lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20231014015453.GE255452@mit.edu>
Date:   Fri, 13 Oct 2023 21:54:53 -0400
From:   "Theodore Ts'o" <tytso@....edu>
To:     Shreeya Patel <shreeya.patel@...labora.com>
Cc:     Thorsten Leemhuis <regressions@...mhuis.info>,
        Andres Freund <andres@...razel.de>, linux-ext4@...r.kernel.org,
        Ricardo CaƱuelo 
        <ricardo.canuelo@...labora.com>,
        "gustavo.padovan@...labora.com" <gustavo.padovan@...labora.com>,
        groeck@...gle.com, zsm@...gle.com, garrick@...gle.com,
        Linux regressions mailing list <regressions@...ts.linux.dev>
Subject: Re: [syzbot] INFO: task hung in ext4_fallocate

On Fri, Oct 13, 2023 at 02:28:52AM +0530, Shreeya Patel wrote:
> 
> Just to clarify, this issue is still seen on upstream 5.10 and earlier
> kernels.
> I can confirm that we did not see this issue being reproduced on mainline
> kernel using #sys test feature.

So I'm confused.  In the original post on this thread[1], it was stated:

> When I tried to reproduce this issue on mainline linux kernel using the 
> reproducer provided by syzbot, I see an endless loop of following errors :-

and

> #regzbot introduced: v6.6-rc1..

[1] https://lore.kernel.org/all/d89989ef-e53b-050e-2916-a4f06433798b@collabora.com/

... and now you're sayingg this *wasn't* reproduced upstream?  And of
course, because this was a private syzbot instance, there was syzbot
dashboard given, and the reproducer had the serial number filed off
(there is a URL in the comments at the beginning of the reproducer for
a *reason*), so *I* couldn't run "#syz test".

Huh?

Reading between the lines, it looks like the only similarity between
what was happening in the 5.10 kernel and the mainline kernel was that
it did not *hang* the kernel, but it was generating a stream of
EXT4-fs error messages.  Well, if you take a deliberately corrupted
kernel, and mount it with errors=continue, and then keep pounding it
with lots of file system operations, of *course* it will continually
spew ext4 errors message.  That is "Working As Intended" by
*definition*.

And this is why I maintain that irresponsible use of syzbot is
effectively a denial of service attack on upstream maintainers.

At this point, just as upstream policy is that debugging ancient LTS
kernels is not something upstream maintainers to do (and attempting to
trick them to debug it by claiming it is found in mainline is *really*
uncool), if there are bugs that are reported using private syzbot
instances, or where there isn't a URL to a public syzbot dashboard,
they should be treated as P4 priority or worse....

	      	     		       	  - Ted

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ