lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20200612133905.CDF9A5204E@d06av21.portsmouth.uk.ibm.com>
Date:   Fri, 12 Jun 2020 19:09:04 +0530
From:   Ritesh Harjani <riteshh@...ux.ibm.com>
To:     Ido Schimmel <idosch@...sch.org>
Cc:     syzbot <syzbot+82f324bb69744c5f6969@...kaller.appspotmail.com>,
        adilger.kernel@...ger.ca, linux-ext4@...r.kernel.org,
        linux-kernel@...r.kernel.org, linux-next@...r.kernel.org,
        sfr@...b.auug.org.au, syzkaller-bugs@...glegroups.com,
        tytso@....edu
Subject: Re: linux-next test error: BUG: using smp_processor_id() in
 preemptible [ADDR] code: syz-fuzzer/6792


On 6/12/20 6:13 PM, Ido Schimmel wrote:
> On Tue, Jun 02, 2020 at 06:11:29PM +0530, Ritesh Harjani wrote:
>> #syz test:
>> https://git.kernel.org/pub/scm/linux/kernel/git/next/linux-next.git
>> 0e21d4620dd047da7952f44a2e1ac777ded2d57e
> 
>> >From cc1cf67d99d5fa61db0651c89c288df31bad6b8e Mon Sep 17 00:00:00 2001
>> From: Ritesh Harjani <riteshh@...ux.ibm.com>
>> Date: Tue, 2 Jun 2020 17:54:12 +0530
>> Subject: [PATCH 1/1] ext4: mballoc: Use raw_cpu_ptr in case if preemption is enabled
>>
>> It doesn't matter really in ext4_mb_new_blocks() about whether the code
>> is rescheduled on any other cpu due to preemption. Because we care
>> about discard_pa_seq only when the block allocation fails and then too
>> we add the seq counter of all the cpus against the initial sampled one
>> to check if anyone has freed any blocks while we were doing allocation.
>>
>> So just use raw_cpu_ptr to not trigger this BUG.
>>
>> BUG: using smp_processor_id() in preemptible [00000000] code: syz-fuzzer/6927
>> caller is ext4_mb_new_blocks+0xa4d/0x3b70 fs/ext4/mballoc.c:4711
>> CPU: 1 PID: 6927 Comm: syz-fuzzer Not tainted 5.7.0-next-20200602-syzkaller #0
>> Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 01/01/2011
>> Call Trace:
>>   __dump_stack lib/dump_stack.c:77 [inline]
>>   dump_stack+0x18f/0x20d lib/dump_stack.c:118
>>   check_preemption_disabled+0x20d/0x220 lib/smp_processor_id.c:48
>>   ext4_mb_new_blocks+0xa4d/0x3b70 fs/ext4/mballoc.c:4711
>>   ext4_ext_map_blocks+0x201b/0x33e0 fs/ext4/extents.c:4244
>>   ext4_map_blocks+0x4cb/0x1640 fs/ext4/inode.c:626
>>   ext4_getblk+0xad/0x520 fs/ext4/inode.c:833
>>   ext4_bread+0x7c/0x380 fs/ext4/inode.c:883
>>   ext4_append+0x153/0x360 fs/ext4/namei.c:67
>>   ext4_init_new_dir fs/ext4/namei.c:2757 [inline]
>>   ext4_mkdir+0x5e0/0xdf0 fs/ext4/namei.c:2802
>>   vfs_mkdir+0x419/0x690 fs/namei.c:3632
>>   do_mkdirat+0x21e/0x280 fs/namei.c:3655
>>   do_syscall_64+0x60/0xe0 arch/x86/entry/common.c:359
>>   entry_SYSCALL_64_after_hwframe+0x44/0xa9
>>
>> Signed-off-by: Ritesh Harjani <riteshh@...ux.ibm.com>
>> Reported-by: syzbot+82f324bb69744c5f6969@...kaller.appspotmail.com
> 
> Hi,
> 
> Are you going to submit this patch formally? Without it I'm constantly
> seeing the above splat.
> 

I see Ted has already taken v2 of this patch in his dev repo.
Should be able to see in linux tree soon.

https://git.kernel.org/pub/scm/linux/kernel/git/tytso/ext4.git/commit/?h=dev&id=811985365378df01386c3cfb7ff716e74ca376d5


-ritesh

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ