Hi Chao,
On Tue, Apr 07, 2020 at 06:01:07PM +0800, Chao Yu wrote:
> Otherwise, fsck.f2fs will access invalid memory address as below:
>
> - fsck_verify
> - dump_node
> - dump_file
> - dump_inode_blk
> - dump_xattr
> - read_all_xattrs
> - get_node_info
> access &(F2FS_FSCK(sbi)->entries[nid])
>
> Signed-off-by: Chao Yu <[email protected]>
> ---
> fsck/dump.c | 2 ++
> fsck/fsck.c | 8 ++++++++
> fsck/fsck.h | 3 +++
> fsck/mount.c | 8 +++++---
> fsck/xattr.c | 20 ++++++++++++++++++--
> 5 files changed, 36 insertions(+), 5 deletions(-)
>
This commit caused a regression where 'dump.f2fs -i <inode> <device>'
now segfaults if the inode has any extended attributes.
It's because read_all_xattrs() now calls fsck_sanity_check_nid(), which
eventually dereferences f2fs_fsck::main_area_bitmap, which is NULL.
I'm not sure what was intended here.
Here's the output from gdb:
(gdb) r -i 4 ~/fstests//kvm-xfstests/disks/vdc
Starting program: /usr/bin/dump.f2fs -i 4 ~/fstests//kvm-xfstests/disks/vdc
Info: Segments per section = 1
Info: Sections per zone = 1
Info: sector size = 512
Info: total sectors = 10485760 (5120 MB)
Info: MKFS version
"Linux version 4.9.241-00003-g631a4cd718af2 (e@sol) (gcc version 10.2.0 (GCC)
) #70 SMP Sat Oct 31 16:22:38 PDT 2020"
Info: FSCK version
from "Linux version 4.9.241-00003-g631a4cd718af2 (e@sol) (gcc version 10.2.0
(GCC) ) #70 SMP Sat Oct 31 16:22:38 PDT 2020"
to "Linux version 5.10.0-rc1-00346-gebe40414a48c (e@sol) (gcc (GCC) 10.2.0,
GNU ld (GNU Binutils) 2.35.1) #1 SMP PREEMPT Fri Oct 30 20:03:27 PDT 2020"
Info: superblock features = 0 :
Info: superblock encrypt level = 0, salt = 00000000000000000000000000000000
Info: total FS sectors = 10485760 (5120 MB)
Info: CKPT version = 6e5d0386
[print_node_info: 353] Node ID [0x4:4] is inode
i_mode [0x 81a4 : 33188]
i_advise [0x 0 : 0]
i_uid [0x 0 : 0]
i_gid [0x 0 : 0]
i_links [0x 1 : 1]
i_size [0x 0 : 0]
i_blocks [0x 2 : 2]
i_atime [0x5f9df65f : 1604187743]
i_atime_nsec [0x2e869e08 : 780574216]
i_ctime [0x5f9df65f : 1604187743]
i_ctime_nsec [0x2e869e08 : 780574216]
i_mtime [0x5f9df65f : 1604187743]
i_mtime_nsec [0x2e869e08 : 780574216]
i_generation [0xf41ca108 : 4095516936]
i_current_depth [0x 1 : 1]
i_xattr_nid [0x 5 : 5]
i_flags [0x 0 : 0]
i_inline [0x 2 : 2]
i_pino [0x 3 : 3]
i_dir_level [0x 0 : 0]
i_namelen [0x 4 : 4]
i_name [file]
i_ext: fofs:0 blkaddr:0 len:0
i_nid[0] [0x 0 : 0]
i_nid[1] [0x 0 : 0]
i_nid[2] [0x 0 : 0]
i_nid[3] [0x 0 : 0]
i_nid[4] [0x 0 : 0]
Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7f750fa in f2fs_test_bit (nr=1024, p=0x0) at libf2fs.c:304
304 return (mask & *addr) != 0;
(gdb) bt
#0 0x00007ffff7f750fa in f2fs_test_bit (nr=1024, p=0x0) at libf2fs.c:304
#1 0x000055555555a953 in f2fs_test_main_bitmap (sbi=0x555555593d80 <gfsck>,
blk=12288) at fsck.c:44
#2 0x000055555555bd9f in sanity_check_nid (sbi=0x555555593d80 <gfsck>, nid=5,
node_blk=0x5555555bb3a0, ftype=F2FS_FT_XATTR,
ntype=TYPE_XATTR, ni=0x7fffffffdd20) at fsck.c:449
#3 0x000055555555c013 in fsck_sanity_check_nid (sbi=0x555555593d80 <gfsck>,
nid=5, node_blk=0x5555555bb3a0, ftype=F2FS_FT_XATTR,
ntype=TYPE_XATTR, ni=0x7fffffffdd20) at fsck.c:495
#4 0x000055555557d4d6 in read_all_xattrs (sbi=0x555555593d80 <gfsck>,
inode=0x5555555ba390) at xattr.c:35
#5 0x00005555555698ea in print_inode_info (sbi=0x555555593d80 <gfsck>,
node=0x5555555ba390, name=0) at mount.c:335
#6 0x0000555555569a09 in print_node_info (sbi=0x555555593d80 <gfsck>,
node_block=0x5555555ba390, verbose=0) at mount.c:354
#7 0x0000555555566b55 in dump_node (sbi=0x555555593d80 <gfsck>, nid=4,
force=0) at dump.c:507
#8 0x0000555555559850 in do_dump (sbi=0x555555593d80 <gfsck>) at main.c:729
#9 0x0000555555559ee1 in main (argc=4, argv=0x7fffffffe238) at main.c:892
(gdb)
_______________________________________________
Linux-f2fs-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
