From: Eric Sandeen <esandeen@redhat.com>
To: Theodore Ts'o <tytso@mit.edu>,
syzbot <syzbot+27eece6916b914a49ce7@syzkaller.appspotmail.com>
Cc: adilger.kernel@dilger.ca, linux-ext4@vger.kernel.org,
linux-fsdevel@vger.kernel.org, linux-kernel@vger.kernel.org,
llvm@lists.linux.dev, nathan@kernel.org, ndesaulniers@google.com,
syzkaller-bugs@googlegroups.com, trix@redhat.com
Subject: Re: [syzbot] [ext4?] kernel panic: EXT4-fs (device loop0): panic forced after error (3)
Date: Thu, 17 Aug 2023 09:47:48 -0500 [thread overview]
Message-ID: <81f96763-51fe-8ea1-bf81-cd67deed9087@redhat.com> (raw)
In-Reply-To: <20230817142103.GA2247938@mit.edu>
On 8/17/23 9:21 AM, Theodore Ts'o wrote:
> On Wed, Aug 16, 2023 at 03:48:49PM -0700, syzbot wrote:
>> Hello,
>>
>> syzbot found the following issue on:
>>
>> HEAD commit: ae545c3283dc Merge tag 'gpio-fixes-for-v6.5-rc6' of git://..
>> git tree: upstream
>> console+strace: https://syzkaller.appspot.com/x/log.txt?x=13e5d553a80000
>> kernel config: https://syzkaller.appspot.com/x/.config?x=171b698bc2e613cf
>> dashboard link: https://syzkaller.appspot.com/bug?extid=27eece6916b914a49ce7
>> compiler: Debian clang version 15.0.6, GNU ld (GNU Binutils for Debian) 2.40
>> syz repro: https://syzkaller.appspot.com/x/repro.syz?x=13433207a80000
>> C reproducer: https://syzkaller.appspot.com/x/repro.c?x=109cd837a80000
>>
>> EXT4-fs error (device loop0): ext4_validate_block_bitmap:430: comm syz-executor211: bg 0: block 46: invalid block bitmap
>> Kernel panic - not syncing: EXT4-fs (device loop0): panic forced after error
>
> #syz invalid
>
> This is fundamentally a syzbot bug. The file system is horrifically
> corrupted, *and* the superblock has the "panic on error" (aka "panic
> onfile system corruption") bit set.
>
> This can be desireable because in a failover situation, if the file
> system is found to be corrupted, you *want* the primary server to
> fail, and let the secondary server to take over. This is a technique
> which is decades old.
Just to play devil's advocate here - (sorry) - I don't see this as any
different from any other "malicious" filesystem image.
I've never been a fan of the idea that malicious images are real
security threats, but whether the parking lot USB stick paniced the box
in an unexpected way or "on purpose," the result is the same ...
I wonder if it might make sense to put EXT4_MOUNT_ERRORS_PANIC under a
sysctl or something, so that admins can enable it only when needed.
Sorry for stealing another 5 minutes of your life.
-Eric
> So this is Working As Intended, and is a classic example of (a) if you
> are root, you can force the file system to crash, and (b) a classic
> example of syzbot noise. (Five minutes of my life that I'm never
> getting back. :-)
>
> - Ted
>
>
next prev parent reply other threads:[~2023-08-17 14:49 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-08-16 22:48 [syzbot] [ext4?] kernel panic: EXT4-fs (device loop0): panic forced after error (3) syzbot
2023-08-17 14:21 ` Theodore Ts'o
2023-08-17 14:28 ` Aleksandr Nogikh
2023-08-17 14:45 ` Theodore Ts'o
2023-08-18 11:43 ` Aleksandr Nogikh
2023-08-18 16:46 ` Aleksandr Nogikh
2023-08-17 14:47 ` Eric Sandeen [this message]
2023-08-17 16:11 ` Theodore Ts'o
2023-08-17 16:47 ` Eric Biggers
2023-08-18 2:10 ` Theodore Ts'o
2023-08-18 2:52 ` Eric Biggers
2023-08-18 14:25 ` Theodore Ts'o
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=81f96763-51fe-8ea1-bf81-cd67deed9087@redhat.com \
--to=esandeen@redhat.com \
--cc=adilger.kernel@dilger.ca \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=llvm@lists.linux.dev \
--cc=nathan@kernel.org \
--cc=ndesaulniers@google.com \
--cc=sandeen@redhat.com \
--cc=syzbot+27eece6916b914a49ce7@syzkaller.appspotmail.com \
--cc=syzkaller-bugs@googlegroups.com \
--cc=trix@redhat.com \
--cc=tytso@mit.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).