Some test cases for modified function 'ubifs_dump_node()'
Created attachment 289695 [details] flash_p1
Created attachment 289697 [details] flash_p2
Created attachment 289699 [details] initialize ubifs
Initialize ubifs: $ ./setup.sh # choose an image in flash_p1(for Test 1~8) and flash_p2(for Test 9~10).
Test 1~8: Test 1. normal inode dumping caused by bad crc (bitflips happened in node crc) $ ls inode_bad_crc [73550.250204] UBIFS error (ubi0:0 pid 10733): ubifs_check_node [ubifs]: bad CRC: calculated 0x4ea1406, read 0x4ea1416 [73550.253234] UBIFS error (ubi0:0 pid 10733): ubifs_check_node [ubifs]: bad node at LEB 11:6536 [73550.255703] magic 0x6101831 [73550.256769] crc 0x4ea1416 [73550.257841] node_type 0 (inode node) [73550.258516] group_type 2 (last of node group) [73550.259087] sqnum 18 [73550.259468] len 160 [73550.259866] key (65, inode) [73550.260360] creat_sqnum 10 [73550.260739] size 4 [73550.261116] nlink 1 [73550.261500] atime 1592203500.0 [73550.261974] mtime 1592203500.0 [73550.262470] ctime 1592203500.0 [73550.262961] uid 0 [73550.263347] gid 0 [73550.263713] mode 33188 [73550.264124] flags 0x1 [73550.264526] xattr_cnt 0 [73550.264893] xattr_size 0 [73550.265258] xattr_names 0 [73550.265639] compr_type 0x1 [73550.266028] data len 0 Test 2. big inode len (bitflips happened in node len) $ ls inode_big_len [73624.319967] UBIFS error (ubi0:0 pid 10735): ubifs_check_node [ubifs]: bad CRC: calculated 0x6d4a0204, read 0xbdd5441b [73624.323013] UBIFS error (ubi0:0 pid 10735): ubifs_check_node [ubifs]: bad node at LEB 11:8584 [73624.325400] magic 0x6101831 [73624.326461] crc 0xbdd5441b [73624.327546] node_type 0 (inode node) [73624.328727] group_type 2 (last of node group) [73624.329679] sqnum 29 [73624.330054] len 416 # 416 > zbr->len (memory size allocated fot inode node) [73624.330453] truncated node length 160 # truncates inode len to zbr->len [73624.330972] key (66, inode) [73624.331476] creat_sqnum 14 [73624.331857] size 4 [73624.332226] nlink 1 [73624.332606] atime 1592203528.0 [73624.333098] mtime 1592203528.0 [73624.333585] ctime 1592203528.0 [73624.334072] uid 0 [73624.334456] gid 0 [73624.334825] mode 33188 [73624.335237] flags 0x1 [73624.335639] xattr_cnt 0 [73624.336018] xattr_size 0 [73624.336404] xattr_names 0 [73624.336774] compr_type 0x1 [73624.337163] data len 0 Test 3. small inode len (bitflips happened in node len) $ ls inode_small_len [73978.418597] UBIFS error (ubi0:0 pid 10741): ubifs_check_node [ubifs]: bad node length -16777056 # node len is a great number in u32, but it will be a negative integer [73978.422221] UBIFS error (ubi0:0 pid 10741): ubifs_check_node [ubifs]: bad node at LEB 11:8744 [73978.425269] magic 0x6101831 [73978.426067] crc 0xb3cf59c9 [73978.426741] node_type 0 (inode node) [73978.427488] group_type 2 (last of node group) [73978.428420] sqnum 31 [73978.428965] len 4278190240 # node len is a great number in u32, but it will be a negative integer, we treate this node len as 0 for safety. [73978.429647] node len(0) is too short for inode node, left 0 bytes: Test 4. small data len (bitflips happened in node len) # For safety, we should only dump smaller node length, because we don't know whether the node len becomes bigger or smaller $ cat data_small_len [74166.414544] UBIFS error (ubi0:0 pid 10756): ubifs_check_node [ubifs]: bad CRC: calculated 0x999e091e, read 0x70e36537 [74166.418733] UBIFS error (ubi0:0 pid 10756): ubifs_check_node [ubifs]: bad node at LEB 13:4096 [74166.420944] magic 0x6101831 [74166.421912] crc 0x70e36537 [74166.422911] node_type 1 (data node) [74166.423966] group_type 0 (no node group) [74166.425111] sqnum 38 [74166.425924] len 50 # bad node len (52 is right value) [74166.426739] key (68, data, 0) [74166.427831] size 4 # member 'data size' is ok, it displays the actual data size [74166.428535] compr_typ 0 [74166.428946] data size 2 # bad calculated data size (4 is right value) [74166.429363] data (length = 2): # actual we can dump 4 bytes data content of the node [74166.429783] 00000000: 31 32 Test 5. big data len (bitflips happened in node len) $ cat data_big_len [74882.464239] UBIFS error (ubi0:0 pid 10760): ubifs_check_node [ubifs]: bad CRC: calculated 0xc6736e82, read 0x796cc37 [74882.469793] UBIFS error (ubi0:0 pid 10760): ubifs_check_node [ubifs]: bad node at LEB 13:6144 [74882.470987] magic 0x6101831 [74882.471504] crc 0x796cc37 [74882.472015] node_type 1 (data node) [74882.472589] group_type 0 (no node group) [74882.473194] sqnum 40 [74882.473639] len 160 # 160 > zbr->len (memory size allocated fot data node) [74882.474075] truncated node length 52 # truncate dumping length to safe len [74882.474660] key (69, data, 0) [74882.475221] size 4 [74882.475648] compr_typ 0 [74882.476077] data size 112 [74882.476532] data (length = 4): [74882.476977] 00000000: 31 32 33 0a Test 6. dent node (with small node length) changes to inode node (with big node length) (bitflips happened in node type) $ ls dent_type_chages_to_inode [75271.748438] UBIFS error (ubi0:0 pid 10762): ubifs_read_node [ubifs]: bad node type (0 but expected 2) # node type is not expected [75271.752270] UBIFS error (ubi0:0 pid 10762): ubifs_read_node [ubifs]: bad node at LEB 11:14336, LEB mapping status 1 [75271.756447] magic 0x6101831 [75271.757109] crc 0x457fbf61 [75271.757818] node_type 0 (inode node) [75271.758592] group_type 1 (in node group) [75271.759411] sqnum 42 [75271.759967] len 82 [75271.760541] node len(82) is too short for inode node, left 58 bytes: # UBIFS_DENT_NODE_SZ < c->ranges[UBIFS_INO_NODE].min_len, only dump safe length of the node [75271.761705] 00000000: 01 00 00 00 32 a5 ac 59 00 00 00 00 00 00 00 00 46 00 00 00 00 00 00 00 00 00 19 00 25 3d 09 bb [75271.763639] 00000020: 64 65 6e 74 5f 74 79 70 65 5f 63 68 61 67 65 73 5f 74 6f 5f 69 6e 6f 64 65 00 Test 7. dent name len is too long (bitflips happened in dent node member 'nlen') $ big_name_len_in_dent [75463.792937] UBIFS error (ubi0:0 pid 10769): ubifs_check_node [ubifs]: bad CRC: calculated 0xe24b710b, read 0x9ee0dc9f [75463.799715] UBIFS error (ubi0:0 pid 10769): ubifs_check_node [ubifs]: bad node at LEB 11:26624 [75463.800872] magic 0x6101831 [75463.801376] crc 0x9ee0dc9f [75463.801876] node_type 2 (direntry node) [75463.802470] group_type 1 (in node group) [75463.803052] sqnum 61 [75463.803482] len 77 # safe len, node len [75463.803895] key (1, direntry, 0xe834c03) [75463.804567] inum 73 [75463.804981] type 0 [75463.805391] nlen 164 # name beyonds safe len, skip dumping [75463.805804] name [75463.805805] (bad name length, not printing, bad or corrupted node) Test 8. normal data node dumping caused by bad crc (bitflips happened in node crc) $ cat data_bad_crc [75685.820493] UBIFS error (ubi0:0 pid 10771): ubifs_check_node [ubifs]: bad CRC: calculated 0xf220eaaa, read 0xf300eaaa [75685.823574] UBIFS error (ubi0:0 pid 10771): ubifs_check_node [ubifs]: bad node at LEB 13:16384 [75685.826055] magic 0x6101831 [75685.827128] crc 0xf300eaaa [75685.828083] node_type 1 (data node) [75685.828615] group_type 0 (no node group) [75685.829166] sqnum 94 [75685.829574] len 52 [75685.829971] key (74, data, 0) [75685.830497] size 4 [75685.830914] compr_typ 0 [75685.831331] data size 4 [75685.831748] data (length = 4): [75685.832163] 00000000: 31 32 33 0a
Test 9~10: Test 9. big child cnt (bitflips happened in child_cnt) $ ls file_1 [ 7720.628118] UBIFS error (ubi0:0 pid 7491): ubifs_check_node [ubifs]: bad CRC: calculated 0xb3feb6c1, read 0x4b1bf468 [ 7720.636097] UBIFS error (ubi0:0 pid 7491): ubifs_check_node [ubifs]: bad node at LEB 10:2160 [ 7720.638170] magic 0x6101831 [ 7720.638643] crc 0x4b1bf468 [ 7720.639155] node_type 9 (indexing node) [ 7720.639733] group_type 0 (no node group) [ 7720.640290] sqnum 68 [ 7720.640691] len 188 [ 7720.641097] child_cnt 168 # 8 is the right value [ 7720.641503] level 0 [ 7720.641894] Branches: [ 7720.642203] 0: LEB 11:3200 len 63 key (1, direntry, 0x1eccbdde) [ 7720.642977] 1: LEB 11:3584 len 63 key (1, direntry, 0x1eccbe8e) [ 7720.643753] 2: LEB 11:3968 len 63 key (1, direntry, 0x1eccbf3e) [ 7720.644513] 3: LEB 11:4352 len 63 key (1, direntry, 0x1eccbfee) [ 7720.645273] 4: LEB 11:4736 len 63 key (1, direntry, 0x1eccc09e) [ 7720.646040] 5: LEB 11:5120 len 63 key (1, direntry, 0x1eccc14e) [ 7720.646810] 6: LEB 11:6144 len 160 key (65, inode) [ 7720.647426] 7: LEB 13:0 len 52 key (65, data, 0) Test 10. small child cnt (bitflips happened in child_cnt) $ ls file_2 [ 7738.026636] UBIFS error (ubi0:0 pid 7493): ubifs_check_node [ubifs]: bad CRC: calculated 0x514bd26f, read 0x5a213e7a [ 7738.028580] UBIFS error (ubi0:0 pid 7493): ubifs_check_node [ubifs]: bad node at LEB 10:2352 [ 7738.030092] magic 0x6101831 [ 7738.030775] crc 0x5a213e7a [ 7738.031454] node_type 9 (indexing node) [ 7738.032250] group_type 0 (no node group) [ 7738.033054] sqnum 69 [ 7738.033613] len 148 [ 7738.034197] child_cnt 2 # 6 is the right value. For safety, we should only choose smaller child cnt, because we don't know whether the child cnt becomes bigger or smaller [ 7738.034733] level 0 [ 7738.035118] Branches: [ 7738.035431] 0: LEB 11:6304 len 160 key (66, inode) [ 7738.036061] 1: LEB 13:56 len 52 key (66, data, 0) [ 7738.036061] 1: LEB 13:56 len 52 key (66, data, 0)