lxc-snapshot cannot restore in a loop backend

[msperl-github]

The template below is mostly useful for bug reports and support questions.
Feel free to remove anything which doesn't apply to you and add more information where it makes sense.

Required information

• Distribution: Debian Testing (amd64)
• Distribution version: 5.0.2-1
• The output of
  • lxc-start --version 5.0.2
  • lxc-checkconfig
    LXC version 5.0.2
    Kernel configuration not found at /proc/config.gz; searching...
    Kernel configuration found at /boot/config-6.1.0-5-amd64

--- Namespaces ---
Namespaces: enabled
Utsname namespace: enabled
Ipc namespace: enabled
Pid namespace: enabled
User namespace: enabled
Network namespace: enabled

--- Control groups ---
Cgroups: enabled
Cgroup namespace: enabled
Cgroup v1 mount points:
Cgroup v2 mount points:

• /sys/fs/cgroup
  Cgroup device: enabled
  Cgroup sched: enabled
  Cgroup cpu account: enabled
  Cgroup memory controller: enabled
  Cgroup cpuset: enabled

--- Misc ---
Veth pair device: enabled, loaded
Macvlan: enabled, not loaded
Vlan: enabled, not loaded
Bridges: enabled, loaded
Advanced netfilter: enabled, loaded
CONFIG_IP_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_IP6_NF_TARGET_MASQUERADE: enabled, not loaded
CONFIG_NETFILTER_XT_TARGET_CHECKSUM: enabled, not loaded
CONFIG_NETFILTER_XT_MATCH_COMMENT: enabled, not loaded
FUSE (for use with lxcfs): enabled, loaded

--- Checkpoint/Restore ---
checkpoint restore: enabled
CONFIG_FHANDLE: enabled
CONFIG_EVENTFD: enabled
CONFIG_EPOLL: enabled
CONFIG_UNIX_DIAG: enabled
CONFIG_INET_DIAG: enabled
CONFIG_PACKET_DIAG: enabled
CONFIG_NETLINK_DIAG: enabled
File capabilities: enabled

Note : Before booting a new kernel, you can check its configuration
usage : CONFIG=/path/to/config /usr/bin/lxc-checkconfig

• uname -a
  Linux debian 6.1.0-5-amd64 Prefix tests with lxc-test- #1 SMP PREEMPT_DYNAMIC Debian 6.1.12-1 (2023-02-15) x86_64 GNU/Linux
• cat /proc/self/cgroup
  0::/user.slice/user-1000.slice/session-48.scope
• cat /proc/1/mounts
  sysfs /sys sysfs rw,nosuid,nodev,noexec,relatime 0 0
  proc /proc proc rw,nosuid,nodev,noexec,relatime 0 0
  udev /dev devtmpfs rw,nosuid,relatime,size=465100k,nr_inodes=116275,mode=755,inode64 0 0
  devpts /dev/pts devpts rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000 0 0
  tmpfs /run tmpfs rw,nosuid,nodev,noexec,relatime,size=99352k,mode=755,inode64 0 0
  /dev/mapper/vg0--vg-root / ext4 rw,relatime,errors=remount-ro 0 0
  securityfs /sys/kernel/security securityfs rw,nosuid,nodev,noexec,relatime 0 0
  tmpfs /dev/shm tmpfs rw,nosuid,nodev,inode64 0 0
  tmpfs /run/lock tmpfs rw,nosuid,nodev,noexec,relatime,size=5120k,inode64 0 0
  cgroup2 /sys/fs/cgroup cgroup2 rw,nosuid,nodev,noexec,relatime,nsdelegate,memory_recursiveprot 0 0
  pstore /sys/fs/pstore pstore rw,nosuid,nodev,noexec,relatime 0 0
  bpf /sys/fs/bpf bpf rw,nosuid,nodev,noexec,relatime,mode=700 0 0
  systemd-1 /proc/sys/fs/binfmt_misc autofs rw,relatime,fd=29,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=14547 0 0
  hugetlbfs /dev/hugepages hugetlbfs rw,relatime,pagesize=2M 0 0
  tracefs /sys/kernel/tracing tracefs rw,nosuid,nodev,noexec,relatime 0 0
  debugfs /sys/kernel/debug debugfs rw,nosuid,nodev,noexec,relatime 0 0
  mqueue /dev/mqueue mqueue rw,nosuid,nodev,noexec,relatime 0 0
  fusectl /sys/fs/fuse/connections fusectl rw,nosuid,nodev,noexec,relatime 0 0
  configfs /sys/kernel/config configfs rw,nosuid,nodev,noexec,relatime 0 0
  ramfs /run/credentials/systemd-sysusers.service ramfs ro,nosuid,nodev,noexec,relatime,mode=700 0 0
  ramfs /run/credentials/systemd-sysctl.service ramfs ro,nosuid,nodev,noexec,relatime,mode=700 0 0
  ramfs /run/credentials/systemd-tmpfiles-setup-dev.service ramfs ro,nosuid,nodev,noexec,relatime,mode=700 0 0
  /dev/vda1 /boot ext2 rw,relatime 0 0
  ramfs /run/credentials/systemd-tmpfiles-setup.service ramfs ro,nosuid,nodev,noexec,relatime,mode=700 0 0
  binfmt_misc /proc/sys/fs/binfmt_misc binfmt_misc rw,nosuid,nodev,noexec,relatime 0 0
  tmpfs /run/user/1000 tmpfs rw,nosuid,nodev,relatime,size=99348k,nr_inodes=24837,mode=700,uid=1000,gid=1000,inode64 0 0
  portal /run/user/1000/doc fuse.portal rw,nosuid,nodev,relatime,user_id=1000,group_id=1000 0 0

Issue description

The lxc-snapshot command cannot restore a snapshot of a loop backend properly (if the loop file has a filesize larger than 1GiB)
The resulting loop file has a filesize of 1GiB and the filesystem inside this file is messed up.

Inside of LXC there seems to be a hardcoded disk size of 1GiB very often: In i386 it is impossible to create a loop backed container with a filesystem larger than 1GiB. When increasing the container's loop file by 'dd if=/dev/zero bs=4M count=1024 >> rootdev' the container will not boot (but this again only affects i386)

Steps to reproduce

1. lxc-create -n testct -t download -B loop --fssize=4G
2. I used Debian, amd64, bullseye but I think it doesn't matter what is chosen
3. Start the container and place a "large" file in the filesystem so that the used disk space is above 1GiB (e.g. dd if=/dev/urandom of=/home/testfile bs=4M count=512)
4. Stop the container and take the snapshot (lxc-snapshot -n testct -N test)
5. Start the container and mess something up (e.g. delete the large file)
6. Stop the container and restore the previously taken snapshot (lxc-snapshot -n testct -r snap0)
7. Container will not boot any more - data is lost.