Commit Graph

684 Commits

Author SHA1 Message Date
Josef Bacik
8a46573c2a Btrfs-progs: return an error if we can't find an fs root
Instead of doing a BUG_ON() if we fail to find the last fs root just return
an error so the callers can deal with it how they like.  Also we need to
actually return an error if we can't find the latest root so that the error
handling works.  With this btrfsck was able to deal with a file system that
was missing a root item but still had extents that referred back to the
root.  Thanks,

Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-02-07 01:19:50 +01:00
Josef Bacik
8795e785ce Btrfs-progs: fix double free of extent buffer
Noticed this while looking for an segfault related to our eb cache in
btrfsck.  We free the eb in out: so we don't need this extra free.  Thanks,

Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-02-07 01:19:50 +01:00
Josef Bacik
6cba7b1b46 Btrfs-progs: handle errors reading fs roots
A user had a problem where btrfsck would bail out because it was finding
extents for a snapshot that had been deleted but not entirely cleaned up.
We can handle this case fine, we just need to report an error properly.
This patch allowed btrfsck to continue and eventually fix his file system.
Thanks,

Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-02-07 01:19:49 +01:00
Eric Sandeen
5e7b9d2156 btrfs-progs: remove unused bit-radix.[ch] files
fd53de4d Drop bit-radix.[ch] files
removed the files from the Makefile, but not the files themselves.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
2013-02-07 01:19:49 +01:00
Eric Sandeen
a8cb2d03dd Btrfs-progs print more informative error when we fail to open a device
print more informative error when we fail to open a device

If open() fails, we should let the user know why it failed.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Gene Czarcinski <gene@czarc.net>
2013-02-06 23:09:02 +01:00
Chris Mason
82ac34581e Merge branch 'cov-fixes-v1-integration-20130201' of http://git.zabbo.net/cgit/btrfs-progs into merged 2013-02-06 12:51:58 -05:00
Chris Mason
7b1c567c84 Merge branch 'for-chris' of git://repo.or.cz/btrfs-progs-unstable/devel into raid56
Conflicts:
	ctree.h

Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2013-02-06 12:42:24 -05:00
Eric Sandeen
2986545ccd btrfs-progs: initialize pipefd[] for error path
Several goto out; paths will end up doing i.e.

        if (pipefd[0])
                close(pipefd[0]);

but we get there with uninitialized values in many cases.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
899ba61fa6 btrfs-progs: fix overflows of ioctl name args
3 places where we copy pathnames into ioctl arguments
were not limited to the destination name size, and
could overflow.  Use the new strncpy_null() macro
to make this safe.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
bcb2b73358 btrfs-progs: simplify ioctl name copy and null termination
In the places where we copy a string into the name
member of btrfs_ioctl_vol_args or btrfs_ioctl_vol_args_v2,
we use strncopy (to not overflow the name array) and then
set the last position to the null character.

Howver, in both cases the arrays are defined with:

        char name[MAX+1];

hence the last array position is name[MAX].

In most cases, we now insert the null at name[MAX-1]
which deprives us of one useful character.

Even the above isn't consistent through the code, so
make some helper code to make it simple, i.e.
strncpy_null(dest, src) which automatically does the
right thing based on the size of dest.

Thanks to Zach Brown for the macro suggestion.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
7ced17b07f btrfs-progs: fix name lengths in cmd_subvol_create
cmd_subvol_create() calls either BTRFS_IOC_SUBVOL_CREATE
or BTRFS_IOC_SUBVOL_CREATE_V2 depending on whether or
not inherit is set.  However, these 2 ioctls have different
args structures with different length name[] members.

In the BTRFS_IOC_SUBVOL_CREATE case, the arg is
btrfs_ioctl_vol_args, with a BTRFS_PATH_NAME_MAX length
name, not a BTRFS_SUBVOL_NAME_MAX length name.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
dbeedbed2a btrfs-progs: remove duplicate __setup_root
__setup_root() was present in find-root.c as well
as disk-io.c.  No need for the cut and paste, just
use the one in disk-io.c

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
17cc7af982 btrfs-progs: fix mdresotre typo in function names
"mdresotre" sounds like it might be French, but most
likely it's a misspelling of mdrestore.  Fix it.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
8efd6e6746 btrfs-progs: zero out inspect ioctl args
Mostly just to keep things like coverity happy about potentially
uninitialized structure members, since it doesn't grok the ioctl.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
a2eec48a8e btrfs-progs: don't use closed fd
In the case that btrfs scrub cancel is given a device name,
we close the file handle, and then pass it to check_mounted_where()
which eventually preads from that (now closed) fd.  Fix the logic
so that we close & re-open the discovered mountpoint properly.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:41 -08:00
Eric Sandeen
6bd3a02fa6 btrfs-progs: don't double-close prg_fd
If scrub start discovers that scrub is already running,
we need to set prg_fd to -1 before goto out, or we'll
try to close it again in the error path.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:41 -08:00
Zach Brown
a70837ab1e btrfs-progs: don't leak fds in logical resolve
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:41 -08:00
Zach Brown
df13b84670 btrfs-progs: close fd in inode resolve
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
065fa46f5d btrfs-progs: don't leak multi-bio in find_root()
It wasn't freed if it didn't find metadata.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
bf4196b408 btrfs-progs: don't leak inherit on errors
A few paths returned errors before freeing their inherit allocation.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
ceb538f178 btrfs-progs: close ioctl fd in find new
Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
4cce2094b1 btrfs-progs: don't leak fd in resize
Argument validation failed to close the fd that was opened.  So check
the arguments before opening anything.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
4e381d4169 btrfs-progs: free path before returning
One of the return statements in search_dir() didn't free everything it
was supposed to.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
7b3f63be2c btrfs-progs: close fd in qgroup show
It wasn't closed in the error path.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
6ea327567f btrfs-progs: free bits in check_extents()
As far as I can tell, nothing took the address of this.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
e37d9aa8e1 btrfs-progs: remove unused arguments
add_root_to_pending() took a bunch of arguments that it never used.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
f4dc05bf76 btrfs-progs: scrub can leak fd 0
< 0 is returned for errors opening the file, this code could leak fd 0.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
cb4c601a4e btrfs-progs: fix scrub socket leak
If connection fails the socket is leaked when the status file is used
instead.  Close it to trivially cut down on fd use and to bring down the
noise in static code analysis.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
09fac3824d btrfs-progs: don't leak in set_extent_bits
It looks possible to hit the search_again label without using the
prealloc.  A new prealloc is allocated, leaking the current one.

Every use of prealloc sets it to null so let's just allocate a new
prealloc when we don't already have one.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:40 -08:00
Zach Brown
de763395fb btrfs-progs: fix overflow in btrfs_scan_one_dir()
btrfs_scan_one_dir() can overflow an arbitrarily small 256 byte buffer
with an arbitrarily slightly larger 1024 byte buffer as it remembers the
path of a dir to later descend.

Make these buffers the same size to stop the overflow and chose PATH_MAX
for that size so that it won't fail on legitimately bonkers paths.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
506fb87fe4 btrfs-progs: free path on read_chunk_tree error
Path allocation failure already has its own return, remember to free the
path when the error label is taken.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
aaf682ac2e btrfs-progs: array indexes must be < ARRAY_SIZE()
It looks like the usual kernel idiom of "< ARRAY_SIZE()" was
accidentally negated as ">" instead of ">=".

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
7d365c5a87 btrfs-progs: don't write memory after sb to disk
struct btrfs_super is about 3.5k but a few writing paths were writing it
out as the full 4k BTRFS_SUPER_INFO_SIZE, leaking a few hundred bytes
after the super_block onto disk.  In practice this meant the memory
after super_copy in struct btrfs_fs_info and whatever came after it in
the heap.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
fd732dd81a btrfs-progs: impossible BUG_ON meant to test empty
old_left_nritems is unsigned so BUG_ON(old_left_nritems < 0) is
impossible.  Presumably the BUG_ON() meant to test that it wasn't 0 so
that btrfs_item_offset_nr() doesn't get a nr of -1.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
7c9f323a7c btrfs-progs: check for open failure, don't close
Check for failure by testing for a negative file descriptor, not a
descriptor of 0.  And if it failed we have nothing to close().

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
201238df26 btrfs-progs: don't close(<0) in subvol create
Don't try to close an fd immediately after discovering that opening it
failed.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
31802d9e75 btrfs-progs: don't return -EBUSY from main()
-EBUSY is platform dependent and is even less reliable when truncated to
a u8.  Just return 1 on error.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
ac59571f59 btrfs-progs: don't close(-1)
When opening the fd fails just return instead of taking the shared error
path that tries to close() the fd.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
da3a185f44 btrfs-progs: break after printing FREE_INO
The free inode objectid would be printed as "FREE_INOQUOTA_TREE" because
of a missing break.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
4b76e34093 btrfs-progs: don't free null path
btrfs_free_path() derefs the path before freeing it.  It can't be passed
a null pointer when allocation fails.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
5fc2413e64 btrfs-progs: remove dead code that checks null eb
'next' can never be non-null in the body of these loops.  It's
initialized to NULL and the loop is terminated the moment it is set.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:39 -08:00
Zach Brown
ba4791fde3 btrfs-progs: fix copy-n-paste error checking
copy_one_inline() meant to test the return of pwrite() with ram_size.
Presumably the comparison with len was copied from the test earlier in
the function.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:38 -08:00
Zach Brown
d86394da23 btrfs-progs: remove unused info_fd
finish_subvol() initializes and tests info_fd but it is never used.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:38 -08:00
Zach Brown
9e4ad99099 btrfs-progs: use ftw() unstead of system("du")
size_sourcedir() uses shockingly bad code to try and estimate the size
of the files and directories in a subtree.

- Its use of snprintf(), strcat(), and sscanf() with arbitrarily small
  on-stack buffers manages to overflow the stack a few times when given
  long file names.

  $ BIG=$(perl -e 'print "a" x 200')
  $ mkdir -p /tmp/$BIG/$BIG/$BIG/$BIG/$BIG
  $ mkfs.btrfs /tmp/img -r /tmp/$BIG/$BIG/$BIG/$BIG/$BIG
  *** stack smashing detected ***: mkfs.btrfs terminated

- It passes raw paths to system() allowing interpreting file names as
  shell control characters.

  $ mkfs.btrfs /tmp/img -r /tmp/spacey\ dir/
  du: cannot access `/tmp/spacey': No such file or directory
  du: cannot access `dir/': No such file or directory

- It redirects du output to "temp_file" in the current directory,
  allowing overwriting of files through symlinks.

  $ echo hi > target
  $ ln -s target temp_file
  $ mkfs.btrfs /tmp/img -r /tmp/somedir/
  $ cat target
  3	/tmp/somedir/

This fixes the worst problems while maintaining -r functionality by
tearing out the system() code and using ftw() to walk the source tree
and sum up st.st_size.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:38 -08:00
Zach Brown
968efc6f98 btrfs-progs: more carefully check eb backrefs
check_owner_ref() could deref a null path node if btrfs_search_slot()
fails or simply doesn't find a tree tall enough to get to the parent of
the desired block.

This was flagged by static analysis warning that btrfs_search_slot()'s
return value wasn't being checked.

Signed-off-by: Zach Brown <zab@redhat.com>

Again: caught by static analysis.
2013-02-05 16:09:38 -08:00
Zach Brown
ea0ac9416f btrfs-progs: return error from commit_tree_roots()
Errors cow-ing the root block are silently being dropped.  This is
just a step towards error handling because both the caller and calee
assert on errors.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:38 -08:00
Zach Brown
52162700bb btrfs-progs: treat super.magic as an le64
The super block magic is a le64 whose value looks like an unterminated
string in memory.  The lack of null termination leads to clumsy use of
string functions and causes static analysis tools to warn that the
string will be unterminated.

So let's just treat it as the le64 that it is.  Endian wrappers are used
on the constant so that they're compiled into run-time constants.

Signed-off-by: Zach Brown <zab@redhat.com>
2013-02-05 16:09:32 -08:00
Eric Sandeen
5ffe6597e7 btrfs-progs: include kerncompat.h in raid6.c, define __attribute_const__
raid6.c was failing to build for Goffredo and me due to
__attribute_const__ being undefined.

Define it in kerncompat.h and include that; this also makes
sure BITS_PER_LONG is defined for raid6.c, prior to this it
was not defined, at least in my build.

Finally, redefine BITS_PER_LONG in a way that it can be
tested in the preprocessor macro.

Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2013-02-03 12:39:16 -05:00
David Woodhouse
4d48b96b28 Add basic RAID[56] support
David Woodhouse originally contributed this code, and Chris Mason
changed it around to reflect the current design goals for raid56.

The original code expected all metadata and data writes to be full
stripes.  This meant metadata block size == stripe size, and had a few
other restrictions.

This version allows metadata blocks smaller than the stripe size.  It
implements both raid5 and raid6, although it does not have code to
rebuild from parity if one of the drives is missing or incorrect.

Signed-off-by: David Woodhouse <David.Woodhouse@intel.com>
Signed-off-by: Chris Mason <chris.mason@fusionio.com>
2013-02-01 14:22:07 -05:00
Josef Bacik
2161e1b6f3 Btrfs-progs: use btrfs_lookup_first_block_group when fixing accounting
This was a bug from long time ago that never actually got fixed.  We start
with bytenr 0 when looping through all of the block groups, but
btrfs_lookup_block_group will bail out since it couldn't find a block group
with 0 as the bytenr.  Btrfs_lookup_first_block_group will be nice and
adjust the start up to the right value, so this way we reset all the block
groups properly and not screw up the users block group accounting.  Thanks,

Signed-off-by: Josef Bacik <jbacik@fusionio.com>
2013-02-01 17:56:42 +01:00