| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250725021550.3177573-1-yi.zhang@huaweicloud.com>
Date: Fri, 25 Jul 2025 10:15:50 +0800
From: Zhang Yi <yi.zhang@...weicloud.com>
To: linux-ext4@...r.kernel.org
Cc: linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org,
tytso@....edu,
adilger.kernel@...ger.ca,
jack@...e.cz,
ojaswin@...ux.ibm.com,
linux@...ck-us.net,
yi.zhang@...wei.com,
yi.zhang@...weicloud.com,
libaokun1@...wei.com,
yukuai3@...wei.com,
yangerkun@...wei.com
Subject: [PATCH -next] ext4: fix crash on test_new_blocks_simple kunit tests
From: Zhang Yi <yi.zhang@...wei.com>
ext4_mb_avg_fragment_size_destroy() requires a valid sbi->s_sb,
mb_set_largest_free_order() requires the parameter bb_largest_free_order
to be initialized, and mb_update_avg_fragment_size() requires the
parameter bb_avg_fragment_size_order to be initialized. But the
test_new_blocks_simple kunit tests do not init these parameters, and
trigger the following crash issue.
Pid: 20, comm: kunit_try_catch Tainted: G W N 6.16.0-rc4-ga8a47fa84cc2
RIP: 0033:ext4_mb_release+0x1fc/0x400
RSP: 00000000a0883ed0 EFLAGS: 00010202
RAX: 0000000000000000 RBX: 0000000060a1e400 RCX: 0000000000000002
RDX: 0000000060058fa0 RSI: 0000000000000002 RDI: 0000000000000001
RBP: 0000000000000001 R08: 0000000000000000 R09: 0000000000000002
R10: 00000000a0883e68 R11: 0000000060374bb0 R12: 000000006012eff0
R13: 00000000603763e0 R14: 0000000060ad92d8 R15: 0000000060c051c0
Kernel panic - not syncing: Segfault with no mm
CPU: 0 UID: 0 PID: 20 Comm: kunit_try_catch Tainted: G W N 6.16.0-rc4-ga8a47fa84cc2 #47 NONE
Tainted: [W]=WARN, [N]=TEST
Stack:
60134c30 400000004 60864000 6092a3c0
00000001 a0803d40 a0803b28 6012eff0
605990e8 60085be0 60864000 602167aa
Call Trace:
[<60134c30>] ? kmem_cache_free+0x0/0x3d0
[<6012eff0>] ? kfree+0x0/0x290
[<60085be0>] ? to_kthread+0x0/0x40
[<602167aa>] ? mbt_kunit_exit+0x2a/0xe0
[<60085be0>] ? to_kthread+0x0/0x40
[<602acd50>] ? kunit_generic_run_threadfn_adapter+0x0/0x30
[<60085be0>] ? to_kthread+0x0/0x40
[<602aaa8a>] ? kunit_try_run_case_cleanup+0x2a/0x40
[<602acd62>] ? kunit_generic_run_threadfn_adapter+0x12/0x30
[<600862c1>] ? kthread+0xf1/0x250
[<6004a521>] ? new_thread_handler+0x41/0x60
Fixes: bbe11dd13a3f ("ext4: fix largest free orders lists corruption on mb_optimize_scan switch")
Fixes: 458bfb991155 ("ext4: convert free groups order lists to xarrays")
Reported-by: Guenter Roeck <linux@...ck-us.net>
Closes: https://lore.kernel.org/linux-ext4/b0635ad0-7ebf-4152-a69b-58e7e87d5085@roeck-us.net/
Tested-by: Guenter Roeck <linux@...ck-us.net>
Signed-off-by: Zhang Yi <yi.zhang@...wei.com>
---
fs/ext4/mballoc-test.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/fs/ext4/mballoc-test.c b/fs/ext4/mballoc-test.c
index d634c12f1984..a9416b20ff64 100644
--- a/fs/ext4/mballoc-test.c
+++ b/fs/ext4/mballoc-test.c
@@ -155,6 +155,7 @@ static struct super_block *mbt_ext4_alloc_super_block(void)
bgl_lock_init(sbi->s_blockgroup_lock);
sbi->s_es = &fsb->es;
+ sbi->s_sb = sb;
sb->s_fs_info = sbi;
up_write(&sb->s_umount);
@@ -802,6 +803,8 @@ static void test_mb_mark_used(struct kunit *test)
KUNIT_ASSERT_EQ(test, ret, 0);
grp->bb_free = EXT4_CLUSTERS_PER_GROUP(sb);
+ grp->bb_largest_free_order = -1;
+ grp->bb_avg_fragment_size_order = -1;
mbt_generate_test_ranges(sb, ranges, TEST_RANGE_COUNT);
for (i = 0; i < TEST_RANGE_COUNT; i++)
test_mb_mark_used_range(test, &e4b, ranges[i].start,
@@ -875,6 +878,8 @@ static void test_mb_free_blocks(struct kunit *test)
ext4_unlock_group(sb, TEST_GOAL_GROUP);
grp->bb_free = 0;
+ grp->bb_largest_free_order = -1;
+ grp->bb_avg_fragment_size_order = -1;
memset(bitmap, 0xff, sb->s_blocksize);
mbt_generate_test_ranges(sb, ranges, TEST_RANGE_COUNT);
--
2.46.1
Powered by blists - more mailing lists