195809 – mount.ntfs-3g tainted, fs changes in kernel 4.12 break mount of ntfs-3g, possible data corruption

Bug 195809 - mount.ntfs-3g tainted, fs changes in kernel 4.12 break mount of ntfs-3g, possible data corruption

Summary: mount.ntfs-3g tainted, fs changes in kernel 4.12 break mount of ntfs-3g, poss...

Status:	RESOLVED CODE_FIX

Alias:	None

Product:	File System
Classification:	Unclassified
Component:	Other (show other bugs)
Hardware:	Intel Linux

Importance:	P1 blocking
Assignee:	fs_other

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-05-18 11:36 UTC by Nicholas Stommel
Modified:	2017-05-24 00:34 UTC (History)
CC List:	1 user (show)

See Also:
Kernel Version:	4.12-rc1
Subsystem:
Regression:	Yes
Bisected commit-id:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Nicholas Stommel 2017-05-18 11:36:34 UTC

Literally every single time I try to mount an ntfs partition on Ubuntu 16.04.2 LTS running the rc preview of 4.12, I receive this trace message in my syslog telling me that something is wrong. This is a problem, I need to be able to mount ntfs-3g partitions on my machine without data corruption. Any insight or fix would be appreciated.


ay 18 07:01:49 delphi kernel: [  599.500863] ------------[ cut here ]------------
May 18 07:01:49 delphi kernel: [  599.500870] WARNING: CPU: 2 PID: 3164 at /home/kernel/COD/linux/fs/super.c:1281 super_setup_bdi_name+0xcf/0xe0
May 18 07:01:49 delphi kernel: [  599.500870] Modules linked in: ccm rfcomm bnep nls_iso8859_1 dm_crypt snd_soc_sst_broadwell cmdlinepart intel_spi_platform intel_spi spi_nor mtd snd_soc_sst_haswell_pcm snd_soc_sst_firmware snd_soc_sst_ipc snd_soc_sst_dsp arc4 snd_soc_rt298 hp_wmi intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel kvm irqbypass iwlmvm crct10dif_pclmul crc32_pclmul mac80211 ghash_clmulni_intel pcbc iwlwifi snd_soc_ssm4567 aesni_intel snd_soc_rt286 snd_soc_rl6347a snd_hda_codec_hdmi aes_x86_64 snd_soc_core crypto_simd glue_helper snd_hda_intel cryptd cfg80211 intel_cstate snd_compress snd_hda_codec snd_hda_core rtsx_pci_ms intel_rapl_perf snd_hwdep memstick snd_pcm_dmaengine ac97_bus elan_i2c snd_pcm snd_seq_midi serio_raw snd_seq_midi_event lpc_ich hid_sensor_rotation hid_sensor_incl_3d hid_sensor_gyro_3d
May 18 07:01:49 delphi kernel: [  599.500912]  hid_sensor_accel_3d hid_sensor_magn_3d snd_rawmidi hid_sensor_trigger btusb industrialio_triggered_buffer btrtl uvcvideo hid_sensor_iio_common btbcm snd_seq joydev btintel videobuf2_vmalloc input_leds bluetooth videobuf2_memops videobuf2_v4l2 videobuf2_core hid_multitouch snd_seq_device videodev snd_timer ecdh_generic media snd mei_me mei soundcore shpchp hp_accel lis3lv02d snd_soc_sst_acpi spi_pxa2xx_platform input_polldev snd_soc_sst_match dw_dmac dw_dmac_core i2c_designware_platform i2c_designware_core 8250_dw intel_vbtn hp_wireless acpi_pad mac_hid sparse_keymap acpi_als kfifo_buf industrialio parport_pc ppdev lp parport autofs4 hid_logitech_hidpp hid_sensor_custom hid_sensor_hub hid_logitech_dj usbhid i915 rtsx_pci_sdmmc i2c_algo_bit drm_kms_helper psmouse syscopyarea sysfillrect
May 18 07:01:49 delphi kernel: [  599.500954]  ahci sysimgblt fb_sys_fops rtsx_pci libahci drm wmi sdhci_acpi video sdhci i2c_hid hid
May 18 07:01:49 delphi kernel: [  599.500965] CPU: 2 PID: 3164 Comm: mount.ntfs-3g Tainted: G        W       4.12.0-041200rc1-generic #201705131731
May 18 07:01:49 delphi ntfs-3g[3166]: Version 2015.3.14AR.1 integrated FUSE 28
May 18 07:01:49 delphi kernel: [  599.500966] Hardware name: HP HP Spectre x360 Convertible  /802D, BIOS F.45 04/21/2017
May 18 07:01:49 delphi kernel: [  599.500968] task: ffff919b01074380 task.stack: ffffb950039c8000
May 18 07:01:49 delphi kernel: [  599.500971] RIP: 0010:super_setup_bdi_name+0xcf/0xe0
May 18 07:01:49 delphi kernel: [  599.500972] RSP: 0018:ffffb950039cbc50 EFLAGS: 00010283
May 18 07:01:49 delphi kernel: [  599.500974] RAX: 0000000000000000 RBX: ffff919b005be800 RCX: 0000000000000002
May 18 07:01:49 delphi kernel: [  599.500975] RDX: 0000000000000001 RSI: 00000000fffffe01 RDI: ffffffff82fd81bb
May 18 07:01:49 delphi ntfs-3g[3166]: Mounted /dev/sda6 (Read-Write, label "Music", NTFS 3.1)
May 18 07:01:49 delphi kernel: [  599.500976] RBP: ffffb950039cbcd0 R08: ffff919a2e3ea038 R09: 0000000000000000
May 18 07:01:49 delphi kernel: [  599.500977] R10: ffffe4cc48edb600 R11: 0000000000000000 R12: ffff919ac0f0d000
May 18 07:01:49 delphi kernel: [  599.500978] R13: ffffffff83ad914c R14: ffffb950039cbce0 R15: ffff919afc983500
May 18 07:01:49 delphi kernel: [  599.500979] FS:  00007fe171045700(0000) GS:ffff919b0ed00000(0000) knlGS:0000000000000000
May 18 07:01:49 delphi ntfs-3g[3166]: Cmdline options: rw,noexec,nosuid,nodev,permissions,users
May 18 07:01:49 delphi kernel: [  599.500981] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
May 18 07:01:49 delphi kernel: [  599.500982] CR2: 00007fe171066000 CR3: 00000002003f5000 CR4: 00000000003406e0
May 18 07:01:49 delphi kernel: [  599.500983] Call Trace:
May 18 07:01:49 delphi kernel: [  599.500988]  ? kmem_cache_alloc_trace+0x181/0x190
May 18 07:01:49 delphi ntfs-3g[3166]: Mount options: rw,noexec,nosuid,nodev,users,allow_other,nonempty,default_permissions,relatime,fsname=/dev/sda6,blkdev,blksize=4096
May 18 07:01:49 delphi kernel: [  599.500991]  fuse_fill_super+0x3b3/0x6a0
May 18 07:01:49 delphi kernel: [  599.500993]  ? vsnprintf+0x24b/0x4d0
May 18 07:01:49 delphi kernel: [  599.500994]  ? snprintf+0x45/0x70
May 18 07:01:49 delphi kernel: [  599.500997]  mount_bdev+0x178/0x1b0
May 18 07:01:49 delphi ntfs-3g[3166]: User mapping built, Posix ACLs not used, configuration type 7
May 18 07:01:49 delphi kernel: [  599.500998]  ? mount_bdev+0x178/0x1b0
May 18 07:01:49 delphi kernel: [  599.501000]  ? fuse_get_root_inode+0x70/0x70
May 18 07:01:49 delphi kernel: [  599.501002]  fuse_mount_blk+0x15/0x20
May 18 07:01:49 delphi kernel: [  599.501003]  mount_fs+0x38/0x140
May 18 07:01:49 delphi udisksd[1739]: Mounted /dev/sda6 (system) at /media/noctua/Music on behalf of uid 1000
May 18 07:01:49 delphi kernel: [  599.501007]  vfs_kern_mount+0x67/0x110
May 18 07:01:49 delphi kernel: [  599.501008]  do_mount+0x1e1/0xca0
May 18 07:01:49 delphi kernel: [  599.501011]  ? __check_object_size+0xb3/0x190
May 18 07:01:49 delphi kernel: [  599.501013]  ? _copy_from_user+0x21/0x70
May 18 07:01:49 delphi kernel: [  599.501015]  ? kmem_cache_alloc_trace+0x142/0x190
May 18 07:01:49 delphi kernel: [  599.501017]  SyS_mount+0x83/0xd0
May 18 07:01:49 delphi kernel: [  599.501020]  entry_SYSCALL_64_fastpath+0x1e/0xa9
May 18 07:01:49 delphi kernel: [  599.501022] RIP: 0033:0x7fe170715faa
May 18 07:01:49 delphi kernel: [  599.501023] RSP: 002b:00007ffc9159e958 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
May 18 07:01:49 delphi kernel: [  599.501024] RAX: ffffffffffffffda RBX: 000055a51e1e9430 RCX: 00007fe170715faa
May 18 07:01:49 delphi kernel: [  599.501025] RDX: 000055a51e1ea5a0 RSI: 000055a51e1e9430 RDI: 000055a51e1e9760
May 18 07:01:49 delphi kernel: [  599.501026] RBP: 0000000000000000 R08: 000055a51e1e9620 R09: 0000000000000028
May 18 07:01:49 delphi kernel: [  599.501027] R10: 000000000000000e R11: 0000000000000246 R12: 0000000000000000
May 18 07:01:49 delphi kernel: [  599.501028] R13: 0000000000000400 R14: 00007ffc9159eb30 R15: 000055a51e1e8de0
May 18 07:01:49 delphi kernel: [  599.501029] Code: a0 65 48 33 0c 25 28 00 00 00 75 2a 48 83 c4 58 5b 41 5a 41 5c 41 5d 41 5e 5d c3 48 89 df 89 45 84 e8 f6 10 f9 ff 8b 45 84 eb d2 <0f> ff eb c6 b8 f4 ff ff ff eb c7 e8 01 d5 e3 ff 90 0f 1f 44 00 
May 18 07:01:49 delphi kernel: [  599.501064] ---[ end trace 011e96c4b1d735b9 ]---

Comment 1 Nicholas Stommel 2017-05-18 11:50:57 UTC

See https://bugs.freedesktop.org/show_bug.cgi?id=101087
I wasn't quite sure where to report this one, but this seems fairly important as the warning and message is displayed literally every time an ntfs partition is mounted (through fstab or through the file manager or command line).

Comment 2 Nicholas Stommel 2017-05-18 11:59:39 UTC

Oh, crap it looks like this regression happened in the 4.11 tree before, see http://www.mail-archive.com/linux-kernel@vger.kernel.org/msg1389002.html

Comment 3 Nicholas Stommel 2017-05-18 12:33:27 UTC

Oddly enough though, I can't reproduce the kernel warning/error in 4.11 or 4.11.1. It appears to have been introduced in the 4.12 merge window.

Comment 4 Nicholas Stommel 2017-05-19 05:21:26 UTC

Here's the same call trace & warning when mounting an ntfs-formatted usb key:
[  196.352840] sd 4:0:0:0: [sdb] Attached SCSI removable disk
[  196.623416] ------------[ cut here ]------------
[  196.623426] WARNING: CPU: 0 PID: 2754 at /home/kernel/COD/linux/fs/super.c:1281 super_setup_bdi_name+0xcf/0xe0
[  196.623427] Modules linked in: uas usb_storage ccm rfcomm bnep nls_iso8859_1 dm_crypt snd_soc_sst_broadwell cmdlinepart intel_spi_platform intel_spi spi_nor mtd snd_soc_sst_haswell_pcm snd_soc_sst_firmware snd_soc_sst_ipc snd_soc_sst_dsp arc4 hp_wmi intel_rapl x86_pkg_temp_thermal intel_powerclamp coretemp kvm_intel snd_soc_rt298 kvm irqbypass crct10dif_pclmul crc32_pclmul ghash_clmulni_intel iwlmvm pcbc snd_hda_codec_hdmi mac80211 aesni_intel snd_hda_intel snd_soc_ssm4567 aes_x86_64 crypto_simd iwlwifi glue_helper cryptd snd_hda_codec snd_soc_rt286 snd_soc_rl6347a intel_cstate intel_rapl_perf snd_soc_core serio_raw snd_hda_core snd_compress snd_pcm_dmaengine snd_hwdep ac97_bus hid_sensor_magn_3d cfg80211 rtsx_pci_ms hid_sensor_incl_3d hid_sensor_gyro_3d hid_sensor_accel_3d hid_sensor_rotation memstick
[  196.623493]  hid_sensor_trigger industrialio_triggered_buffer hid_sensor_iio_common snd_pcm elan_i2c snd_seq_midi uvcvideo snd_seq_midi_event btusb snd_rawmidi videobuf2_vmalloc btrtl videobuf2_memops btbcm videobuf2_v4l2 btintel videobuf2_core bluetooth videodev joydev hid_multitouch input_leds ecdh_generic snd_seq media snd_seq_device snd_timer snd soundcore lpc_ich mei_me mei shpchp snd_soc_sst_acpi hp_accel snd_soc_sst_match lis3lv02d intel_vbtn dw_dmac spi_pxa2xx_platform 8250_dw i2c_designware_platform input_polldev dw_dmac_core sparse_keymap i2c_designware_core hp_wireless acpi_pad mac_hid acpi_als kfifo_buf industrialio parport_pc ppdev lp parport autofs4 hid_logitech_hidpp hid_sensor_custom hid_sensor_hub hid_logitech_dj usbhid i915 rtsx_pci_sdmmc i2c_algo_bit drm_kms_helper syscopyarea
[  196.623557]  sysfillrect sysimgblt fb_sys_fops psmouse drm ahci libahci rtsx_pci wmi video sdhci_acpi sdhci i2c_hid hid
[  196.623575] CPU: 0 PID: 2754 Comm: mount.ntfs Tainted: G        W       4.12.0-041200rc1-generic #201705131731
[  196.623576] Hardware name: HP HP Spectre x360 Convertible  /802D, BIOS F.45 04/21/2017
[  196.623578] task: ffff9252dd98c380 task.stack: ffffab4483608000
[  196.623582] RIP: 0010:super_setup_bdi_name+0xcf/0xe0
[  196.623584] RSP: 0018:ffffab448360bc50 EFLAGS: 00010283
[  196.623587] RAX: 0000000000000000 RBX: ffff925315626800 RCX: 0000000000000002
[  196.623589] RDX: 0000000000000001 RSI: 00000000fffffe01 RDI: ffffffffab3d81bb
[  196.623590] RBP: ffffab448360bcd0 R08: ffff9252d667e938 R09: 0000000000000000
[  196.623591] R10: fffff07889061600 R11: 0000000000000000 R12: ffff925311e93000
[  196.623593] R13: ffffffffabed914c R14: ffffab448360bce0 R15: ffff92531564a100
[  196.623596] FS:  00007efdf5661700(0000) GS:ffff92538ec00000(0000) knlGS:0000000000000000
[  196.623598] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[  196.623600] CR2: 00005572ceb78c78 CR3: 000000019d8d3000 CR4: 00000000003406f0
[  196.623601] Call Trace:
[  196.623609]  ? kmem_cache_alloc_trace+0x181/0x190
[  196.623613]  fuse_fill_super+0x3b3/0x6a0
[  196.623617]  ? vsnprintf+0x24b/0x4d0
[  196.623620]  ? snprintf+0x45/0x70
[  196.623623]  mount_bdev+0x178/0x1b0
[  196.623626]  ? mount_bdev+0x178/0x1b0
[  196.623629]  ? fuse_get_root_inode+0x70/0x70
[  196.623631]  fuse_mount_blk+0x15/0x20
[  196.623634]  mount_fs+0x38/0x140
[  196.623640]  vfs_kern_mount+0x67/0x110
[  196.623643]  do_mount+0x1e1/0xca0
[  196.623646]  ? __check_object_size+0xb3/0x190
[  196.623650]  ? _copy_from_user+0x21/0x70
[  196.623653]  ? kmem_cache_alloc_trace+0x142/0x190
[  196.623656]  SyS_mount+0x83/0xd0
[  196.623661]  entry_SYSCALL_64_fastpath+0x1e/0xa9
[  196.623663] RIP: 0033:0x7efdf4d32faa
[  196.623665] RSP: 002b:00007ffdf5f725a8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[  196.623668] RAX: ffffffffffffffda RBX: 00007efdf4fefb78 RCX: 00007efdf4d32faa
[  196.623669] RDX: 00005572ceb67ab0 RSI: 00005572ceb67b50 RDI: 00005572ceb5e180
[  196.623671] RBP: 00007efdf4fefb20 R08: 00005572ceb67b80 R09: 0000000000000028
[  196.623673] R10: 0000000000000006 R11: 0000000000000246 R12: 0000000000001011
[  196.623674] R13: 00007efdf4fefb78 R14: 0000000000002710 R15: 00005572ceb5e730
[  196.623677] Code: a0 65 48 33 0c 25 28 00 00 00 75 2a 48 83 c4 58 5b 41 5a 41 5c 41 5d 41 5e 5d c3 48 89 df 89 45 84 e8 f6 10 f9 ff 8b 45 84 eb d2 <0f> ff eb c6 b8 f4 ff ff ff eb c7 e8 01 d5 e3 ff 90 0f 1f 44 00 
[  196.623738] ---[ end trace a8502b34f83fe1f6 ]---

Comment 5 Nicholas Stommel 2017-05-20 07:17:21 UTC

Okay, so the warning is clearly being generated by the WARN_ON function in fs/super.c.
I realize I could disable the warning, but that sounds like a bad idea. One question though,
why would we be verifying if sb->s_bdi is equal to the address of some "struct backing_dev_info noop_backing_dev_info" from either the files /include/linux/backing-dev.h or /mm/backing-dev.c
(Found references to definition of this struct in these two file using the power of grep -rl)
in fs/super.c on line 1281, when we reassign it anyway to a local variable bdi right after? In other words, IS there something going wrong here, or is this warning insignificant and should be removed?

1281: WARN_ON(sb->s_bdi != &noop_backing_dev_info);
1282: sb->s_bdi = bdi;

Also see bug report I filed about this problem at https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1692143

Comment 6 Nicholas Stommel 2017-05-24 00:33:47 UTC

Seems this was resolved in 4.12-rc2, mounting ntfs-3g volumes is fine, doesn't generate a kernel warning! It was fixed in fs/fuse/inode.c at https://github.com/torvalds/linux/commit/69c8ebf83213e6165b13d94ec599b861467ee2dc

with 

diff --git a/fs/fuse/inode.c b/fs/fuse/inode.c
index 5a1b58f..65c8837 100644
--- a/fs/fuse/inode.c
+++ b/fs/fuse/inode.c
@@ -975,8 +975,15 @@ static int fuse_bdi_init(struct fuse_conn *fc, struct super_block *sb)
 	int err;
 	char *suffix = "";
 
-	if (sb->s_bdev)
+	if (sb->s_bdev) {
 		suffix = "-fuseblk";
+		/*
+		 * sb->s_bdi points to blkdev's bdi however we want to redirect
+		 * it to our private bdi...
+		 */
+		bdi_put(sb->s_bdi);
+		sb->s_bdi = &noop_backing_dev_info;
+	}
 	err = super_setup_bdi_name(sb, "%u:%u%s", MAJOR(fc->dev),
 				   MINOR(fc->dev), suffix);
 	if (err)

Note You need to log in before you can comment on or make changes to this bug.