[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Today's bug...




Next test: Compiling stuff on a JFFS filesystem.
Result: Oops.

Somehow, jffs_add_node() is being called with node->fm == NULL.

I threw in code to detect that and return -EIO, and strangely, the 
filesystem still appears to work.

It should be fairly simple to reproduce, but...

[root@xxxxxxx.c

 jffs_find_child() 
 jffs_find_child(): Didn't find the file "testfile-bin2". 
 jffs_create(): dir: 0xc0585a90, name: "testfile-bin2" 
 jffs_write_node(): filename = "testfile-bin2", ino = 12, version = 1, total_size = 76 
 jffs_fmalloc(): fmc = 0xc03a1400, size = 76, node = 0xc02b7f00 
 jffs_fmalloc(): free_chunk_size1 = 4108028, free_chunk_size2 = 0 
 struct jffs_fmcontrol: 0xc03a1400 
 { 
         0x00000000, /* flash_start  */ 
         4194304, /* flash_size  */ 
         32516, /* used_size  */ 
         53836, /* dirty_size  */ 
         131072, /* sector_size  */ 
         196608, /* min_free_size  */ 
         65536, /* max_chunk_size  */ 
         0xc17580c0, /* mtd  */ 
         0xc10998a0, /* head  */    (head->offset = 0x00000000) 
         0xc10cc800, /* tail  */    (tail->offset + tail->size = 0x00015150) 
         0x00000000, /* head_extra  */ 
         0x00000000, /* tail_extra  */ 
 } 
 struct jffs_fm: 0xc10cc800 
 { 
        0x00015104, /* offset  */ 
        76, /* size  */ 
        0xc10d2320, /* prev  */ 
        0x00000000, /* next  */ 
        0xc0ed77c0, /* nodes  */ 
 } 
 , result: 0x00000000 
 , result: 0x000004f8 
 , result: 0x00000985 
 jffs_write_node(): About to write this raw inode to the flash at pos 0x15104: 
 jffs_raw_inode: inode number: 12 
 { 
         0x34383931, /* magic  */ 
         0x0000000c, /* ino  */ 
         0x00000001, /* pino  */ 
         0x00000001, /* version  */ 
         0x000081a4, /* mode  */ 
         0x0000,     /* uid  */ 
         0x0000,     /* gid  */ 
         0x39898dd7, /* atime  */ 
         0x39898dd7, /* mtime  */ 
         0x39898dd7, /* ctime  */ 
         0x00000000, /* offset  */ 
         0x00000000, /* dsize  */ 
         0x00000000, /* rsize  */ 
         0x0d,       /* nsize  */ 
         0x01,       /* nlink  */ 
         0x00,       /* spare  */ 
         0,          /* rename  */ 
         0,          /* deleted  */ 
         0xff,       /* accurate  */ 
         0x00000000, /* dchksum  */ 
         0x04f8,     /* nchksum  */ 
         0x0985,     /* chksum  */ 
 } 
 jffs_write_node(): Leaving... 
 jffs_insert_node(): ino = 12, version = 1, name = "testfile-bin2" 
 jffs_find_file(): ino: 12 
 jffs_find_file(): Didn't find file with ino 12. 
 jffs_insert_file_into_hash(): f->ino: 12 
 jffs_insert_node(): Updated the name of the file to "testfile-bin2". 
 jffs_insert_node(): ---------------------------------------------------------------------- 1 
 jffs_insert_file_into_tree(): name: "testfile-bin2" 
 jffs_find_file(): ino: 1 
 jffs_find_file(): Found file with ino 1. (name: "") 
 jffs_remove_redundant_nodes(): ino: 12, name: "testfile-bin2", newest_type: 3 
 ***jffs_garbage_collect(): fmc->dirty_size = 53836 
 struct jffs_fmcontrol: 0xc03a1400 
 { 
         0x00000000, /* flash_start  */ 
         4194304, /* flash_size  */ 
         32516, /* used_size  */ 
         53836, /* dirty_size  */ 
         131072, /* sector_size  */ 
         196608, /* min_free_size  */ 
         65536, /* max_chunk_size  */ 
         0xc17580c0, /* mtd  */ 
         0xc10998a0, /* head  */    (head->offset = 0x00000000) 
         0xc10cc800, /* tail  */    (tail->offset + tail->size = 0x00015150) 
         0x00000000, /* head_extra  */ 
         0x00000000, /* tail_extra  */ 
 } 
    jffs_garbage_collect(): Leaving... 
 jffs_insert_node(): ---------------------------------------------------------------------- 2 
 jffs_find_file(): ino: 12 
 jffs_find_file(): Found file with ino 12. (name: "testfile-bin2") 
 jffs_write_node(): filename = "", ino = 12, version = 2, total_size = 252 
 jffs_fmalloc(): fmc = 0xc03a1400, size = 252, node = 0xc02b7e40 
 jffs_fmalloc(): free_chunk_size1 = 4107952, free_chunk_size2 = 0 
 struct jffs_fmcontrol: 0xc03a1400 
 { 
         0x00000000, /* flash_start  */ 
         4194304, /* flash_size  */ 
         32768, /* used_size  */ 
         53836, /* dirty_size  */ 
         131072, /* sector_size  */ 
         196608, /* min_free_size  */ 
         65536, /* max_chunk_size  */ 
         0xc17580c0, /* mtd  */ 
         0xc10998a0, /* head  */    (head->offset = 0x00000000) 
         0xc0ed7900, /* tail  */    (tail->offset + tail->size = 0x0001524c) 
         0x00000000, /* head_extra  */ 
         0x00000000, /* tail_extra  */ 
 } 
 struct jffs_fm: 0xc0ed7900 
 { 
        0x00015150, /* offset  */ 
        252, /* size  */ 
        0xc10cc800, /* prev  */ 
        0x00000000, /* next  */ 
        0xc0ed7980, /* nodes  */ 
 } 
 , result: 0x00001142 
 , result: 0x00000000 
 , result: 0x000009c4 
 jffs_write_node(): About to write this raw inode to the flash at pos 0x15150: 
 jffs_raw_inode: inode number: 12 
 { 
         0x34383931, /* magic  */ 
         0x0000000c, /* ino  */ 
         0x00000001, /* pino  */ 
         0x00000002, /* version  */ 
         0x000081a4, /* mode  */ 
         0x0000,     /* uid  */ 
         0x0000,     /* gid  */ 
         0x39898dd7, /* atime  */ 
         0x39898dd7, /* mtime  */ 
         0x39898dd7, /* ctime  */ 
         0x00000034, /* offset  */ 
         0x000000c0, /* dsize  */ 
         0x00000000, /* rsize  */ 
         0x00,       /* nsize  */ 
         0x01,       /* nlink  */ 
         0x00,       /* spare  */ 
         0,          /* rename  */ 
         0,          /* deleted  */ 
         0xff,       /* accurate  */ 
         0x00001142, /* dchksum  */ 
         0x0000,     /* nchksum  */ 
         0x09c4,     /* chksum  */ 
 } 
 jffs_write_node(): Leaving... 
 jffs_insert_node(): ino = 12, version = 2, name = "" 
 jffs_insert_node(): ---------------------------------------------------------------------- 1 
 jffs_update_file(): ino: 12, version: 2 
 jffs_delete_data(): offset = 52, remove_size = 0 
 jffs_insert_data(): node->data_offset = 52, node->data_size = 192, f->size = 0 
 jffs_insert_data: Inserting a virtual node. 
   node->data_offset = 52 
   f->size = 0 
 jffs_node: 0xc02b7f60 
 { 
         0x00000002, /* version  */ 
         0x00000000, /* data_offset  */ 
         0x00000034, /* data_size  */ 
         0x00000000, /* removed_size  */ 
         0x00000000, /* fm_offset  */ 
         0x00,       /* name_size  */ 
         0x00000000, /* fm,  fm->offset: 0  */ 
         0xc02b7f00, /* version_prev  */ 
         0xc02b7e40, /* version_next  */ 
         0x00000000, /* range_prev  */ 
         0x00000000, /* range_next  */ 
 } 
 jffs_insert_data(): f->size = 244 
 jffs_remove_redundant_nodes(): ino: 12, name: "testfile-bin2", newest_type: 5 
 ***jffs_garbage_collect(): fmc->dirty_size = 53836 
 struct jffs_fmcontrol: 0xc03a1400 
 { 
         0x00000000, /* flash_start  */ 
         4194304, /* flash_size  */ 
         32768, /* used_size  */ 
         53836, /* dirty_size  */ 
         131072, /* sector_size  */ 
         196608, /* min_free_size  */ 
         65536, /* max_chunk_size  */ 
         0xc17580c0, /* mtd  */ 
         0xc10998a0, /* head  */    (head->offset = 0x00000000) 
         0xc0ed7900, /* tail  */    (tail->offset + tail->size = 0x0001524c) 
         0x00000000, /* head_extra  */ 
         0x00000000, /* tail_extra  */ 
 } 
    jffs_garbage_collect(): Leaving... 
 jffs_insert_node(): ---------------------------------------------------------------------- 2 
  /* flash_size  */ 
         33460, /* used_size  */ 
         53836, /* dirty_size  */ 
         131072, /* sector_size  */ 
         196608, /* min_free_size  */ 
         65536, /* max_chunk_size  */ 
         0xc17580c0, /* mtd  */ 
         0xc10998a0, /* head  */    (head->offset = 0x00000000) 
         0xc0ed7d00, /* tail  */    (tail->offset + tail->size = 0x00015500) 
         0x00000000, /* head_extra  */ 
         0x00000000, /* tail_extra  */ 
 } 
 struct jffs_fm: 0xc0ed7d00 
 { 
        0x000154b4, /* offset  */ 
        76, /* size  */ 
        0xc0ed7c00, /* prev  */ 
        0x00000000, /* next  */ 
        0xc0ed7d80, /* nodes  */ 
 } 
 , result: 0x0000050c 
 , result: 0x00000000 
 , result: 0x00000993 
 jffs_write_node(): About to write this raw inode to the flash at pos 0x154b4: 
 jffs_raw_inode: inode number: 12 
 { 
         0x34383931, /* magic  */ 
         0x0000000c, /* ino  */ 
         0x00000001, /* pino  */ 
         0x00000006, /* version  */ 
         0x000081a4, /* mode  */ 
         0x0000,     /* uid  */ 
         0x0000,     /* gid  */ 
         0x39898dd7, /* atime  */ 
         0x39898dd7, /* mtime  */ 
         0x39898dd7, /* ctime  */ 
         0x000005dc, /* offset  */ 
         0x00000010, /* dsize  */ 
         0x00000010, /* rsize  */ 
         0x00,       /* nsize  */ 
         0x01,       /* nlink  */ 
         0x00,       /* spare  */ 
         0,          /* rename  */ 
         0,          /* deleted  */ 
         0xff,       /* accurate  */ 
         0x0000050c, /* dchksum  */ 
         0x0000,     /* nchksum  */ 
         0x0993,     /* chksum  */ 
 } 
 jffs_write_node(): Leaving... 
 jffs_insert_node(): ino = 12, version = 6, name = "" 
 jffs_insert_node(): ---------------------------------------------------------------------- 1 
 jffs_update_file(): ino: 12, version: 6 
 jffs_delete_data(): offset = 1500, remove_size = 16 
 jffs_delete_data(): Split node with version number 3. 
 jffs_add_node(): ino = 12 
 jffs_add_node: node->fm is NULL! 
 jffs_delete_data(): f->size = 10876 
 jffs_insert_data(): node->data_offset = 1500, node->data_size = 16, f->size = 10876 
 Cool stuff's happening! 



--
dwmw2