From: Eric Sandeen <sandeen@sandeen.net>
To: Dave Chinner <david@fromorbit.com>
Cc: Mark Tinguely <tinguely@sgi.com>, "xfs@oss.sgi.com" <xfs@oss.sgi.com>
Subject: Re: [PATCH] xfs_repair: test for bad level in dir2 node
Date: Tue, 10 Sep 2013 10:46:17 -0500 [thread overview]
Message-ID: <522F3EC9.2040807@sandeen.net> (raw)
In-Reply-To: <20130910004539.GY12779@dastard>
On 9/9/13 7:45 PM, Dave Chinner wrote:
> On Wed, Sep 04, 2013 at 10:19:50AM -0500, Eric Sandeen wrote:
>> In traverse_int_dir2block(), the variable 'i' is the level in
>> the tree, with 0 being a leaf node. In the "do" loop we
>> start at the root, and work our way down to a leaf.
>>
>> If the first node we read is an interior node with NODE_MAGIC,
>> but it tells us that its level is 0 (a leaf), this is clearly
>> an inconsistency.
>>
>> Worse, we'd return with success, bno set, and only level[0]
>> in the cursor initialized. Then down this path we'll
>> segfault when accessing an uninitialized (and zeroed) member
>> of the cursor's level array:
>>
>> process_node_dir2
>> traverse_int_dir2block // returns 0 w/ bno set, only level[0] init'd
>> process_leaf_level_dir2
>> verify_dir2_path(mp, da_cursor, 0) // p_level == 0
>> this_level = p_level + 1;
>> node = cursor->level[this_level].bp->b_addr; // level[1] uninit & 0'd
>>
>> Fix this by recognizing that an interior node w/ level 0 is invalid, and
>> error out as for other inconsistencies.
>>
>> Signed-off-by: Eric Sandeen <sandeen@redhat.com>
>> ---
>>
>> My only testcase for this is Jan Yves Brueckner's badly corrupted
>> filesystem image. With this change, we get i.e. :
>>
>> +bad level in interior inode for directory inode 39869938
>> +corrupt block 6 in directory inode 39869957
>> + will junk block
>>
>> diff --git a/repair/dir2.c b/repair/dir2.c
>> index 05bd4b7..20c6e1a 100644
>> --- a/repair/dir2.c
>> +++ b/repair/dir2.c
>> @@ -220,6 +220,16 @@ _("bad record count in inode %" PRIu64 ", count = %d, max = %d\n"),
>> */
>> if (i == -1) {
>> i = da_cursor->active = nodehdr.level;
>> + if (i == 0 &&
>> + (nodehdr.magic == XFS_DA_NODE_MAGIC ||
>> + nodehdr.magic == XFS_DA3_NODE_MAGIC)) {
>> + do_warn(
>> +_("bad level 0 in interior inode for directory inode %" PRIu64 "\n"),
>> + da_cursor->ino);
>> + libxfs_putbuf(bp);
>> + i = -1;
>> + goto error_out;
>> + }
>> if (i >= XFS_DA_NODE_MAXDEPTH) {
>> do_warn(
>> _("bad header depth for directory inode %" PRIu64 "\n"),
>
> Looks sane, though wouldn't it be better to check for the correct
> header magic number (i.e LEAF1/LEAFN) here? i.e. if we are at level
> zero and we don't have a leaf, then there's something wrong. This
> will only catch the case of a node replacing a leaf, not a free
> space block or data block being at the wrong place...
Hm, well, above my new test we have (slightly snipped down):
if (nodehdr.magic == XFS_DIR2_LEAFN_MAGIC ||
nodehdr.magic == XFS_DIR3_LEAFN_MAGIC) {
...
*rbno = 0;
libxfs_putbuf(bp);
return(1);
} else if (!(nodehdr.magic == XFS_DA_NODE_MAGIC ||
nodehdr.magic == XFS_DA3_NODE_MAGIC)) {
...
_("bad dir magic number 0x%x in inode %" PRIu64 " bno = %u\n"),
goto error_out;
}
so by this point, we actually MUST be either XFS_DA_NODE_MAGIC or XFS_DA3_NODE_MAGIC
and then I added:
if (i == -1) {
i = da_cursor->active = nodehdr.level;
if (i == 0 &&
(nodehdr.magic == XFS_DA_NODE_MAGIC ||
nodehdr.magic == XFS_DA3_NODE_MAGIC)) {
do_warn(
_("bad level 0 in interior inode for directory inode %" PRIu64 "\n"),
da_cursor->ino);
libxfs_putbuf(bp);
i = -1;
goto error_out;
}
So if anything, I should probably just drop the magic test, because it's already ensured.
(along with a comment ...)
-Eric
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2013-09-10 15:46 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-09-04 15:19 [PATCH] xfs_repair: test for bad level in dir2 node Eric Sandeen
2013-09-10 0:45 ` Dave Chinner
2013-09-10 15:46 ` Eric Sandeen [this message]
2013-09-10 15:51 ` [PATCH V2] " Eric Sandeen
2013-09-10 16:43 ` Mark Tinguely
2013-09-10 17:24 ` Eric Sandeen
2013-09-10 18:03 ` Mark Tinguely
2013-09-11 2:27 ` Eric Sandeen
2013-09-12 20:56 ` [PATCH V3] " Eric Sandeen
2013-09-12 21:17 ` Mark Tinguely
2013-09-18 18:48 ` Mark Tinguely
2013-10-18 17:51 ` Rich Johnston
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=522F3EC9.2040807@sandeen.net \
--to=sandeen@sandeen.net \
--cc=david@fromorbit.com \
--cc=tinguely@sgi.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.