* WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway @ 2020-11-27 12:32 syzbot 2020-11-30 4:29 ` Randy Dunlap 0 siblings, 1 reply; 10+ messages in thread From: syzbot @ 2020-11-27 12:32 UTC (permalink / raw) To: linux-kernel, syzkaller-bugs Hello, syzbot found the following issue on: HEAD commit: 418baf2c Linux 5.10-rc5 git tree: upstream console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff compiler: gcc (GCC) 10.1.0-syz 20200507 Unfortunately, I don't have any reproducer for this issue yet. IMPORTANT: if you fix the issue, please add the following tag to the commit: Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com BFS-fs: bfs_fill_super(): loop5 is unclean, continuing BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 BFS-fs: bfs_fill_super(): loop5 is unclean, continuing BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 --- This report is generated by a bot. It may contain errors. See https://goo.gl/tpsmEJ for more information about syzbot. syzbot engineers can be reached at syzkaller@googlegroups.com. syzbot will keep track of this issue. See: https://goo.gl/tpsmEJ#status for how to communicate with syzbot. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-11-27 12:32 WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway syzbot @ 2020-11-30 4:29 ` Randy Dunlap 2020-11-30 8:43 ` Dmitry Vyukov 0 siblings, 1 reply; 10+ messages in thread From: Randy Dunlap @ 2020-11-30 4:29 UTC (permalink / raw) To: syzbot, linux-kernel, syzkaller-bugs, syzkaller On 11/27/20 4:32 AM, syzbot wrote: > Hello, > > syzbot found the following issue on: > > HEAD commit: 418baf2c Linux 5.10-rc5 > git tree: upstream > console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 > kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 > dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff > compiler: gcc (GCC) 10.1.0-syz 20200507 > > Unfortunately, I don't have any reproducer for this issue yet. > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com > > BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > > > --- > This report is generated by a bot. It may contain errors. > See https://goo.gl/tpsmEJ for more information about syzbot. > syzbot engineers can be reached at syzkaller@googlegroups.com. > > syzbot will keep track of this issue. See: > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > Hi, Can you provide the BFS image file that is being mounted? (./file0 I think.) -- ~Randy ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-11-30 4:29 ` Randy Dunlap @ 2020-11-30 8:43 ` Dmitry Vyukov 2020-12-01 1:03 ` Randy Dunlap 0 siblings, 1 reply; 10+ messages in thread From: Dmitry Vyukov @ 2020-11-30 8:43 UTC (permalink / raw) To: Randy Dunlap; +Cc: syzbot, LKML, syzkaller-bugs, syzkaller On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > On 11/27/20 4:32 AM, syzbot wrote: > > Hello, > > > > syzbot found the following issue on: > > > > HEAD commit: 418baf2c Linux 5.10-rc5 > > git tree: upstream > > console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 > > kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 > > dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff > > compiler: gcc (GCC) 10.1.0-syz 20200507 > > > > Unfortunately, I don't have any reproducer for this issue yet. > > > > IMPORTANT: if you fix the issue, please add the following tag to the commit: > > Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com > > > > BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > > BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > > BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > > BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > > BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > > BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > > > > > > --- > > This report is generated by a bot. It may contain errors. > > See https://goo.gl/tpsmEJ for more information about syzbot. > > syzbot engineers can be reached at syzkaller@googlegroups.com. > > > > syzbot will keep track of this issue. See: > > https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > > > > Hi, > Can you provide the BFS image file that is being mounted? > (./file0 I think.) > > -- > ~Randy Hi Randy, I see this bug was reported with a reproducer: https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 I assume it's a dup of this one. If you need the image itself, you can dump it to a file in the C reproducer inside of syz_mount_image before mount call. Thanks ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-11-30 8:43 ` Dmitry Vyukov @ 2020-12-01 1:03 ` Randy Dunlap 2020-12-01 7:47 ` Dmitry Vyukov 0 siblings, 1 reply; 10+ messages in thread From: Randy Dunlap @ 2020-12-01 1:03 UTC (permalink / raw) To: Dmitry Vyukov; +Cc: syzbot, LKML, syzkaller-bugs, syzkaller On 11/30/20 12:43 AM, Dmitry Vyukov wrote: > On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: >> >> On 11/27/20 4:32 AM, syzbot wrote: >>> Hello, >>> >>> syzbot found the following issue on: >>> >>> HEAD commit: 418baf2c Linux 5.10-rc5 >>> git tree: upstream >>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 >>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 >>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff >>> compiler: gcc (GCC) 10.1.0-syz 20200507 >>> >>> Unfortunately, I don't have any reproducer for this issue yet. >>> >>> IMPORTANT: if you fix the issue, please add the following tag to the commit: >>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com >>> >>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing >>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway >>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 >>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing >>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway >>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 >>> >>> >>> --- >>> This report is generated by a bot. It may contain errors. >>> See https://goo.gl/tpsmEJ for more information about syzbot. >>> syzbot engineers can be reached at syzkaller@googlegroups.com. >>> >>> syzbot will keep track of this issue. See: >>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. >>> >> >> Hi, >> Can you provide the BFS image file that is being mounted? >> (./file0 I think.) >> >> -- >> ~Randy > > > Hi Randy, > > I see this bug was reported with a reproducer: > https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 > I assume it's a dup of this one. Sure, looks the same. > If you need the image itself, you can dump it to a file in the C > reproducer inside of syz_mount_image before mount call. Yes, got that. What outcome or result are you looking for here? Or what do you see as the problem? thanks. -- ~Randy ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-12-01 1:03 ` Randy Dunlap @ 2020-12-01 7:47 ` Dmitry Vyukov 2020-12-01 21:17 ` Randy Dunlap 0 siblings, 1 reply; 10+ messages in thread From: Dmitry Vyukov @ 2020-12-01 7:47 UTC (permalink / raw) To: Randy Dunlap; +Cc: syzbot, LKML, syzkaller-bugs, syzkaller On Tue, Dec 1, 2020 at 2:03 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > On 11/30/20 12:43 AM, Dmitry Vyukov wrote: > > On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: > >> > >> On 11/27/20 4:32 AM, syzbot wrote: > >>> Hello, > >>> > >>> syzbot found the following issue on: > >>> > >>> HEAD commit: 418baf2c Linux 5.10-rc5 > >>> git tree: upstream > >>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 > >>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 > >>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff > >>> compiler: gcc (GCC) 10.1.0-syz 20200507 > >>> > >>> Unfortunately, I don't have any reproducer for this issue yet. > >>> > >>> IMPORTANT: if you fix the issue, please add the following tag to the commit: > >>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com > >>> > >>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > >>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > >>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > >>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > >>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > >>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > >>> > >>> > >>> --- > >>> This report is generated by a bot. It may contain errors. > >>> See https://goo.gl/tpsmEJ for more information about syzbot. > >>> syzbot engineers can be reached at syzkaller@googlegroups.com. > >>> > >>> syzbot will keep track of this issue. See: > >>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > >>> > >> > >> Hi, > >> Can you provide the BFS image file that is being mounted? > >> (./file0 I think.) > >> > >> -- > >> ~Randy > > > > > > Hi Randy, > > > > I see this bug was reported with a reproducer: > > https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 > > I assume it's a dup of this one. > > Sure, looks the same. > > > If you need the image itself, you can dump it to a file in the C > > reproducer inside of syz_mount_image before mount call. > > Yes, got that. > > What outcome or result are you looking for here? > Or what do you see as the problem? Hi Randy, "WARNING:" in kernel output is supposed to mean a kernel source bug. Presence of that kernel bug is what syzbot has reported. Note: the bug may be a misuse of the "WARNING:" for invalid user inputs in output as well :) ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-12-01 7:47 ` Dmitry Vyukov @ 2020-12-01 21:17 ` Randy Dunlap 2020-12-02 7:59 ` Dmitry Vyukov 2020-12-03 4:15 ` Randy Dunlap 0 siblings, 2 replies; 10+ messages in thread From: Randy Dunlap @ 2020-12-01 21:17 UTC (permalink / raw) To: Dmitry Vyukov, Al Viro; +Cc: syzbot, LKML, syzkaller-bugs, syzkaller On 11/30/20 11:47 PM, Dmitry Vyukov wrote: > On Tue, Dec 1, 2020 at 2:03 AM Randy Dunlap <rdunlap@infradead.org> wrote: >> >> On 11/30/20 12:43 AM, Dmitry Vyukov wrote: >>> On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: >>>> >>>> On 11/27/20 4:32 AM, syzbot wrote: >>>>> Hello, >>>>> >>>>> syzbot found the following issue on: >>>>> >>>>> HEAD commit: 418baf2c Linux 5.10-rc5 >>>>> git tree: upstream >>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 >>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 >>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff >>>>> compiler: gcc (GCC) 10.1.0-syz 20200507 >>>>> >>>>> Unfortunately, I don't have any reproducer for this issue yet. >>>>> >>>>> IMPORTANT: if you fix the issue, please add the following tag to the commit: >>>>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com >>>>> >>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing >>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway >>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 >>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing >>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway >>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 >>>>> >>>>> >>>>> --- >>>>> This report is generated by a bot. It may contain errors. >>>>> See https://goo.gl/tpsmEJ for more information about syzbot. >>>>> syzbot engineers can be reached at syzkaller@googlegroups.com. >>>>> >>>>> syzbot will keep track of this issue. See: >>>>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. >>>>> >>>> >>>> Hi, >>>> Can you provide the BFS image file that is being mounted? >>>> (./file0 I think.) >>>> >>>> -- >>>> ~Randy >>> >>> >>> Hi Randy, >>> >>> I see this bug was reported with a reproducer: >>> https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 >>> I assume it's a dup of this one. >> >> Sure, looks the same. >> >>> If you need the image itself, you can dump it to a file in the C >>> reproducer inside of syz_mount_image before mount call. >> >> Yes, got that. >> >> What outcome or result are you looking for here? >> Or what do you see as the problem? > > Hi Randy, > > "WARNING:" in kernel output is supposed to mean a kernel source bug. > Presence of that kernel bug is what syzbot has reported. > > Note: the bug may be a misuse of the "WARNING:" for invalid user > inputs in output as well :) [adding Al Viro] Hi Dmitry, I expect that the "WARNING:" message is being interpreted incorrectly here, but that's a minor issue IMO. if (info->si_lasti == BFS_MAX_LASTI) printf("WARNING: filesystem %s was created with 512 inodes, the real maximum is 511, mounting anyway\n", s->s_id); If you/we look at fs/bfs/bfs.h, it says: /* In theory BFS supports up to 512 inodes, numbered from 2 (for /) up to 513 inclusive. In actual fact, attempting to create the 512th inode (i.e. inode No. 513 or file No. 511) will fail with ENOSPC in bfs_add_entry(): the root directory cannot contain so many entries, counting '..'. So, mkfs.bfs(8) should really limit its -N option to 511 and not 512. For now, we just print a warning if a filesystem is mounted with such "impossible to fill up" number of inodes */ so one question is why does syzkaller try to do this at all? Why not set number-of-inodes to 511 instead of 512 in the BFS image file? However, in testing this, I see that the BFS image is not mounted on /dev/loop# at all. 'mount' says: # mount -t bfs -o loop bfsfilesyz000.img /mnt/stand mount: /mnt/stand: mount(2) system call failed: Not a directory. (but it is a directory) and I have tracked that down to fs/namespace.c::graft_tree() returning -ENOTDIR, but I don't know why that is happening. Al, can you provide any insights on this? thanks. -- ~Randy ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-12-01 21:17 ` Randy Dunlap @ 2020-12-02 7:59 ` Dmitry Vyukov 2020-12-03 4:15 ` Randy Dunlap 1 sibling, 0 replies; 10+ messages in thread From: Dmitry Vyukov @ 2020-12-02 7:59 UTC (permalink / raw) To: Randy Dunlap; +Cc: Al Viro, syzbot, LKML, syzkaller-bugs, syzkaller On Tue, Dec 1, 2020 at 10:17 PM Randy Dunlap <rdunlap@infradead.org> wrote: > > On 11/30/20 11:47 PM, Dmitry Vyukov wrote: > > On Tue, Dec 1, 2020 at 2:03 AM Randy Dunlap <rdunlap@infradead.org> wrote: > >> > >> On 11/30/20 12:43 AM, Dmitry Vyukov wrote: > >>> On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: > >>>> > >>>> On 11/27/20 4:32 AM, syzbot wrote: > >>>>> Hello, > >>>>> > >>>>> syzbot found the following issue on: > >>>>> > >>>>> HEAD commit: 418baf2c Linux 5.10-rc5 > >>>>> git tree: upstream > >>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 > >>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 > >>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff > >>>>> compiler: gcc (GCC) 10.1.0-syz 20200507 > >>>>> > >>>>> Unfortunately, I don't have any reproducer for this issue yet. > >>>>> > >>>>> IMPORTANT: if you fix the issue, please add the following tag to the commit: > >>>>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com > >>>>> > >>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > >>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > >>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > >>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > >>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > >>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > >>>>> > >>>>> > >>>>> --- > >>>>> This report is generated by a bot. It may contain errors. > >>>>> See https://goo.gl/tpsmEJ for more information about syzbot. > >>>>> syzbot engineers can be reached at syzkaller@googlegroups.com. > >>>>> > >>>>> syzbot will keep track of this issue. See: > >>>>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > >>>>> > >>>> > >>>> Hi, > >>>> Can you provide the BFS image file that is being mounted? > >>>> (./file0 I think.) > >>>> > >>>> -- > >>>> ~Randy > >>> > >>> > >>> Hi Randy, > >>> > >>> I see this bug was reported with a reproducer: > >>> https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 > >>> I assume it's a dup of this one. > >> > >> Sure, looks the same. > >> > >>> If you need the image itself, you can dump it to a file in the C > >>> reproducer inside of syz_mount_image before mount call. > >> > >> Yes, got that. > >> > >> What outcome or result are you looking for here? > >> Or what do you see as the problem? > > > > Hi Randy, > > > > "WARNING:" in kernel output is supposed to mean a kernel source bug. > > Presence of that kernel bug is what syzbot has reported. > > > > Note: the bug may be a misuse of the "WARNING:" for invalid user > > inputs in output as well :) > > > [adding Al Viro] > > Hi Dmitry, > > I expect that the "WARNING:" message is being interpreted incorrectly here, > but that's a minor issue IMO. > > if (info->si_lasti == BFS_MAX_LASTI) > printf("WARNING: filesystem %s was created with 512 inodes, the real maximum is 511, mounting anyway\n", s->s_id); > > > If you/we look at fs/bfs/bfs.h, it says: > > /* In theory BFS supports up to 512 inodes, numbered from 2 (for /) up to 513 inclusive. > In actual fact, attempting to create the 512th inode (i.e. inode No. 513 or file No. 511) > will fail with ENOSPC in bfs_add_entry(): the root directory cannot contain so many entries, counting '..'. > So, mkfs.bfs(8) should really limit its -N option to 511 and not 512. For now, we just print a warning > if a filesystem is mounted with such "impossible to fill up" number of inodes */ > > so one question is why does syzkaller try to do this at all? Solely for kernel testing purposes. > Why not set number-of-inodes to 511 instead of 512 in the BFS image file? > > However, in testing this, I see that the BFS image is not mounted > on /dev/loop# at all. > > 'mount' says: > > # mount -t bfs -o loop bfsfilesyz000.img /mnt/stand > mount: /mnt/stand: mount(2) system call failed: Not a directory. > > (but it is a directory) > > and I have tracked that down to fs/namespace.c::graft_tree() > returning -ENOTDIR, but I don't know why that is happening. > > > Al, can you provide any insights on this? > > thanks. > -- > ~Randy > > -- > You received this message because you are subscribed to the Google Groups "syzkaller-bugs" group. > To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller-bugs+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgid/syzkaller-bugs/dc76e615-a2fc-64e1-c979-4699d0d57309%40infradead.org. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-12-01 21:17 ` Randy Dunlap 2020-12-02 7:59 ` Dmitry Vyukov @ 2020-12-03 4:15 ` Randy Dunlap 2020-12-03 12:55 ` Dmitry Vyukov 1 sibling, 1 reply; 10+ messages in thread From: Randy Dunlap @ 2020-12-03 4:15 UTC (permalink / raw) To: Dmitry Vyukov, Al Viro; +Cc: syzbot, LKML, syzkaller-bugs, syzkaller On 12/1/20 1:17 PM, Randy Dunlap wrote: > On 11/30/20 11:47 PM, Dmitry Vyukov wrote: >> On Tue, Dec 1, 2020 at 2:03 AM Randy Dunlap <rdunlap@infradead.org> wrote: >>> >>> On 11/30/20 12:43 AM, Dmitry Vyukov wrote: >>>> On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: >>>>> >>>>> On 11/27/20 4:32 AM, syzbot wrote: >>>>>> Hello, >>>>>> >>>>>> syzbot found the following issue on: >>>>>> >>>>>> HEAD commit: 418baf2c Linux 5.10-rc5 >>>>>> git tree: upstream >>>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 >>>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 >>>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff >>>>>> compiler: gcc (GCC) 10.1.0-syz 20200507 >>>>>> >>>>>> Unfortunately, I don't have any reproducer for this issue yet. >>>>>> >>>>>> IMPORTANT: if you fix the issue, please add the following tag to the commit: >>>>>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com >>>>>> >>>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing >>>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway >>>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 >>>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing >>>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway >>>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 >>>>>> >>>>>> >>>>>> --- >>>>>> This report is generated by a bot. It may contain errors. >>>>>> See https://goo.gl/tpsmEJ for more information about syzbot. >>>>>> syzbot engineers can be reached at syzkaller@googlegroups.com. >>>>>> >>>>>> syzbot will keep track of this issue. See: >>>>>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. ... >>>> Hi Randy, >>>> >>>> I see this bug was reported with a reproducer: >>>> https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 >>>> I assume it's a dup of this one. >>> >>> Sure, looks the same. >>> >>>> If you need the image itself, you can dump it to a file in the C >>>> reproducer inside of syz_mount_image before mount call. >>> >>> Yes, got that. >>> >>> What outcome or result are you looking for here? >>> Or what do you see as the problem? >> >> Hi Randy, >> >> "WARNING:" in kernel output is supposed to mean a kernel source bug. >> Presence of that kernel bug is what syzbot has reported. >> >> Note: the bug may be a misuse of the "WARNING:" for invalid user >> inputs in output as well :) > > > [adding Al Viro] > > Hi Dmitry, > > I expect that the "WARNING:" message is being interpreted incorrectly here, > but that's a minor issue IMO. > > if (info->si_lasti == BFS_MAX_LASTI) > printf("WARNING: filesystem %s was created with 512 inodes, the real maximum is 511, mounting anyway\n", s->s_id); > ... > > > However, in testing this, I see that the BFS image is not mounted > on /dev/loop# at all. > > 'mount' says: > > # mount -t bfs -o loop bfsfilesyz000.img /mnt/stand > mount: /mnt/stand: mount(2) system call failed: Not a directory. > > (but it is a directory) > > and I have tracked that down to fs/namespace.c::graft_tree() > returning -ENOTDIR, but I don't know why that is happening. > > > Al, can you provide any insights on this? OK, with Al's help, here is the situation. If I use a regular file instead of a directory, the mount command succeeds. The printk() from fs/bfs/inode.c that uses the WARNING: string is not a WARN() or WARN_ON(). It's just a printk(). <linux/asm-generic/bug.h> says: * Do not include "BUG"/"WARNING" in format strings manually to make these * conditions distinguishable from kernel issues. so if I change fs/bfs/inode.c to use "warning:" or "Warning," or "Note:", this little problem should go away. Is that correct? thanks. -- ~Randy ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-12-03 4:15 ` Randy Dunlap @ 2020-12-03 12:55 ` Dmitry Vyukov 2020-12-03 12:56 ` Dmitry Vyukov 0 siblings, 1 reply; 10+ messages in thread From: Dmitry Vyukov @ 2020-12-03 12:55 UTC (permalink / raw) To: Randy Dunlap; +Cc: Al Viro, syzbot, LKML, syzkaller-bugs, syzkaller On Thu, Dec 3, 2020 at 5:15 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > On 12/1/20 1:17 PM, Randy Dunlap wrote: > > On 11/30/20 11:47 PM, Dmitry Vyukov wrote: > >> On Tue, Dec 1, 2020 at 2:03 AM Randy Dunlap <rdunlap@infradead.org> wrote: > >>> > >>> On 11/30/20 12:43 AM, Dmitry Vyukov wrote: > >>>> On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: > >>>>> > >>>>> On 11/27/20 4:32 AM, syzbot wrote: > >>>>>> Hello, > >>>>>> > >>>>>> syzbot found the following issue on: > >>>>>> > >>>>>> HEAD commit: 418baf2c Linux 5.10-rc5 > >>>>>> git tree: upstream > >>>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 > >>>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 > >>>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff > >>>>>> compiler: gcc (GCC) 10.1.0-syz 20200507 > >>>>>> > >>>>>> Unfortunately, I don't have any reproducer for this issue yet. > >>>>>> > >>>>>> IMPORTANT: if you fix the issue, please add the following tag to the commit: > >>>>>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com > >>>>>> > >>>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > >>>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > >>>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > >>>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > >>>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > >>>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > >>>>>> > >>>>>> > >>>>>> --- > >>>>>> This report is generated by a bot. It may contain errors. > >>>>>> See https://goo.gl/tpsmEJ for more information about syzbot. > >>>>>> syzbot engineers can be reached at syzkaller@googlegroups.com. > >>>>>> > >>>>>> syzbot will keep track of this issue. See: > >>>>>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > > ... > > >>>> Hi Randy, > >>>> > >>>> I see this bug was reported with a reproducer: > >>>> https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 > >>>> I assume it's a dup of this one. > >>> > >>> Sure, looks the same. > >>> > >>>> If you need the image itself, you can dump it to a file in the C > >>>> reproducer inside of syz_mount_image before mount call. > >>> > >>> Yes, got that. > >>> > >>> What outcome or result are you looking for here? > >>> Or what do you see as the problem? > >> > >> Hi Randy, > >> > >> "WARNING:" in kernel output is supposed to mean a kernel source bug. > >> Presence of that kernel bug is what syzbot has reported. > >> > >> Note: the bug may be a misuse of the "WARNING:" for invalid user > >> inputs in output as well :) > > > > > > [adding Al Viro] > > > > Hi Dmitry, > > > > I expect that the "WARNING:" message is being interpreted incorrectly here, > > but that's a minor issue IMO. > > > > if (info->si_lasti == BFS_MAX_LASTI) > > printf("WARNING: filesystem %s was created with 512 inodes, the real maximum is 511, mounting anyway\n", s->s_id); > > > > ... > > > > > > > However, in testing this, I see that the BFS image is not mounted > > on /dev/loop# at all. > > > > 'mount' says: > > > > # mount -t bfs -o loop bfsfilesyz000.img /mnt/stand > > mount: /mnt/stand: mount(2) system call failed: Not a directory. > > > > (but it is a directory) > > > > and I have tracked that down to fs/namespace.c::graft_tree() > > returning -ENOTDIR, but I don't know why that is happening. > > > > > > Al, can you provide any insights on this? > > OK, with Al's help, here is the situation. > > If I use a regular file instead of a directory, the mount > command succeeds. > > The printk() from fs/bfs/inode.c that uses the WARNING: string > is not a WARN() or WARN_ON(). It's just a printk(). > > <linux/asm-generic/bug.h> says: > > * Do not include "BUG"/"WARNING" in format strings manually to make these > * conditions distinguishable from kernel issues. > > so if I change fs/bfs/inode.c to use "warning:" or "Warning," or "Note:", > this little problem should go away. Is that correct? Hi, Yes, any of these prefixes will work (not be considered as a kernel issue). syzkaller only matches "WARNING:" verbatim. I don't know about all other kernel testing systems, but at least it's distinguishable. Maybe also worth adding "bfs:" prefix for cases when people stare at dmesg afterwards. ^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway 2020-12-03 12:55 ` Dmitry Vyukov @ 2020-12-03 12:56 ` Dmitry Vyukov 0 siblings, 0 replies; 10+ messages in thread From: Dmitry Vyukov @ 2020-12-03 12:56 UTC (permalink / raw) To: Randy Dunlap; +Cc: Al Viro, syzbot, LKML, syzkaller-bugs, syzkaller On Thu, Dec 3, 2020 at 1:55 PM Dmitry Vyukov <dvyukov@google.com> wrote: > > On Thu, Dec 3, 2020 at 5:15 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > > > On 12/1/20 1:17 PM, Randy Dunlap wrote: > > > On 11/30/20 11:47 PM, Dmitry Vyukov wrote: > > >> On Tue, Dec 1, 2020 at 2:03 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > >>> > > >>> On 11/30/20 12:43 AM, Dmitry Vyukov wrote: > > >>>> On Mon, Nov 30, 2020 at 5:29 AM Randy Dunlap <rdunlap@infradead.org> wrote: > > >>>>> > > >>>>> On 11/27/20 4:32 AM, syzbot wrote: > > >>>>>> Hello, > > >>>>>> > > >>>>>> syzbot found the following issue on: > > >>>>>> > > >>>>>> HEAD commit: 418baf2c Linux 5.10-rc5 > > >>>>>> git tree: upstream > > >>>>>> console output: https://syzkaller.appspot.com/x/log.txt?x=171555b9500000 > > >>>>>> kernel config: https://syzkaller.appspot.com/x/.config?x=b81aff78c272da44 > > >>>>>> dashboard link: https://syzkaller.appspot.com/bug?extid=3fd34060f26e766536ff > > >>>>>> compiler: gcc (GCC) 10.1.0-syz 20200507 > > >>>>>> > > >>>>>> Unfortunately, I don't have any reproducer for this issue yet. > > >>>>>> > > >>>>>> IMPORTANT: if you fix the issue, please add the following tag to the commit: > > >>>>>> Reported-by: syzbot+3fd34060f26e766536ff@syzkaller.appspotmail.com > > >>>>>> > > >>>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > > >>>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > > >>>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > > >>>>>> BFS-fs: bfs_fill_super(): loop5 is unclean, continuing > > >>>>>> BFS-fs: bfs_fill_super(): WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway > > >>>>>> BFS-fs: bfs_fill_super(): Last block not available on loop5: 120 > > >>>>>> > > >>>>>> > > >>>>>> --- > > >>>>>> This report is generated by a bot. It may contain errors. > > >>>>>> See https://goo.gl/tpsmEJ for more information about syzbot. > > >>>>>> syzbot engineers can be reached at syzkaller@googlegroups.com. > > >>>>>> > > >>>>>> syzbot will keep track of this issue. See: > > >>>>>> https://goo.gl/tpsmEJ#status for how to communicate with syzbot. > > > > ... > > > > >>>> Hi Randy, > > >>>> > > >>>> I see this bug was reported with a reproducer: > > >>>> https://syzkaller.appspot.com/bug?id=a32ebd5db2f7c957b82cf54b97bdecf367bf0421 > > >>>> I assume it's a dup of this one. > > >>> > > >>> Sure, looks the same. > > >>> > > >>>> If you need the image itself, you can dump it to a file in the C > > >>>> reproducer inside of syz_mount_image before mount call. > > >>> > > >>> Yes, got that. > > >>> > > >>> What outcome or result are you looking for here? > > >>> Or what do you see as the problem? > > >> > > >> Hi Randy, > > >> > > >> "WARNING:" in kernel output is supposed to mean a kernel source bug. > > >> Presence of that kernel bug is what syzbot has reported. > > >> > > >> Note: the bug may be a misuse of the "WARNING:" for invalid user > > >> inputs in output as well :) > > > > > > > > > [adding Al Viro] > > > > > > Hi Dmitry, > > > > > > I expect that the "WARNING:" message is being interpreted incorrectly here, > > > but that's a minor issue IMO. > > > > > > if (info->si_lasti == BFS_MAX_LASTI) > > > printf("WARNING: filesystem %s was created with 512 inodes, the real maximum is 511, mounting anyway\n", s->s_id); > > > > > > > ... > > > > > > > > > > > However, in testing this, I see that the BFS image is not mounted > > > on /dev/loop# at all. > > > > > > 'mount' says: > > > > > > # mount -t bfs -o loop bfsfilesyz000.img /mnt/stand > > > mount: /mnt/stand: mount(2) system call failed: Not a directory. > > > > > > (but it is a directory) > > > > > > and I have tracked that down to fs/namespace.c::graft_tree() > > > returning -ENOTDIR, but I don't know why that is happening. > > > > > > > > > Al, can you provide any insights on this? > > > > OK, with Al's help, here is the situation. > > > > If I use a regular file instead of a directory, the mount > > command succeeds. > > > > The printk() from fs/bfs/inode.c that uses the WARNING: string > > is not a WARN() or WARN_ON(). It's just a printk(). > > > > <linux/asm-generic/bug.h> says: > > > > * Do not include "BUG"/"WARNING" in format strings manually to make these > > * conditions distinguishable from kernel issues. > > > > so if I change fs/bfs/inode.c to use "warning:" or "Warning," or "Note:", > > this little problem should go away. Is that correct? > > Hi, > > Yes, any of these prefixes will work (not be considered as a kernel > issue). syzkaller only matches "WARNING:" verbatim. I don't know about > all other kernel testing systems, but at least it's distinguishable. > > Maybe also worth adding "bfs:" prefix for cases when people stare at > dmesg afterwards. Oh, sorry, there are already enough prefixes (BFS-fs: bfs_fill_super():). ^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2020-12-03 12:57 UTC | newest] Thread overview: 10+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2020-11-27 12:32 WARNING: filesystem loop5 was created with 512 inodes, the real maximum is 511, mounting anyway syzbot 2020-11-30 4:29 ` Randy Dunlap 2020-11-30 8:43 ` Dmitry Vyukov 2020-12-01 1:03 ` Randy Dunlap 2020-12-01 7:47 ` Dmitry Vyukov 2020-12-01 21:17 ` Randy Dunlap 2020-12-02 7:59 ` Dmitry Vyukov 2020-12-03 4:15 ` Randy Dunlap 2020-12-03 12:55 ` Dmitry Vyukov 2020-12-03 12:56 ` Dmitry Vyukov
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox