storage: fix heap corruption in chunk sort parser

[cosmo0920]

Fix heap corruption in sort_chunk_cmp by replacing unsafe sscanf with a validated parse_stamp().
Use SCNu64 to parse timestamps as 64-bit, since on Windows unsigned long is 32-bit while time_t is 64-bit, causing type mismatches with %lu.
Prevents crashes when malformed/non-chunk files are scanned.

---

Enter [N/A] in the box, if an item is not applicable to your change.

Testing
Before we can approve your change; please submit the following in a comment:

• Example configuration file for the change
• Debug log output from testing the change

• Attached Valgrind output that shows no leaks or memory corruption was found

If this is a change to packaging of containers or native binaries then please confirm it works for all targets.

• Run local packaging test showing all targets (including any new ones) build.
• Set ok-package-test label to test for all targets (requires maintainer to do).

Documentation

• Documentation required for this feature

Backporting

• Backport to latest stable release.

---

Fluent Bit is licensed under Apache 2.0, by submitting this pull request I understand that this code will be released under the terms of that license.

Summary by CodeRabbit

• Bug Fixes

  • More reliable ordering of stored data chunks by timestamp; malformed timestamps are now handled deterministically and won’t disrupt sorting.
  • Improved validation prevents errors when encountering invalid or partially-formed timestamp formats.

• Refactor

  • Consolidated timestamp parsing into a single validated routine for clearer logic and predictable sorting behavior.

• Chores

  • Minor header include adjustment to improve portability without changing behavior.

[coderabbitai]

Note

Other AI code review bot(s) detected

CodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review.

Walkthrough

Adds #include <inttypes.h> to the storage header and refactors chunk timestamp parsing in src/flb_storage.c by adding a static parse_stamp to validate and parse sec.nsec.flb segments; sort_chunk_cmp now uses explicit parse results, orders valid chunks before invalid, and uses deterministic name-based ordering when both are invalid.

Changes

Cohort / File(s)	Summary
Storage header include include/fluent-bit/flb_storage.h	Adds #include <inttypes.h> after existing includes; no API or behavior changes.
Chunk timestamp parsing & comparison src/flb_storage.c	Adds static parse_stamp to parse sec.nsec.flb with validation (ensures ns < 1e9); refactors sort_chunk_cmp to call parse_stamp for both chunks, uses explicit parse success flags and struct timespec for comparison, orders valid chunks before invalid ones, and falls back to deterministic name-based ordering when both timestamps are invalid.

Sequence Diagram(s)

sequenceDiagram
    participant Sort as sort_chunk_cmp
    participant A as cio_chunk A
    participant B as cio_chunk B
    participant P as parse_stamp

    Sort->>A: extract timestamp segment from name A
    Sort->>P: parse_stamp(segment A)
    alt parse A OK
        P-->>Sort: timespec A (sec,nsec), ok
    else parse A invalid
        P-->>Sort: error/invalid
    end

    Sort->>B: extract timestamp segment from name B
    Sort->>P: parse_stamp(segment B)
    alt parse B OK
        P-->>Sort: timespec B (sec,nsec), ok
    else parse B invalid
        P-->>Sort: error/invalid
    end

    alt both valid
        Sort-->>Sort: compare sec then nsec -> return ordering
    else one valid, one invalid
        Sort-->>Sort: valid sorts before invalid -> return ordering
    else both invalid
        Sort-->>Sort: compare names deterministically -> return ordering
    end

Loading

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

Suggested labels

backport to v4.0.x, ok-package-test

Suggested reviewers

• edsiper
• koleini
• fujimotos

Poem

A rabbit hops through seconds and nanos with glee,
I parse every stamp and sort them tidy and free.
Headers snugged in, invalid names set to line,
Order restored in the burrow — one timestamp at a time. 🐇✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 0.00% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The title succinctly and accurately describes the primary change, fixing heap corruption in the chunk sort parser of the storage component. It clearly highlights the affected module and the nature of the fix using conventional component prefixing. This phrasing helps teammates immediately grasp the main purpose of the PR.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment
• Commit unit tests in branch cosmo0920-plug-type-glitches-of-sscanf-for-fib

---

📜 Recent review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between e06dab5 and 1eaf490.

📒 Files selected for processing (1)

• src/flb_storage.c (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• src/flb_storage.c

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (30)

• GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: run-ubuntu-unit-tests (-DFLB_ARROW=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_COVERAGE=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, clang, clang++)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-24.04, clang-14)
• GitHub Check: PR - fuzzing test
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-24.04, clang-14)
• GitHub Check: pr-compile-without-cxx (3.31.6)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-centos-7

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[chatgpt-codex-connector]

💡 Codex Review

Here are some automated review suggestions for this pull request.

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

• Open a pull request for review
• Mark a draft as ready
• Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

[coderabbitai]

Actionable comments posted: 0

Caution

Some comments are outside the diff and can’t be posted inline due to platform limitations.

⚠️ Outside diff range comments (1)

src/flb_storage.c (1)

413-451: Fix antisymmetry violation in the comparator.

When either chunk is invalid, sort_chunk_cmp immediately returns -1. This violates the antisymmetry requirement for comparison functions. Consider two invalid chunks A and B:

• cmp(A, B) checks A first, finds it invalid, returns -1 (claiming A < B)
• cmp(B, A) checks B first, finds it invalid, returns -1 (claiming B < A)

Both statements cannot be true. This inconsistency causes undefined behavior in qsort—potentially infinite loops, incorrect orderings, or heap corruption.

To fix, validate both chunks before deciding the result. For example, treat two invalid chunks as equal and place all invalid chunks at the end of the sorted list:

 static int sort_chunk_cmp(const void *a_arg, const void *b_arg)
 {
     const struct cio_chunk *chunk_a = *(const struct cio_chunk **)a_arg;
     const struct cio_chunk *chunk_b = *(const struct cio_chunk **)b_arg;
     const char *p;
     struct timespec tm_a = {0}, tm_b = {0};
+    int a_valid = 0, b_valid = 0;
 
     /* Scan Chunk A */
     p = strchr(chunk_a->name, '-');
-    if (!p || parse_stamp(p + 1, &tm_a.tv_sec, &tm_a.tv_nsec) != 0) {
-        return -1;
+    if (p && parse_stamp(p + 1, &tm_a.tv_sec, &tm_a.tv_nsec) == 0) {
+        a_valid = 1;
     }
 
     /* Scan Chunk B */
     p = strchr(chunk_b->name, '-');
-    if (!p || parse_stamp(p + 1, &tm_b.tv_sec, &tm_b.tv_nsec) != 0) {
-        return -1;
+    if (p && parse_stamp(p + 1, &tm_b.tv_sec, &tm_b.tv_nsec) == 0) {
+        b_valid = 1;
+    }
+
+    /* Handle invalid chunks: place them at the end and treat them as equal */
+    if (!a_valid && !b_valid) {
+        return 0;  /* Both invalid → equal */
+    }
+    if (!a_valid) {
+        return 1;   /* A invalid → A > B (sort A after B) */
+    }
+    if (!b_valid) {
+        return -1;  /* B invalid → A < B (sort B after A) */
     }
 
     /* Compare */
     if (tm_a.tv_sec != tm_b.tv_sec) {
         if (tm_a.tv_sec > tm_b.tv_sec) {
             return 1;
         }
         else {
             return -1;
         }
     }
     else {
         if (tm_a.tv_nsec > tm_b.tv_nsec) {
             return 1;
         }
         else if (tm_a.tv_nsec < tm_b.tv_nsec) {
             return -1;
         }
     }
 
     return 0;
 }

🧹 Nitpick comments (1)

src/flb_storage.c (1)

393-411: Consider strengthening the format validation.

The sscanf call returns the count of successfully assigned items. With format "%" SCNu64 ".%" SCNu64 ".flb", if the input is "123.456.txt", sscanf parses both numbers successfully (returns 2) even though the literal .flb doesn't match—so parse_stamp would incorrectly succeed. Files with a valid timestamp pattern but a different extension (or extra trailing characters) can slip through.

To ensure the string ends exactly at .flb with no trailing characters, use the %n specifier to capture how many characters were consumed, then verify the string terminates there:

 static int parse_stamp(const char *p, time_t *sec, long *nsec)
 {
     uint64_t s = 0, ns = 0;
+    int consumed = 0;
 
     if (!p || !sec || !nsec) {
         return -1;
     }
     /* expected: "1234567890.123456789.flb" format */
-    if (sscanf(p, "%" SCNu64 ".%" SCNu64 ".flb", &s, &ns) != 2) {
+    if (sscanf(p, "%" SCNu64 ".%" SCNu64 ".flb%n", &s, &ns, &consumed) != 2) {
+        return -1;
+    }
+    if (p[consumed] != '\0') {
         return -1;
     }
     if (ns >= 1000000000ULL) {
         return -1;
     }
 
     *sec  = (time_t)s;
     *nsec = (long)ns;
     return 0;
 }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 157966f and eb64e4b.

📒 Files selected for processing (2)

• include/fluent-bit/flb_storage.h (1 hunks)
• src/flb_storage.c (1 hunks)

🚧 Files skipped from review as they are similar to previous changes (1)

• include/fluent-bit/flb_storage.h

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (30)

• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_ARROW=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_COVERAGE=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, clang, clang++)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-without-cxx (3.31.6)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-24.04, clang-14)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-24.04, clang-14)
• GitHub Check: pr-compile-centos-7
• GitHub Check: PR - fuzzing test

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/flb_storage.c (1)

393-411: Good fix; add cast-overflow guards before assigning to time_t/long

SCNu64 usage and ns<1e9 validation look correct. To avoid UB when time_t or long are narrower (e.g., 32-bit), guard the downcasts.

Apply within this function:

@@
-    *sec  = (time_t)s;
-    *nsec = (long)ns;
-    return 0;
+    {
+        time_t ts = (time_t) s;
+        long   tns = (long) ns;
+
+        /* Reject values that don't round-trip into target types */
+        if ((uint64_t) ts != s || (uint64_t) tns != ns) {
+            return -1;
+        }
+
+        *sec  = ts;
+        *nsec = tns;
+        return 0;
+    }

Also, confirm <inttypes.h> is visible here (via flb_storage.h include) on all platforms so SCNu64 expands properly. The current format string itself is correct (no stray quotes). Based on learnings

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between 157966f and a2a523b.

📒 Files selected for processing (2)

• include/fluent-bit/flb_storage.h (1 hunks)
• src/flb_storage.c (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• include/fluent-bit/flb_storage.h

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (30)

• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_ARROW=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_COVERAGE=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, clang, clang++)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-24.04, clang-14)
• GitHub Check: pr-compile-without-cxx (3.31.6)
• GitHub Check: pr-compile-centos-7
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-24.04, clang-14)
• GitHub Check: PR - fuzzing test

[coderabbitai]

Actionable comments posted: 1

🧹 Nitpick comments (1)

src/flb_storage.c (1)

401-410: Anchor parsing to end-of-string: ensure input ends exactly after “.flb” by adding “%n” and checking the consumed count:

-    if (sscanf(p, "%" SCNu64 ".%" SCNu64 ".flb", &s, &ns) != 2) {
+    int consumed = 0;
+    if (sscanf(p, "%" SCNu64 ".%" SCNu64 ".flb%n", &s, &ns, &consumed) != 2 ||
+        p[consumed] != '\0') {
         return -1;
     }

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between eb64e4b and e06dab5.

📒 Files selected for processing (2)

• include/fluent-bit/flb_storage.h (1 hunks)
• src/flb_storage.c (1 hunks)

✅ Files skipped from review due to trivial changes (1)

• include/fluent-bit/flb_storage.h

⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (30)

• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit, x64, x64-windows-static, 3.31.6)
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 64bit (Arm64), amd64_arm64, -DCMAKE_SYSTEM_NAME=Windows -DCMA...
• GitHub Check: pr-windows-build / call-build-windows-package (Windows 32bit, x86, x86-windows-static, 3.31.6)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_ARROW=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=Off, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SMALL=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_THREAD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SIMD=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_UNDEFINED=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_COVERAGE=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DSANITIZE_ADDRESS=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_SANITIZE_MEMORY=On, 3.31.6, clang, clang++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=On, 3.31.6, gcc, g++)
• GitHub Check: run-ubuntu-unit-tests (-DFLB_JEMALLOC=Off, 3.31.6, gcc, g++)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-24.04, clang-14)
• GitHub Check: PR - fuzzing test
• GitHub Check: pr-compile-centos-7
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, gcc, g++, ubuntu-22.04, clang-12)
• GitHub Check: pr-compile-system-libs (-DFLB_PREFER_SYSTEM_LIBS=On, 3.31.6, clang, clang++, ubuntu-24.04, clang-14)
• GitHub Check: pr-compile-without-cxx (3.31.6)

🔇 Additional comments (1)

src/flb_storage.c (1)

433-441: Invalid-chunk ordering policy LGTM

Treating both invalid as equal and pushing invalid after valid improves safety and determinism during sorting.