bin/39264: newfs can create a filesystem with > 2^31 inodes

[Simon Burge <simonb%NetBSD.org@localhost>]

>Number:         39264
>Category:       bin
>Synopsis:       newfs can create a filesystem with > 2^31 inodes
>Confidential:   no
>Severity:       serious
>Priority:       low
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Fri Aug 01 15:55:01 +0000 2008
>Originator:     Simon Burge
>Release:        Anything after Jan 2006?
>Organization:
>Environment:
        Architecture: any
        Machine: any
>Description:
        Newfs can create a filesystem with > 2^31 inodes, despite this
        comment in mkfs.c:

        /* Even UFS2 limits number of inodes to 2^31 (fs_ipg is int32_t) */

>How-To-Repeat:
        Make a large filesystem with small -i value, mount, and type
        "df -i" on a netbsd-4 system and notice negative number of
        inodes (I think -current prints as unsigned, so it's harder to
        tell if you've overflowed).  The same newfs params run against
        an empty file:

test# touch foo
test# newfs -F -O2 -f 4k -b 32k -i 8k -N -s 46837568992 foo
foo: 22869906.7MB (46837568992 sectors) block size 32768, fragment size 4096
        using 33514 cylinder groups of 682.41MB, 21837 blks, 64128 inodes.

        show 33514 * 64128 = 2149185792 inodes, which is 1702144 more than
        2^31.

>Fix:
        Not sure.  We're overflowing with:

                inodes_per_cg = ((inodeblks - 1) / ncg + 1) * INOPB(&sblock);

        I'm not sure of the logic for the -1/+1 here.  Just using

                inodes_per_cg = inodeblks / ncg * INOPB(&sblock);

        gives a total of 2145216000 inodes, 2267648 under 2^31...