lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <CADCV8so9EVfiLhhbV5P97D7g_Nv=JEQ96NexSLRx=o7ZBCVhqA@mail.gmail.com>
Date: Tue, 31 Dec 2024 13:48:20 +0800
From: Liebes Wang <wanghaichi0403@...il.com>
To: agruenba@...hat.com, gfs2@...ts.linux.dev, linux-kernel@...r.kernel.org
Cc: syzkaller@...glegroups.com
Subject: kernel BUG in gfs2_assert_warn_i

Dear Linux maintainers and reviewers:

We are reporting a Linux kernel bug titled **kernel BUG in
gfs2_assert_warn_i**, discovered using a modified version of Syzkaller.

Linux version: v6.12-rc6:59b723cd2adbac2a34fc8e12c74ae26ae45bf230 (crash is
also reproduced in the latest kernel version)
The test case and kernel config is in attach.

The bug report is (The full report is attached):

kernel BUG at fs/gfs2/util.c:414!
Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN NOPTI
CPU: 1 UID: 0 PID: 5508 Comm: syz.0.112 Not tainted 6.12.0-rc6 #1
Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
1.13.0-1ubuntu1.1 04/01/2014
RIP: 0010:gfs2_assert_warn_i+0x2df/0x320 fs/gfs2/util.c:414
Code: fe e9 bd fd ff ff 48 c7 c7 00 f2 40 87 e8 e9 7f a9 fe e9 3b ff ff ff
4c 89 f7 e8 cc 80 a9 fe e9 50 ff ff ff e8 52 5e 57 fe 90 <0f> 0b e8 4a 5e
57 fe e8 c5 6e a9 fe 44 8b 4c 24 1c 4c 8b 44 24 10
RSP: 0000:ff1100012075f790 EFLAGS: 00010246
RAX: 0000000000040000 RBX: ff11000101484000 RCX: ffa0000001aa6000
RDX: 0000000000040000 RSI: ffffffff82faa42e RDI: 0000000000000001
RBP: ff110001014842bd R08: 0000000000000001 R09: ffe21c00240ebea9
R10: 0000000000000004 R11: 0000000000000000 R12: 0000000000000004
R13: ffffffff8740f200 R14: ff11000101485500 R15: 0000000000000000
FS:  00007fc312c87700(0000) GS:ff110004ca900000(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
CR2: 00007ff740840000 CR3: 0000000121488004 CR4: 0000000000771ef0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400
PKRU: 80000000
Call Trace:
 <TASK>
 gfs2_qd_dispose+0x588/0x680 fs/gfs2/quota.c:129
 qd_put+0x151/0x190 fs/gfs2/quota.c:339
 gfs2_quota_init+0x86f/0x1210 fs/gfs2/quota.c:1470
 gfs2_make_fs_rw+0x3a2/0x5d0 fs/gfs2/super.c:159
 gfs2_fill_super+0x29ae/0x2c10 fs/gfs2/ops_fstype.c:1274
 get_tree_bdev_flags+0x388/0x620 fs/super.c:1636
 gfs2_get_tree+0x4e/0x280 fs/gfs2/ops_fstype.c:1330
 vfs_get_tree+0x94/0x380 fs/super.c:1814
 do_new_mount fs/namespace.c:3507 [inline]
 path_mount+0x6b2/0x1eb0 fs/namespace.c:3834
 do_mount fs/namespace.c:3847 [inline]
 __do_sys_mount fs/namespace.c:4057 [inline]
 __se_sys_mount fs/namespace.c:4034 [inline]
 __x64_sys_mount+0x283/0x300 fs/namespace.c:4034
 do_syscall_x64 arch/x86/entry/common.c:52 [inline]
 do_syscall_64+0xc1/0x1d0 arch/x86/entry/common.c:83
 entry_SYSCALL_64_after_hwframe+0x77/0x7f

Content of type "text/html" skipped

Download attachment "report0" of type "application/octet-stream" (4052 bytes)

Download attachment "repro.c" of type "application/octet-stream" (1047980 bytes)

Download attachment "config" of type "application/octet-stream" (148405 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ