From: Dave Chinner <david@fromorbit.com>
To: Dmitry Vyukov <dvyukov@google.com>
Cc: syzbot <syzbot+84a67953651a971809ba@syzkaller.appspotmail.com>,
darrick.wong@oracle.com, LKML <linux-kernel@vger.kernel.org>,
linux-xfs@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: WARNING: bad unlock balance in xfs_iunlock
Date: Fri, 6 Apr 2018 07:38:44 +1000 [thread overview]
Message-ID: <20180405213844.GE23861@dastard> (raw)
In-Reply-To: <CACT4Y+ZadV0xTqhiGTAHmadAnYaSfPKhUy_TFXMza2o_n8+o9w@mail.gmail.com>
On Thu, Apr 05, 2018 at 08:54:50PM +0200, Dmitry Vyukov wrote:
> On Tue, Apr 3, 2018 at 6:38 AM, Dave Chinner <david@fromorbit.com> wrote:
> > On Mon, Apr 02, 2018 at 07:01:02PM -0700, syzbot wrote:
> >> Hello,
> >>
> >> syzbot hit the following crash on upstream commit
> >> 86bbbebac1933e6e95e8234c4f7d220c5ddd38bc (Mon Apr 2 18:47:07 2018 +0000)
> >> Merge branch 'ras-core-for-linus' of
> >> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
> >> syzbot dashboard link:
> >> https://syzkaller.appspot.com/bug?extid=84a67953651a971809ba
> >>
> >> C reproducer: https://syzkaller.appspot.com/x/repro.c?id=5719304272084992
> >> syzkaller reproducer:
> >> https://syzkaller.appspot.com/x/repro.syz?id=5767783983874048
> >
> > What a mess. A hand built, hopelessly broken filesystem image made
> > up of hex dumps, written into a mmap()d region of memory, then
> > copied into a tmpfs file and mounted with the loop device.
> >
> > Engineers that can debug broken filesystems don't grow on trees. If
> > we are to have any hope of understanding what the hell this test is
> > doing, the bot needs to supply us with a copy of the built
> > filesystem image the test uses. We need to be able to point forensic
> > tools at the image to decode all the structures into human readable
> > format - if we are forced to do that by hand or jump through hoops
> > to create our own filesystem image than I'm certainly not going to
> > waste time looking at these reports...
>
> Hi Dave,
>
> Here is the image:
> https://drive.google.com/file/d/1jzhGGe5SBJcqfsjxCLHoh4Kazke1oTfC/view
> (took me about a minute to extract from test by replacing memfd_create
> with open and running the program).
Says the expert who knows exactly how it's all put together. It took
me a couple of hours just to understand WTF the syzbot reproducer
was actually doing....
> Then do the following to trigger the bug:
> losetup /dev/loop0 xfs.repro
> mkdir xfs
> mount -t xfs -o nouuid,prjquota,noikeep,quota /dev/loop0 xfs
>
> To answer your more general question: syzbot is not a system to test
> solely file systems, it finds bugs in hundreds of kernel subsystems.
> Generating image for file systems, media files for sound and
> FaceDancer programs that crash host when FaceDancer device is plugged
> into USB is not feasible. And in the end it's not even clear what
I don't care how syzbot generates the filesystem image it uses.
> kernel subsystem is at fault and even if it somehow figures out that
> it's a filesystem, it's unclear that it's exactly an image that
> provokes the bug. syzbot provides C reproducers which is a reasonable
It doesn't matter *what subsystem breaks*. If syzbot is generating a
filesystem image and then mounting it, it needs to provide that
filesystem image to to people who end up having to debug the
problem. It's a basic "corrupt filesystem" bug triage step.
> Some bugs are so involved that only an
> expert in a particular subsystem can figure out what happens there.
And that's clearly the case here, whether you like it or not.
You want us to do things that make syzbot more useful as a tool but
you don't want to do things that make syzbot a useful tool for us.
It's a two way street....
Cheers,
Dave.
--
Dave Chinner
david@fromorbit.com
next prev parent reply other threads:[~2018-04-05 21:38 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2018-04-03 2:01 WARNING: bad unlock balance in xfs_iunlock syzbot
2018-04-03 4:38 ` Dave Chinner
2018-04-05 18:54 ` Dmitry Vyukov
2018-04-05 21:38 ` Dave Chinner [this message]
2018-04-06 16:10 ` Darrick J. Wong
2018-04-13 10:03 ` Dmitry Vyukov
2018-04-16 19:22 ` Eric Sandeen
2018-04-30 13:23 ` Dmitry Vyukov
2018-04-30 13:49 ` Eric Sandeen
2018-04-30 14:02 ` Dmitry Vyukov
2018-04-30 15:14 ` Eric Sandeen
2018-05-02 9:54 ` Jan Tulak
2018-05-08 7:52 ` Dmitry Vyukov
2018-05-09 2:48 ` Eric Sandeen
2018-05-09 8:43 ` Dmitry Vyukov
2018-05-09 23:22 ` Dave Chinner
2018-05-11 8:59 ` Dmitry Vyukov
2018-05-12 1:16 ` Dave Chinner
2018-05-08 7:54 ` Dmitry Vyukov
2018-04-30 13:24 ` Dmitry Vyukov
2018-05-01 22:51 ` Dave Chinner
2018-05-08 7:56 ` Dmitry Vyukov
2018-05-09 0:50 ` Dave Chinner
2018-05-09 2:37 ` Eric Biggers
2018-05-09 3:32 ` Eric Sandeen
2018-05-09 13:55 ` Theodore Y. Ts'o
2018-05-09 14:13 ` Dmitry Vyukov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180405213844.GE23861@dastard \
--to=david@fromorbit.com \
--cc=darrick.wong@oracle.com \
--cc=dvyukov@google.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-xfs@vger.kernel.org \
--cc=syzbot+84a67953651a971809ba@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).