From cec572daccafa1e912cbed363df6f84687778c6f Mon Sep 17 00:00:00 2001 From: Nicholas D Steeves Date: Sat, 23 Apr 2016 00:41:30 +0100 Subject: btrfs-progs (4.4.1-1.1) unstable; urgency=medium * Non-maintainer upload. * New upstream release. * Rename package to btrfs-progs (Closes: #780081) * Update standards version to 3.9.7 (no changes needed). * debian/control: Add "Breaks" per Gianfranco Costamagna's suggestion * Change lintian override to reflect package rename * Switch from using postinst and postrm to using triggers per Christian Seiler's recommendation. # imported from the archive --- .../001-bad-file-extent-bytenr/default_case.img | Bin 0 -> 4096 bytes tests/fsck-tests/002-bad-transid/default_case.img | Bin 0 -> 4096 bytes .../fsck-tests/003-shift-offsets/default_case.img | Bin 0 -> 4096 bytes tests/fsck-tests/004-no-dir-index/default_case.img | Bin 0 -> 4096 bytes .../005-bad-item-offset/default_case.img | Bin 0 -> 398336 bytes .../006-bad-root-items/default_case.tar.xz | Bin 0 -> 24980 bytes .../006-bad-root-items/skinny_case.tar.xz | Bin 0 -> 26520 bytes tests/fsck-tests/006-bad-root-items/test.sh | 17 ++ .../007-bad-offset-snapshots/default_case.img | Bin 0 -> 249856 bytes .../008-bad-dir-index-name/default_case.img | Bin 0 -> 4096 bytes .../009-no-dir-item-or-index/default_case.img | Bin 0 -> 4953088 bytes .../010-no-rootdir-inode-item/default_case.img | Bin 0 -> 398336 bytes .../fsck-tests/011-no-inode-item/default_case.img | Bin 0 -> 398336 bytes .../012-leaf-corruption/no_data_extent.tar.xz | Bin 0 -> 130260 bytes tests/fsck-tests/012-leaf-corruption/test.sh | 117 ++++++++++ tests/fsck-tests/013-extent-tree-rebuild/test.sh | 44 ++++ .../fsck-tests/014-no-extent-info/default_case.img | Bin 0 -> 4096 bytes .../bko-97171-btrfs-image.raw.txt | 254 +++++++++++++++++++++ .../bko-97171-btrfs-image.raw.xz | Bin 0 -> 6748 bytes .../016-wrong-inode-nbytes/default_case.img.xz | Bin 0 -> 1996 bytes .../default_case.img.xz | Bin 0 -> 1104 bytes .../018-leaf-crossing-stripes/default_case.raw.xz | Bin 0 -> 105064 bytes tests/fsck-tests/018-leaf-crossing-stripes/test.sh | 12 + .../019-non-skinny-false-alert/default_case.img.xz | Bin 0 -> 15236 bytes .../fsck-tests/019-non-skinny-false-alert/test.sh | 23 ++ 25 files changed, 467 insertions(+) create mode 100644 tests/fsck-tests/001-bad-file-extent-bytenr/default_case.img create mode 100644 tests/fsck-tests/002-bad-transid/default_case.img create mode 100644 tests/fsck-tests/003-shift-offsets/default_case.img create mode 100644 tests/fsck-tests/004-no-dir-index/default_case.img create mode 100644 tests/fsck-tests/005-bad-item-offset/default_case.img create mode 100644 tests/fsck-tests/006-bad-root-items/default_case.tar.xz create mode 100644 tests/fsck-tests/006-bad-root-items/skinny_case.tar.xz create mode 100755 tests/fsck-tests/006-bad-root-items/test.sh create mode 100644 tests/fsck-tests/007-bad-offset-snapshots/default_case.img create mode 100644 tests/fsck-tests/008-bad-dir-index-name/default_case.img create mode 100644 tests/fsck-tests/009-no-dir-item-or-index/default_case.img create mode 100644 tests/fsck-tests/010-no-rootdir-inode-item/default_case.img create mode 100644 tests/fsck-tests/011-no-inode-item/default_case.img create mode 100644 tests/fsck-tests/012-leaf-corruption/no_data_extent.tar.xz create mode 100755 tests/fsck-tests/012-leaf-corruption/test.sh create mode 100755 tests/fsck-tests/013-extent-tree-rebuild/test.sh create mode 100644 tests/fsck-tests/014-no-extent-info/default_case.img create mode 100644 tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.txt create mode 100644 tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.xz create mode 100644 tests/fsck-tests/016-wrong-inode-nbytes/default_case.img.xz create mode 100644 tests/fsck-tests/017-missing-all-file-extent/default_case.img.xz create mode 100644 tests/fsck-tests/018-leaf-crossing-stripes/default_case.raw.xz create mode 100755 tests/fsck-tests/018-leaf-crossing-stripes/test.sh create mode 100644 tests/fsck-tests/019-non-skinny-false-alert/default_case.img.xz create mode 100755 tests/fsck-tests/019-non-skinny-false-alert/test.sh (limited to 'tests/fsck-tests') diff --git a/tests/fsck-tests/001-bad-file-extent-bytenr/default_case.img b/tests/fsck-tests/001-bad-file-extent-bytenr/default_case.img new file mode 100644 index 00000000..d2a05bb8 Binary files /dev/null and b/tests/fsck-tests/001-bad-file-extent-bytenr/default_case.img differ diff --git a/tests/fsck-tests/002-bad-transid/default_case.img b/tests/fsck-tests/002-bad-transid/default_case.img new file mode 100644 index 00000000..85bd87cd Binary files /dev/null and b/tests/fsck-tests/002-bad-transid/default_case.img differ diff --git a/tests/fsck-tests/003-shift-offsets/default_case.img b/tests/fsck-tests/003-shift-offsets/default_case.img new file mode 100644 index 00000000..ce23f673 Binary files /dev/null and b/tests/fsck-tests/003-shift-offsets/default_case.img differ diff --git a/tests/fsck-tests/004-no-dir-index/default_case.img b/tests/fsck-tests/004-no-dir-index/default_case.img new file mode 100644 index 00000000..6f2483e6 Binary files /dev/null and b/tests/fsck-tests/004-no-dir-index/default_case.img differ diff --git a/tests/fsck-tests/005-bad-item-offset/default_case.img b/tests/fsck-tests/005-bad-item-offset/default_case.img new file mode 100644 index 00000000..e11e1e32 Binary files /dev/null and b/tests/fsck-tests/005-bad-item-offset/default_case.img differ diff --git a/tests/fsck-tests/006-bad-root-items/default_case.tar.xz b/tests/fsck-tests/006-bad-root-items/default_case.tar.xz new file mode 100644 index 00000000..125d8e7d Binary files /dev/null and b/tests/fsck-tests/006-bad-root-items/default_case.tar.xz differ diff --git a/tests/fsck-tests/006-bad-root-items/skinny_case.tar.xz b/tests/fsck-tests/006-bad-root-items/skinny_case.tar.xz new file mode 100644 index 00000000..ed99dc4d Binary files /dev/null and b/tests/fsck-tests/006-bad-root-items/skinny_case.tar.xz differ diff --git a/tests/fsck-tests/006-bad-root-items/test.sh b/tests/fsck-tests/006-bad-root-items/test.sh new file mode 100755 index 00000000..84332348 --- /dev/null +++ b/tests/fsck-tests/006-bad-root-items/test.sh @@ -0,0 +1,17 @@ +#!/bin/bash + +source $TOP/tests/common + +check_prereq btrfs + +echo "extracting image default_case.tar.xz" >> $RESULTS +tar --no-same-owner -xJf default_case.tar.xz || \ + _fail "failed to extract default_case.tar.xz" +check_image test.img + +echo "extracting image skinny_case.tar.xz" >> $RESULTS +tar --no-same-owner -xJf skinny_case.tar.xz || \ + _fail "failed to extract skinny_case.tar.xz" +check_image test.img + +rm test.img diff --git a/tests/fsck-tests/007-bad-offset-snapshots/default_case.img b/tests/fsck-tests/007-bad-offset-snapshots/default_case.img new file mode 100644 index 00000000..b87e9977 Binary files /dev/null and b/tests/fsck-tests/007-bad-offset-snapshots/default_case.img differ diff --git a/tests/fsck-tests/008-bad-dir-index-name/default_case.img b/tests/fsck-tests/008-bad-dir-index-name/default_case.img new file mode 100644 index 00000000..e004737f Binary files /dev/null and b/tests/fsck-tests/008-bad-dir-index-name/default_case.img differ diff --git a/tests/fsck-tests/009-no-dir-item-or-index/default_case.img b/tests/fsck-tests/009-no-dir-item-or-index/default_case.img new file mode 100644 index 00000000..d7f22692 Binary files /dev/null and b/tests/fsck-tests/009-no-dir-item-or-index/default_case.img differ diff --git a/tests/fsck-tests/010-no-rootdir-inode-item/default_case.img b/tests/fsck-tests/010-no-rootdir-inode-item/default_case.img new file mode 100644 index 00000000..6b66fdad Binary files /dev/null and b/tests/fsck-tests/010-no-rootdir-inode-item/default_case.img differ diff --git a/tests/fsck-tests/011-no-inode-item/default_case.img b/tests/fsck-tests/011-no-inode-item/default_case.img new file mode 100644 index 00000000..352fc021 Binary files /dev/null and b/tests/fsck-tests/011-no-inode-item/default_case.img differ diff --git a/tests/fsck-tests/012-leaf-corruption/no_data_extent.tar.xz b/tests/fsck-tests/012-leaf-corruption/no_data_extent.tar.xz new file mode 100644 index 00000000..547e5455 Binary files /dev/null and b/tests/fsck-tests/012-leaf-corruption/no_data_extent.tar.xz differ diff --git a/tests/fsck-tests/012-leaf-corruption/test.sh b/tests/fsck-tests/012-leaf-corruption/test.sh new file mode 100755 index 00000000..a308727d --- /dev/null +++ b/tests/fsck-tests/012-leaf-corruption/test.sh @@ -0,0 +1,117 @@ +#!/bin/bash + +source $TOP/tests/common + +check_prereq btrfs-image + +# Check file list for leaf corruption, no regular/preallocated +# file extent case. +# Corrupted leaf is 20832256, which contains inode 1862~1872 +# +# 1862, ref from leaf 20828160 key 24(DIR_ITEM) +# 1863, ref from leaf 605388 item key 11(DIR_ITEM) +# 1864, no ref to rebuild, no need to rebuild +# 1865, ref from leaf 19767296 key 23(DIR_ITEM) +# 1866-1868 no ref to rebuild, all refs in corrupted leaf +# 1869, ref from leaf 4976640 key 22(DIR_ITEM) +# 1870 no ref to rebuild, all refs in corrupted leaf +# 1871, ref from leaf 19746816 key 38(DIR_ITEM) +# 1872, ref from leaf 19767296 key 14(DIR_ITEM) +# The list format is: +# INO SIZE MODE NAME +# INO: inode number +# SIZE: file size, only checked for regular file +# MODE: raw file mode, get from stat +# NAME: file name +leaf_no_data_ext_list=( + 1862 0 40700 "install.d" + 1862 0 40700 "install.d" + 1863 0 40700 "gdb" + 1865 0 40700 "iptables" + 1869 0 40700 "snmp" + 1871 0 100700 "machine-id" + 1872 0 100700 "adjtime" + 1877 0 40700 "del" +) + +generate_leaf_corrupt_no_data_ext() +{ + dest=$1 + echo "generating leaf_corrupt_no_data_ext.btrfs-image" >> $RESULTS + tar --no-same-owner -xJf ./no_data_extent.tar.xz || \ + _fail "failed to extract leaf_corrupt_no_data_ext.btrfs-image" + $TOP/btrfs-image -r test.img.btrfs-image $dest || \ + _fail "failed to extract leaf_corrupt_no_data_ext.btrfs-image" + + # leaf at 4206592 and 20905984 contains no regular data + # extent, clear its csum to corrupt the leaf. + for x in 4206592 20905984; do + dd if=/dev/zero of=$dest bs=1 count=32 conv=notrunc seek=$x \ + 1>/dev/null 2>&1 + done +} + +check_inode() +{ + path=$1 + ino=$2 + size=$3 + mode=$4 + name=$5 + + # Check whether the inode exists + exists=$($SUDO_HELPER find $path -inum $ino) + if [ -z "$exists" ]; then + _fail "inode $ino not recovered correctly" + fi + + # Check inode type + found_mode=$(printf "%o" 0x$($SUDO_HELPER stat $exists -c %f)) + if [ $found_mode -ne $mode ]; then + echo "$found_mode" + _fail "inode $ino modes not recovered" + fi + + # Check inode size + found_size=$($SUDO_HELPER stat $exists -c %s) + if [ $mode -ne 41700 -a $found_size -ne $size ]; then + _fail "inode $ino size not recovered correctly" + fi + + # Check inode name + if [ "$(basename $exists)" != "$name" ]; then + _fail "inode $ino name not recovered correctly" + else + return 0 + fi +} + +# Check salvaged data in the recovered image +check_leaf_corrupt_no_data_ext() +{ + image=$1 + $SUDO_HELPER mount -o loop $image -o ro $TEST_MNT + + i=0 + while [ $i -lt ${#leaf_no_data_ext_list[@]} ]; do + check_inode $TEST_MNT/lost+found \ + ${leaf_no_data_ext_list[i]} \ + ${leaf_no_data_ext_list[i + 1]} \ + ${leaf_no_data_ext_list[i + 2]} \ + ${leaf_no_data_ext_list[i + 3]} \ + ${leaf_no_data_ext_list[i + 4]} + ((i+=4)) + done + $SUDO_HELPER umount $TEST_MNT +} + +setup_root_helper + +generate_leaf_corrupt_no_data_ext test.img +check_image test.img +check_leaf_corrupt_no_data_ext test.img + +rm test.img +rm test.img.btrfs-image +# Not used, its function is the same as generate_leaf_corrupt_no_data_ext() +rm generate_image.sh diff --git a/tests/fsck-tests/013-extent-tree-rebuild/test.sh b/tests/fsck-tests/013-extent-tree-rebuild/test.sh new file mode 100755 index 00000000..ff7d28e5 --- /dev/null +++ b/tests/fsck-tests/013-extent-tree-rebuild/test.sh @@ -0,0 +1,44 @@ +#!/bin/bash + +source $TOP/tests/common + +check_prereq btrfs-corrupt-block +check_prereq btrfs-debug-tree +check_prereq mkfs.btrfs +check_prereq btrfs + +setup_root_helper +prepare_test_dev 1G + +# test whether fsck can rebuild a corrupted extent tree +test_extent_tree_rebuild() +{ + run_check $SUDO_HELPER $TOP/mkfs.btrfs -f $TEST_DEV + + run_check_mount_test_dev + run_check $SUDO_HELPER cp -aR /lib/modules/`uname -r`/ $TEST_MNT + + for i in `seq 1 100`;do + run_check $SUDO_HELPER $TOP/btrfs sub snapshot $TEST_MNT \ + $TEST_MNT/snapaaaaaaa_$i + done + run_check_umount_test_dev + + # get extent root bytenr + extent_root_bytenr=`$SUDO_HELPER $TOP/btrfs-debug-tree -r $TEST_DEV | \ + grep extent | awk '{print $7}'` + if [ -z $extent_root_bytenr ];then + _fail "fail to get extent root bytenr" + fi + + # corrupt extent root node block + run_check $SUDO_HELPER $TOP/btrfs-corrupt-block -l $extent_root_bytenr \ + -b 4096 $TEST_DEV + + $SUDO_HELPER $TOP/btrfs check $TEST_DEV >& /dev/null && \ + _fail "btrfs check should detect failure" + run_check $SUDO_HELPER $TOP/btrfs check --init-extent-tree $TEST_DEV + run_check $SUDO_HELPER $TOP/btrfs check $TEST_DEV +} + +test_extent_tree_rebuild diff --git a/tests/fsck-tests/014-no-extent-info/default_case.img b/tests/fsck-tests/014-no-extent-info/default_case.img new file mode 100644 index 00000000..1ff27434 Binary files /dev/null and b/tests/fsck-tests/014-no-extent-info/default_case.img differ diff --git a/tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.txt b/tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.txt new file mode 100644 index 00000000..9685ed46 --- /dev/null +++ b/tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.txt @@ -0,0 +1,254 @@ +URL: https://bugzilla.kernel.org/show_bug.cgi?id=97171 + +The btrfs-image attached to this bug causes the btrfs-userland tool to use +uninitialized memory and ultimately overwrite what seems to be arbitrary memory +locations, dying in the process. Reproduced on x86-64 and i686. + +The kernel seems to be less affected and fails to mount the image. If +/usr/sbin/btrfs is not setuid (which it probably never is), things should be +safe. I didn't investigate further though. + +gdb output: + +GNU gdb (GDB) Fedora 7.8.2-38.fc21 +[... lots of other errors...] +Ignoring transid failure +root 5 inode 260 errors 1000, some csum missing + unresolved ref dir 256 index 7 namelen 5 name b.bin filetype 1 errors 2, no dir index + unresolved ref dir 256 index 7 namelen 5 name b.fin filetype 1 errors 5, no dir item, no inode ref +root 5 inode 261 errors 200, dir isize wrong + +Program received signal SIGSEGV, Segmentation fault. +0x000000000089bb70 in ?? () +(gdb) bt +#0 0x000000000089bb70 in ?? () +#1 0x00007fffffffdb50 in ?? () +#2 0x0000000000894b20 in ?? () +#3 0x00000032629b88e0 in _IO_2_1_stdout_ () from /lib64/libc.so.6 +#4 0x000000000088c010 in ?? () +#5 0x0000000000000000 in ?? () + + +valgrind output: + +[...lots of errors...] +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x436E77: check_block.part.14 (ctree.c:548) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B0E7: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B2AC: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B151: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B162: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B176: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B2CE: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Conditional jump or move depends on uninitialised value(s) +==12638== at 0x4A0B34A: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Use of uninitialised value of size 8 +==12638== at 0x4A0B3A0: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== +==12638== Invalid read of size 1 +==12638== at 0x4A0B3A0: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== Address 0xa25c9de9 is not stack'd, malloc'd or (recently) free'd +==12638== +==12638== +==12638== Process terminating with default action of signal 11 (SIGSEGV) +==12638== Access not within mapped region at address 0xA25C9DE9 +==12638== at 0x4A0B3A0: memcpy@@GLIBC_2.14 (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so) +==12638== by 0x436E99: UnknownInlinedFun (ctree.h:1613) +==12638== by 0x436E99: check_block.part.14 (ctree.c:550) +==12638== by 0x438954: UnknownInlinedFun (kerncompat.h:91) +==12638== by 0x438954: btrfs_search_slot (ctree.c:1120) +==12638== by 0x40DD1F: count_csum_range (cmds-check.c:1419) +==12638== by 0x40DD1F: process_file_extent (cmds-check.c:1551) +==12638== by 0x40DD1F: process_one_leaf (cmds-check.c:1617) +==12638== by 0x40DD1F: walk_down_tree (cmds-check.c:1742) +==12638== by 0x40DD1F: check_fs_root (cmds-check.c:3380) +==12638== by 0x40DD1F: check_fs_roots.isra.51 (cmds-check.c:3516) +==12638== by 0x4C64B0F: ??? +==12638== by 0x4C30A2F: ??? +==12638== by 0x4C468CF: ??? +==12638== by 0x32629B88DF: ??? (in /usr/lib64/libc-2.20.so) +==12638== by 0x4C3657F: ??? +==12638== If you believe this happened as a result of a stack +==12638== overflow in your program's main thread (unlikely but +==12638== possible), you can try to increase the size of the +==12638== main thread stack using the --main-stacksize= flag. +==12638== The main thread stack size used in this run was 8388608. +==12638== +==12638== HEAP SUMMARY: +==12638== in use at exit: 46,260 bytes in 56 blocks +==12638== total heap usage: 380 allocs, 324 frees, 218,054 bytes allocated +==12638== +==12638== LEAK SUMMARY: +==12638== definitely lost: 272 bytes in 2 blocks +==12638== indirectly lost: 800 bytes in 8 blocks +==12638== possibly lost: 88 bytes in 1 blocks +==12638== still reachable: 45,100 bytes in 45 blocks +==12638== suppressed: 0 bytes in 0 blocks +==12638== Rerun with --leak-check=full to see details of leaked memory +==12638== +==12638== For counts of detected and suppressed errors, rerun with: -v +==12638== Use --track-origins=yes to see where uninitialised values come from +==12638== ERROR SUMMARY: 10 errors from 10 contexts (suppressed: 0 from 0) +[1] 12638 segmentation fault valgrind btrfs check btrfs_fukked_memorycorruption.bin diff --git a/tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.xz b/tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.xz new file mode 100644 index 00000000..f3f0944d Binary files /dev/null and b/tests/fsck-tests/015-check-bad-memory-access/bko-97171-btrfs-image.raw.xz differ diff --git a/tests/fsck-tests/016-wrong-inode-nbytes/default_case.img.xz b/tests/fsck-tests/016-wrong-inode-nbytes/default_case.img.xz new file mode 100644 index 00000000..d513acf5 Binary files /dev/null and b/tests/fsck-tests/016-wrong-inode-nbytes/default_case.img.xz differ diff --git a/tests/fsck-tests/017-missing-all-file-extent/default_case.img.xz b/tests/fsck-tests/017-missing-all-file-extent/default_case.img.xz new file mode 100644 index 00000000..10cd4c78 Binary files /dev/null and b/tests/fsck-tests/017-missing-all-file-extent/default_case.img.xz differ diff --git a/tests/fsck-tests/018-leaf-crossing-stripes/default_case.raw.xz b/tests/fsck-tests/018-leaf-crossing-stripes/default_case.raw.xz new file mode 100644 index 00000000..60eb2f97 Binary files /dev/null and b/tests/fsck-tests/018-leaf-crossing-stripes/default_case.raw.xz differ diff --git a/tests/fsck-tests/018-leaf-crossing-stripes/test.sh b/tests/fsck-tests/018-leaf-crossing-stripes/test.sh new file mode 100755 index 00000000..c453ab5c --- /dev/null +++ b/tests/fsck-tests/018-leaf-crossing-stripes/test.sh @@ -0,0 +1,12 @@ +#!/bin/bash + +source $TOP/tests/common + +check_prereq btrfs + +image=$(extract_image "./default_case.raw.xz") +run_check_stdout $TOP/btrfs check "$image" 2>&1 | + grep -q "crossing stripe boundary" || + _fail "no expected error message in the output" + +rm -f "$image" diff --git a/tests/fsck-tests/019-non-skinny-false-alert/default_case.img.xz b/tests/fsck-tests/019-non-skinny-false-alert/default_case.img.xz new file mode 100644 index 00000000..c35f8bc6 Binary files /dev/null and b/tests/fsck-tests/019-non-skinny-false-alert/default_case.img.xz differ diff --git a/tests/fsck-tests/019-non-skinny-false-alert/test.sh b/tests/fsck-tests/019-non-skinny-false-alert/test.sh new file mode 100755 index 00000000..a7f8e862 --- /dev/null +++ b/tests/fsck-tests/019-non-skinny-false-alert/test.sh @@ -0,0 +1,23 @@ +#!/bin/bash +# +# $ btrfs check img +# Checking filesystem on img +# UUID: 17f2bf15-f4c2-4ebc-b1f7-39b7af26257a +# checking extents +# bad extent [29376512, 29392896), type mismatch with chunk +# bad extent [29442048, 29458432), type mismatch with chunk +# bad extent [29589504, 29605888), type mismatch with chunk +# ... +# +# a buggy check leads to the above messages + +source $TOP/tests/common + +check_prereq btrfs + +image=$(extract_image "./default_case.img.xz") +run_check_stdout $TOP/btrfs check "$image" 2>&1 | + grep -q "type mismatch with chunk" && + _fail "unexpected error message in the output" + +rm -f "$image" -- cgit v1.2.3