Re: panic: ext2fs_dirbadentry
> On Wed, Jul 17, 2013 at 12:11, Sergey Bronnikov wrote: > > Bug was catched by fsfuzzer. Probably that bug cannot be > > found in real life with real usecase, but anyway it is a bug. > > Sorry, but I don't think these bugs are interesting. The filesystem > code panics when it encounters a broken filesystem. That is by design. > Attempting to continue given that we know the filesystem is > inconsistent would only make things worse. I concur. If the filesystem is that broken, I want it to panic. If you read up on the history of how filesystems work, it is as Ted says -- by design. If you don't that design, the filesystem structures and code would be substantially different from what they are now.
Re: panic: ext2fs_dirbadentry
On Wed, Jul 17, 2013 at 12:11, Sergey Bronnikov wrote: > Bug was catched by fsfuzzer. Probably that bug cannot be > found in real life with real usecase, but anyway it is a bug. Sorry, but I don't think these bugs are interesting. The filesystem code panics when it encounters a broken filesystem. That is by design. Attempting to continue given that we know the filesystem is inconsistent would only make things worse.
Re: panic: ext2fs_dirbadentry
On 09:50 Wed 17 Jul , Philip Guenther wrote: > On Wed, 17 Jul 2013, Sergey Bronnikov wrote: > > Bug was catched by fsfuzzer. Probably that bug cannot be > > found in real life with real usecase, but anyway it is a bug. > > Is e2fsck being run (forced?) after fuzzing and before trying to mount it? Unable to perform fsck due to fail: ~/tmp/fsfuzzer-bsd$ sudo fsck_ext2fs -d /dev/rvnd0c ** /dev/rvnd0c state = 2 cannot alloc 2281703425 bytes for statemap Floating point exception (core dumped) Reproducer for panic is here: http://www.bronevichok.ru/trash/fsfuzz.tar.gz Run: # ./repro ext2.4.img > Philip -- sergeyb@
Re: panic: ext2fs_dirbadentry
On 09:50 Wed 17 Jul , Philip Guenther wrote: > On Wed, 17 Jul 2013, Sergey Bronnikov wrote: > > Bug was catched by fsfuzzer. Probably that bug cannot be > > found in real life with real usecase, but anyway it is a bug. > > Is e2fsck being run (forced?) after fuzzing and before trying to mount it? No. But I will try to reproduce with fsck. > > Philip -- sergeyb@
Re: panic: ext2fs_dirbadentry
On Wed, Jul 17, 2013 at 12:11:34PM +0400, Sergey Bronnikov wrote: > Bug was catched by fsfuzzer. Probably that bug cannot be > found in real life with real usecase, but anyway it is a bug. Why? A failed consistency check means a bad fs, not necessarily a bug. "inode out of range" seems clear. A tool which "creates initial (valid) filesystem images and then manipulates their binary format and structure for detecting flaws/bugs/design problems in the parsing/handling code" is almost certain to eventually create something that blows up I would think. So, can you please explain why failing this consistency check indicates a bug in the code? Since fsfuzzer is supposed to create logs and allow reproducible tests, sharing those logs and directions on reproducing the failure would also be nice. Ken > > panic: ext2fs_dirbadentry > Stopped atDebugger+0x5: leave > RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! > DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! > ddb> Debugger() at Debugger+0x5 > panic() at panic+0xe4 > ext2fs_lookup() at ext2fs_lookup+0x68f > VOP_LOOKUP() at VOP_LOOKUP+0x2c > vfs_lookup() at vfs_lookup+0x271 > namei() at namei+0x21c > vn_open() at vn_open+0x91 > doopenat() at doopenat+0x125 > syscall() at syscall+0x162 > --- syscall (number 5) --- > end of kernel > end trace frame: 0x, count: -9 > acpi_pdirpa+0x4253fa: > > Full logs are below: > > OpenBSD 5.4-beta (GENERIC) #0: Mon Jul 15 23:06:59 MSK 2013 > es...@.xxx:/usr/src/sys/arch/amd64/compile/GENERIC > real mem = 4168839168 (3975MB) > avail mem = 4050149376 (3862MB) > mainbus0 at root > bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries) > bios0: vendor LENOVO version "7VET80WW (3.10 )" date 10/02/2009 > bios0: LENOVO 406257G > acpi0 at bios0: rev 2 > acpi0: sleep states S0 S3 S4 S5 > acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT SSDT SSDT SSDT SSDT > acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) > EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) > EHC1(S3) HDEF(S4) > acpitimer0 at acpi0: 3579545 Hz, 24 bits > acpiec0 at acpi0 > acpimadt0 at acpi0 addr 0xfee0: PC-AT compat > cpu0 at mainbus0: apid 0 (boot processor) > cpu0: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz, 798.13 MHz > cpu0: > FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF > cpu0: 6MB 64b/line 16-way L2 cache > cpu0: smt 0, core 0, package 0 > cpu0: apic clock running at 266MHz > cpu at mainbus0: not configured > ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins > ioapic0: misconfigured as apic 2, remapped to apid 1 > acpimcfg0 at acpi0 addr 0xe000, bus 0-63 > acpihpet0 at acpi0: 14318179 Hz > acpiprt0 at acpi0: bus 0 (PCI0) > acpiprt1 at acpi0: bus -1 (AGP_) > acpiprt2 at acpi0: bus 2 (EXP0) > acpiprt3 at acpi0: bus 3 (EXP1) > acpiprt4 at acpi0: bus 4 (EXP2) > acpiprt5 at acpi0: bus 5 (EXP3) > acpiprt6 at acpi0: bus 13 (EXP4) > acpiprt7 at acpi0: bus 21 (PCI1) > acpicpu0 at acpi0: C3, C2, C1, PSS > acpipwrres0 at acpi0: PUBS > acpitz0 at acpi0: critical temperature is 127 degC > acpitz1 at acpi0: critical temperature is 100 degC > acpibtn0 at acpi0: LID_ > acpibtn1 at acpi0: SLPB > acpibat0 at acpi0: BAT0 model "42T4620" serial 929 type LION oem "Panasonic" > acpibat1 at acpi0: BAT1 not present > acpiac0 at acpi0: AC unit online > acpithinkpad0 at acpi0 > acpidock0 at acpi0: GDCK not docked (0) > cpu0: Enhanced SpeedStep 798 MHz: speeds: 2801, 2800, 2133, 1600, 800 MHz > pci0 at mainbus0 bus 0 > pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07 > vga1 at pci0 dev 2 function 0 "Intel GM45 Video" rev 0x07 > intagp0 at vga1 > agp0 at intagp0: aperture at 0xd000, size 0x1000 > inteldrm0 at vga1 > drm0 at inteldrm0 > inteldrm0: 1920x1200 > wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) > wsdisplay0: screen 1-5 added (std, vt100 emulation) > "Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured > "Intel GM45 HECI" rev 0x07 at pci0 dev 3 function 0 not configured > em0 at pci0 dev 25 function 0 "Intel ICH9 IGP M" rev 0x03: msi, address > 00:22:68:18:b1:0f > uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x03: apic 1 int 20 > uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x03: apic 1 int 21 > uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x03: apic 1 int 22 > e
panic: ext2fs_dirbadentry
Bug was catched by fsfuzzer. Probably that bug cannot be found in real life with real usecase, but anyway it is a bug. panic: ext2fs_dirbadentry Stopped at Debugger+0x5: leave RUN AT LEAST 'trace' AND 'ps' AND INCLUDE OUTPUT WHEN REPORTING THIS PANIC! DO NOT EVEN BOTHER REPORTING THIS WITHOUT INCLUDING THAT INFORMATION! ddb> Debugger() at Debugger+0x5 panic() at panic+0xe4 ext2fs_lookup() at ext2fs_lookup+0x68f VOP_LOOKUP() at VOP_LOOKUP+0x2c vfs_lookup() at vfs_lookup+0x271 namei() at namei+0x21c vn_open() at vn_open+0x91 doopenat() at doopenat+0x125 syscall() at syscall+0x162 --- syscall (number 5) --- end of kernel end trace frame: 0x, count: -9 acpi_pdirpa+0x4253fa: Full logs are below: OpenBSD 5.4-beta (GENERIC) #0: Mon Jul 15 23:06:59 MSK 2013 es...@.xxx:/usr/src/sys/arch/amd64/compile/GENERIC real mem = 4168839168 (3975MB) avail mem = 4050149376 (3862MB) mainbus0 at root bios0 at mainbus0: SMBIOS rev. 2.4 @ 0xe0010 (80 entries) bios0: vendor LENOVO version "7VET80WW (3.10 )" date 10/02/2009 bios0: LENOVO 406257G acpi0 at bios0: rev 2 acpi0: sleep states S0 S3 S4 S5 acpi0: tables DSDT FACP SSDT ECDT APIC MCFG HPET SLIC BOOT SSDT SSDT SSDT SSDT acpi0: wakeup devices LID_(S3) SLPB(S3) UART(S3) IGBE(S4) EXP0(S4) EXP1(S4) EXP2(S4) EXP3(S4) EXP4(S4) PCI1(S4) USB0(S3) USB3(S3) USB5(S3) EHC0(S3) EHC1(S3) HDEF(S4) acpitimer0 at acpi0: 3579545 Hz, 24 bits acpiec0 at acpi0 acpimadt0 at acpi0 addr 0xfee0: PC-AT compat cpu0 at mainbus0: apid 0 (boot processor) cpu0: Intel(R) Core(TM)2 Duo CPU T9600 @ 2.80GHz, 798.13 MHz cpu0: FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,APIC,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,CFLUSH,DS,ACPI,MMX,FXSR,SSE,SSE2,SS,HTT,TM,PBE,SSE3,DTES64,MWAIT,DS-CPL,VMX,SMX,EST,TM2,SSSE3,CX16,xTPR,PDCM,SSE4.1,XSAVE,NXE,LONG,LAHF,PERF cpu0: 6MB 64b/line 16-way L2 cache cpu0: smt 0, core 0, package 0 cpu0: apic clock running at 266MHz cpu at mainbus0: not configured ioapic0 at mainbus0: apid 1 pa 0xfec0, version 20, 24 pins ioapic0: misconfigured as apic 2, remapped to apid 1 acpimcfg0 at acpi0 addr 0xe000, bus 0-63 acpihpet0 at acpi0: 14318179 Hz acpiprt0 at acpi0: bus 0 (PCI0) acpiprt1 at acpi0: bus -1 (AGP_) acpiprt2 at acpi0: bus 2 (EXP0) acpiprt3 at acpi0: bus 3 (EXP1) acpiprt4 at acpi0: bus 4 (EXP2) acpiprt5 at acpi0: bus 5 (EXP3) acpiprt6 at acpi0: bus 13 (EXP4) acpiprt7 at acpi0: bus 21 (PCI1) acpicpu0 at acpi0: C3, C2, C1, PSS acpipwrres0 at acpi0: PUBS acpitz0 at acpi0: critical temperature is 127 degC acpitz1 at acpi0: critical temperature is 100 degC acpibtn0 at acpi0: LID_ acpibtn1 at acpi0: SLPB acpibat0 at acpi0: BAT0 model "42T4620" serial 929 type LION oem "Panasonic" acpibat1 at acpi0: BAT1 not present acpiac0 at acpi0: AC unit online acpithinkpad0 at acpi0 acpidock0 at acpi0: GDCK not docked (0) cpu0: Enhanced SpeedStep 798 MHz: speeds: 2801, 2800, 2133, 1600, 800 MHz pci0 at mainbus0 bus 0 pchb0 at pci0 dev 0 function 0 "Intel GM45 Host" rev 0x07 vga1 at pci0 dev 2 function 0 "Intel GM45 Video" rev 0x07 intagp0 at vga1 agp0 at intagp0: aperture at 0xd000, size 0x1000 inteldrm0 at vga1 drm0 at inteldrm0 inteldrm0: 1920x1200 wsdisplay0 at vga1 mux 1: console (std, vt100 emulation) wsdisplay0: screen 1-5 added (std, vt100 emulation) "Intel GM45 Video" rev 0x07 at pci0 dev 2 function 1 not configured "Intel GM45 HECI" rev 0x07 at pci0 dev 3 function 0 not configured em0 at pci0 dev 25 function 0 "Intel ICH9 IGP M" rev 0x03: msi, address 00:22:68:18:b1:0f uhci0 at pci0 dev 26 function 0 "Intel 82801I USB" rev 0x03: apic 1 int 20 uhci1 at pci0 dev 26 function 1 "Intel 82801I USB" rev 0x03: apic 1 int 21 uhci2 at pci0 dev 26 function 2 "Intel 82801I USB" rev 0x03: apic 1 int 22 ehci0 at pci0 dev 26 function 7 "Intel 82801I USB" rev 0x03: apic 1 int 23 usb0 at ehci0: USB revision 2.0 uhub0 at usb0 "Intel EHCI root hub" rev 2.00/1.00 addr 1 azalia0 at pci0 dev 27 function 0 "Intel 82801I HD Audio" rev 0x03: msi azalia0: codecs: Conexant CX20561, 0x/0x, using Conexant CX20561 audio0 at azalia0 ppb0 at pci0 dev 28 function 0 "Intel 82801I PCIE" rev 0x03: msi pci1 at ppb0 bus 2 ppb1 at pci0 dev 28 function 1 "Intel 82801I PCIE" rev 0x03: msi pci2 at ppb1 bus 3 iwn0 at pci2 dev 0 function 0 "Intel WiFi Link 5100" rev 0x00: msi, MIMO 1T2R, MoW, address 00:26:c6:41:b8:2e ppb2 at pci0 dev 28 function 2 "Intel 82801I PCIE" rev 0x03: msi pci3 at ppb2 bus 4 "Intel Turbo Memory" rev 0x11 at pci3 dev 0 function 0 not configured ppb3 at pci0 dev 28 function 3 "Intel 82801I PCIE" rev 0x03: msi pci4 at ppb3 bus 5 ppb4 at pci0 dev 28 function 4 "Intel 82801I PCIE" rev 0x03: msi pci5 at ppb4 bus 13 uhci3 at pci0 dev 29 function 0 "Intel 82801I USB" rev 0x03: apic 1 int 16 uhci4 at pci0 dev 29 function 1 "Intel 8280
