Received: by 2002:ac0:a594:0:0:0:0:0 with SMTP id m20-v6csp150490imm;
        Tue, 22 May 2018 15:52:42 -0700 (PDT)
X-Google-Smtp-Source: AB8JxZo6f1VEsoiReYWx6rrIGA4Kd+kt5dcACv3To71U7kxOKKDiENfaGwayP47552MnpPttcRYR
X-Received: by 2002:a17:902:26a:: with SMTP id 97-v6mr357529plc.367.1527029562565;
        Tue, 22 May 2018 15:52:42 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1527029562; cv=none;
        d=google.com; s=arc-20160816;
        b=V6k8tooO7UQGB/RVvXZaNAdTpNyYpdlNhWJPIfYOmC+WBfT3ck5QM3DYyIiARCPfNY
         GQWrIBLJ8bTtOCGBGQzRqPQdgcQkoOtXznG7FuKZsl/R8JHwZRxsYThN2VouDwuQM2lM
         bN0BcoCH0MKCeHQHYAsaj9V2KDE+svWZoBfaGgGfk5iROncLNAUvrtrOeUDCEuEYlrUt
         WJfc3/XpfRcf1V2djSHuT/WaEtjbXVY/PIhIjFjM3X++thLBskVQmiH/WGKqoEdVQa8T
         S+u8zfFQGfjPxfwI8Jp3bc+JXKits7Xvj5s+hgL041Bnprs93tdZ1wczds27nobzols0
         VThQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-disposition:mime-version:references:message-id:subject:cc
         :to:from:date:dkim-signature:arc-authentication-results;
        bh=dQ08FVSiDHIUonwYehJmoE8EO8LSC2mrou/6+9ZLrZ8=;
        b=vGCykW+GKO769QftYOtllg0AUWaCozYltd4roA9qUpFPBYMtXJEIv3CcbyV6RHs624
         kfQ2oy2c8DdqP/g1yOtiYiaWhu1S0awzJ++pPBPnetV/EdFUCesh2VGwVIa2CgBp7/p0
         UkdJzzZCJuSBUNmg2mw6hL1vZAmCe2evhl4idZKDWXaco7xMcqv1U3O8HUlzRJXrlAuR
         WbJHqXqqGOQMR/VEK2C/0BdxdYZz2EQF+ahgkJpOKa2CZOjQBMeMZdoBFYOnyKiUxyXU
         SpjoxVss6KuM9h1yn1FiOJW8Ru3Myyhs1VRAoumOv8XUzXMOzdctgZf5tmmcOxgZefI2
         uwig==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=t4e++so5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id j7-v6si17223290pfj.267.2018.05.22.15.52.28;
        Tue, 22 May 2018 15:52:42 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@gmail.com header.s=20161025 header.b=t4e++so5;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1753484AbeEVWwO (ORCPT <rfc822;huangweiredhat@gmail.com>
        + 99 others); Tue, 22 May 2018 18:52:14 -0400
Received: from mail-pf0-f193.google.com ([209.85.192.193]:42754 "EHLO
        mail-pf0-f193.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S1753036AbeEVWwL (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Tue, 22 May 2018 18:52:11 -0400
Received: by mail-pf0-f193.google.com with SMTP id p14-v6so9467912pfh.9;
        Tue, 22 May 2018 15:52:11 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=date:from:to:cc:subject:message-id:references:mime-version
         :content-disposition:in-reply-to:user-agent;
        bh=dQ08FVSiDHIUonwYehJmoE8EO8LSC2mrou/6+9ZLrZ8=;
        b=t4e++so52RHIZ0nLiKKY604VsiEJXYa2ZoSvw2DUTmGS6M9mcP2yCPQtuIN1e5gPAU
         xxev8eVYL9jk4Yh5yuN1pvZAd8pLx942BRf/eWKpCXXPNdhb9JJerXtZRny5VPvUd0Xr
         0vWhKkgEVcOPnuflorX5LKW4R9u/ozRelSKeoPIqzqdAujMYAUg47weJrI8M5Jfwy7s6
         iULvCQZR/9yODq418dOPHcwiJyhhEwU/oVp8AeWSX3bqU6aGmy4ZLVtEyaol3MJszP2B
         sCLMNQs72qlxuOm+tu6nyjOKIQ6s+A88Rf37YrO9n+GZMKfPpt7li9/f+NC4RkwggJ7S
         3NWQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:date:from:to:cc:subject:message-id:references
         :mime-version:content-disposition:in-reply-to:user-agent;
        bh=dQ08FVSiDHIUonwYehJmoE8EO8LSC2mrou/6+9ZLrZ8=;
        b=j2K3zhHm8tZE2sf9gsxCwH5jlFcgBtEPs8be7/pnsOlUnW29pElBjNJRyquySg6aUM
         WTzUZnxsEDIZwkjeIj1koWUe+6oyHyltz6FnX+IjJdisi49Ug8MmRFKhrqeBo41UxZar
         IpP53CGfeVnnAPgGpTIZYiQB1fqLTCTWQoJJ3VK26lewY5o6Y/HZstD6sjqviYBzHeQb
         nC0JFZ8o6D3amx2tfr9GGMI2AF2lt7PkF1LMWw/+PGVtLEYlkEu3lLZyp01uNzw0AqcO
         OkpRp1sRque+n3aIfkG3ByQ1FaX4oZpCgh2rMAGGeV+uuuNuAyFXJy+5j2EiURCT2Ofz
         w62w==
X-Gm-Message-State: ALKqPweabuBqW/sJJZzRMpvF6CRjx88CRxt/4INATGRnvHReSqEGSgZz
        KwvSOhoBzjOJiqiPb+vKFimdt5XY
X-Received: by 2002:a62:105:: with SMTP id 5-v6mr355178pfb.1.1527029530616;
        Tue, 22 May 2018 15:52:10 -0700 (PDT)
Received: from sol.localdomain (c-67-185-97-198.hsd1.wa.comcast.net. [67.185.97.198])
        by smtp.gmail.com with ESMTPSA id a23-v6sm26661594pfi.176.2018.05.22.15.52.09
        (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256);
        Tue, 22 May 2018 15:52:09 -0700 (PDT)
Date:   Tue, 22 May 2018 15:52:08 -0700
From:   Eric Biggers <ebiggers3@gmail.com>
To:     Dave Chinner <david@fromorbit.com>
Cc:     Brian Foster <bfoster@redhat.com>,
        syzbot <syzbot+568245b88fbaedcb1959@syzkaller.appspotmail.com>,
        darrick.wong@oracle.com, linux-kernel@vger.kernel.org,
        linux-xfs@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: INFO: task hung in xlog_grant_head_check
Message-ID: <20180522225208.GB658@sol.localdomain>
References: <000000000000457b2d056cbb0044@google.com>
 <20180522123107.GC3751@bfoster.bfoster>
 <20180522222620.GW23861@dastard>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20180522222620.GW23861@dastard>
User-Agent: Mutt/1.9.5 (2018-04-13)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

On Wed, May 23, 2018 at 08:26:20AM +1000, Dave Chinner wrote:
> On Tue, May 22, 2018 at 08:31:08AM -0400, Brian Foster wrote:
> > On Mon, May 21, 2018 at 10:55:02AM -0700, syzbot wrote:
> > > Hello,
> > > 
> > > syzbot found the following crash on:
> > > 
> > > HEAD commit:    203ec2fed17a Merge tag 'armsoc-fixes' of git://git.kernel...
> > > git tree:       upstream
> > > console output: https://syzkaller.appspot.com/x/log.txt?x=11c1ad77800000
> > > kernel config:  https://syzkaller.appspot.com/x/.config?x=f3b4e30da84ec1ed
> > > dashboard link: https://syzkaller.appspot.com/bug?extid=568245b88fbaedcb1959
> > > compiler:       gcc (GCC) 8.0.1 20180413 (experimental)
> > > syzkaller repro:https://syzkaller.appspot.com/x/repro.syz?x=122c7427800000
> > > C reproducer:   https://syzkaller.appspot.com/x/repro.c?x=10387057800000
> > > 
> > > IMPORTANT: if you fix the bug, please add the following tag to the commit:
> > > Reported-by: syzbot+568245b88fbaedcb1959@syzkaller.appspotmail.com
> > > 
> > >         (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > > ................
> > >         (ptrval): 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
> > > ................
> > > XFS (loop0): metadata I/O error in "xfs_trans_read_buf_map" at daddr 0x2 len
> > > 1 error 117
> > > XFS (loop0): xfs_imap_lookup: xfs_ialloc_read_agi() returned error -117,
> > > agno 0
> > > XFS (loop0): failed to read root inode
> > 
> > FWIW, the initial console output is actually:
> > 
> > [  448.028253] XFS (loop0): Mounting V4 Filesystem
> > [  448.033540] XFS (loop0): Log size 9371840 blocks too large, maximum size is 1048576 blocks
> > [  448.042287] XFS (loop0): Log size out of supported range.
> > [  448.047841] XFS (loop0): Continuing onwards, but if log hangs are experienced then please report this message in the bug report.
> > [  448.060712] XFS (loop0): totally zeroed log
> > 
> > ... which warns about an oversized log and resulting log hangs. Not
> > having dug into the details of why this occurs so quickly in this mount
> > failure path,
> 
> I suspect that it is a head and/or log tail pointer overflow, so when it
> tries to do the first trans reserve of the mount - to write the
> unmount record - it says "no log space available, please wait".
> 
> > it does look like we'd never have got past this point on a
> > v5 fs (i.e., the above warning would become an error and we'd not enter
> > the xfs_log_mount_cancel() path).
> 
> And this comes back to my repeated comments about fuzzers needing
> to fuzz properly made V5 filesystems as we catch and error out on
> things like this. Fuzzing random collections of v4 filesystem
> fragments will continue to trip over problems we've avoided with v5
> filesystems, and this is further evidence to point to that.
>
> 
> I'd suggest that at this point, syzbot XFS reports should be
> redirected to /dev/null. It's not worth our time to triage
> unreviewed bot generated bug reports until the syzbot developers
> start listening and acting on what we have been telling them
> about fuzzing filesystems and reproducing bugs that are meaningful
> and useful to us.

The whole point of fuzzing is to provide improper inputs.  A kernel bug is a
kernel bug, even if it's in deprecated/unmaintained code, or involves userspace
doing something unexpected.  If you have known buggy code in XFS that you refuse
to fix, then please provide a kernel config option so that users can disable the
unmaintained XFS formats/features, leaving the maintained ones.  As-is, you seem
to be forcing everyone who enables CONFIG_XFS_FS to build known
buggy/unmaintained code into their kernel.

- Eric