| Age | Commit message (Collapse) | Author |
|---|
|
plotJittervsFill copies the -f argument into a 250-byte buffer with
strncpy(..., sizeof(LogFile)). A 250-byte file name leaves the buffer
unterminated, and the subsequent fopen() reads past the end of LogFile.
JitterTest uses the same fixed-size file name pattern for -r, while -c
still silently truncates overlong names and -f already rejects them.
Validate jittertest file name arguments before copying them so these
options all reject overlong input instead of truncating it or reading
past the end of fixed-size buffers.
Add a shell regression test that exercises the accepted and rejected
boundary lengths for plotJittervsFill and JitterTest during make check.
Signed-off-by: Aviv Daum <aviv.daum@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
report of the static analyzer:
Possible integer overflow: right operand is tainted.
An integer overflow may occur due to arithmetic operation (addition)
between variable 'block' and value { [1, 4294967295] } of 'nblocks[i]',
when 'block' is equal to '1'
correct explained:
Added bounds check before incrementing block counter to ensure that
adding nblocks[i] does not exceed totblocks. This prevents potential
integer overflow when user-specified partition sizes are too large,
which could lead to incorrect partition table layout and device corruption.
The validation ensures safe arithmetic by checking block + nblocks[i] <= totblocks
using unsigned comparison.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
calculation
report of the static analyzer:
Possible integer underflow: right operand is tainted.
An integer underflow may occur due to arithmetic
operation (unsigned subtraction) between
variables 'totblocks' and 'block', where 'totblocks'
is in range { [0, 4294967295] }, and 'block' is tainted { [0, 4294967295] }
correct explained:
Added validation check before calculating remaining
space for partition. The issue occurred when setting
the last partition size to 0, which triggers calculation
'totblocks - block'. Without validation, if block >= totblocks,
this would result in integer underflow due to unsigned
arithmetic, potentially creating a partition with enormous
size and leading to device corruption.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
On architectures such as armv7-a, ino_t and loff_t are unsigned long long rather than
unsigned long. In such cases, the printf format specifier "%lu" is not
appropriate and causes an incorrect address offset.
mtd-utils/ubifs-utils/fsck.ubifs/problem.c:224
log_out(c, "problem: %s, ino %lu, unreachable dentry %s, type %s%s",
problem->desc, ifp->file->inum,
c->encrypted && !ifp->file->ino.is_xattr ? "<encrypted>" : dent_node->name,
ubifs_get_type_name(dent_node->type),
key_type(c, &dent_node->key) == UBIFS_XENT_KEY ? "(xattr)" : "");
fsck.ubifs[484] (/dev/ubi0_0,danger mode): problem: Dentry is unreachable, ino 917, unreachable dentry (null), type checksum_typefile
Furthermore, running fsck.ubifs with the --debug=4 option will almost
certainly cause a SEGV at the following point.
mtd-utils/ubifs-utils/fsck.ubifs/check_files.c:103
dbg_fsck("construct file(%lu) for %s node, TNC location %d:%d, in %s",
inum, ubifs_get_key_name(key_type(c, key)), sn->lnum, sn->offs,
c->dev_name);
To ensure functionality regardless of environment, cast ino_t to unsigned
long, since it will never be more than 4 bytes.
For loff_t, use %lld and cast accordingly.
Signed-off-by: Yuta Hayama <hayama@lineo.co.jp>
Signed-off-by: Tomas Alvarez Vanoli <tomas.alvarez-vanoli@hitachienergy.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
sn is a reference to either an ino_node, dent_node, or data_node. When sn
is actually used in calls to dbg_fsck() or insert_or_update_file(), these
variables must not be out of scope.
Signed-off-by: Yuta Hayama <hayama@lineo.co.jp>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The usage example 4 describing reserved eraseblocks had awkward and
slightly incorrect phrasing ("is total flash chip eraseblocks count").
Reword it for clarity and readability without changing the meaning.
Signed-off-by: Mohammad Rahimi <rahimi.mhmmd@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
200809 is needed for pread/pwrite
Signed-off-by: Rosen Penev <rosenp@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Replace 'write' with 'read' in the error message of the read_eraseblock()
function to indicate the correct direction of the operation.
Signed-off-by: Gabor Juhos <j4g8y7@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Although both the 'multi-block erase' and the 'read-while-write latency'
tests are destructive, but those are executed irregardless of whether
destructive mode is enabled or not.
Change the code to skip these tests if the DESTRUCTIVE flag is not set
to avoid unexpected behaviour.
Signed-off-by: Gabor Juhos <j4g8y7@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Otherwise, the test files are missin in the tarball and building fails
with:
make[1]: *** No rule to make target 'tests/ubifs_tools-tests/images/good.gz', needed by 'all-am'. Stop.
unless --without-tests is uses.
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Include <linux/limits.h> to fix the following build error when building
with musl:
| ../git/ubifs-utils/fsck.ubifs/extract_files.c: In function 'parse_ino_node':
| ../git/ubifs-utils/fsck.ubifs/extract_files.c:144:47: error: 'XATTR_LIST_MAX' undeclared (first use in this function)
| 144 | if (ino_node->xnms + ino_node->xcnt > XATTR_LIST_MAX) {
| | ^~~~~~~~~~~~~~
| ../git/ubifs-utils/fsck.ubifs/extract_files.c:144:47: note: each undeclared identifier is reported only once for each function it appears in
| make: *** [Makefile:4374: ubifs-utils/fsck.ubifs/fsck_ubifs-extract_files.o] Error 1
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Include the <sys/stat.h> header file to fix the following error
when building with musl:
| ../git/ubifs-utils/libubifs/journal.c: In function 'ubifs_get_dent_type':
| ../git/ubifs-utils/libubifs/journal.c:414:24: error: 'S_IFMT' undeclared (first use in this function)
| 414 | switch (mode & S_IFMT) {
| | ^~~~~~
| ../git/ubifs-utils/libubifs/journal.c:414:24: note: each undeclared identifier is reported only once for each function it appears in
| ../git/ubifs-utils/libubifs/journal.c:415:14: error: 'S_IFREG' undeclared (first use in this function)
| 415 | case S_IFREG:
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Include the <fcntl.h> header file to fix the following error
when building with musl:
| In file included from ../git/ubifs-utils/common/compr.c:42:
| ../git/ubifs-utils/libubifs/ubifs.h:313:9: error: unknown type name 'loff_t'; did you mean 'off_t'?
| 313 | loff_t ui_size;
| | ^~~~~~
| | off_t
| ../git/ubifs-utils/libubifs/ubifs.h:1341:9: error: unknown type name 'loff_t'; did you mean 'off_t'?
| 1341 | loff_t i_size;
| | ^~~~~~
| | off_t
| ../git/ubifs-utils/libubifs/ubifs.h:1342:9: error: unknown type name 'loff_t'; did you mean 'off_t'?
| 1342 | loff_t d_size;
| | ^~~~~~
| | off_t
| ../git/ubifs-utils/libubifs/ubifs.h:1899:44: error: unknown type name 'loff_t'; did you mean 'off_t'?
| 1899 | int deletion, loff_t new_size);
| | ^~~~~~
| | off_t
| make: *** [Makefile:4878: ubifs-utils/common/mkfs_ubifs-compr.o] Error 1
Signed-off-by: Fabio Estevam <festevam@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Reviewed-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
When using unreleased compiler has version like
15.0.1 and that test fails because __GNUC_MINOR__ < 1
becomes true, therefore check for full version string
which is more rubust.
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
useful in resizing last ubi volume,
some kind of auto-resize ubinize option.
Signed-off-by: Konstantin Menyaev <KAMenyaev@salutedevices.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
Dynamic memory, referenced by 'line', is allocated at devtable.c:356
by calling function 'getline' and lost at devtable.c:388.
(line: while (getline(&line, &len, f) != -1) {)
Correct explained:
Now line is freed in any exit scenario via out_close which eliminates this error.
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.co
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
On musl execinfo.h doesn't exist, but ubifs-utils uses backtrace() when
reporting errors. This results in build failures under musl.
Handily, libmissing.a already exists with a stub implementation of
backtrace().
Guard the execinfo.h include and if it isn't available instead include
libmissing.h, and link to libmissing.a to provide backtrace() if needed.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Update source files from linux kernel 6.13-rc7 aa22f4da2a46.
Following changes since 6.8-rc2 41bccc98fb7931d63:
1) 60f16e912a53a ("ubifs: fix sort function prototype")
2) ec724e534dfdd ("ubifs: fix function pointer cast warnings")
3) 39986148bc2ab ("ubifs: fix kernel-doc warnings")
4) 94f5b1571ec8d ("ubifs: Convert to use ERR_CAST()")
5) 4617fb8fc15ef ("ubifs: authentication: Fix use-after-free in
ubifs_tnc_end_commit")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add descritpions for kernel resource files.
Remove crc32 related descritpions, there is no crc32 related files
imported from the linux kernel.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
The compiler complains following message:
tests/checkfs/comm.c:37:5: warning: no previous prototype for
‘do_pwr_dn’
The function do_pwr_dn() is only used in tests/checkfs/checkfs.c, but
we still keep it in tests/checkfs/comm.c in case the function() is
used by more callers. Fix it by adding a previous declaration.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
warning for 'path'
The compiler compains following message:
jffsX-utils/jffs2reader.c:697:6: warning: potential null pointer
dereference
It won't bring any problems because the 'path' is guaranteed to be a
non-NULL variable. Fix the warning by adding a NULL pointer check.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
warning
The compiler compains following message:
misc-utils/flashcp.c:439:3: warning: ‘wrlast_buf’ may be used
uninitialized in this function
It won't bring any problems because variable '‘wrlast_buf’ is always
initialized before being used. Fix the warning by setting 'wrlast_buf'
as NULL when declaring it.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
'dumpfile'
The const pointer argument cannot be passed into libc function 'free()',
otherwise the compiler will complain following message:
nand-utils/nanddump.c:168:10: warning: passing argument 1 of ‘free’
discards ‘const’ qualifier from pointer target type
Fixes: c89009463888 ("nanddump: don't leak copied command line arguments")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Fix following compiling warning by using the right format:
ubi-utils/mtdinfo.c:207:21: warning: format ‘%lx’ expects argument of
type ‘long unsigned int’, but argument 4 has type ‘long long unsigned
int’
Fixes: 78f4f38bd3de8 ("ubi-utils: Fix integer overflow in mtdinfo.c")
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
Variable vi->alignment, whose possible value set allows a zero value at ubinize.c:375, is used as a denominator at ubinize.c:410.
If you look at the code more closely, it will be clear that the vi->alignment parameter is obtained from an external file passed as a command line argument.
A check was also performed if you pass a test.ini file of the following type to the input:
[jffs2-volume]
mode=ubi
image=../jffs2.img
vol_id=1
vol_size=30MiB
vol_type=dynamic
vol_name=jffs2_volume
vol_flags=autoresize
vol_alignment=0
and execute the command:
./ubinize -o ubi.img -p 16KiB -m 512 -s 256 test.ini
we will get the result:
Floating point exception (core dumped)
Corrections explained:
Updated the validation logic for vi->alignment:
- Replaced the check for negative alignment (`vi->id < 0`) with a more comprehensive check for non-positive alignment (`vi->alignment <= 0`).
- Updated the corresponding error message to reflect the requirement for a positive volume alignment.
This ensures more robust validation and improves error clarity when invalid alignment values are encountered.
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
The value of an arithmetic expression 'datsize + oobsize' is a subject to overflow because its operands are not cast to a larger data type before performing arithmetic.
Corrections explained:
- Added a check to validate datsize and oobsize to ensure they are non-negative and within a safe range.
- Cast datsize and oobsize to long before performing arithmetic to prevent potential integer overflow.
This change ensures safe computation of offsets and prevents undefined behavior caused by overflow.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Corrections explained:
Added robust handling for malloc() failure by checking the returnvalueand providing a clear error message.
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
The value of an arithmetic expression 'reginfo->offset + i * reginfo->erasesize' is a subject to overflow
because its operands are not cast to a larger data type before performing arithmetic
Corrections explained:
Added casting i and start to unsigned long long
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
The value of an arithmetic expression 'bit_to_flip->block * mtd.eb_size + blkoffs' is a subject to overflow because its operands are not cast to a larger data type before performing arith$
Corrections explained:
Prevent arithmetic overflow in OOB read operation
Resolved an issue where the calculation of the offset in the OOB read operation could overflow due to operands not being cast to a larger data type. Specifically, the multiplication of bi$
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
The value of an arithmetic expression 'eb_cnt * mtd.eb_size' is a subject to overflow because its operands are not cast to a larger data type before performing arithmetic
Corrections explained:
Added explicit casting of eb_cnt to long long in the condition
if (eb_start == 0 && mtd.size == eb_cnt * mtd.eb_size)
to ensure the multiplication is performed in a 64-bit context,
preventing potential overflow for large values of eb_cnt and mtd.eb_size.
This ensures correct handling of devices with large block counts or block sizes.
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Report of the static analyzer:
The value of an arithmetic expression 'vol_info.leb_size * args.lebs' is a subject to overflow because its operands are not cast to a larger data type before performing arithmetic
Corrections explained:
The fix ensures values are checked before multiplication.
Added casting vol_info.leb_size to long long
Triggers found by static analyzer Svace.
Signed-off-by: Anton Moryakov <ant.v.moryakov@gmail.com>
Reviewed-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
We use a vendored library for parsing ini files. Our copy of this
library has not been updated since 2007.
This commit imports the recent version of the ini parsing library
from upstream source at https://gitlab.com/iniparser/iniparser
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add new option '--asan' for configuration to support dynamic
Address-Sanitizier debugging, which could detect kinds of invalid
memory accessing problems(eg. UAF, r/w OOB, etc.). Currently, only
ubifs-utils(mkfs.ubifs/fsck.ubifs) is supported.
Enable Address-Sanitizier debugging with configuration:
./configure --enable-asan
Notice: The Address-Sanitizier will stop the program and print
problems if memory problems are detected. Sometimes the memory
problems come from third libs(not mtd-utils), which could stuck
the testcases.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add document for fsck.ubifs and mkfs.ubifs testcases, explain all
testcases and how to run them.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add run_all script to run all UBIFS fsck & mkfs testcases.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Initialize UBIFS image from a given directory, then check whether the
fs content in mounted UBIFS is consistent with the original directory.
Both UBI volume and file are chosen as storage mediums to test.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
For kinds of inconsistent UBIFS images(which can simulate corruptions
caused by some potentional UBIFS bug), check the result of fsck.
This testcase mainly checks whether the behavior is in expected after
repairing specific inconsistent UBIFS image.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This is a preparation for adding bad images fsck testcase. There is
no debugfs tools (for example: debugfs[ext4], xfs_db) for UBIFS, so
there is no way to inject precise corruption into UBIFS image, we have
to prepare inconsistent UBIFS images in advance like e2fsprogs[1] does.
(Goto [2] to see how to generate inconsistent UBIFS images).
Original UBIFS image content:
/
├── corrupt_file (xattr - user.corrupt:123, 2K data)
├── dir
│ ├── block_dev
│ ├── char_dev
│ ├── dir
│ └── file (content: '123')
├── hardl_corrupt_file => corrupt_file
└── softl_corrupt_file -> corrupt_file
Here's a descriptons of the various testing images:
=========================================================================
image | Description | expectancy
-------------------------------------------------------------------------
good | good image contains | fsck success, fs content is
| kinds of files. | not changed.
-------------------------------------------------------------------------
sb_fanout | invalid fanout in | fsck failed.
| superblock. |
-------------------------------------------------------------------------
sb_fmt_version | invalid fmt_version | fsck failed.
| in superblock. |
-------------------------------------------------------------------------
sb_leb_size | invalid leb_size in | fsck failed.
| superblock. |
-------------------------------------------------------------------------
sb_log_lebs | invalid log lebs in | fsck failed.
| superblock. |
-------------------------------------------------------------------------
sb_min_io_size | invalid min_io_size | fsck failed.
| in superblock. |
-------------------------------------------------------------------------
master_highest_inum | invalid highest_inum| fsck success, fs content is
| in master nodes. | not changed.
-------------------------------------------------------------------------
master_lpt | bad lpt pos in | fsck success, fs content is
| master nodes. | not changed.
-------------------------------------------------------------------------
master_tnc | bad tnc pos in | fsck success, fs content is
| master nodes. | not changed.
-------------------------------------------------------------------------
master_total_dead | bad total_dead in | fsck success, fs content is
| master nodes. | not changed.
-------------------------------------------------------------------------
master_total_dirty | bad total_dirty in | fsck success, fs content is
| master nodes. | not changed.
-------------------------------------------------------------------------
master_total_free | bad total_free in | fsck success, fs content is
| master nodes. | not changed.
-------------------------------------------------------------------------
journal_log | corrupted log area. | fsck success, fs content is
| | not changed.
-------------------------------------------------------------------------
journal_bud | corrupted bud area. | fsck success, file data is
| | lost.
-------------------------------------------------------------------------
orphan_node | bad orphan node. | fsck success, file is
| | deleted as expected.
-------------------------------------------------------------------------
lpt_dirty | bad dirty in pnode. | fsck success, fs content is
| | not changed.
-------------------------------------------------------------------------
lpt_flags | bad flags in pnode | fsck success, fs content is
| (eg. index). | not changed.
-------------------------------------------------------------------------
lpt_free | bad free in pnode. | fsck success, fs content is
| | not changed.
-------------------------------------------------------------------------
lpt_pos | bad pos in nnode. | fsck success, fs content is
| | not changed.
-------------------------------------------------------------------------
ltab_dirty | bad dirty in lprops | fsck success, fs content is
| table. | not changed.
-------------------------------------------------------------------------
ltab_free | bad free in lprops | fsck success, fs content is
| table. | not changed.
-------------------------------------------------------------------------
index_size | bad index size in | fsck success, fs content is
| master nodes. | not changed.
-------------------------------------------------------------------------
tnc_lv0_key | bad key in lv0 | fsck success, fs content is
| znode. | not changed.
-------------------------------------------------------------------------
tnc_lv0_len | bad len in lv0 | fsck success, fs content is
| znode. | not changed.
-------------------------------------------------------------------------
tnc_lv0_pos | bad pos in lv0 | fsck success, fs content is
| znode. | not changed.
-------------------------------------------------------------------------
tnc_noleaf_key | bad key in non-leaf | fsck success, fs content is
| znode. | not changed.
-------------------------------------------------------------------------
tnc_noleaf_len | bad len in non-leaf | fsck success, fs content is
| znode. | not changed.
-------------------------------------------------------------------------
tnc_noleaf_pos | bad pos in non-leaf | fsck success, fs content is
| znode. | not changed.
-------------------------------------------------------------------------
corrupted_data_leb | corrupted data leb. | fsck success, partial data of
| | file is lost.
-------------------------------------------------------------------------
corrupted_idx_leb | corrupted index leb.| fsck success, fs content is
| | not changed.
-------------------------------------------------------------------------
inode_data | bad data node. | fsck success, file content
| | is changed, other files are
| | not changed.
-------------------------------------------------------------------------
inode_mode | bad inode mode for | fsck success, file is
| file. | dropped, other files are not
| | changed.
-------------------------------------------------------------------------
inode_nlink | wrong nlink for | fsck success, nlink is
| file. | corrected, fs content is not
| | changed.
-------------------------------------------------------------------------
inode_size | wrong inode size | fsck success, inode size is
| for file. | corrected, fs content is not
| | changed.
-------------------------------------------------------------------------
inode_xcnt | wrong inode | fsck success, xattr_cnt is
| xattr_cnt for file. | corrected, fs content is not
| | changed.
-------------------------------------------------------------------------
soft_link_inode_mode| bad inode mode for | fsck success, soft link
| solf link file. | file is dropped, other files
| | are not changed.
-------------------------------------------------------------------------
soft_link_data_len | bad inode data_len | fsck success, soft link
| for solt link file. | file is dropped, other files
| | are not changed.
-------------------------------------------------------------------------
dentry_key | bad dentry key for | fsck success, dentry is
| file. | removed, other files are
| | not changed.
-------------------------------------------------------------------------
dentry_nlen | inconsistent nlen | fsck success, dentry is
| and name in dentry | removed, other files are
| for file. | not changed.
-------------------------------------------------------------------------
dentry_type | inconsistent type | fsck success, dentry is
| between dentry and | removed, other files are
| inode for file. | not changed.
-------------------------------------------------------------------------
xinode_flags | lost UBIFS_XATTR_FL | fsck success, xattr is
| in xattr inode | removed, other files are
| flags for file. | not changed.
-------------------------------------------------------------------------
xinode_key | bad xattr inode key | fsck success, xattr is
| for file. | removed, other files are
| | not changed.
-------------------------------------------------------------------------
xinode_mode | bad xattr inode | fsck success, xattr is
| mode for file. | removed, other files are
| | not changed.
-------------------------------------------------------------------------
xentry_key | bad xattr entry key | fsck success, xattr is
| for file. | removed, other files are
| | not changed.
-------------------------------------------------------------------------
xentry_nlen | inconsistent nlen | fsck success, xattr is
| and name in xattr | removed, other files are
| entry for file. | not changed.
-------------------------------------------------------------------------
xentry_type | inconsistent type | fsck success, xattr is
| between xattr entry | removed, other files are
| and xattr inode for | not changed.
| file. |
-------------------------------------------------------------------------
xent_host | the xattr's host | fsck success, file, hard
| is a xattr too, the | link and soft link are
| flag of corrupt_file| dropped, other files are
| inode is modified. | not changed.
-------------------------------------------------------------------------
dir_many_dentry | dir has too many | fsck success, hard link is
| dentries, the dentry| dropped, other files are not
| of hard link is | changed.
| modified. |
-------------------------------------------------------------------------
dir_lost | bad dentry for dir. | fsck success, the 'file' is
| | recovered under lost+found,
| | left files under dir are
| | removed, other files are not
| | changed.
-------------------------------------------------------------------------
dir_lost_duplicated | bad inode for dir, | fsck success, the 'file' is
| there is a file | recovered with INO_<inum>_1
| under lost+found, | under lost+found, left files
| which named with the| under dir are removed, other
| inum of the 'file'. | files are not changed.
-------------------------------------------------------------------------
dir_lost_not_recover| bad inode for dir, | fsck success, all files
| lost+found is a | under dir are removed,
| regular file and | other files are not changed.
| exists under root |
| dir. |
-------------------------------------------------------------------------
root_dir | bad '/'. | fsck success, create new
| | root dir('/'). All regular
| | files are reocovered under
| | lost+found, other files are
| | removed.
-------------------------------------------------------------------------
empty_tnc | all files have bad | fsck success, fs content
| inode. | becomes empty.
=========================================================================
[1] https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/tree/tests/README
[2] https://bugzilla.kernel.org/show_bug.cgi?id=218924
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Inject random corruption on UBIFS image by writting random data on
kinds of mtd devices (eg. nand, nor), check the consistency of UBIFS
after fsck.
This testcase simulates random bad UBIFS image caused by hardware
exceptions(eg. ecc uncorrectable, unwritten), and makes sure that
fsck.ubifs could make UBIFS be consistent after repairing UBIFS
image.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Inject powercut while doing fsstress on mounted UBIFS, check the
consistency of UBIFS after fsck.
This testscase mainly makes sure that fsck.ubifs can make UBIFS
image be consistent in common stress cases and powercut cases.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Inject memory/io fault while doing fsck for corrupted UBIFS images.
This testcase mainly checks whether fsck.ubifs has problems (eg.
UAF, null-ptr-def, etc.) in random error paths. Besides, it provides
a similar way to simulate powercut during fsck, and checks whether
the fsck.ubifs can fix an UBIFS image after many rounds interrupted
by kinds of errors.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Inject powercut while doing fsstress on mounted UBIFS for kinds of
flashes (eg. nand, nor).
This testcase mainly makes sure that fsck.ubifs can make UBIFS image
be consistent on different flashes (eg. nand, nor). Because the
min_io_size of nor flash is 1, the UBIFS image on nor flash will be
different from nand flash after doing powercut, so we need make sure
fsck.ubifs can handle these two types of flash.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Do fsstress and fsck, check whether there are any files(and their data)
are lost after fsck. This testcase mainly checks whether fsck.ubifs could
corrupt the filesystem content in common case.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Authenticated UBIFS image is not supported in fsck, add testcase
to check that.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This is a preparation for adding testcases for fsck.ubifs and
mkfs.ubifs. Add some common functions, for example: powercut,
load_mtdram, mount_ubifs, encryption operations, etc.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
Add documents to describe fsck, which includes introductions, designment,
advantage and limitations.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: Zhang Yi <yi.zhang@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
|
This is the 18/18 step of fsck. Do final committing, commit problem
fixing modifications(which are generated since step 14) to disk, and
clear %UBIFS_MST_DIRTY flag for master node.
Signed-off-by: Zhihao Cheng <chengzhihao1@huawei.com>
Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
|
