From: Ted Ts'o <tytso@mit.edu>
To: "Darrick J. Wong" <djwong@us.ibm.com>
Cc: Andreas Dilger <adilger.kernel@dilger.ca>,
Sunil Mushran <sunil.mushran@oracle.com>,
Amir Goldstein <amir73il@gmail.com>,
Andi Kleen <andi@firstfloor.org>, Mingming Cao <cmm@us.ibm.com>,
Joel Becker <jlbec@evilplan.org>,
linux-ext4@vger.kernel.org, Coly Li <colyli@gmail.com>
Subject: Re: [PATCH 01/54] libext2fs: Read and write full size inodes
Date: Fri, 9 Mar 2012 18:36:31 -0500 [thread overview]
Message-ID: <20120309233631.GE5635@thunk.org> (raw)
In-Reply-To: <20120306235727.11945.11066.stgit@elm3b70.beaverton.ibm.com>
On Tue, Mar 06, 2012 at 03:57:27PM -0800, Darrick J. Wong wrote:
> Change libext2fs to read and write full-size inodes in preparation for the
> metadata checksumming patchset, which will require this. Due to ABI
> compatibility requirements, this change must be hidden from client programs.
>
> Signed-off-by: Darrick J. Wong <djwong@us.ibm.com>
After applying this first patch, the e2fsprogs regression test suite
blew up spectacularly caused by the malloc-managed free lists pointers
getting corrupted:
*** glibc detected *** /usr/projects/e2fsprogs/e2fsprogs/build/debugfs/debugfs: free(): invalid next size (fast): 0x000000000063f9d0 ***
======= Backtrace: =========
/lib/libc.so.6(+0x77806)[0x7ffff6e4a806]
/lib/libc.so.6(cfree+0x73)[0x7ffff6e510d3]
/usr/projects/e2fsprogs/e2fsprogs/build/lib/libext2fs.so.2(ext2fs_free_mem+0x30)[0x7ffff7bb562f]
Interestingly, valgrind was *not* useful in finding the problem;
apparently it was getting confused by the ext2fs_get_mem()
abstraction, which is unfortunate. I'll have to look into that at
some point.
Anyway, the problem was in ext2fs_write_inode_full(), and it could be
replicated by simply writing to an inode, i.e.
mke2fs -F -O resize_inode -o Linux -b 1024 /tmp/image 16384
debugfs -w -R "set_inode_field <7> mtime now" /tmp/image
is enough to trigger it. The problem is with a 128 byte ext2 file
system, ext2fs_write_inode_full() is passed a large inode and so
bufsize is 156, but EXT2_INODE_SIZE(fs->super) is 128. So at
lib/ext2fs/inode.c:698:
memcpy(w_inode, inode, bufsize);
you end up writing 156 bytes into a memory buffer that was allocated
to a size of 128 bytes. Hilarity ensues.
The fix is relatively simple:
memcpy(w_inode, inode, (bufsize > length) ? length : bufsize);
Anyway, this is *why* running the regression tests are important.
(And why projects which don't have regression test suites are just
asking for trouble.)
They catch all sorts of interesting oversights like this....
- Ted
next prev parent reply other threads:[~2012-03-09 23:36 UTC|newest]
Thread overview: 75+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-06 23:57 [PATCH v3 00/54] e2fsprogs: Add metadata checksumming Darrick J. Wong
2012-03-06 23:57 ` [PATCH 01/54] libext2fs: Read and write full size inodes Darrick J. Wong
2012-03-09 23:36 ` Ted Ts'o [this message]
2012-03-12 22:23 ` Darrick J. Wong
2012-03-12 22:53 ` Ted Ts'o
2012-03-06 23:57 ` [PATCH 02/54] libext2fs: Change ext4 on-disk layout to support metadata checksumming Darrick J. Wong
2012-03-09 22:04 ` Ted Ts'o
2012-03-12 22:24 ` Darrick J. Wong
2012-03-06 23:57 ` [PATCH 03/54] debugfs: Optionally ignore bad checksums Darrick J. Wong
2012-03-06 23:57 ` [PATCH 04/54] libext2fs: Precompute FS UUID checksum seed Darrick J. Wong
2012-03-06 23:57 ` [PATCH 05/54] libext2fs: Add inode checksum support Darrick J. Wong
2012-03-06 23:57 ` [PATCH 06/54] debugfs: Dump inode checksum when appropriate Darrick J. Wong
2012-03-06 23:58 ` [PATCH 07/54] tune2fs: Add inode checksum support Darrick J. Wong
2012-03-06 23:58 ` [PATCH 08/54] e2fsck: Verify and correct inode checksums Darrick J. Wong
2012-03-10 5:09 ` Ted Ts'o
2012-03-12 22:49 ` Darrick J. Wong
2012-03-06 23:58 ` [PATCH 09/54] mke2fs: Allow metadata checksums to be turned on at mkfs time Darrick J. Wong
2012-03-06 23:58 ` [PATCH 10/54] libext2fs: Create the inode bitmap checksum Darrick J. Wong
2012-03-06 23:58 ` [PATCH 11/54] tune2fs: Rewrite inode bitmap checksums Darrick J. Wong
2012-03-06 23:58 ` [PATCH 12/54] dumpe2fs: Display inode bitmap checksum Darrick J. Wong
2012-03-06 23:58 ` [PATCH 13/54] e2fsck: Verify " Darrick J. Wong
2012-03-10 5:46 ` Ted Ts'o
2012-03-11 2:11 ` Ted Ts'o
2012-03-12 21:25 ` Darrick J. Wong
2012-03-12 22:30 ` Darrick J. Wong
2012-03-13 0:32 ` [PATCH v3.1 " Darrick J. Wong
2012-03-06 23:58 ` [PATCH 14/54] libext2fs: Create the block " Darrick J. Wong
2012-03-06 23:58 ` [PATCH 15/54] dumpe2fs: Display " Darrick J. Wong
2012-03-06 23:59 ` [PATCH 16/54] e2fsck: Verify " Darrick J. Wong
2012-03-13 0:33 ` [PATCH v3.1 " Darrick J. Wong
2012-03-06 23:59 ` [PATCH 17/54] e2fsck: Don't verify bitmap checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 18/54] tune2fs: Rewrite block " Darrick J. Wong
2012-03-06 23:59 ` [PATCH 19/54] libext2fs: Verify and calculate extent tree block checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 20/54] tune2fs: Enable extent tree checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 21/54] e2fsck: Verify extent tree blocks and clear the bad ones Darrick J. Wong
2012-03-06 23:59 ` [PATCH 22/54] debugfs: Print htree internal node checksums Darrick J. Wong
2012-03-06 23:59 ` [PATCH 23/54] libext2fs: Add dx_root/dx_node checksum calculation and verification helpers Darrick J. Wong
2012-03-06 23:59 ` [PATCH 24/54] e2fsck: Verify htree root/node checksums Darrick J. Wong
2012-03-13 0:35 ` [PATCH v3.1 " Darrick J. Wong
2012-03-07 0:00 ` [PATCH 25/54] libext2fs: Introduce dir_entry_tail to provide checksums for directory leaf nodes Darrick J. Wong
2012-03-07 0:00 ` [PATCH 26/54] e2fsck: Check directory leaf block checksums Darrick J. Wong
2012-03-07 0:00 ` [PATCH 27/54] tune2fs: Rebuild and checksum directories when toggling metadata_csum or changing UUID Darrick J. Wong
2012-03-07 0:00 ` [PATCH 28/54] libext2fs: Verify and calculate extended attribute block checksums Darrick J. Wong
2012-03-07 0:00 ` [PATCH 29/54] e2fsck: Check " Darrick J. Wong
2012-03-10 5:22 ` Ted Ts'o
2012-03-12 22:43 ` Darrick J. Wong
2012-03-07 0:00 ` [PATCH 30/54] tune2fs: Rewrite " Darrick J. Wong
2012-03-07 0:00 ` [PATCH 31/54] libext2fs: Calculate and verify superblock checksums Darrick J. Wong
2012-03-07 0:00 ` [PATCH 32/54] e2fsck: Handle superblock checksum errors gracefully Darrick J. Wong
2012-03-07 0:01 ` [PATCH 33/54] libext2fs: Record the checksum algorithm in use in the superblock Darrick J. Wong
2012-03-07 0:01 ` [PATCH 34/54] tune2fs: Store checksum algorithm type in superblock Darrick J. Wong
2012-03-07 0:01 ` [PATCH 35/54] mke2fs: Record the checksum algorithm in use in the superblock Darrick J. Wong
2012-03-07 0:01 ` [PATCH 36/54] libext2fs: Block group checksum should use metadata_csum algorithm Darrick J. Wong
2012-03-07 0:01 ` [PATCH 37/54] e2fsck: Ensure block group checksum uses " Darrick J. Wong
2012-03-13 0:38 ` [PATCH v3.1 " Darrick J. Wong
2012-03-07 0:01 ` [PATCH 38/54] tune2fs: Rewrite block group checksums when changing checksumming feature flags Darrick J. Wong
2012-03-07 0:02 ` [PATCH 39/54] mke2fs: Write new group descriptors with the appropriate checksum Darrick J. Wong
2012-03-07 0:02 ` [PATCH 40/54] mke2fs: Warn if not enabling all the features that metadata_csum wants Darrick J. Wong
2012-03-07 0:02 ` [PATCH 41/54] libext2fs: Add checksum to MMP block Darrick J. Wong
2012-03-07 0:02 ` [PATCH 42/54] e2fsck: Verify and correct MMP checksum problems Darrick J. Wong
2012-03-07 0:02 ` [PATCH 43/54] tune2fs: Force MMP update when changing metadata_csum flag Darrick J. Wong
2012-03-07 0:02 ` [PATCH 44/54] libext2fs: Change on-disk journal layout to support metadata checksumming Darrick J. Wong
2012-03-07 0:02 ` [PATCH 45/54] libext2fs: Dump feature flags for jbd2 v2 checksums Darrick J. Wong
2012-03-07 0:02 ` [PATCH 46/54] e2fsck: Check journal superblock checksum prior to recovery Darrick J. Wong
2012-03-07 0:02 ` [PATCH 47/54] e2fsck: Check revoke block checksum during recovery Darrick J. Wong
2012-03-07 0:03 ` [PATCH 48/54] e2fsck: Check descriptor block checksum when recovering journal Darrick J. Wong
2012-03-07 0:03 ` [PATCH 49/54] e2fsck: Check commit block checksum during recovery Darrick J. Wong
2012-03-07 0:03 ` [PATCH 50/54] e2fsck: Verify data block checksums when recovering journal Darrick J. Wong
2012-03-07 0:03 ` [PATCH 51/54] libext2fs: Enable support for the metadata checksumming feature Darrick J. Wong
2012-03-07 0:03 ` [PATCH 52/54] libext2fs: Bring the CRC32c implementation up to date with the kernel implementation Darrick J. Wong
2012-03-07 0:03 ` [PATCH 53/54] e2fsck: Refactor crc32_be code Darrick J. Wong
2012-03-07 0:03 ` [PATCH 54/54] mke2fs: Enable metadata_csum on ext4dev filesystems Darrick J. Wong
2012-03-09 22:37 ` [PATCH v3 00/54] e2fsprogs: Add metadata checksumming Ted Ts'o
2012-03-13 0:41 ` Darrick J. Wong
2012-03-13 4:04 ` Andreas Dilger
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120309233631.GE5635@thunk.org \
--to=tytso@mit.edu \
--cc=adilger.kernel@dilger.ca \
--cc=amir73il@gmail.com \
--cc=andi@firstfloor.org \
--cc=cmm@us.ibm.com \
--cc=colyli@gmail.com \
--cc=djwong@us.ibm.com \
--cc=jlbec@evilplan.org \
--cc=linux-ext4@vger.kernel.org \
--cc=sunil.mushran@oracle.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).