LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
From: "Theodore Y. Ts'o" <tytso@mit.edu>
To: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Cc: syzbot <syzbot+a9a45987b8b2daabdc88@syzkaller.appspotmail.com>,
	syzkaller-bugs@googlegroups.com, syzkaller@googlegroups.com,
	adilger.kernel@dilger.ca, linux-ext4@vger.kernel.org,
	linux-kernel@vger.kernel.org
Subject: Re: kernel panic: EXT4-fs (device loop0): panic forced after error
Date: Sun, 6 May 2018 09:31:54 -0400	[thread overview]
Message-ID: <20180506133154.GS29205@thunk.org> (raw)
In-Reply-To: <d295f575-ba4b-b0ba-a856-405f9d393c9d@I-love.SAKURA.ne.jp>

On Sun, May 06, 2018 at 02:03:57PM +0900, Tetsuo Handa wrote:
> 
> Since syzbot is hitting this error path inside mount() request, calling
> panic() when something went wrong inside mount() request might be
> overkill. We can recover without shutting down the system, can't we?

We could add a full kernel-mode fsck which gets run before mount ---
the question is how much complexity we want to add.  If SELinux is
enabled, then we have to check xattr consinsistency, etc., etc.

> > I could mark this as a one-off invalid bug, but if syzkaller is going
> > to be generating classes of corrupted file systems like this, and are
> > going to be complaing about how this causes the kernel to crash, then
> > we have a fundamental syzkaller BUG.
> > 
> If we won't try to recover this case, this specific report would be
> marked as "#syz invalid".

I can do that for this specific case.  Howevre, I'd rather not have to
mark a large number of reports as invalid, if syz is going to produce
a large number of such things.  Which is why I'm raising the questihon
--- is there any way we can make syz smart enough to not raise false
positvies in this case?

In the future I can see the repro attempting to actually do stuff with
the mounted file system, which is why I want to put my foot down now
before the only answer really is adding a kernel-mode fsck before the
file system is allowed to be mounted.

Root is always going to be able to crash the system.  For example,
suppose syzkaller creates a repros which opens /dev/mem and starts
scribbling all over it.  Would we be happy if it started creating
large number of reports for that class of "bug"?

						- Ted

  parent reply	other threads:[~2018-05-06 13:32 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-05-06  0:57 syzbot
2018-05-06  2:24 ` Theodore Y. Ts'o
2018-05-06  5:03   ` Tetsuo Handa
2018-05-06  9:15     ` Dmitry Vyukov
2018-05-06 13:50       ` Theodore Y. Ts'o
2018-05-06 13:31     ` Theodore Y. Ts'o [this message]
2018-05-06 14:40       ` Tetsuo Handa
2018-05-06 20:30         ` Theodore Y. Ts'o
2018-05-14  9:12           ` Dmitry Vyukov
2018-06-12 14:01             ` Dmitry Vyukov

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180506133154.GS29205@thunk.org \
    --to=tytso@mit.edu \
    --cc=adilger.kernel@dilger.ca \
    --cc=linux-ext4@vger.kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=penguin-kernel@I-love.SAKURA.ne.jp \
    --cc=syzbot+a9a45987b8b2daabdc88@syzkaller.appspotmail.com \
    --cc=syzkaller-bugs@googlegroups.com \
    --cc=syzkaller@googlegroups.com \
    --subject='Re: kernel panic: EXT4-fs (device loop0): panic forced after error' \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).