On 2/13/20 3:53 AM, Zheng Bin wrote: > We recently used fuzz(hydra) to test XFS and automatically generate > tmp.img(XFS v5 format, but some metadata is wrong) > > Test as follows: > mount tmp.img tmpdir > cp file1M tmpdir > sync I would leave this part out of the change log, because it is not a useful testcase for anyone who does not have your test.img. > tmpdir/file1M size is 1M, but its data can not sync to disk. > > This is because tmp.img has some problems, using xfs_repair detect > information as follows: > > agf_freeblks 0, counted 3224 in ag 0 > agf_longest 536874136, counted 3224 in ag 0 > sb_fdblocks 613, counted 3228 > > Add these agf freeblocks checks: > 1. agf_longest < agf_freeblks > 2. agf_freeblks < sb_fdblocks This left out the 2nd check Dave suggested, that freeblocks is less than the number of blocks in the AG, i.e. b) agf_freeblks < sb_dblocks / sb_agcount (and yes, it must special-case the last AG which may be smaller - see xfs_ag_block_count()) -Eric > Signed-off-by: Zheng Bin <zhengbin13@xxxxxxxxxx> > Signed-off-by: Ren Xudong <renxudong1@xxxxxxxxxx> > --- > fs/xfs/libxfs/xfs_alloc.c | 4 ++++ > 1 file changed, 4 insertions(+) > > diff --git a/fs/xfs/libxfs/xfs_alloc.c b/fs/xfs/libxfs/xfs_alloc.c > index d8053bc..0f4b4d1 100644 > --- a/fs/xfs/libxfs/xfs_alloc.c > +++ b/fs/xfs/libxfs/xfs_alloc.c > @@ -2858,6 +2858,10 @@ xfs_agf_verify( > be32_to_cpu(agf->agf_flcount) <= xfs_agfl_size(mp))) > return __this_address; > > + if (be32_to_cpu(agf->agf_freeblks) < be32_to_cpu(agf->agf_longest) || > + be32_to_cpu(agf->agf_freeblks) >= mp->m_sb.sb_fdblocks) > + return __this_address; > + > if (be32_to_cpu(agf->agf_levels[XFS_BTNUM_BNO]) < 1 || > be32_to_cpu(agf->agf_levels[XFS_BTNUM_CNT]) < 1 || > be32_to_cpu(agf->agf_levels[XFS_BTNUM_BNO]) > XFS_BTREE_MAXLEVELS || > -- > 2.7.4 >
