Received: by 10.213.65.68 with SMTP id h4csp2271202imn; Thu, 5 Apr 2018 11:58:03 -0700 (PDT) X-Google-Smtp-Source: AIpwx4+EpGVMpMHtuzaL+n9zb4yekOa2X8XDF8SG6Yvd2s+vYV5pbrYTJsK/LpzIkXuT2Z8EBGhm X-Received: by 2002:a17:902:7b8e:: with SMTP id w14-v6mr10095167pll.52.1522954683570; Thu, 05 Apr 2018 11:58:03 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1522954683; cv=none; d=google.com; s=arc-20160816; b=dq+sswDDIk0q8PfrHtpvsIKtO7q7sUqwou4pcee6/ihXWnL3WmIoM2VF97SRNJ3IPt LPT3vHwBI+rVCQut/xS1Aw8Ez9IA8ofxLfTVj8bh+qt7+BqN1fFluPbARIaGbgfvskyn zbGBSLyD8JQUSa7jpQqxaXeF5FU4aEgj3xvsqakYTbVGt63qnjs+q/idn/yb9OVSdL1B 4u8hAncRqAEXl+o/eC2/gkRZQgcJ6I89NAIfRx3rlLFY3fS13So89EXcJ1DEW4P2/0+3 iwsaitPnZBZQ5tq40vo9NvA0hU0vrtWRXAh44z9XgslyoRerbfwcdDiF+TTMPbTCJnvM ZWPg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:cc:to:subject:message-id:date:from :references:in-reply-to:mime-version:dkim-signature :arc-authentication-results; bh=nTanNJYXc2VdhbF7sQ/u6IxqrG6KvcxgfHOrwboIl0s=; b=DNjOJJctg+dW8I3MUhsgEbWqEGLkJ5xP5FXspCCpKhahvYxyPr556l9ct3TEX1LPKz VuyKJfcjtEXn5juNigKRt2xL77vsSV1H465j/rHKomf51X4CeRyWOtAAuKz+ffWiShHW h/+KH6DzHpGUjjVS79GKFaZt40JIizSp5XiZlOl6cNU7/YoEZ9SNuwMSjsbs3oux2DXI tWUS1nJUivSSuI0HZQJ9olnzrFJBU+p4+VL6MKMT6i9Tjk6X+dTwu3tP/rF27EJlwSTX Z8XX2oFEOUqX6oAxlBIO8P313EfuYuGEGgrUKmZoR6OL/uyOzhRtwko+oZCmpe5s2GRf 5cDw== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=qFAj5oPA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id h5si5748212pgq.162.2018.04.05.11.57.49; Thu, 05 Apr 2018 11:58:03 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=qFAj5oPA; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1752348AbeDESzO (ORCPT + 99 others); Thu, 5 Apr 2018 14:55:14 -0400 Received: from mail-pl0-f52.google.com ([209.85.160.52]:34699 "EHLO mail-pl0-f52.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1752018AbeDESzM (ORCPT ); Thu, 5 Apr 2018 14:55:12 -0400 Received: by mail-pl0-f52.google.com with SMTP id z5-v6so2285615pln.1 for ; Thu, 05 Apr 2018 11:55:12 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=nTanNJYXc2VdhbF7sQ/u6IxqrG6KvcxgfHOrwboIl0s=; b=qFAj5oPAOdG46v+RLT/4pS5riBW4bzcA7i+KygCxmgZZAK0Gbegef+3ByYo0zUGcz8 s3v1mbuR9jHGHssWjwq3Rz63HI1x6GnP1N6JOXIvUU/ILyU2THyokHorXdXma6BeHee4 smrxjS+hmEATB5MiS0CpVkw9FUAgJ8QRItcNjQpENIkNRkLlNhz7USprY+b7voJAtko/ sp55YWdbRMIUJi127GQB+tXt9S04KPaIiQ3YMl2vby1iCbnGyRbzEc6VMHTUpsNeX/Wf GKwiqTzVh3t+e8wgY6gpAeQ4VhIGzaoP5chNSPESw5UNtlrRpDUkaPJY4HFDs1yzksbq b6QQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=nTanNJYXc2VdhbF7sQ/u6IxqrG6KvcxgfHOrwboIl0s=; b=by8qdbyN2JnAluqMyL3IDxAl7NPYF3FLwfyhMCB0jzhsB8BBnwnrffET4WDrVyDMRv Yad4Wme+dj1GDtPFN+jysS0YjxByGyxWbXVymwejTGHwHoMDw3xF3FQ44am2ID1+WMBv r2HXx8QxOkuQmPlveBQz1cBCI1aKiim5uYiYNGRGRxcr7FDiLy/h1FJ1tIJIuAAggVmd 1/oUk4Z/kHFX5kwjXtu6CA7DQaN3AQb3oZylYlTtV9MOgGeW+pImmOdB6OB42ykIpewu 2JykGMtc1ivV7I2NKKaz4xrlamgPxEGMZOjSIAH5f1SA0r3MP6WOJo981pWHNE+JUScI /wMQ== X-Gm-Message-State: ALQs6tAQokzxijUYoqCp2u+T0/X05Yi3TmLG3EX1MpuadozZpiz4p08+ HHNOpIJti9N1j5zxW1pJwrbl9Cuyv+vID9uNfJ5+IZWY6wM= X-Received: by 2002:a17:902:9892:: with SMTP id s18-v6mr7813425plp.95.1522954511347; Thu, 05 Apr 2018 11:55:11 -0700 (PDT) MIME-Version: 1.0 Received: by 10.100.182.136 with HTTP; Thu, 5 Apr 2018 11:54:50 -0700 (PDT) In-Reply-To: <20180403043854.GL1150@dastard> References: <20180403043854.GL1150@dastard> From: Dmitry Vyukov Date: Thu, 5 Apr 2018 20:54:50 +0200 Message-ID: Subject: Re: WARNING: bad unlock balance in xfs_iunlock To: Dave Chinner Cc: syzbot , darrick.wong@oracle.com, LKML , linux-xfs@vger.kernel.org, syzkaller-bugs@googlegroups.com Content-Type: text/plain; charset="UTF-8" Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Apr 3, 2018 at 6:38 AM, Dave Chinner wrote: > On Mon, Apr 02, 2018 at 07:01:02PM -0700, syzbot wrote: >> Hello, >> >> syzbot hit the following crash on upstream commit >> 86bbbebac1933e6e95e8234c4f7d220c5ddd38bc (Mon Apr 2 18:47:07 2018 +0000) >> Merge branch 'ras-core-for-linus' of >> git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip >> syzbot dashboard link: >> https://syzkaller.appspot.com/bug?extid=84a67953651a971809ba >> >> C reproducer: https://syzkaller.appspot.com/x/repro.c?id=5719304272084992 >> syzkaller reproducer: >> https://syzkaller.appspot.com/x/repro.syz?id=5767783983874048 > > What a mess. A hand built, hopelessly broken filesystem image made > up of hex dumps, written into a mmap()d region of memory, then > copied into a tmpfs file and mounted with the loop device. > > Engineers that can debug broken filesystems don't grow on trees. If > we are to have any hope of understanding what the hell this test is > doing, the bot needs to supply us with a copy of the built > filesystem image the test uses. We need to be able to point forensic > tools at the image to decode all the structures into human readable > format - if we are forced to do that by hand or jump through hoops > to create our own filesystem image than I'm certainly not going to > waste time looking at these reports... Hi Dave, Here is the image: https://drive.google.com/file/d/1jzhGGe5SBJcqfsjxCLHoh4Kazke1oTfC/view (took me about a minute to extract from test by replacing memfd_create with open and running the program). Then do the following to trigger the bug: losetup /dev/loop0 xfs.repro mkdir xfs mount -t xfs -o nouuid,prjquota,noikeep,quota /dev/loop0 xfs To answer your more general question: syzbot is not a system to test solely file systems, it finds bugs in hundreds of kernel subsystems. Generating image for file systems, media files for sound and FaceDancer programs that crash host when FaceDancer device is plugged into USB is not feasible. And in the end it's not even clear what kernel subsystem is at fault and even if it somehow figures out that it's a filesystem, it's unclear that it's exactly an image that provokes the bug. syzbot provides C reproducers which is a reasonable common ground for bug reports. At this point the bug needs human attention. Some bugs are trivial enough that a developer does not even need to look at the reproducer. Some bugs are so involved that only an expert in a particular subsystem can figure out what happens there.