lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Thu, 16 Apr 2020 22:19:05 +0800
From:   yangerkun <yangerkun@...wei.com>
To:     <tytso@....edu>, <jack@...e.cz>, <dmonakhov@...il.com>,
        <adilger@...ger.ca>, <bob.liu@...cle.com>, <wshilong@....com>,
        "zhangyi (F)" <yi.zhang@...wei.com>
CC:     <linux-ext4@...r.kernel.org>
Subject: [QUESTION] BUG_ON in ext4_mb_simple_scan_group

Nowadays, we trigger the a bug that has been reported before[1](trigger 
the bug with read block bitmap error before). After search the patch,
I found some related patch which has not been included in our kernel.

eb5760863fc2 ext4: mark block bitmap corrupted when found instead of BUGON
736dedbb1a7d ext4: mark block bitmap corrupted when found
206f6d552d0c ext4: mark inode bitmap corrupted when found
db79e6d1fb1f ext4: add new ext4_mark_group_bitmap_corrupted() helper
0db9fdeb347c ext4: fix wrong return value in ext4_read_inode_bitmap()

Maybe this patch can fix the problem, but I am a little confused with
the explain from Ted described in the mail:

 > What probably happened is that the page containing actual allocation
 > bitmap was pushed out of memory due to memory pressure.  However, the
 > buddy bitmap was still cached in memory.  That's actually quite
 > possible since the buddy bitmap will often be referenced more
 > frequently than the allocation bitmap (for example, while searching
 > for free space of a specific size, and then having that block group
 > skipped when it's not available).

 > Since there was an I/O error reading the allocation bitmap, the buffer
 > is not valid.  So it's not surprising that the BUG_ON(k >= max) is
 > getting triggered.

(Our machine: x86, 4K page size, 4K block size)

After check the related code, we found that once we get a IO error from 
ext4_wait_block_bitmap, ext4_mb_init_cache will return directly with a 
error number, so the latter ext4_mb_simple_scan_group may never been 
called! So any other scene will trigger this BUG_ON?

Thanks,
Kun.

-----
[1] https://www.spinics.net/lists/linux-ext4/msg60329.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ