The profile must be freed early if the subsequent memory allocation
fails for 'expanded_filename'.
Coverity ID: 14: Resource Leak
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
It is possible that e2fsck_get_dir_info() returns a NULL pointer.
We do not want to blow up when dereferencing p. It seems to be
more sane/safe to call fix_problem(ctx, PR_3_NO_DIRINFO, pctx)
if p is NULL at this point since we do not have any DIRINFO
for pctx->ino.
Also fix another (already existing) error check for
e2fsck_get_dir_info() later in the function so that it reports the
correct inode number if the dirinfo information is not found for
p->parent.
(Both of these are "should-never-happen" internal e2fsck errors that
would indicate a programming bug of some kind.)
Coverity ID: 10: Null Returns
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The dict_lookup() function can potentially return a NULL dnode_t. It is
not checked in two places in the clone_file() function. Looks to be
safe to continue if n is NULL, so just print a warning message and
continue.
Coverity ID: 9: Null Returns
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Found 2 of the three places where a return code for ext2fs_write_inode() was
not being checked.
The second fix in e2fsck/emptydir.c is basically just to shut coverity up even
though it really is unnecessary.
Coverity ID: 1: Checked Return
Signed-off-by: Brian Behlendorf <behlendorf1@llnl.gov>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Change all of the e2fsprogs programs to use the newer add_error_table()
and remove_error_table() interfaces instead of the much older
initialize_*_error_table() function.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The e2fsprogs and kernel implementation of directory hash tree has a
bug which causes the implementation to be dependent on whether
characters are signed or unsigned. Platforms such as the PowerPC,
Arm, and S/390 have signed characters by default, which means that
hash directories on those systems are incompatible with hash
directories on other systems, such as the x86.
To fix this we add a new flags field to the superblock, and define two
new bits in that field to indicate whether or not the directory should
be signed or unsigned. If the bits are not set, e2fsck and fixed
kernels will set them to the signed/unsigned value of the currently
running platform, and then respect those bits when calculating the
directory hash. This allows compatibility with current filesystems,
as well as allowing cross-architectural compatibility.
Addresses Debian Bug: #389772
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
- EXT4_FEATURE_RO_COMPAT_HUGE_FILE (0x0008) - change i_blocks to be
in units of s_blocksize units instead of 512-byte sectors, use
l_i_frag and l_i_fsize as i_blocks_hi (could also be part of 64BIT).
E2fsck and debugfs changed to support i_blocks_hi instead of l_i_frag and
l_i_fsize.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Badblocks now interprets last_block argument as the last block to check,
instead of the number of blocks to check, to be consistent with the
badblocks man page.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Don't core dump if there is a corrupt htree interior node. If the block
number is larger than the number of blocks in the directory, don't write
past the end of malloc'ed memory.
Addresses SourceForge Bug: #1512778
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Create new ext2fs library inline functions in order to calculate
the starting and ending blocks in a block group.
Signed-off-by: Eric Sandeen <esandeen@redhat.com>
There were still some %d's lurking when we print blocks & inodes; also
many of the counters in the e2fsck_struct were signed, and probably
need to be unsigned to avoid overflows.
Signed-off-by: Eric Sandeen <esandeen@redhat.com>
For loops iterating over all group descriptors, consistently define
first_block and last_block in a way that they are inclusive of the
range, and do not overflow.
Previously on the last block group we did a test of <= first +
dec_blocks; this would actually wrap back to 0 for a total block count
of 2^32-1
Also add handling of last block group which may be smaller.
Signed-off-by: Eric Sandeen <esandeen@redhat.com>
For loops such as:
for (i=1; i <= fs->super->s_blocks_count; i++) {
<do_stuff>
}
if i is an int and s_blocks_count is (2^32-1), the condition is never false.
Change these loops to:
for (i=1; i <= fs->super->s_blocks_count && i > 0; i++) {
<do_stuff>
}
to stop the loop when we overflow i
Signed-off-by: Eric Sandeen <esandeen@redhat.com>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This fixes some (but not all) of the compatibility bugs which prevented
e2fsprogs from being compiled on a Linux 2.0.35 system. There are still
some unprotected use of long long's, and apparently some type problems
with the uuid library, but these can be fixed up later.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Add missing brelse() calls to avoid memory leaks in error paths. (Thanks
to Michael C. Thompson for pointing these out; they were originally
found using Coverity.)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The exlcusive device safety check that was added inadvertently broke
e2fsck -cc and mke2fs -cc since e2fsck and mke2fs hold the device
in exclusive access when badblocks is run. So we add a private option
to badblocks, -X, which is passed by e2fsck and mke2fs to badblocks
to indicate that it is OK to skip the EXT2_MF_BUSY checks.
Addresses Debian Bug: #366017
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This feature is initially intended for testing purposes; it allows an
ext2/ext3 developer to create very large filesystems using sparse files
where most of the block groups are not initialized and so do not require
much disk space. Eventually it could be used as a way of speeding up
mke2fs and e2fsck for large filesystem, but that would be best done by
adding an RO_COMPAT extension to the filesystem to allow the inode table
to be lazily initialized on a per-block basis, instead of being entirely initialized
or entirely unused on a per-blockgroup basis.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Integrate profile_std_line() into parse_line(), and profile_parse_file()
into profile_update_file() to make the code use less memory.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Change the format string(%d, %ld) for a block number and inode number
to %u or %lu.
Signed-off-by: Takashi Sato <sho@tnes.nec.co.jp>
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Thanks to Andreas Dilger for this idea. If the filesystem is not mounted,
e2fsck will open it in exclusive mode to prevent the a confused/careless
system administrator from mounting the filesystem while the filesystem
check is taking place, which could cause all sorts of problems.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Check to see if the superblock hint for the external journal needs to
be updated, and if so, offer to update it. (Addresses Debian Bug:
#355644)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
(This was an artifact of the migration of the sources from BitKeeper
to Mercurial; mea culpa, mea maximum culpa --- Ted)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Whether fs checks are skipped when the system is running on battery can be
controlled by the new e2fsck.conf option defer_check_on_battery (this option
defaults to TRUE).
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
On Sat, Jan 28, 2006 at 12:53:33PM -0600, Fredrick Knieper wrote:
> Package: e2fsprogs
> Version: 1.38+1.39-WIP-2005.12.31-1
>
> When running fsck at boot or when running e2fsck manually on a device,
> fsck will not check a filesystem based on the maximum mount count,
> unless a flag such as -f or -c is used to force the filesystem check.
What's happening is that when you run on battery, e2fsck will delay
running the filesystem check, on the assumption that it is better to
defer the check until some time in the future when your laptop is
running on AC mains again. This deferral is not infinite, however; if
the number of mounts exceeds twice the max mount counts, or if the
interval between checks exceeds twice the check interval, e2fsck will
force the check even though you are on battery.
I've changed the sources to print a message to make this more clear.
Addresses Debian Bug: #350306
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This also changes syntax accepted by the profile parser. The value of
profile relations must not contain spaces unless it is quoted;
otherwise the parser will throw an error. Previously something like
this was allowed:
[liboptions]
test = foo bar
Now, the relation must be in double quotes in order to be valid, i.e.,
"foo bar".
Comments are allowed anywhere and can be started with either a ';' or
a '#' character. The only place where comments will not be intepreted
as beginning a comment is in a quoted string.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
E2fsck will now report syntax errors in /etc/e2fsck.conf intead of simply
ignoring the config file when there are errors.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Unified batchmode and command-line handling.
profile_is_node_final() and profile_find_node_relation() are static,
unused functions.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Fix #include of com_err.h so that it isn't required that the com_err
development environment be installed. (Addresses Debian Bug: #345519)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Add the ability for the e2fsck configuration file to override the
behaviour of e2fsck when a particular filesystem problem is
encountered. This allows reconnecting an inode to lost+found to not
stop the boot sequence, if a system administrator really badly wants
this behaviour for some specialized reason, for example.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Also, use this environtment variable to make sure that a local
/etc/e2fsck.conf file will not interfere with the regression test
suite.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If the e2fsck configuration file sets the allow_cancellation option to be
true, then if the filesystem does not have any known problems, and was
known to be cleanly unmounted, then let e2fsck exit with a status code of 0
instead of 32 (FSCK_CANCELED) so that the bootup scripts will continue
without stopping the boot. (Addresses Debian Bug: #150295)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
The profile library was originally written by Theodore Ts'o in 1995
for use in the MIT Kerberos v5 library. It has been
modified/enhanced/bug-fixed over time by other members of the MIT
Kerberos team. This version was originally taken from the Kerberos
v5 distribution, version 1.4.2, and radically simplified for use in
e2fsprogs. (Support for locking for multi-threaded operations,
being able to modify and update the configuration file
programmatically, and Mac/Windows portability have been removed.
It has been folded into a single C source file to make it easier to
fold into an application program.)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
If the superblock last mount time or last write time is in the future, fix
this automatically if e2fsck is in preeen mode, since Debian's boot sequence
bogusly doesn't set the time correctly until potentially very late in the bootup
process, and this can cause false positives that will cause users' systems
to fail to booting. (Addresses Debian Bugs #343662 and #343645)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
A user was confused about whether or not e2fsck -c performed a destructive
test on the filesystem, since it stated that -cc resulted in a non-destructive
read/write test. Clarify that -c does a read/only test.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Don't let the user run e2fsck -ccn on the root partition, without warning
that he or she might be doing something Really Stupid.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Detect if the superblock's last mount field or last write field is in
the future, and offer to fix if so. (Addresses Debian Bug #327580)
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
Don't do a structure copy via an assignment in e2fsck's pass #1 when
it is a no-op in order to avoid false positives from valgrind.
Signed-off-by: "Theodore Ts'o" <tytso@mit.edu>
This was actually caused by two bugs. The first bug is that if the
inode has been fully fixed up, the code will attempt to remove the
inode from the inode_bad_map without checking to see if this bitmap is
present. Since it is cleared at the end of pass 2, if
e2fsck_process_bad_inode is called in pass 4 (as it is for
disconnected inodes), this would result in a core dump.
The first bug was mostly hidden by a second bug, which caused
e2fsck_process_bad_inode() to consider all inodes without an extended
attribute to be not fixed.
Note: This bug was introduced in e2fsprogs 1.36.
(Addresses Debian Bug: #316736)
easier to understand (sorry, translators).
Add new @m (multiply-claimed) and @n (invalid) expansions for e2fsck
problem descriptions.
Add Dutch translation, and update French translation.
Add an explanation of how the @-expansion and %-exapansion works in
e2fsck/problem.c to make life easier for the translators.
Synchronize and update po files.
and changes "bad" to "invalid" in some messages to avoid confusion with
"bad blocks" in the e2fsck, mke2fs, and badblocks programs. Thanks to
Benno Schulenberg. (Addresses Sourceforge Bug: #1189803)
stored in inodes into e2fsck.
There are a number of bug fixes and enhancements over the original lustre fsck
BK repository. The biggest one is that this extended attribute values must
be aligned on 4-byte boundaries.
a new inode we make sure that the extra information in the inode (any extra
fields in a large inode and any ea-in-inode information) is cleared. This
can happen when e2fsck creates a new root inode or a new lost+found directory,
or when the user uses the debugfs write, mknod, or mkdir commands. Otherwise,
the newly create inode could inherit garbage (or old EA information) from
a previously deleted inode.
we changed ext2fs_create_resize_inode to always create the resize inode,
even when s_reserved_gdt_blocks is zero. Mke2fs and e2fsck was calling
ext2fs_create_resize_inode() unconditionally, and depending on
s_reserved_gdt_blocks to be zero, instead of explicitly checking the
resize_inode feature.
as well as the filesystem-wide inode and block free counts. If any of the
free counts is too large, force a full filesystem check. (Addresses
Debian Bug #291571)
enabled, but s_reserved_gdt_blocks is zero and there is no double indirect
block in the resize inode. If there are no blocks reserved for on-line
expansion, there is no need for the DIND block to be allocated in the resize
inode.
autoconf 2.13 version of AC_CHECK_TYPE. Otherwise, on some platforms
intptr_t might get erroneously #define'd to be long. (Addresses
Debian Bug #289133)
byte-swapping options to e2fsck. This was the cause of some hard to
reproduce problems that had been reported in the past, and which the
resize_inode changes tickled in a much more repeatable fashion.
resize_inode capability disabled, but which still have the
s_reserved_gdt_blocks field set in the superblock, or which
still have blocks in the inode #7 (the resize inode).
correctly.
Update Makefile dependencies.
Update "make depend" production so that it filters out comments
inserted by newer gcc compilers.
Remove sync from e2fsck's "make all" target.
example, /tmp/test.img?offset=1024. Multiple options can separated using
the & character, although at the moment the only option implemented is
the offset option in the unix_io layer.
some generated files, by having subst update the modtime on these
files even when the generated file hasn't changed. We do this with
generated files that do not have any downstream dependencies.
incorrectly treat as valid symlinks created with SE Linux
(Debian bug #228723) as well as failing the f_journal test case on
big endian systems due to the backup journal blocks not being swapped.
need to create a lost+found directory. This may
invalidate our pointer to the directory information, so we
must look it up again after calling
e2fsck_reconnect_file(). (Addresses Debian bug #219640).
E2F_FLAG_RESTARTED. This fixes a bug where if the user
specifies an alternate superblock, and the journal needs
to be replayed, e2fsck would erroneously assume that
journal had been run already without clearing the
NEEDS_RECOVERY flag, and bomb out with an error.
a filesystem check if a laptop system reports it is running on
battery. This way the laptop will be biased to waiting until
it is on AC power before doing a filesystem check. (Addresses
Debian bug #205177)
problem.c (PR_1_BB_FS_BLOCK, PR_1_BBINODE_BAD_METABLOCK_PROMPT):
Fix up the handling of corrupted indirect blocks in the
bad block. We now correctly handle the case where there
is an overlap between a block group descriptor or
a superblock and a bad block indirect block. In the case
where the indirect block is corrupted, we now suggest
"e2fsck -c".
the superblock and block group descriptors into two functions:
ext2fs_reserve_super_and_bgd, found in lib/ext2fs/alloc_sb.c, and
ext2fs_super_and_bgd_lock, found in lib/ext2fs/close.c.
Change e2fsck/pass1.c (mark_table_blocks), lib/ext2fs/closefs.c
(ext2fs_flush), lib/ext2fs/initialize.c (ext2fs_initialize),
and misc/dumpe2fs.c (list_desc) to use these functions.
e2fsck/ChangeLog
pass1.c (mark_table_blocks): Use the new function
ext2fs_reserve_super_and_bgd to calculate the blocks to be
reserved.
lib/ext2fs/ChangeLog
closefs.c (ext2fs_super_and_bgd_loc): New function which
centralizes the calculation of the superblock and block
group descriptors.
(ext2fs_flush): Use ext2fs_super_and_bgd_lock to figure
out where to write the superblock and block group
descriptors.
alloc_sb.c (ext2fs_reserve_super_and_bgd): New function which
reserves space in the block bitmap using
ext2fs_super_and_bgd_loc.
initialize.c (ext2fs_initialize): Use
ext2fs_reserve_super_and_bgd to initialize the block bitmap.
misc/ChangeLog
dumpe2fs.c (list_desc): Use ext2fs_super_and_bgd_loc to
determine the locations of the superblock and block group
descriptors.
superblock. E2fsck will automatically save the journal information
in the superblock if it is not there already, and will use it if the
journal inode appears to be corrupted. ext2fs_add_journal_inode()
will also save the backup information, so that new filesystems
created by mke2fs and filesystems that have journals added via
tune2fs will also have journal location written to the superblock as
well. Debugfs's logdump command has been enhanced so that it can
use the journal information in the superblock.
The debugfs man page has been improved to more fully describe the
logdump command.
Added two new functions, ext2fs_file_open2() and
ext2fs_inode_io_intern2() which take a pointer to an inode structure;
this is needed so that e2fsck and debugfs can synthesize a
fake journal inode and use it to access the journal.
e2fsck_simple_progress): Don't print the ^A and ^B
characters which bracket the progress bar when the e2fsck
program is talking directly to a tty, but only when it is
being piped to another program. (Addresses Debian bug
#204137)
unix.c: Move some initialized variables to the BSS segment to
shrink the size of the e2fsck executable.
tune2fs to use the test I/O manager.
The test I/O manager has been changed to not do anything extra by
default, unless the TEST_IO_FLAGS and/or TEST_IO_BLOCK environment
variables are set, which controls what I/O operations are logged and
a block number to watch, respectively. The log messages are sent to
stderr by default, unless a filename is specified via the
TEST_IO_LOGFILE environment variable.
Fix typo's in README.subset
Change debian control file so it doesn't bomb out if the EVMS FSIM
is not there, since it is not built on the Hurd. Resolves Debian
bug #189687.
* Change e2fsck to bracket its progress bar output with ctrl-A and ctrl-B
characters, so that logsave -s can omit writing the progress bar output
to the log file.
inode counters from the block group specific counters
quietly. This is needed for an experimental patch which
eliminates locking the entire filesystem when allocating
blocks or inodes; if the filesystem is not unmounted
cleanly, the global counts may not be accurate.
a single directory block (because this is the easy case;
we don't currently check for duplicates that span
directory blocks, for now. Eventually for htree
directories we can do this by searching for all directory
blocks that have a hash overflow, and then searching the
adjacent blocks to find all other potential duplicates.)
code accidentally had the INDEX_FL backwards compatibility code
removed. E2fsck will now fix HTREE corruptions in preen mode, and
mke2fs will not create filesystems with the dir_index flag set
by default. (The user has to specifically request it.)
When byte-swapping a filesystem on a PPC architecture, byte-swap
the bitmaps since the historical big-endian ext2 variant had
byte-swapped bitmaps, and the ext2fs library assumes this. Otherwise
the regression test suite will fail...
Add additional checks to HTREE directories. We now check the count
and limit fields in the htree header, as well as assuring that the
hash table in each interior node is in ascending order. We also
check to make sure all leaf nodes are have the expected depth in
the tree.
Updated test cases to deal with all of the above.
to determine whether or not a directory entry is a
completely empty leaf block or leaf node. Otherwise
e2fsck might get confused into thinking that a valid dxdir
was corrupted.
directories.
Speed up e2fsck slightly by only updating the master superblock;
there is no point to update the backup superblocks.
Fix a small bug in the rehashing code which could leave the indexed
flag set even after the directory was compressed instead of indexed.
(Not fatal, since the kernel will deal with this, but technically
it filesystem isn't consistent, and the filesystem will be marked
as being in error when the kernel comes across the directory. It
should also never happen in real life, since directories that small
will never be indexed, but better safe than sorry.)
Also change the threshold of when directories are indexed, so that
directories of size 2 blocks will be indexed. Otherwise they will
never be indexed by the kernel when they grow.