code rules in the previous section is not necessary. GitHub pull requests are OK, patches could be sent to me directly and not required to be also in the mailinglist. Pointing out typos via IRC also works, although might get accidentally lost in the noise.
Documents are written in RST and built by sphinx.
Third-party sources
Build dependencies are listed in INSTALL. Implementation of checksum/hash functions is provided by copies of the respective sources to avoid adding dependencies that would make deployments in rescure or limited environments harder. The implementations are portable and not optimized for speed nor accelerated. Optionally it's possible to use libgcrypt, libsodium or libkcapi implementations.
- CRC32C: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/
- XXHASH: https://github.com/Cyan4973/xxHash
- SHA256: https://tools.ietf.org/html/rfc4634
- BLAKE2: https://github.com/BLAKE2/BLAKE2
Some other code is borrowed from kernel, eg. the raid5 tables or data structure implementation.