Yan, Zheng wrote: > Offset field in data extent backref can underflow if clone range ioctl > is used. We can reliably detect the underflow because max file size is > limited to 2^63 and max data extent size is limited by block group size. > > Signed-off-by: Zheng Yan <zheng.z.yan@xxxxxxxxx> Tested-by: Li Zefan <lizf@xxxxxxxxxxxxxx> ... > @@ -3323,8 +3323,11 @@ static int find_data_references(struct reloc_control *rc, > } > > key.objectid = ref_objectid; > - key.offset = ref_offset; > key.type = BTRFS_EXTENT_DATA_KEY; > + if (ref_offset > ((u64)-1 << 32)) > + key.offset = 0; > + else > + key.offset = ref_offset; This needs comment, as we're working around a corner case and a magic number is used. > > path->search_commit_root = 1; > path->skip_locking = 1; > -- -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
