[Trusty][SRU][PATCH 0/1] btrfs: fix defrag 32-bit integer overflow
Joseph Salisbury
joseph.salisbury at canonical.com
Wed Jun 18 16:20:01 UTC 2014
BugLink: http://bugs.launchpad.net/bugs/1324953
== Trusty SRU Justification ==
A kernel crash happens when defragmenting large files on Trusty using btrfs. When defragging a very large file, the cluster variable can wrap its 32-bit signed int type and become negative, which eventually gets passed to btrfs_force_ra() as a very large unsigned long value. On 32-bit platforms, this eventually results in an Oops from the SLAB allocator. This issue is fixed in mainline as of 3.14-rc2. However, the fix was not cc'd to stable.
== Fix ==
commit c41570c9d29764f797fa35490d72b7395a0105c3
Author: Justin Maggard <jmaggard10 at gmail.com>
Date: Tue Jan 21 11:18:29 2014 -0800
btrfs: fix defrag 32-bit integer overflow
== Test Case ==
A test kernel was built with this patch and tested by the original bug reporter. The bug reporter states the test kernel resolved the bug.
Justin Maggard (1):
btrfs: fix defrag 32-bit integer overflow
fs/btrfs/ioctl.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
--
2.0.0
More information about the kernel-team
mailing list