Bug 203861

Summary: Division by zero error in fsck.f2fs when fixing a corrupted image
Product: File System Reporter: Seulbae Kim (seulbae)
Component: f2fsAssignee: Default virtual assignee for f2fs (filesystem_f2fs)
Status: RESOLVED CODE_FIX    
Severity: normal CC: chao, seulbae
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: v4.18 Subsystem:
Regression: No Bisected commit-id:
Attachments: Corrupted f2fs image (compressed)

Description Seulbae Kim 2019-06-10 18:17:12 UTC
Created attachment 283179 [details]
Corrupted f2fs image (compressed)

[Overview]
fsck.f2fs of f2fs-tools (master at commit 54244dcafd) triggers a division by zero error while fixing a corrupted image, in which segs->secs_per_zone is set to 0.

[Reproduction]
Download and uncompress the attached image.
Run fsck.f2fs against the downloaded image:
$ cd path/to/f2fs-tools/
$ ./fsck/fsck.f2fs -d 0 -f /tmp/f2fs.img
Info: Force to fix corruption
Info: Segments per section = 1
Info: Sections per zone = 1
Info: sector size = 512
Info: total sectors = 131072 (64 MB)
Info: MKFS version
  "Linux version 4.13.0-45-generic (buildd@lgw01-amd64-011) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.9)) #50~16.04.1-Ubuntu SMP Wed May 30 11:18:27 UTC 2018"
Info: FSCK version
  from "Linux version 4.13.0-45-generic (buildd@lgw01-amd64-011) (gcc version 5.4.0 20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.9)) #50~16.04.1-Ubuntu SMP Wed May 30 11:18:27 UTC 2018"
    to "Linux version 4.18.0-21-generic (buildd@lcy01-amd64-006) (gcc version 7.3.0 (Ubuntu 7.3.0-16ubuntu3)) #22~18.04.1-Ubuntu SMP Thu May 16 15:07:19 UTC 2019"
[update_superblock: 503] Info: Done to update superblock
Info: superblock features = 0 : 
Info: superblock encrypt level = 0, salt = 00000000000000000000000000000000
Info: total FS sectors = 131072 (64 MB)
Info: CKPT version = 3
[1]    13488 floating point exception (core dumped)  ./fsck/fsck.f2fs -f /tmp/f2fs.img

[Location]
- build_curseg at fsck/mount.c:1589
  1589  array[i].zone = GET_ZONENO_FROM_SEGNO(sbi, segno);
- GET_ZONENO_FROM_SEGNO(sbi, segno) at fsck/f2fs.h:317
  318 ((segno / sbi->segs_per_sec) / sbi->secs_per_zone)
Causes division by zero error when sbi->secs_per_zone is corrupted to be 0.
Comment 1 Chao Yu 2019-07-11 01:10:05 UTC
Sorry for the long delay, I forgot to reply this thread to let you know we have fixed this issue with below patch, could you please check it with your testcase?

https://git.kernel.org/pub/scm/linux/kernel/git/jaegeuk/f2fs-tools.git/commit/?h=dev&id=d5bec9021f50f3d1e05aee3fe76160dc234c1735
Comment 2 Seulbae Kim 2019-07-15 07:39:52 UTC
No problem. I checked that the bug is fixed through the patch.
Thank you!
Comment 3 Chao Yu 2019-07-15 08:08:13 UTC
Thanks for confirming that! :)