From: Ted Ts'o <tytso@mit.edu>
To: "Darrick J. Wong" <djwong@us.ibm.com>
Cc: Andreas Dilger <adilger.kernel@dilger.ca>,
Sunil Mushran <sunil.mushran@oracle.com>,
Amir Goldstein <amir73il@gmail.com>,
Andi Kleen <andi@firstfloor.org>, Mingming Cao <cmm@us.ibm.com>,
Joel Becker <jlbec@evilplan.org>,
linux-ext4@vger.kernel.org, Coly Li <colyli@gmail.com>
Subject: Re: [PATCH 01/54] libext2fs: Read and write full size inodes
Date: Fri, 9 Mar 2012 18:36:31 -0500 [thread overview]
Message-ID: <20120309233631.GE5635@thunk.org> (raw)
In-Reply-To: <20120306235727.11945.11066.stgit@elm3b70.beaverton.ibm.com>
On Tue, Mar 06, 2012 at 03:57:27PM -0800, Darrick J. Wong wrote:
> Change libext2fs to read and write full-size inodes in preparation for the
> metadata checksumming patchset, which will require this. Due to ABI
> compatibility requirements, this change must be hidden from client programs.
>
> Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
After applying this first patch, the e2fsprogs regression test suite
blew up spectacularly caused by the malloc-managed free lists pointers
getting corrupted:
*** glibc detected *** /usr/projects/e2fsprogs/e2fsprogs/build/debugfs/debugfs: free(): invalid next size (fast): 0x000000000063f9d0 ***
======= Backtrace: =========
/lib/libc.so.6(+0x77806)[0x7ffff6e4a806]
/lib/libc.so.6(cfree+0x73)[0x7ffff6e510d3]
/usr/projects/e2fsprogs/e2fsprogs/build/lib/libext2fs.so.2(ext2fs_free_mem+0x30)[0x7ffff7bb562f]
Interestingly, valgrind was *not* useful in finding the problem;
apparently it was getting confused by the ext2fs_get_mem()
abstraction, which is unfortunate. I'll have to look into that at
some point.
Anyway, the problem was in ext2fs_write_inode_full(), and it could be
replicated by simply writing to an inode, i.e.
mke2fs -F -O resize_inode -o Linux -b 1024 /tmp/image 16384
debugfs -w -R "set_inode_field <7> mtime now" /tmp/image
is enough to trigger it. The problem is with a 128 byte ext2 file
system, ext2fs_write_inode_full() is passed a large inode and so
bufsize is 156, but EXT2_INODE_SIZE(fs->super) is 128. So at
lib/ext2fs/inode.c:698:
memcpy(w_inode, inode, bufsize);
you end up writing 156 bytes into a memory buffer that was allocated
to a size of 128 bytes. Hilarity ensues.
The fix is relatively simple:
memcpy(w_inode, inode, (bufsize > length) ? length : bufsize);
Anyway, this is *why* running the regression tests are important.
(And why projects which don't have regression test suites are just
asking for trouble.)
They catch all sorts of interesting oversights like this....
- Ted
next prev parent reply other threads:[~2012-03-09 23:36 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-06 23:57 [PATCH v3 00/54] e2fsprogs: Add metadata checksumming Darrick J. Wong
2012-03-06 23:57 ` [PATCH 01/54] libext2fs: Read and write full size inodes Darrick J. Wong
2012-03-09 23:36 ` Ted Ts'o [this message]
2012-03-12 22:23 ` Darrick J. Wong
2012-03-12 22:53 ` Ted Ts'o
2012-03-06 23:57 ` [PATCH 02/54] libext2fs: Change ext4 on-disk layout to support metadata checksumming Darrick J. Wong
2012-03-09 22:04 ` Ted Ts'o
2012-03-12 22:24 ` Darrick J. Wong
2012-03-06 23:57 ` [PATCH 03/54] debugfs: Optionally ignore bad checksums Darrick J. Wong
2012-03-06 23:57 ` [PATCH 04/54] libext2fs: Precompute FS UUID checksum seed Darrick J. Wong
2012-03-06 23:57 ` [PATCH 05/54] libext2fs: Add inode checksum support Darrick J. Wong
2012-03-06 23:57 ` [PATCH 06/54] debugfs: Dump inode checksum when appropriate Darrick J. Wong
2012-03-06 23:58 ` [PATCH 07/54] tune2fs: Add inode checksum support Darrick J. Wong
2012-03-06 23:58 ` [PATCH 08/54] e2fsck: Verify and correct inode checksums Darrick J. Wong
2012-03-10 5:09 ` Ted Ts'o
2012-03-12 22:49 ` Darrick J. Wong
2012-03-06 23:58 ` [PATCH 09/54] mke2fs: Allow metadata checksums to be turned on at mkfs time Darrick J. Wong
2012-03-06 23:58 ` [PATCH 10/54] libext2fs: Create the inode bitmap checksum Darrick J. Wong
2012-03-06 23:58 ` [PATCH 11/54] tune2fs: Rewrite inode bitmap checksums Darrick J. Wong
2012-03-06 23:58 ` [PATCH 12/54] dumpe2fs: Display inode bitmap checksum Darrick J. Wong
2012-03-06 23:58 ` [PATCH 13/54] e2fsck: Verify " Darrick J. Wong
2012-03-10 5:46 ` Ted Ts'o
2012-03-11 2:11 ` Ted Ts'o
2012-03-12 21:25 ` Darrick J. Wong
2012-03-12 22:30 ` Darrick J. Wong
2012-03-13 0:32 ` [PATCH v3.1 " Darrick J. Wong
2012-03-06 23:58 ` [PATCH 14/54] libext2fs: Create the block " Darrick J. Wong
2012-03-06 23:58 ` [PATCH 15/54] dumpe2fs: Display " Darrick J. Wong
2012-03-06 23:59 ` [PATCH 16/54] e2fsck: Verify " Darrick J. Wong
2012-03-13 0:33 ` [PATCH v3.1 " Darrick J. Wong
2012-03-06 23:59 ` [PATCH 17/54] e2fsck: Don't verify bitmap checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 18/54] tune2fs: Rewrite block " Darrick J. Wong
2012-03-06 23:59 ` [PATCH 19/54] libext2fs: Verify and calculate extent tree block checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 20/54] tune2fs: Enable extent tree checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 21/54] e2fsck: Verify extent tree blocks and clear the bad ones Darrick J. Wong
2012-03-06 23:59 ` [PATCH 22/54] debugfs: Print htree internal node checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 23/54] libext2fs: Add dx_root/dx_node checksum calculation and verification helpers Darrick J. Wong
2012-03-06 23:59 ` [PATCH 24/54] e2fsck: Verify htree root/node checksums Darrick J. Wong
2012-03-13 0:35 ` [PATCH v3.1 " Darrick J. Wong
2012-03-07 0:00 ` [PATCH 25/54] libext2fs: Introduce dir_entry_tail to provide checksums for directory leaf nodes Darrick J. Wong
2012-03-07 0:00 ` [PATCH 26/54] e2fsck: Check directory leaf block checksums Darrick J. Wong
2012-03-07 0:00 ` [PATCH 27/54] tune2fs: Rebuild and checksum directories when toggling metadata_csum or changing UUID Darrick J. Wong
2012-03-07 0:00 ` [PATCH 28/54] libext2fs: Verify and calculate extended attribute block checksums Darrick J. Wong
2012-03-07 0:00 ` [PATCH 29/54] e2fsck: Check " Darrick J. Wong
2012-03-10 5:22 ` Ted Ts'o
2012-03-12 22:43 ` Darrick J. Wong
2012-03-07 0:00 ` [PATCH 30/54] tune2fs: Rewrite " Darrick J. Wong
2012-03-07 0:00 ` [PATCH 31/54] libext2fs: Calculate and verify superblock checksums Darrick J. Wong
2012-03-07 0:00 ` [PATCH 32/54] e2fsck: Handle superblock checksum errors gracefully Darrick J. Wong
2012-03-07 0:01 ` [PATCH 33/54] libext2fs: Record the checksum algorithm in use in the superblock Darrick J. Wong
2012-03-07 0:01 ` [PATCH 34/54] tune2fs: Store checksum algorithm type in superblock Darrick J. Wong
2012-03-07 0:01 ` [PATCH 35/54] mke2fs: Record the checksum algorithm in use in the superblock Darrick J. Wong
2012-03-07 0:01 ` [PATCH 36/54] libext2fs: Block group checksum should use metadata_csum algorithm Darrick J. Wong
2012-03-07 0:01 ` [PATCH 37/54] e2fsck: Ensure block group checksum uses " Darrick J. Wong
2012-03-13 0:38 ` [PATCH v3.1 " Darrick J. Wong
2012-03-07 0:01 ` [PATCH 38/54] tune2fs: Rewrite block group checksums when changing checksumming feature flags Darrick J. Wong
2012-03-07 0:02 ` [PATCH 39/54] mke2fs: Write new group descriptors with the appropriate checksum Darrick J. Wong
2012-03-07 0:02 ` [PATCH 40/54] mke2fs: Warn if not enabling all the features that metadata_csum wants Darrick J. Wong
2012-03-07 0:02 ` [PATCH 41/54] libext2fs: Add checksum to MMP block Darrick J. Wong
2012-03-07 0:02 ` [PATCH 42/54] e2fsck: Verify and correct MMP checksum problems Darrick J. Wong
2012-03-07 0:02 ` [PATCH 43/54] tune2fs: Force MMP update when changing metadata_csum flag Darrick J. Wong
2012-03-07 0:02 ` [PATCH 44/54] libext2fs: Change on-disk journal layout to support metadata checksumming Darrick J. Wong
2012-03-07 0:02 ` [PATCH 45/54] libext2fs: Dump feature flags for jbd2 v2 checksums Darrick J. Wong
2012-03-07 0:02 ` [PATCH 46/54] e2fsck: Check journal superblock checksum prior to recovery Darrick J. Wong
2012-03-07 0:02 ` [PATCH 47/54] e2fsck: Check revoke block checksum during recovery Darrick J. Wong
2012-03-07 0:03 ` [PATCH 48/54] e2fsck: Check descriptor block checksum when recovering journal Darrick J. Wong
2012-03-07 0:03 ` [PATCH 49/54] e2fsck: Check commit block checksum during recovery Darrick J. Wong
2012-03-07 0:03 ` [PATCH 50/54] e2fsck: Verify data block checksums when recovering journal Darrick J. Wong
2012-03-07 0:03 ` [PATCH 51/54] libext2fs: Enable support for the metadata checksumming feature Darrick J. Wong
2012-03-07 0:03 ` [PATCH 52/54] libext2fs: Bring the CRC32c implementation up to date with the kernel implementation Darrick J. Wong
2012-03-07 0:03 ` [PATCH 53/54] e2fsck: Refactor crc32_be code Darrick J. Wong
2012-03-07 0:03 ` [PATCH 54/54] mke2fs: Enable metadata_csum on ext4dev filesystems Darrick J. Wong
2012-03-09 22:37 ` [PATCH v3 00/54] e2fsprogs: Add metadata checksumming Ted Ts'o
2012-03-13 0:41 ` Darrick J. Wong
2012-03-13 4:04 ` Andreas Dilger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120309233631.GE5635@thunk.org \
--to=tytso@mit.edu \
--cc=adilger.kernel@dilger.ca \
--cc=amir73il@gmail.com \
--cc=andi@firstfloor.org \
--cc=cmm@us.ibm.com \
--cc=colyli@gmail.com \
--cc=djwong@us.ibm.com \
--cc=jlbec@evilplan.org \
--cc=linux-ext4@vger.kernel.org \
--cc=sunil.mushran@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.