Now btrfs-progs will have much more strict superblock checks based on
kernel superblock checks.
This should prevent crashes or invalid memory access on crafted or
fuzzed images.
Based on kernel commit c926093ec516f5d316ecdf8c1be11f577ac71b85 .
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
[added reference to kernel and comments]
Signed-off-by: David Sterba <dsterba@suse.com>
Before the patch, btrfs-progs will only read sizeof(struct
btrfs_super_block) and restore it into super_copy.
This makes checksum check for superblock impossible. Change it to read
the whole superblock.
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Scrub output prints the following error message in my test:
ERROR: scrubbing /var/ltf/tester/scratch_mnt failed for device id 5 (Success)
It is caused by a broken kernel and fs, but the we need to avoid
printing both "error and success" on one line as above.
This patch modified above message to:
ERROR: scrubbing /var/ltf/tester/scratch_mnt failed for device id 5: ret=1, errno=0 (Success)
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
[minor updates in formatting]
Signed-off-by: David Sterba <dsterba@suse.com>
002-bad-transid outout 'transid verify failed' message in screen
which is just a warning in btrfs-image in normal condition of this
test.
This patch move above warning into $RESULTS, to:
1: Avoid trouble screen output
2: Let user known detail if other error happened in btrfs-image
Before patch:
# ./fsck-tests.sh
[TEST] 001-bad-file-extent-bytenr
[TEST] 002-bad-transid
parent transid verify failed on 29360128 wanted 9 found 755944791
parent transid verify failed on 29360128 wanted 9 found 755944791
Ignoring transid failure
[TEST] 003-shift-offsets
[TEST] 004-no-dir-index
...
After patch:
# ./fsck-tests.sh
[TEST] 001-bad-file-extent-bytenr
[TEST] 002-bad-transid
[TEST] 003-shift-offsets
[TEST] 004-no-dir-index
...
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
There is a bug in btrfs-convert in 4.1.2, even we don't allow mixed
block group for converted image, btrfs-convert will still create image
with data and metadata inside one chunk.
And further more, the chunk type is still DATA or METADATA, not
DATA|METADATA (not mixed).
So add btrfsck check for it right now.
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
To check is btrfs-convert create bad filesystem with
leaf across stripes.
It is happened in progs version <=v4.1.2, and fixed by patch titled:
btrfs: convert: Avoid allocating metadata extent crossing stripe boundary
which was merged in v4.2.
Notice thar this testcase can not report error in old version of
btrfs-progs, because "btrfs check" can't check this type of error
in those version, but we have another testcase in fsck-tests, to
check is "btrfs check" support this check.
So, the above 2 testcase together can check leaf-crossing-stripes
bug in all versions.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
[renamed and other minor changes]
Signed-off-by: David Sterba <dsterba@suse.com>
To test if fsck can check detec "leaf crossing stripes".
This function was introduced from patch titled:
btrfs-progs: fsck: Check if a metadata tree block crossing stripe boundary
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
[renamed and other minor changes]
Signed-off-by: David Sterba <dsterba@suse.com>
Move code for extract image file to a function from check_all_images()
for common use, so caller can use this function to extrace single
image file.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
[minor reformatting and updates]
Signed-off-by: David Sterba <dsterba@suse.com>
Fix a check of len versus PATH_MAX in function copy_symlink(), to
account for the terminating null byte.
Resolves-Coverity-CID: 1296749
Signed-off-by: Vincent Stehlé <vincent.stehle@freescale.com>
Signed-off-by: David Sterba <dsterba@suse.com>
In my local change to 07cc891d1d
("btrfs-progs: Simplify all-subvolumn-clean condition for
wait_for_subvolume_cleaning") that reversed the meaning of the variable
dirty -> clean, I made a mistake and broke 'subvol sync' that will not
wait as expected and ends prematurely. Zhao Lei's original patch worked.
CC: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
When testing under libguestfs, btrfs-convert will never succeed to fix
chunk map, and always fails.
But in that case, it's already a mountable btrfs.
So better to info user with different error message for that case.
The root cause of it is still under investigation.
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
fsid can be mounted multiple times, with different subvolid.
And we don't have to scan a mount point if we already have
that in the scanned list.
And thus nicely avoids the following warning with multiple
subvol mounts on older kernel like 2.6.32 where
BTRFS_IOC_GET_FSLABEL ioctl does not exist.
./btrfs fi show -m
Label: none uuid: 31845933-611e-422d-ae6f-386e57ad81aa
Total devices 2 FS bytes used 172.00KiB
devid 1 size 3.00GiB used 642.38MiB path /dev/sdd
devid 2 size 3.00GiB used 622.38MiB path /dev/sde
warning, device 2 is missing
warning devid 2 not found already
warning, device 2 is missing
warning devid 2 not found already
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
load_device_info queries the FS_INFO ioctl and this may fail with EPERM
on older kernels. The check did not verify the ioctl return value and
incorrectly returned EPERM if it was previously stored in errno.
This fixes 'btrfs fi usage' that will print the overall summary for all
users (provided that the FS_INFO ioctl is already unprivileged).
Signed-off-by: David Sterba <dsterba@suse.com>
If there are different devices mounted to the same directory we can run
into double free issue in the scanning code and this can lead to a
crash. The dev_info_arg buffer allocation get_fs_info might be skipped,
eg. if the FS_INFO ioctl fails due to EPERM in older kernels. Reset the
pointer before each loop starts.
Signed-off-by: David Sterba <dsterba@suse.com>
fsck-tests.sh failed and show following message in my node:
# ./fsck-tests.sh
[TEST] 001-bad-file-extent-bytenr
disk-io.c:1444: write_dev_supers: Assertion `ret != BTRFS_SUPER_INFO_SIZE` failed.
/root/btrfsprogs/btrfs-image(write_all_supers+0x2d2)[0x41031c]
/root/btrfsprogs/btrfs-image(write_ctree_super+0xc5)[0x41042e]
/root/btrfsprogs/btrfs-image(btrfs_commit_transaction+0x208)[0x410976]
/root/btrfsprogs/btrfs-image[0x438780]
/root/btrfsprogs/btrfs-image(main+0x3d5)[0x438c5c]
/lib64/libc.so.6(__libc_start_main+0xfd)[0x335e01ecdd]
/root/btrfsprogs/btrfs-image[0x4074e9]
failed to restore image /root/btrfsprogs/tests/fsck-tests/001-bad-file-extent-bytenr/default_case.img
#
# cat fsck-tests-results.txt
=== Entering /root/btrfsprogs/tests/fsck-tests/001-bad-file-extent-bytenr
restoring image default_case.img
failed to restore image /root/btrfsprogs/tests/fsck-tests/001-bad-file-extent-bytenr/default_case.img
#
Reason:
I run above test in a NFS mountpoint, it don't have enouth space to write
all superblock to image file, and don't support sparse file.
So write_dev_supers() failed in writing sb and output above message.
It takes me quite of time to know what happened, we can save these time
by output exact information in write-sb-fail case.
After patch:
# ./fsck-tests.sh
[TEST] 001-bad-file-extent-bytenr
WARNING: Write sb failed: File too large
disk-io.c:1492: write_all_supers: Assertion `ret` failed.
...
#
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Anthony Plack <anthony@plack.net> reported a output bug in maillist:
title: btrfs-progs SCRUB reporting aborted but still running - minor
btrfs scrub status report it was aborted but still runs to completion.
# btrfs scrub status /mnt/data
scrub status for f591ac13-1a69-476d-bd30-346f87a491da
scrub started at Mon Apr 27 06:48:44 2015 and was aborted after 1089 seconds
total bytes scrubbed: 1.02TiB with 0 errors
#
# btrfs scrub status /mnt/data
scrub status for f591ac13-1a69-476d-bd30-346f87a491da
scrub started at Mon Apr 27 06:48:44 2015 and was aborted after 1664 seconds
total bytes scrubbed: 1.53TiB with 0 errors
#
...
Reason:
When scrub multi-device simultaneously, if some device canceled,
and some device is still running, cancel state have higher priority to
be outputed in global report.
So we can see "scrub aborted" in status line, with running-time keeps
increased.
Fix:
We can increase running state's priority in output, if there is
some device in scrub state, we output running state instead of
cancelled state.
Reported-by: Anthony Plack <anthony@plack.net>
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
it was highlighted to me is_block_device(), returns
1 if the file is a block device,
< 0 in case of an error (eg: file not found)
0 otherwise
This patch makes proper return checks at all the places
where is_block_device() is used. Thanks to Goffredo.
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Suggested-by: Goffredo Baroncelli <kreijack@inwind.it>
Signed-off-by: David Sterba <dsterba@suse.com>
Check nodesize against features, not only sectorsize.
In fact, one of the btrfs-convert and mkfs differs in the nodesize
check.
This patch also provides the basis for later btrfs-convert fix.
Signed-off-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Old kernels before 3.9 do not provide ioctl BTRFS_IOC_GET_FSLABEL.
So we need to provide a fail safe logic for btrfs-progs running
on those kernel.
In this patch when get_label_mounted() fails on the old kernel
it will fail back to the old method and uses get_label_unmounted(),
where it will read from the disk directly.
Signed-off-by: Anand Jain <anand.jain@oracle.com>
Signed-off-by: David Sterba <dsterba@suse.com>
To fix following bug:
# ./convert-tests.sh
[TEST] ext2 4k nodesize, btrfs defaults
failed: mount /root/btrfsprogs/tests/test.img /root/btrfsprogs/tests/mnt
# tail convert-tests-results.txt
...
############### mount /root/btrfsprogs/tests/test.img /root/btrfsprogs/tests/mnt
mount: /root/btrfsprogs/tests/test.img is not a block device (maybe try `-o loop'?)
failed: mount /root/btrfsprogs/tests/test.img /root/btrfsprogs/tests/mnt
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Sparse reports:
warning: non-ANSI function declaration of function
and we're using func(void) elsewhere.
Signed-off-by: David Sterba <dsterba@suse.com>
Devices opened by check_mounted() in main() should closed before
the exit of btrfs-image.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
In case of creating an image without compression, we don't need to
create unused threads.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Bug:
# btrfs-image -t0 -c9 /dev/sda6 /tmp/btrfs_image.img
(hang)
# btrfs-image -r -t0 /tmp/btrfs_image.img /dev/sda6
(hang)
Reason:
The program need to create at least 1 thread for
compression/decompression. If the user specifies -t0, it overwrites the
default value of 1, then the program really creates 0 thread, and
ends up looping
Fix:
We can add a check, to make the program not to allow -t0 argument,
but there is another problem:
For example, on a node with 4 cpus:
btrfs-image -c9 -t1: 4 threads (1 means use NR_CPUS)
-c9 -t2: 2 threads
-c9 -t3: 3 threads
...
(-t1 has more threads than -t2 and -t3)
So we change to use value of 0 as "use NR_CPUS threads", then:
btrfs-image [no -t arg]: use NR_CPUS threads
-t0: use NR_CPUS threads
-t val: use val threads.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
Commit 854437ca3c ("btrfs-progs:
extent-tree: avoid allocating tree block that crosses stripe boundary")
does not work for 64k nodesize. Due to an off-by-one error, all queries
to check_crossing_stripes will return that all extents cross a stripe
and this will lead to a false ENOSPC. This crashes later
$ ./mkfs.btrfs -n 64k image
./mkfs.btrfs(btrfs_reserve_extent+0xb77)[0x417f38]
./mkfs.btrfs(btrfs_alloc_free_block+0x57)[0x417fe0]
./mkfs.btrfs(__btrfs_cow_block+0x163)[0x408eb7]
./mkfs.btrfs(btrfs_cow_block+0xd0)[0x4097c4]
./mkfs.btrfs(btrfs_search_slot+0x16f)[0x40be4d]
./mkfs.btrfs(btrfs_insert_empty_items+0xc0)[0x40d5f9]
./mkfs.btrfs(btrfs_insert_item+0x99)[0x40da5f]
./mkfs.btrfs(btrfs_make_block_group+0x4d)[0x41705c]
./mkfs.btrfs(main+0xeef)[0x434b56]
Holger Hoffstätte reports that this also fixes false positives in case
the nodesize is less than 64k. This happens when the node blocks end at
the stripe boundary.
Reviewed-by: Qu Wenruo <quwenruo@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
We need to call ext2fs_close_inode_scan to release resources from
ext2fs_open_inode_scan.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
The sequence, transid and reserved fields of inode were writen to disk
with uninitizlized value, this patch fixes it.
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
s/generation/sequence/
for BTRFS_SETGET_STACK_FUNCS(stack_inode_sequence, ...)
Signed-off-by: Zhao Lei <zhaolei@cn.fujitsu.com>
Signed-off-by: David Sterba <dsterba@suse.com>
A collection of several images that were produced in a non-standard way
and cause various errors in check or image tools. They do not fit into
the fsck tests as we're not able to repair any of them, but the tools
should not crash or do out-of-bounds access.
Signed-off-by: David Sterba <dsterba@suse.com>
In newer distros (ubuntu 15.10, fedora rawhide) the binutils
ar uses the new D flag per default to build deterministic
binaries.
Without this patch the following warning is issued, when
building btrfs-progs:
[AR] libbtrfs.a
/usr/bin/ar: `u' modifier ignored since `D' is the default (see `U')
For libtrfs.a performance benefit of the u option can be neglected,
so drop the u option and silence the warning.
In the future one might want to explicitly add the D option anyway.
Signed-off-by: Arnd Hannemann <arnd@arndnet.de>
Signed-off-by: David Sterba <dsterba@suse.com>
The new fsid members were switched from dynamically allocated to
on-stack in e737a9d56b ("btrfs-progs:
btrfstune: rework change_uuid"), we don't have to do the checks in the
helpers.
Signed-off-by: David Sterba <dsterba@suse.com>
Coverity complains that the fslabel might be longer than the superblock
buffer, down in do_convert.
The label is at most 255 bytes, terminated by zero. Use buffers of the
right size.
Resolves-coverity-id: 1320911
Signed-off-by: David Sterba <dsterba@suse.com>