[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20180402044525.GD26510@thunk.org>
Date: Mon, 2 Apr 2018 00:45:25 -0400
From: "Theodore Y. Ts'o" <tytso@....edu>
To: syzbot <syzbot+06c885be0edcdaeab40c@...kaller.appspotmail.com>
Cc: adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org,
syzkaller-bugs@...glegroups.com
Subject: Re: kernel BUG at fs/ext4/extents.c:LINE!
Here's a simplified reproducer. Run this script with the current
directory in an ext4 directory. Then unmount the file sytsem, and run
fsck on it. The file system corruption is.... impressive.
I'm pretty sure the problem is being caused by bad/missing
error/sanity checking in handling of FALLOC_FL_INSERT_RANGE.
- Ted
---------------- repro.c
#define _GNU_SOURCE
#include <unistd.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <fcntl.h>
#include <errno.h>
int main()
{
int fd = 0;
fd = open("bus", O_RDWR|O_CREAT|O_SYNC|O_NOATIME, 0x644);
fallocate(fd, 0, 0, 4);
fallocate(fd, FALLOC_FL_KEEP_SIZE, 0x200002, 0x10000101);
fallocate(fd, FALLOC_FL_INSERT_RANGE, 0, 0xfffffeff000);
close(fd);
return 0;
}
----------------- fsck output
e2fsck 1.44.0 (7-Mar-2018)
Pass 1: Checking inodes, blocks, and sizes
Inode 12 has out of order extents
(invalid logical block 255, physical block 33921, len 30208)
Clear? yes
Failed to iterate extents in inode 12
(op ext2fs_extent_fix_parents, blk 33921, lblk 255): Extent not found
Clear inode? yes
Inode 12, i_size is 17592184991748, should be 17592184995840. Fix? yes
Restarting e2fsck from the beginning...
Pass 1: Checking inodes, blocks, and sizes
Pass 2: Checking directory structure
Entry 'bus' in / (2) has deleted/unused inode 12. Clear? yes
Pass 3: Checking directory connectivity
Pass 4: Checking reference counts
Pass 5: Checking group summary information
Block bitmap differences: -33409 -(33920--64128) -(65536--98303) -(100352--102912)
Fix? yes
Free blocks count wrong for group #1 (1917, counted=32127).
Fix? yes
Free blocks count wrong for group #2 (0, counted=32768).
Fix? yes
Free blocks count wrong for group #3 (29566, counted=32127).
Fix? yes
Free blocks count wrong (1203103, counted=1268642).
Fix? yes
Inode bitmap differences: -12
Fix? yes
Free inodes count wrong for group #0 (8180, counted=8181).
Fix? yes
Free inodes count wrong (327668, counted=327669).
Fix? yes
/dev/vdc: ***** FILE SYSTEM WAS MODIFIED *****
/dev/vdc: 11/327680 files (0.0% non-contiguous), 42078/1310720 blocks
Powered by blists - more mailing lists