lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-Id: <BECC6BA3-8FBF-4975-B48D-31B2C975D944@m.fudan.edu.cn>
Date: Wed, 15 Jan 2025 17:22:35 +0800
From: Kun Hu <huk23@...udan.edu.cn>
To: Qu Wenruo <quwenruo.btrfs@....com>
Cc: josef@...icpanda.com,
 anand.jain@...cle.com,
 nborisov@...e.com,
 dsterba@...e.com,
 "jjtan24@...udan.edu.cn" <jjtan24@...udan.edu.cn>,
 linux-kernel@...r.kernel.org,
 linux-btrfs@...r.kernel.org,
 linux-perf-users@...r.kernel.org
Subject: Re: Bug: Potential Deadlock or Resource Contention in Btrfs Subsystem


> 
> There is a recent report about btrfs' new mount API change lead to
> mnt_list corruption:
> 
> https://lore.kernel.org/linux-btrfs/ec6784ed-8722-4695-980a-4400d4e7bd1a@gmx.com/
> 
> Which can be fixed by the latest VFS branch provided by Christian:
> https://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs.git vfs-6.14.mount
> 
> Considering the offending fc_mount() triggered by
> btrfs_get_tree_subvol() is involved, mind to test if the above branch
> fixes the bug?

We are still reproducing this issue on the vfs mount - v6.14 branch respectively, but I'm not sure if it's a significant issue. Looking at the latest crash log it seems to be consistent with the originally reported issue (BTRFS filesystem race operation causing deadlocks and initialization function failures). Looking at the reproducer perf_event_open and syz_mount_image are both using randomly crafted parameters. 

Specifically, perf_event_open entered the cpu=0x3ffffffffff parameter resulting in frequent performance event monitoring initialization, and the CPU number range defined by this parameter did not satisfy the valid numbering range, which could trigger invalid accesses and resource contention. In addition, the image data for syz_mount_image is randomly generated, which may lead to parsing failure of block device metadata, log playback errors, and block order anomalies.We give the link of the 3 new issue logs : 1) on vfs mount - v6.14 branch, 2) on v6.13-rc7, 3) on v6.13-rc7 merged with vfs mount - v6.14 branch

1) Link: https://github.com/pghk13/Kernel-Bug/blob/main/0110_6.13rc6/41-BUG_%20soft%20lockup%20in%20lo_ioct/crashlog0113_vfs-mount%20v6.14.txt

2) Link: https://github.com/pghk13/Kernel-Bug/blob/main/0110_6.13rc6/41-BUG_%20soft%20lockup%20in%20lo_ioct/crashlog0115_6.13rc7.txt

3) Link: https://github.com/pghk13/Kernel-Bug/blob/main/0110_6.13rc6/41-BUG_%20soft%20lockup%20in%20lo_ioct/crashlog0115_6.13rc7_vfs-mount%20v6.14.txt

I’m not sure if the log is useful for you. If you have any concerns, Please let me know. And If it’s not a important issue, then please ignore it too! 

———
Thanks,
Kun Hu

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ