From: "Theodore Ts'o" <tytso@mit.edu>
To: syzbot <syzbot+13146364637c7363a7de@syzkaller.appspotmail.com>
Cc: a@unstable.cc, adilger.kernel@dilger.ca, arnd@arndb.de,
b.a.t.m.a.n@lists.open-mesh.org, christian@brauner.io,
davem@davemloft.net, linux-ext4@vger.kernel.org,
linux-kernel@vger.kernel.org, mareklindner@neomailbox.ch,
netdev@vger.kernel.org, syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] KASAN: slab-out-of-bounds Write in ext4_write_inline_data_end
Date: Fri, 20 Aug 2021 23:43:50 -0400 [thread overview]
Message-ID: <YSB2dsveNTr9G3Mq@mit.edu> (raw)
In-Reply-To: <000000000000e5080305c9e51453@google.com>
On Thu, Aug 19, 2021 at 01:10:18AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 614cb2751d31 Merge tag 'trace-v5.14-rc6' of git://git.kern..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=130112c5300000
> kernel config: https://syzkaller.appspot.com/x/.config?x=f61012d0b1cd846f
> dashboard link: https://syzkaller.appspot.com/bug?extid=13146364637c7363a7de
> compiler: Debian clang version 11.0.1-2, GNU ld (GNU Binutils for Debian) 2.35.1
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=104d7cc5300000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1333ce0e300000
>
> The issue was bisected to:
>
> commit a154d5d83d21af6b9ee32adc5dbcea5ac1fb534c
> Author: Arnd Bergmann <arnd@arndb.de>
> Date: Mon Mar 4 20:38:03 2019 +0000
>
> net: ignore sysctl_devconf_inherit_init_net without SYSCTL
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13f970b6300000
> final oops: https://syzkaller.appspot.com/x/report.txt?x=100570b6300000
> console output: https://syzkaller.appspot.com/x/log.txt?x=17f970b6300000
In case it wasn't obvious, this is a bogus bisection. It's a bug
ext4's inline_data support where there is a race between writing to an
inline_data file against setting extended attributes on that same
inline_data file.
Fix is coming up....
- Ted
WARNING: multiple messages have this Message-ID (diff)
From: "Theodore Ts'o" <tytso@mit.edu>
To: syzbot <syzbot+13146364637c7363a7de@syzkaller.appspotmail.com>
Cc: a@unstable.cc, adilger.kernel@dilger.ca, arnd@arndb.de,
b.a.t.m.a.n@lists.open-mesh.org, christian@brauner.io,
davem@davemloft.net, linux-ext4@vger.kernel.org,
linux-kernel@vger.kernel.org, mareklindner@neomailbox.ch,
netdev@vger.kernel.org, sw@simonwunderlich.de,
syzkaller-bugs@googlegroups.com
Subject: Re: [syzbot] KASAN: slab-out-of-bounds Write in ext4_write_inline_data_end
Date: Fri, 20 Aug 2021 23:43:50 -0400 [thread overview]
Message-ID: <YSB2dsveNTr9G3Mq@mit.edu> (raw)
In-Reply-To: <000000000000e5080305c9e51453@google.com>
On Thu, Aug 19, 2021 at 01:10:18AM -0700, syzbot wrote:
> Hello,
>
> syzbot found the following issue on:
>
> HEAD commit: 614cb2751d31 Merge tag 'trace-v5.14-rc6' of git://git.kern..
> git tree: upstream
> console output: https://syzkaller.appspot.com/x/log.txt?x=130112c5300000
> kernel config: https://syzkaller.appspot.com/x/.config?x=f61012d0b1cd846f
> dashboard link: https://syzkaller.appspot.com/bug?extid=13146364637c7363a7de
> compiler: Debian clang version 11.0.1-2, GNU ld (GNU Binutils for Debian) 2.35.1
> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=104d7cc5300000
> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=1333ce0e300000
>
> The issue was bisected to:
>
> commit a154d5d83d21af6b9ee32adc5dbcea5ac1fb534c
> Author: Arnd Bergmann <arnd@arndb.de>
> Date: Mon Mar 4 20:38:03 2019 +0000
>
> net: ignore sysctl_devconf_inherit_init_net without SYSCTL
>
> bisection log: https://syzkaller.appspot.com/x/bisect.txt?x=13f970b6300000
> final oops: https://syzkaller.appspot.com/x/report.txt?x=100570b6300000
> console output: https://syzkaller.appspot.com/x/log.txt?x=17f970b6300000
In case it wasn't obvious, this is a bogus bisection. It's a bug
ext4's inline_data support where there is a race between writing to an
inline_data file against setting extended attributes on that same
inline_data file.
Fix is coming up....
- Ted
next prev parent reply other threads:[~2021-08-21 3:43 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-08-19 8:10 [syzbot] KASAN: slab-out-of-bounds Write in ext4_write_inline_data_end syzbot
2021-08-21 3:43 ` Theodore Ts'o [this message]
2021-08-21 3:43 ` Theodore Ts'o
2021-08-21 3:54 ` [PATCH] ext4: fix race writing to an inline_data file while its xattrs are changing Theodore Ts'o
2021-08-21 4:07 ` Theodore Ts'o
2021-08-21 4:53 ` [syzbot] KASAN: slab-out-of-bounds Write in ext4_write_inline_data_end syzbot
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=YSB2dsveNTr9G3Mq@mit.edu \
--to=tytso@mit.edu \
--cc=a@unstable.cc \
--cc=adilger.kernel@dilger.ca \
--cc=arnd@arndb.de \
--cc=b.a.t.m.a.n@lists.open-mesh.org \
--cc=christian@brauner.io \
--cc=davem@davemloft.net \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=mareklindner@neomailbox.ch \
--cc=netdev@vger.kernel.org \
--cc=syzbot+13146364637c7363a7de@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.