Forget to run requested e2fsck after resize_inode, then resize fs, it
will trigger off null pointer.
Regression test for commit b55c3cd102a6 ext4: add reserved GDT blocks
check.
Signed-off-by: Sun Ke <[email protected]>
---
tests/ext4/057 | 44 ++++++++++++++++++++++++++++++++++++++++++++
tests/ext4/057.out | 2 ++
2 files changed, 46 insertions(+)
create mode 100755 tests/ext4/057
create mode 100644 tests/ext4/057.out
diff --git a/tests/ext4/057 b/tests/ext4/057
new file mode 100755
index 00000000..125f841a
--- /dev/null
+++ b/tests/ext4/057
@@ -0,0 +1,44 @@
+#! /bin/bash
+# SPDX-License-Identifier: GPL-2.0
+# Copyright (c) 2022 HUAWEI. All Rights Reserved.
+#
+# FS QA Test 057
+#
+# Forget to run requested e2fsck after resize_inode, then resize fs,
+# it will trigger off null pointer.
+#
+# Regression test for commit
+# b55c3cd102a6 ext4: add reserved GDT blocks check
+#
+. ./common/preamble
+_begin_fstest auto resize quick
+
+# real QA test starts here
+
+# Modify as appropriate.
+_supported_fs ext4
+_fixed_by_kernel_commit b55c3cd102a6 \
+ "ext4: add reserved GDT blocks check"
+
+_require_scratch
+_require_command "$TUNE2FS_PROG" tune2fs
+_require_command "$RESIZE2FS_PROG" resize2fs
+_require_scratch_size $((1024 * 1024)) #kB
+
+# set fs size 512M
+dev_size=$((512 * 1024 * 1024))
+_scratch_mkfs_sized $dev_size >$seqres.full 2>&1
+
+# forget to run requested e2fsck after resize_inode
+$TUNE2FS_PROG -O ^resize_inode $SCRATCH_DEV >$seqres.full 2>&1
+
+_scratch_mount
+
+# resize fs will trigger NULL pointer in ext4_flex_group_add
+$RESIZE2FS_PROG $SCRATCH_DEV 1G >$seqres.full 2>&1
+
+echo "Silence is golden"
+
+# success, all done
+status=0
+exit
diff --git a/tests/ext4/057.out b/tests/ext4/057.out
new file mode 100644
index 00000000..185023c7
--- /dev/null
+++ b/tests/ext4/057.out
@@ -0,0 +1,2 @@
+QA output created by 057
+Silence is golden
--
2.13.6
On Fri, Jul 08, 2022 at 07:21:54PM +0800, Sun Ke wrote:
> Forget to run requested e2fsck after resize_inode, then resize fs, it
> will trigger off null pointer.
>
> Regression test for commit b55c3cd102a6 ext4: add reserved GDT blocks
> check.
>
> Signed-off-by: Sun Ke <[email protected]>
> ---
> tests/ext4/057 | 44 ++++++++++++++++++++++++++++++++++++++++++++
> tests/ext4/057.out | 2 ++
> 2 files changed, 46 insertions(+)
> create mode 100755 tests/ext4/057
> create mode 100644 tests/ext4/057.out
>
> diff --git a/tests/ext4/057 b/tests/ext4/057
> new file mode 100755
> index 00000000..125f841a
> --- /dev/null
> +++ b/tests/ext4/057
> @@ -0,0 +1,44 @@
> +#! /bin/bash
> +# SPDX-License-Identifier: GPL-2.0
> +# Copyright (c) 2022 HUAWEI. All Rights Reserved.
> +#
> +# FS QA Test 057
> +#
> +# Forget to run requested e2fsck after resize_inode, then resize fs,
> +# it will trigger off null pointer.
> +#
> +# Regression test for commit
> +# b55c3cd102a6 ext4: add reserved GDT blocks check
> +#
> +. ./common/preamble
> +_begin_fstest auto resize quick
> +
> +# real QA test starts here
> +
> +# Modify as appropriate.
> +_supported_fs ext4
> +_fixed_by_kernel_commit b55c3cd102a6 \
> + "ext4: add reserved GDT blocks check"
> +
> +_require_scratch
> +_require_command "$TUNE2FS_PROG" tune2fs
> +_require_command "$RESIZE2FS_PROG" resize2fs
> +_require_scratch_size $((1024 * 1024)) #kB
> +
> +# set fs size 512M
> +dev_size=$((512 * 1024 * 1024))
> +_scratch_mkfs_sized $dev_size >$seqres.full 2>&1
> +
> +# forget to run requested e2fsck after resize_inode
> +$TUNE2FS_PROG -O ^resize_inode $SCRATCH_DEV >$seqres.full 2>&1
Please use appending write ">>$seqres.full", to avoid seqres.full be
overwritten.
I think we don't need to filter out the error output, we don't expect
there's an error, so if it fails, how about output errors to break
golden image (remind the testers).
> +
> +_scratch_mount
> +
> +# resize fs will trigger NULL pointer in ext4_flex_group_add
> +$RESIZE2FS_PROG $SCRATCH_DEV 1G >$seqres.full 2>&1
Appending write too...
I'm not sure what's the necessary condition to reproduce the bug. Do you
need to resize fs will trigger the bug, but after:
# tune2fs -O ^resize_inode /dev/sda3
Then resize2fs always get:
# resize2fs /dev/sda3 3g
resize2fs 1.45.6 (20-Mar-2020)
Please run 'e2fsck -f /dev/sda3' first.
Looks like the resizing isn't run actually, is it what you really want?
I've tried to review this patch from fstests side, better to get some
review points from ext4 devel, to help to make sure that.
Thanks,
Zorro
> +
> +echo "Silence is golden"
> +
> +# success, all done
> +status=0
> +exit
> diff --git a/tests/ext4/057.out b/tests/ext4/057.out
> new file mode 100644
> index 00000000..185023c7
> --- /dev/null
> +++ b/tests/ext4/057.out
> @@ -0,0 +1,2 @@
> +QA output created by 057
> +Silence is golden
> --
> 2.13.6
>
?? 2022/7/9 0:16, Zorro Lang ะด??:
> On Fri, Jul 08, 2022 at 07:21:54PM +0800, Sun Ke wrote:
>> Forget to run requested e2fsck after resize_inode, then resize fs, it
>> will trigger off null pointer.
>>
>> Regression test for commit b55c3cd102a6 ext4: add reserved GDT blocks
>> check.
>>
>> Signed-off-by: Sun Ke <[email protected]>
>> ---
>> tests/ext4/057 | 44 ++++++++++++++++++++++++++++++++++++++++++++
>> tests/ext4/057.out | 2 ++
>> 2 files changed, 46 insertions(+)
>> create mode 100755 tests/ext4/057
>> create mode 100644 tests/ext4/057.out
>>
>> diff --git a/tests/ext4/057 b/tests/ext4/057
>> new file mode 100755
>> index 00000000..125f841a
>> --- /dev/null
>> +++ b/tests/ext4/057
>> @@ -0,0 +1,44 @@
>> +#! /bin/bash
>> +# SPDX-License-Identifier: GPL-2.0
>> +# Copyright (c) 2022 HUAWEI. All Rights Reserved.
>> +#
>> +# FS QA Test 057
>> +#
>> +# Forget to run requested e2fsck after resize_inode, then resize fs,
>> +# it will trigger off null pointer.
>> +#
>> +# Regression test for commit
>> +# b55c3cd102a6 ext4: add reserved GDT blocks check
>> +#
>> +. ./common/preamble
>> +_begin_fstest auto resize quick
>> +
>> +# real QA test starts here
>> +
>> +# Modify as appropriate.
>> +_supported_fs ext4
>> +_fixed_by_kernel_commit b55c3cd102a6 \
>> + "ext4: add reserved GDT blocks check"
>> +
>> +_require_scratch
>> +_require_command "$TUNE2FS_PROG" tune2fs
>> +_require_command "$RESIZE2FS_PROG" resize2fs
>> +_require_scratch_size $((1024 * 1024)) #kB
>> +
>> +# set fs size 512M
>> +dev_size=$((512 * 1024 * 1024))
>> +_scratch_mkfs_sized $dev_size >$seqres.full 2>&1
>> +
>> +# forget to run requested e2fsck after resize_inode
>> +$TUNE2FS_PROG -O ^resize_inode $SCRATCH_DEV >$seqres.full 2>&1
>
> Please use appending write ">>$seqres.full", to avoid seqres.full be
> overwritten.
>
> I think we don't need to filter out the error output, we don't expect
> there's an error, so if it fails, how about output errors to break
> golden image (remind the testers).
>
>> +
>> +_scratch_mount
>> +
>> +# resize fs will trigger NULL pointer in ext4_flex_group_add
>> +$RESIZE2FS_PROG $SCRATCH_DEV 1G >$seqres.full 2>&1
>
> Appending write too...
>
> I'm not sure what's the necessary condition to reproduce the bug. Do you
> need to resize fs will trigger the bug, but after:
>
> # tune2fs -O ^resize_inode /dev/sda3
>
> Then resize2fs always get:
>
> # resize2fs /dev/sda3 3g
> resize2fs 1.45.6 (20-Mar-2020)
> Please run 'e2fsck -f /dev/sda3' first.
>
> Looks like the resizing isn't run actually, is it what you really want?
> I've tried to review this patch from fstests side, better to get some
> review points from ext4 devel, to help to make sure that.
>
> Thanks,
> Zorro
If comment out the resizefs line, the test will pass.
But if not, it will panic, also takes about 1 second.
So I think resizefs is necessary.
[ 113.378201] run fstests ext4/057 at 2022-07-11 11:39:19
[^[[0;32m OK ^[[0m] Started /usr/bin/bash -c test -w /p??_score_adj;
exec ./tests/ext4/057.^M
[ 113.747013] EXT4-fs (sdb): warning: mounting unchecked fs, running
e2fsck is recommended
[ 113.779534] BUG: kernel NULL pointer dereference, address:
0000000000000028
[ 113.781657] #PF: supervisor read access in kernel mode
[ 113.783250] #PF: error_code(0x0000) - not-present page
[ 113.784747] PGD 10d22b067 P4D 10d22b067 PUD 10c2e8067 PMD 0
[ 113.786360] Oops: 0000 [#1] PREEMPT SMP
[ 113.787514] CPU: 2 PID: 3359 Comm: resize2fs Not tainted
5.18.0-rc3-00087-g98d40e76652e #3
[ 113.789980] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996),
BIOS 1.10.2-1ubuntu1 04/01/2014
[ 113.792566] RIP: 0010:ext4_flex_group_add+0xe06/0x2530
[ 113.794106] Code: 83 05 e5 2d 25 0c 01 48 85 c0 0f 84 16 fd ff ff 48
8b 44 24 28 be 40 0c 00 00 48 83 05 d2 2d 25 0c 01 48 83 05 6a 2b 25 0c
01 <48> 8b 68 28 48 83 05 0e 20 25 0c 01 48 8b 95 78 03 00 00 48 8b 42
[ 113.799408] RSP: 0018:ffffc900047a7c48 EFLAGS: 00010202
[ 113.800857] RAX: 0000000000000000 RBX: ffff88810633e3a8 RCX:
0000000055555557
[ 113.802753] RDX: ffff88810b144400 RSI: 0000000000000c40 RDI:
00000000aaaaaaab
[ 113.804627] RBP: 000000000000003f R08: 0000000000000001 R09:
0000000000000001
[ 113.806518] R10: 0000000000000000 R11: 00000000fffd2755 R12:
0000000000000005
[ 113.808071] R13: ffff88810d279800 R14: 0000000000000000 R15:
0000000000000005
[ 113.809540] FS: 00007f6aca9d2bc0(0000) GS:ffff88813bd00000(0000)
knlGS:0000000000000000
[ 113.811216] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 113.812404] CR2: 0000000000000028 CR3: 0000000106afc000 CR4:
00000000000006e0
[ 113.814078] DR0: 0000000000000000 DR1: 0000000000000000 DR2:
0000000000000000
[ 113.815707] DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7:
0000000000000400
[ 113.817212] Call Trace:
[ 113.817744] <TASK>
[ 113.818221] ? __kmalloc+0x21e/0x5c0[ 113.818955]
ext4_resize_fs+0xbe4/0x1640
[ 113.819778] __ext4_ioctl+0x1e75/0x26a0
[ 113.820597] ? putname+0x75/0xa0
[ 113.821284] ? kmem_cache_free+0x1a7/0x690
[ 113.822139] ? putname+0x75/0xa0
[ 113.822801] ? do_sys_openat2+0x2a8/0x4f0
[ 113.823644] ext4_ioctl+0x12/0x20
[ 113.824352] __x64_sys_ioctl+0xa3/0x110
[ 113.825171] do_syscall_64+0x35/0x80
[ 113.825919] entry_SYSCALL_64_after_hwframe+0x44/0xae
[ 113.826969] RIP: 0033:0x7f6ac9b06577
I will continue to improve based on your suggestions on v3.
Thanks,
Sun Ke
>
>> +
>> +echo "Silence is golden"
>> +
>> +# success, all done
>> +status=0
>> +exit
>> diff --git a/tests/ext4/057.out b/tests/ext4/057.out
>> new file mode 100644
>> index 00000000..185023c7
>> --- /dev/null
>> +++ b/tests/ext4/057.out
>> @@ -0,0 +1,2 @@
>> +QA output created by 057
>> +Silence is golden
>> --
>> 2.13.6
>>
> .
>