Userspace utilities to manage btrfs filesystems
Go to file
Adam Buchbinder f6a290686e btrfs-progs: Fix a use-after-free in the volumes code.
When a struct btrfs_fs_devices was being torn down by
btrfs_close_devices(), there was an invalidated pointer in the global
list fs_uuids which still pointed to it; if a device was closed and
then reopened (which btrfs-convert does), freed memory would be
accessed.

This was found using ThreadSanitizer (pretty much doing what
AddressSanitizer would, but not exiting after the first failure).
To reproduce, build with -fsanitize=thread and run 'make test'.
Representative output is below.

This change makes the current tests TSan-clean.

WARNING: ThreadSanitizer: heap-use-after-free (pid=29161)
  Read of size 8 at 0x7d180000eee0 by main thread:
    #0 memcmp ??:0
    #1 find_fsid .../volumes.c:81
    #2 device_list_add .../volumes.c:95
    #3 btrfs_scan_one_device .../volumes.c:259
    #4 btrfs_scan_fs_devices .../disk-io.c:1002
    #5 __open_ctree_fd .../disk-io.c:1090
    #6 open_ctree_fd .../disk-io.c:1191
    #7 do_convert .../btrfs-convert.c:2317
    #8 main .../btrfs-convert.c:2745

  Previous write of size 8 at 0x7d180000eee0 by main thread:
    #0 free ??:0
    #1 btrfs_close_devices .../volumes.c:191
    #2 close_ctree .../disk-io.c:1401
    #3 do_convert .../btrfs-convert.c:2300
    #4 main .../btrfs-convert.c:2745

  Location is heap block of size 96 at 0x7d180000eee0 allocated by main thread:
    #0 calloc ??:0 (exe+0x00000002acc6)
    #1 device_list_add .../volumes.c:97
    #2 btrfs_scan_one_device .../volumes.c:259
    #3 btrfs_scan_fs_devices .../disk-io.c:1002
    #4 __open_ctree_fd .../disk-io.c:1090
    #5 open_ctree_fd .../disk-io.c:1191
    #6 do_convert .../btrfs-convert.c:2256
    #7 main .../btrfs-convert.c:2745

Signed-off-by: Adam Buchbinder <abuchbinder@google.com>
Reviewed-by: Satoru Takeuchi <takeuchi_satoru@jp.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.cz>
2014-08-22 14:39:34 +02:00
Documentation btrfs-progs: rename btrfs-mount.5 to btrfs.5 2014-08-22 14:39:34 +02:00
tests Btrfs-progs: add a test image for the transid fixer in btrfsck 2013-10-16 08:23:12 -04:00
.gitignore btrfs-progs: Introduce asciidoc based man page and btrfs man page. 2014-04-22 14:15:19 +02:00
bcp
bitops.h Btrfs-progs: add a free space cache checker to fsck V2 2013-04-23 18:56:21 +02:00
btrfs-calc-size.c Btrfs-progs: fsck: fix wrong check for btrfs_read_fs_root() 2014-08-22 14:39:33 +02:00
btrfs-convert.c btrfs-progs: mkfs: allow UUID specification at mkfs time 2014-08-22 14:39:32 +02:00
btrfs-corrupt-block.c Btrfs-progs: switch to arg_strtou64() part2 2014-03-21 06:23:19 -07:00
btrfs-crc.c btrfs-progs: Fix getopt on arm/ppc platforms 2013-08-09 14:32:34 +02:00
btrfs-debug-tree.c Btrfs-progs: debug-tree, add option to dump a single tree 2014-08-22 14:39:31 +02:00
btrfs-find-root.c Btrfs-progs: make smatch checker happy (trivial fixes) 2014-05-02 17:03:45 +02:00
btrfs-fragments.c btrfs-progs: remove unused variables 2013-10-16 08:23:13 -04:00
btrfs-image.c btrfs-image: Fix a data race in build_chunk_tree. 2014-08-22 14:39:32 +02:00
btrfs-list.c btrfs-progs: fix listing deleted subvolumes 2014-04-04 17:54:35 -07:00
btrfs-list.h btrfs-progs: Copyright string update 2014-03-21 06:23:24 -07:00
btrfs-map-logical.c Btrfs-progs: make smatch checker happy (trivial fixes) 2014-05-02 17:03:45 +02:00
btrfs-select-super.c btrfs-progs: fix compiler warning 2014-08-22 14:39:32 +02:00
btrfs-show-super.c btrfs-show-super: don't try to print not-superblocks 2014-08-22 14:39:31 +02:00
btrfs-zero-log.c Btrfs-progs: rework open_ctree to take flags, add a new one V2 2013-11-07 16:10:40 -05:00
btrfs.c Btrfs-progs: btrfs: remove dead code in handle_options 2014-04-11 19:05:40 +02:00
btrfsck.h btrfs-progs: Copyright string update 2014-03-21 06:23:24 -07:00
btrfstune.c btrfs-progs: clarify manpage for btrfstune seeding option 2014-08-22 14:39:32 +02:00
chunk-recover.c btrfs-progs: cleanup unused assignment for chunk-recover 2014-08-22 14:39:34 +02:00
cmds-balance.c btrfs-progs: fix minor grammar issues 2014-01-31 08:22:28 -08:00
cmds-check.c Btrfs-progs: fsck: add an option to check data csums 2014-08-22 14:39:33 +02:00
cmds-device.c btrfs-progs: canonicalize pathnames for device commands 2014-08-22 14:39:34 +02:00
cmds-filesystem.c btrfs-progs: Fix the return value of btrfs_scan_kernel() 2014-04-22 14:34:27 +02:00
cmds-inspect.c Btrfs-progs: switch to arg_strtou64() part2 2014-03-21 06:23:19 -07:00
cmds-property.c btrfs-progs: Make property work with -t option 2014-04-11 19:40:18 +02:00
cmds-qgroup.c btrfs-progs: qgroup destroy says create failed 2014-01-31 08:22:12 -08:00
cmds-quota.c Btrfs-progs: fix magic return value in cmds-quota.c 2013-10-16 08:20:41 -04:00
cmds-receive.c Btrfs-progs: receive, allow to continue after errors happen 2014-08-22 14:39:32 +02:00
cmds-replace.c btrfs-progs: canonicalize pathnames for device commands 2014-08-22 14:39:34 +02:00
cmds-rescue.c btrfs-progs: use check_argc_exact to check arg number of btrfs-rescue 2014-08-22 14:39:31 +02:00
cmds-restore.c Btrfs-progs: update btrfs_file_extent_inline_len to match kernel version 2014-04-11 19:47:29 +02:00
cmds-scrub.c btrfs-progs: Improve the errno string about open_path_or_dev_mnt() 2014-08-22 14:39:30 +02:00
cmds-send.c btrfs-progs: Remove unneeded assert in find_good_parent(). 2014-08-22 14:39:31 +02:00
cmds-subvolume.c Btrfs-progs: switch to arg_strtou64() part3 2014-03-21 06:23:20 -07:00
commands.h btrfs-progs: move find_mount_root to utils.[ch] 2014-03-21 06:23:12 -07:00
COPYING
crc32c.c btrfs-progs: make many private symbols static 2013-09-03 19:41:08 +02:00
crc32c.h
ctree.c Btrfs-progs: deal with invalid key orderings and bad orphan items V2 2014-01-31 08:22:15 -08:00
ctree.h btrfs-progs: add quota group verify code 2014-08-22 14:39:33 +02:00
dir-item.c btrfs-progs: drop unused parameter from btrfs_item_nr 2013-10-16 08:23:10 -04:00
dir-test.c Btrfs-progs: fix magic return value in dir-test.c 2013-10-16 08:20:42 -04:00
disk-io.c Btrfs-progs: fsck: fix wrong check for btrfs_read_fs_root() 2014-08-22 14:39:33 +02:00
disk-io.h btrfs-progs: btrfsck operations should be exclusive 2014-01-31 08:22:26 -08:00
extent_io.c Btrfs-progs: fix the mismatch of extent buffer's space 2014-01-31 08:22:06 -08:00
extent_io.h Btrfs-progs: keep track of transid failures and fix them if possible 2013-10-16 08:23:12 -04:00
extent-cache.c Btrfs-progs: extend the extent cache for the device extent 2013-07-03 14:06:54 -04:00
extent-cache.h Btrfs-progs: extend the extent cache for the device extent 2013-07-03 14:06:54 -04:00
extent-tree.c Btrfs-progs: fsck: handle case that we can not lookup extent info 2014-03-21 06:23:39 -07:00
file-item.c Btrfs-progs: deal with invalid key orderings and bad orphan items V2 2014-01-31 08:22:15 -08:00
free-space-cache.c btrfs-progs: cleanup nonsense ret value assignment 2014-03-21 06:23:16 -07:00
free-space-cache.h Btrfs-progs: add a free space cache checker to fsck V2 2013-04-23 18:56:21 +02:00
fsck.btrfs btrfs-progs: add fsck.btrfs stub and manpage 2014-01-31 08:22:13 -08:00
hash.h
hasher.c
help.c Btrfs-progs: return 1 rather than 129 in usage() 2013-10-16 08:20:03 -04:00
inode-item.c btrfs-progs: mark static & remove unused from shared kernel code 2013-09-03 19:40:53 +02:00
inode-map.c btrfs-progs: mark static & remove unused from shared kernel code 2013-09-03 19:40:53 +02:00
INSTALL btrfs-progs: Add information about libblkid requirement to INSTALL file 2014-08-22 14:39:31 +02:00
ioctl-test.c btrfs-progs: mark static & remove unused from non-kernel code 2013-09-03 19:40:54 +02:00
ioctl.h btrfs-progs: correct prompt of minimal num of devs for raid56 2014-04-11 19:47:30 +02:00
kerncompat.h btrfs-progs: import ulist 2014-08-22 14:39:33 +02:00
list_sort.c btrfs-progs: add list_sort and use it to sort devices by id 2013-10-16 08:22:26 -04:00
list_sort.h btrfs-progs: add list_sort and use it to sort devices by id 2013-10-16 08:22:26 -04:00
list.h Btrfs-progs: introduce list_{first, next}_entry/list_splice_tail{_init} 2013-07-03 14:06:55 -04:00
Makefile btrfs-progs: add quota group verify code 2014-08-22 14:39:33 +02:00
math.h btrfs-progs: Copyright string update 2014-03-21 06:23:24 -07:00
mkfs.c btrfs-progs: mkfs: allow UUID specification at mkfs time 2014-08-22 14:39:32 +02:00
print-tree.c btrfs-progs: add quota group verify code 2014-08-22 14:39:33 +02:00
print-tree.h btrfs-progs: add quota group verify code 2014-08-22 14:39:33 +02:00
props.c Btrfs-progs: set string end sing '\0' for property 2014-05-02 17:05:37 +02:00
props.h Btrfs-progs: introduce btrfs property subgroup 2014-01-31 08:22:31 -08:00
qgroup-verify.c btrfs-progs: add quota group verify code 2014-08-22 14:39:33 +02:00
qgroup-verify.h btrfs-progs: add quota group verify code 2014-08-22 14:39:33 +02:00
qgroup.c btrfs-progs: print qgroup excl as unsigned 2014-08-22 14:39:32 +02:00
qgroup.h Btrfs-progs: enhance btrfs qgroup show to sort qgroups 2013-10-16 08:23:12 -04:00
quick-test.c Btrfs-progs: rework open_ctree to take flags, add a new one V2 2013-11-07 16:10:40 -05:00
radix-tree.c btrfs-progs: Fix undefined behavior in radix-tree.c. 2014-08-22 14:39:34 +02:00
radix-tree.h
raid6.c btrfs-progs: give raid6.c its exported prototypes 2013-09-03 19:41:11 +02:00
random-test.c Btrfs-progs: fix magic return value in random-test.c 2013-10-16 08:20:42 -04:00
rbtree.c Btrfs-progs: introduce common insert/search/delete functions for rb-tree 2013-07-03 14:06:54 -04:00
rbtree.h Btrfs-progs: introduce common insert/search/delete functions for rb-tree 2013-07-03 14:06:54 -04:00
repair.c Btrfs-progs: introduce common insert/search/delete functions for rb-tree 2013-07-03 14:06:54 -04:00
repair.h
root-tree.c Btrfs-progs: free path if we don't find root item 2014-03-21 06:23:32 -07:00
send-stream.c Btrfs-progs: receive, allow to continue after errors happen 2014-08-22 14:39:32 +02:00
send-stream.h Btrfs-progs: receive, allow to continue after errors happen 2014-08-22 14:39:32 +02:00
send-test.c Btrfs-progs: remove unsed pthread attribute objects 2014-04-22 14:33:35 +02:00
send-utils.c btrfs-progs: Init root_item to avoid gcc 4.8.2 warning 2014-03-21 06:23:29 -07:00
send-utils.h btrfs-progs: enclose uuid tree compat code with ifdefs 2014-03-21 06:23:07 -07:00
send.h
show-blocks
super-recover.c btrfs-progs: Copyright string update 2014-03-21 06:23:24 -07:00
transaction.h
ulist.c btrfs-progs: import ulist 2014-08-22 14:39:33 +02:00
ulist.h btrfs-progs: import ulist 2014-08-22 14:39:33 +02:00
utils-lib.c btrfs-progs: move arg_strtou64 to a separate file for library 2014-05-02 17:04:28 +02:00
utils.c btrfs-progs: canonicalize pathnames for device commands 2014-08-22 14:39:34 +02:00
utils.h btrfs-progs: canonicalize pathnames for device commands 2014-08-22 14:39:34 +02:00
uuid-tree.c btrfs-progs: fix in-place byte swapping 2013-09-03 19:41:06 +02:00
version.sh v3.14.2 2014-05-29 20:56:59 -04:00
volumes.c btrfs-progs: Fix a use-after-free in the volumes code. 2014-08-22 14:39:34 +02:00
volumes.h btrfs-progs: Fix a use-after-free in the volumes code. 2014-08-22 14:39:34 +02:00