From nobody Sat Dec 27 01:29:16 2025 Received: from szxga05-in.huawei.com (szxga05-in.huawei.com [45.249.212.191]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 3914E63D3 for ; Thu, 28 Dec 2023 01:33:53 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=quarantine dis=none) header.from=huawei.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=huawei.com Received: from mail.maildlp.com (unknown [172.19.88.214]) by szxga05-in.huawei.com (SkyGuard) with ESMTP id 4T0rXl1Qb6z1FFnD; Thu, 28 Dec 2023 09:29:59 +0800 (CST) Received: from kwepemm000013.china.huawei.com (unknown [7.193.23.81]) by mail.maildlp.com (Postfix) with ESMTPS id 22D4E1A019B; Thu, 28 Dec 2023 09:33:36 +0800 (CST) Received: from huawei.com (10.175.127.227) by kwepemm000013.china.huawei.com (7.193.23.81) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.35; Thu, 28 Dec 2023 09:33:35 +0800 From: Zhihao Cheng To: , , , , CC: , Subject: [PATCH mtd-utils 05/11] tests: ubifs_repair: Add corrupt+repair+fault_inject test Date: Thu, 28 Dec 2023 09:36:33 +0800 Message-ID: <20231228013639.2827205-6-chengzhihao1@huawei.com> X-Mailer: git-send-email 2.31.1 In-Reply-To: <20231228013639.2827205-1-chengzhihao1@huawei.com> References: <20231228013639.2827205-1-chengzhihao1@huawei.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable X-ClientProxiedBy: dggems701-chm.china.huawei.com (10.3.19.178) To kwepemm000013.china.huawei.com (7.193.23.81) Content-Type: text/plain; charset="utf-8" Inject memory/io fault while repairing corrupted UBIFS images. This testcase mainly checks whether ubifs_repair has problems (eg. memleak, UAF, null-ptr-def, etc.) in random error paths. Besides, it provides a similar way to simulate powercut during repairing, and checks whether ubifs_repair can fix an UBIFS image after many repairing rounds interrupted by kinds of errors. Signed-off-by: Zhihao Cheng --- .gitignore | 1 + configure.ac | 3 +- tests/ubifs_repair-tests/Makemodule.am | 3 +- .../cycle_corrupted_repair_fault_inject.sh.in | 233 +++++++++++++++++= ++++ 4 files changed, 238 insertions(+), 2 deletions(-) create mode 100755 tests/ubifs_repair-tests/tests/cycle_corrupted_repair_f= ault_inject.sh.in diff --git a/.gitignore b/.gitignore index d47282c..52396e6 100644 --- a/.gitignore +++ b/.gitignore @@ -116,6 +116,7 @@ tests/ubifs_repair-tests/lib/common.sh tests/ubifs_repair-tests/tests/authentication_refuse.sh tests/ubifs_repair-tests/tests/cycle_mount_repair_check.sh tests/ubifs_repair-tests/tests/powercut_repair_mount.sh +tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh =20 # # Files generated by autotools diff --git a/configure.ac b/configure.ac index 349e4ad..31a7184 100644 --- a/configure.ac +++ b/configure.ac @@ -358,6 +358,7 @@ AC_CONFIG_FILES([tests/fs-tests/fs_help_all.sh tests/ubifs_repair-tests/lib/common.sh tests/ubifs_repair-tests/tests/authentication_refuse.sh tests/ubifs_repair-tests/tests/cycle_mount_repair_check.sh - tests/ubifs_repair-tests/tests/powercut_repair_mount.sh]) + tests/ubifs_repair-tests/tests/powercut_repair_mount.sh + tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh]) =20 AC_OUTPUT([Makefile]) diff --git a/tests/ubifs_repair-tests/Makemodule.am b/tests/ubifs_repair-te= sts/Makemodule.am index 92f288a..0a9fb48 100644 --- a/tests/ubifs_repair-tests/Makemodule.am +++ b/tests/ubifs_repair-tests/Makemodule.am @@ -2,4 +2,5 @@ test_SCRIPTS +=3D \ tests/ubifs_repair-tests/lib/common.sh \ tests/ubifs_repair-tests/tests/authentication_refuse.sh \ tests/ubifs_repair-tests/tests/cycle_mount_repair_check.sh \ - tests/ubifs_repair-tests/tests/powercut_repair_mount.sh + tests/ubifs_repair-tests/tests/powercut_repair_mount.sh \ + tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh diff --git a/tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_in= ject.sh.in b/tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_in= ject.sh.in new file mode 100755 index 0000000..9752970 --- /dev/null +++ b/tests/ubifs_repair-tests/tests/cycle_corrupted_repair_fault_inject.sh= .in @@ -0,0 +1,233 @@ +#!/bin/sh +# Copyright (c), 2023-2024, Huawei Technologies Co, Ltd. +# Author: Zhihao Cheng +# +# Test Description: +# For many kinds of flash, do following things +# 1. mount UBIFS +# 2. fsstress && unmount +# 3. inject corruption into UBIFS image randomly +# 3. repair ubifs && inject kinds of errors(memory, io) +# 4. check UBIFS mounting result +# Running time: 10min + +TESTBINDIR=3D@TESTBINDIR@ +source $TESTBINDIR/common.sh + +function run_test() +{ + local simulator=3D"$1"; + local size=3D"$2"; + local peb_size=3D"$3"; + local page_size=3D"$4"; + local encryption=3D$5; + + echo "=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D= =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D" + printf "%s" "$simulator: ${size}MiB PEB size ${peb_size}KiB" + if [ "$simulator" =3D "nandsim" ]; then + printf " %s" "page size ${page_size}KiB" + fi + printf " $encryption\n" + + if [ "$simulator" =3D "nandsim" ]; then + $TESTBINDIR/load_nandsim.sh "$size" "$peb_size" "$page_size" || echo "ca= nnot load nandsim"; + mtdnum=3D"$(find_mtd_device "$nandsim_patt")" + elif [ "$simulator" =3D "mtdram" ]; then + load_mtdram "$size" "$peb_size" || echo "cannot load mtdram" + mtdnum=3D"$(find_mtd_device "$mtdram_patt")" + else + fatal "$simulator is not supported" + fi + + flash_eraseall /dev/mtd$mtdnum + modprobe ubi mtd=3D"$mtdnum,$page_size,0,0,1" fm_autoconvert || fatal "mo= dprobe ubi fail" + ubimkvol -N vol_test -m -n 0 /dev/ubi$UBI_NUM || fatal "mkvol fail" + modprobe ubifs || fatal "modprobe ubifs fail" + mount_ubifs $DEV $MNT || fatal "mount ubifs fail" + if [[ "$encryption" =3D=3D "encrypted" ]]; then + encryption_gen_key + encryption_set_key $MNT + fi + + fsstress -d $MNT -l0 -p4 -n10000 & + + sleep $((RANDOM % 20)) + + ps -e | grep -w fsstress > /dev/null 2>&1 + while [ $? -eq 0 ] + do + killall -9 fsstress > /dev/null 2>&1 + sleep 1 + ps -e | grep -w fsstress > /dev/null 2>&1 + done + + while true + do + res=3D`mount | grep "$MNT"` + if [[ "$res" =3D=3D "" ]] + then + break; + fi + umount $MNT + sleep 0.1 + done + + # inject corruption + times=3D$((RANDOM % 10)) + let times=3D$times+10 + i=3D0 + tot_peb=3D`cat /sys/class/ubi/ubi$UBI_NUM/total_eraseblocks`; + + modprobe -r ubifs + modprobe -r ubi # Stop wear-leveling & erasing worker + while [[ $i -lt $times ]] + do + let i=3D$i+1; + peb=3D$((RANDOM % $tot_peb)); + pg=3D`expr $peb_size \* 1024`; + peb_off=3D`expr $pg \* $peb` + pages=3D`expr $pg / $page_size`; + pg=3D`expr $pages - 2`; + pg=3D$((RANDOM % $pg)); + pg_off=3D`expr $pg + 2`; + pg_start=3D`expr $pages \* $peb`; + pg=3D`expr $pg_start + $pg_off`; + vid_pg=3D`expr $pg_start + 1`; + dd if=3D/dev/mtd$mtdnum of=3D$TMP_FILE bs=3D$page_size skip=3D$vid_pg co= unt=3D1 2>/dev/null; + content=3D`cat $TMP_FILE | grep UBI!`; # vid header magic + if [[ "$content" =3D=3D "" ]]; then + # Skip free PEB, otherwise data could be overwritten in ubifs repairing= process + continue; + fi + if [[ $((RANDOM % 2)) =3D=3D 0 ]]; then + # Corrupts 1 page + dd if=3D/dev/urandom of=3D/dev/mtd$mtdnum bs=3D$page_size seek=3D$pg co= unt=3D1; + else + # Erase 1 LEB, TNC points to an unmapped area + flash_erase /dev/mtd$mtdnum $peb_off 1 + fi + done + rm -f $TMP_FILE 2>/dev/null + sync + + skip=3D0 + modprobe ubi mtd=3D"$mtdnum,$page_size,0,0,1" fm_autoconvert + ret=3D$? + if [[ $ret !=3D 0 ]] + then + skip=3D1 + echo "UBI layout volume is corrupted, skip" + fi + + if [[ $skip =3D=3D 0 ]]; then + modprobe ubifs || fatal "modprobe ubifs2 fail" + dmesg -c > /dev/null + + round=3D0 + while true; + do + injected=3D0 + inject_mem=3D0 + res=3D0 + let round=3D$round+1 + + echo 'format "UBIFS DBG repair" +pflmt' > /sys/kernel/debug/dynamic_deb= ug/control + if [[ $round -lt 50 ]]; then + injected=3D1 + echo "$DEV" > /sys/kernel/debug/ubifs/repair_fs & + pid=3D$! + if [[ $((RANDOM % 2)) =3D=3D 0 ]]; then + inject_mem_err $pid + inject_mem=3D1 + fi + inject_io_err + wait $pid + res=3D$? + if [[ $inject_mem =3D=3D 1 ]]; then + cancel_mem_err + fi + cancel_io_err + else + echo "$DEV" > /sys/kernel/debug/ubifs/repair_fs + res=3D$? + fi + if [[ $res !=3D 0 ]] + then + log=3D`dmesg | grep "bad node at LEB 0:"` + if [[ "$log" !=3D "" ]] + then + skip=3D1 + echo "SB is corrupted, skip repairing & mounting" + break + else + check_memleak + # UBI could become ro-mode + modprobe -r ubifs + modprobe -r ubi + modprobe ubi mtd=3D"$mtdnum,$page_size,0,0,1" fm_autoconvert + modprobe ubifs || fatal "modprobe ubifs3 fail" + if [[ $injected =3D=3D 0 ]]; then + fatal "repair fail $res" + fi + fi + else + break + fi + done + + check_memleak + + dmesg -c > /dev/null # repairing corrupted image could reproduce error m= essages + + if [[ $skip =3D=3D 0 ]]; then + enable_chkfs + + mount_ubifs $DEV $MNT + res=3D$? + if [[ $res !=3D 0 ]] + then + fatal "mount fail $res" + fi + + if [[ "$encryption" =3D=3D "encrypted" ]]; then + encryption_set_key $MNT + fi + + du -sh $MNT > /dev/null # Make sure all files are accessible + ret=3D$? + if [[ $ret !=3D 0 ]]; then + fatal "Cannot access all files" + fi + # check_err_msg is not suggested in this testcase, because + # ubi_io_read(triggered by wear_leveling_worker -> ubi_eba_copy_leb) + # could print stack if ecc uncorrectable errors are detected. + + umount $MNT + res=3D$? + if [[ $res !=3D 0 ]] + then + fatal "unmount fail $res" + fi + fi + + modprobe -r ubifs + modprobe -r ubi + fi + modprobe -r $simulator + + echo "-------------------------------------------------------------------= ---" +} + +check_fsstress +start_t=3D$(date +%s) +echo "Do corrruption+cycle_repair_fault_injection test in kinds of flashes" +for simulator in "mtdram" "nandsim"; do + for encryption in "encrypted" "noencrypted"; do + run_test "$simulator" "16" "16" "512" $encryption + run_test "$simulator" "256" "128" "2048" $encryption + done +done +end_t=3D$(date +%s) +time_cost=3D$(( end_t - start_t )) +echo "Success, cost $time_cost seconds" +exit 0 --=20 2.13.6