From 7e8e3cce00f38ee1533df0e7bda6bcb584b03e96 Mon Sep 17 00:00:00 2001
From: Eric Sandeen <sandeen@sandeen.net>
Date: Sat, 2 Mar 2013 21:23:12 +0000
Subject: [PATCH] xfsprogs: xfs_repair skip freelist scan of corrupt agf in
 no-modify mode

In xfs_repair's no-modify mode (-n), verify_set_agf doesn't fix up
bad freelist blocks that it finds.  When we get to scan_freelist,
this can wreak havoc if, for example, first > last and the loop
never exits; we index agfl->agfl_bno[i] off into the weeds.

To fix this, re-check the values in no-modify mode, and if
they're off, warn about it and skip the scan.

Reported-by: Ole Tange <tange@binf.ku.dk>
Signed-off-by: Eric Sandeen <sandeen@redhat.com>
Reviewed-by: Rich Johnston <rjohnston@sgi.com>
Signed-off-by: Rich Johnston <rjohnston@sgi.com>
---
 repair/scan.c | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/repair/scan.c b/repair/scan.c
index 5345094e7..1d39bdc7d 100644
--- a/repair/scan.c
+++ b/repair/scan.c
@@ -1066,6 +1066,18 @@ scan_freelist(
 		return;
 	}
 	agfl = XFS_BUF_TO_AGFL(agflbuf);
+
+	if (no_modify) {
+		/* agf values not fixed in verify_set_agf, so recheck */
+		if (be32_to_cpu(agf->agf_flfirst) >= XFS_AGFL_SIZE(mp) ||
+		    be32_to_cpu(agf->agf_fllast) >= XFS_AGFL_SIZE(mp)) {
+			do_warn(_("agf %d freelist blocks bad, skipping "
+				  "freelist scan\n"), i);
+			return;
+		}
+	} else /* should have been fixed in verify_set_agf() */
+		ASSERT(0);
+
 	i = be32_to_cpu(agf->agf_flfirst);
 	count = 0;
 	for (;;) {
-- 
2.47.2