* Bug report: some new bugs found by fuzzing
@ 2018-07-05 19:19 Xu, Wen
2018-07-06 1:13 ` Chao Yu
0 siblings, 1 reply; 12+ messages in thread
From: Xu, Wen @ 2018-07-05 19:19 UTC (permalink / raw)
To: linux-f2fs-devel
Dear F2FS developers,
By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
https://bugzilla.kernel.org/show_bug.cgi?id=200419
200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
https://bugzilla.kernel.org/show_bug.cgi?id=200421
200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
https://bugzilla.kernel.org/show_bug.cgi?id=200423
200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
https://bugzilla.kernel.org/show_bug.cgi?id=200425
Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
-Wen
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-05 19:19 Bug report: some new bugs found by fuzzing Xu, Wen
@ 2018-07-06 1:13 ` Chao Yu
2018-07-06 1:30 ` Xu, Wen
0 siblings, 1 reply; 12+ messages in thread
From: Chao Yu @ 2018-07-06 1:13 UTC (permalink / raw)
To: Xu, Wen, linux-f2fs-devel
Hi Wen,
On 2018/7/6 3:19, Xu, Wen wrote:
> Dear F2FS developers,
>
> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>
> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>
> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>
> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>
> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>
> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
Alright, I will dig into these issues in these days, once I have solution, will
let you know.
Thanks,
>
> -Wen
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-06 1:13 ` Chao Yu
@ 2018-07-06 1:30 ` Xu, Wen
2018-07-06 7:00 ` Chao Yu
2018-07-06 16:22 ` Chao Yu
0 siblings, 2 replies; 12+ messages in thread
From: Xu, Wen @ 2018-07-06 1:30 UTC (permalink / raw)
To: Chao Yu; +Cc: linux-f2fs-devel
Thanks very much! I would like to provide any further help or testing.
-Wen
> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>
> Hi Wen,
>
> On 2018/7/6 3:19, Xu, Wen wrote:
>> Dear F2FS developers,
>>
>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>
>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>
>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>
>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>
>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>
>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>
> Alright, I will dig into these issues in these days, once I have solution, will
> let you know.
>
> Thanks,
>
>>
>> -Wen
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-06 1:30 ` Xu, Wen
@ 2018-07-06 7:00 ` Chao Yu
2018-07-06 13:01 ` Xu, Wen
2018-07-06 16:22 ` Chao Yu
1 sibling, 1 reply; 12+ messages in thread
From: Chao Yu @ 2018-07-06 7:00 UTC (permalink / raw)
To: Xu, Wen; +Cc: linux-f2fs-devel
Hi Wen
On 2018/7/6 9:30, Xu, Wen wrote:
> Thanks very much! I would like to provide any further help or testing.
I found something interesting, our key metadata in checkpoint pack has already
been protected by checksum, in image you attached, the value of checksum is
correct, but still some key metadata's value are corrupted, so I guess fuzzing
will inject error data in tools like mkfs.f2fs, is that correct?
Thanks,
>
> -Wen
>
>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>
>> Hi Wen,
>>
>> On 2018/7/6 3:19, Xu, Wen wrote:
>>> Dear F2FS developers,
>>>
>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>
>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>>
>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>>
>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>
>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>>
>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>
>> Alright, I will dig into these issues in these days, once I have solution, will
>> let you know.
>>
>> Thanks,
>>
>>>
>>> -Wen
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-06 7:00 ` Chao Yu
@ 2018-07-06 13:01 ` Xu, Wen
0 siblings, 0 replies; 12+ messages in thread
From: Xu, Wen @ 2018-07-06 13:01 UTC (permalink / raw)
To: Chao Yu; +Cc: linux-f2fs-devel
My fuzzer still randomly fuzzes the bytes in the image, but whatever it writes,
it will fix the checksum in CP blocks afterwards. F2FS only has CRC check in CP, so
it is not very hard for me to study the existed code and do this. I just want to touch more
code by passing CRC checks.
Thanks,
Wen
> On Jul 6, 2018, at 3:00 AM, Chao Yu <yuchao0@huawei.com> wrote:
>
> Hi Wen
>
> On 2018/7/6 9:30, Xu, Wen wrote:
>> Thanks very much! I would like to provide any further help or testing.
>
> I found something interesting, our key metadata in checkpoint pack has already
> been protected by checksum, in image you attached, the value of checksum is
> correct, but still some key metadata's value are corrupted, so I guess fuzzing
> will inject error data in tools like mkfs.f2fs, is that correct?
>
> Thanks,
>
>>
>> -Wen
>>
>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>
>>> Hi Wen,
>>>
>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>> Dear F2FS developers,
>>>>
>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>
>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>>>
>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>>>
>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>
>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>>>
>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>
>>> Alright, I will dig into these issues in these days, once I have solution, will
>>> let you know.
>>>
>>> Thanks,
>>>
>>>>
>>>> -Wen
>>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-06 1:30 ` Xu, Wen
2018-07-06 7:00 ` Chao Yu
@ 2018-07-06 16:22 ` Chao Yu
2018-07-07 15:48 ` Xu, Wen
1 sibling, 1 reply; 12+ messages in thread
From: Chao Yu @ 2018-07-06 16:22 UTC (permalink / raw)
To: Xu, Wen, Chao Yu; +Cc: linux-f2fs-devel
Hi Wen,
I've update two patches today for these issues, could you please test them?
On 2018/7/6 9:30, Xu, Wen wrote:
> Thanks very much! I would like to provide any further help or testing.
>
> -Wen
>
>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>
>> Hi Wen,
>>
>> On 2018/7/6 3:19, Xu, Wen wrote:
>>> Dear F2FS developers,
>>>
>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>
>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>>
>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>>>
>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>
>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
Fixes this issue with above commit.
Thanks,
>>>
>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>
>> Alright, I will dig into these issues in these days, once I have solution, will
>> let you know.
>>
>> Thanks,
>>
>>>
>>> -Wen
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-06 16:22 ` Chao Yu
@ 2018-07-07 15:48 ` Xu, Wen
2018-07-07 16:32 ` Chao Yu
0 siblings, 1 reply; 12+ messages in thread
From: Xu, Wen @ 2018-07-07 15:48 UTC (permalink / raw)
To: Chao Yu; +Cc: linux-f2fs-devel
Sure I will do it. So you are still willing to fix the issues even it may be affected by CHECK_FS config?
Thanks
-Wen
> On Jul 6, 2018, at 12:22 PM, Chao Yu <chao@kernel.org> wrote:
>
> Hi Wen,
>
> I've update two patches today for these issues, could you please test them?
>
> On 2018/7/6 9:30, Xu, Wen wrote:
>> Thanks very much! I would like to provide any further help or testing.
>>
>> -Wen
>>
>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>
>>> Hi Wen,
>>>
>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>> Dear F2FS developers,
>>>>
>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>
>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>
> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>
>>>>
>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>
> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>
>>>>
>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>
>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>
> Fixes this issue with above commit.
>
> Thanks,
>
>>>>
>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>
>>> Alright, I will dig into these issues in these days, once I have solution, will
>>> let you know.
>>>
>>> Thanks,
>>>
>>>>
>>>> -Wen
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Linux-f2fs-devel mailing list
>> Linux-f2fs-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-07 15:48 ` Xu, Wen
@ 2018-07-07 16:32 ` Chao Yu
2018-07-08 2:43 ` Xu, Wen
0 siblings, 1 reply; 12+ messages in thread
From: Chao Yu @ 2018-07-07 16:32 UTC (permalink / raw)
To: Xu, Wen; +Cc: linux-f2fs-devel
On 2018/7/7 23:48, Xu, Wen wrote:
> Sure I will do it. So you are still willing to fix the issues even it may be affected by CHECK_FS config?
Yes, let me figure out the problem.
https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
Above commit seems breaking normal case, let me update it.
Thanks,
>
> Thanks
> -Wen
>
>> On Jul 6, 2018, at 12:22 PM, Chao Yu <chao@kernel.org> wrote:
>>
>> Hi Wen,
>>
>> I've update two patches today for these issues, could you please test them?
>>
>> On 2018/7/6 9:30, Xu, Wen wrote:
>>> Thanks very much! I would like to provide any further help or testing.
>>>
>>> -Wen
>>>
>>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>>
>>>> Hi Wen,
>>>>
>>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>>> Dear F2FS developers,
>>>>>
>>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>>
>>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>
>>>>>
>>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>>
>>>>>
>>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>>
>>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>
>> Fixes this issue with above commit.
>>
>> Thanks,
>>
>>>>>
>>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>>
>>>> Alright, I will dig into these issues in these days, once I have solution, will
>>>> let you know.
>>>>
>>>> Thanks,
>>>>
>>>>>
>>>>> -Wen
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Linux-f2fs-devel mailing list
>>> Linux-f2fs-devel@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-07 16:32 ` Chao Yu
@ 2018-07-08 2:43 ` Xu, Wen
2018-07-09 2:24 ` Chao Yu
2018-07-09 15:10 ` Chao Yu
0 siblings, 2 replies; 12+ messages in thread
From: Xu, Wen @ 2018-07-08 2:43 UTC (permalink / raw)
To: Chao Yu; +Cc: linux-f2fs-devel
It is already fixed by the latest commit in your git tree?
Thanks,
Wen
> On Jul 7, 2018, at 12:32 PM, Chao Yu <chao@kernel.org> wrote:
>
> On 2018/7/7 23:48, Xu, Wen wrote:
>> Sure I will do it. So you are still willing to fix the issues even it may be affected by CHECK_FS config?
>
> Yes, let me figure out the problem.
>
> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>
> Above commit seems breaking normal case, let me update it.
>
> Thanks,
>
>>
>> Thanks
>> -Wen
>>
>>> On Jul 6, 2018, at 12:22 PM, Chao Yu <chao@kernel.org> wrote:
>>>
>>> Hi Wen,
>>>
>>> I've update two patches today for these issues, could you please test them?
>>>
>>> On 2018/7/6 9:30, Xu, Wen wrote:
>>>> Thanks very much! I would like to provide any further help or testing.
>>>>
>>>> -Wen
>>>>
>>>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>>>
>>>>> Hi Wen,
>>>>>
>>>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>>>> Dear F2FS developers,
>>>>>>
>>>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>>>
>>>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>>
>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>>
>>>>>>
>>>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>>
>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>>>
>>>>>>
>>>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>>>
>>>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>>
>>> Fixes this issue with above commit.
>>>
>>> Thanks,
>>>
>>>>>>
>>>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>>>
>>>>> Alright, I will dig into these issues in these days, once I have solution, will
>>>>> let you know.
>>>>>
>>>>> Thanks,
>>>>>
>>>>>>
>>>>>> -Wen
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>> _______________________________________________
>>>> Linux-f2fs-devel mailing list
>>>> Linux-f2fs-devel@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Linux-f2fs-devel mailing list
>> Linux-f2fs-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-08 2:43 ` Xu, Wen
@ 2018-07-09 2:24 ` Chao Yu
2018-07-09 15:10 ` Chao Yu
1 sibling, 0 replies; 12+ messages in thread
From: Chao Yu @ 2018-07-09 2:24 UTC (permalink / raw)
To: Xu, Wen, Chao Yu; +Cc: linux-f2fs-devel
I updated a commit, could you have a try with last f2fs-dev?
On 2018/7/8 10:43, Xu, Wen wrote:
> It is already fixed by the latest commit in your git tree?
>
> Thanks,
> Wen
>
>> On Jul 7, 2018, at 12:32 PM, Chao Yu <chao@kernel.org> wrote:
>>
>> On 2018/7/7 23:48, Xu, Wen wrote:
>>> Sure I will do it. So you are still willing to fix the issues even it may be affected by CHECK_FS config?
>>
>> Yes, let me figure out the problem.
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>
>> Above commit seems breaking normal case, let me update it.
>>
>> Thanks,
>>
>>>
>>> Thanks
>>> -Wen
>>>
>>>> On Jul 6, 2018, at 12:22 PM, Chao Yu <chao@kernel.org> wrote:
>>>>
>>>> Hi Wen,
>>>>
>>>> I've update two patches today for these issues, could you please test them?
>>>>
>>>> On 2018/7/6 9:30, Xu, Wen wrote:
>>>>> Thanks very much! I would like to provide any further help or testing.
>>>>>
>>>>> -Wen
>>>>>
>>>>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>>>>
>>>>>> Hi Wen,
>>>>>>
>>>>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>>>>> Dear F2FS developers,
>>>>>>>
>>>>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>>>>
>>>>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>>>
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>>>
>>>>>>>
>>>>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>>>
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>>>>
>>>>>>>
>>>>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>>>>
>>>>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>>>
>>>> Fixes this issue with above commit.
>>>>
>>>> Thanks,
>>>>
>>>>>>>
>>>>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>>>>
>>>>>> Alright, I will dig into these issues in these days, once I have solution, will
>>>>>> let you know.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>>>
>>>>>>> -Wen
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Check out the vibrant tech community on one of the world's most
>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>> _______________________________________________
>>>>> Linux-f2fs-devel mailing list
>>>>> Linux-f2fs-devel@lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Linux-f2fs-devel mailing list
>>> Linux-f2fs-devel@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-08 2:43 ` Xu, Wen
2018-07-09 2:24 ` Chao Yu
@ 2018-07-09 15:10 ` Chao Yu
2018-07-09 19:11 ` Xu, Wen
1 sibling, 1 reply; 12+ messages in thread
From: Chao Yu @ 2018-07-09 15:10 UTC (permalink / raw)
To: Xu, Wen; +Cc: linux-f2fs-devel
I guess, could you please test it?
Thanks,
On 2018/7/8 10:43, Xu, Wen wrote:
> It is already fixed by the latest commit in your git tree?
>
> Thanks,
> Wen
>
>> On Jul 7, 2018, at 12:32 PM, Chao Yu <chao@kernel.org> wrote:
>>
>> On 2018/7/7 23:48, Xu, Wen wrote:
>>> Sure I will do it. So you are still willing to fix the issues even it may be affected by CHECK_FS config?
>>
>> Yes, let me figure out the problem.
>>
>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>
>> Above commit seems breaking normal case, let me update it.
>>
>> Thanks,
>>
>>>
>>> Thanks
>>> -Wen
>>>
>>>> On Jul 6, 2018, at 12:22 PM, Chao Yu <chao@kernel.org> wrote:
>>>>
>>>> Hi Wen,
>>>>
>>>> I've update two patches today for these issues, could you please test them?
>>>>
>>>> On 2018/7/6 9:30, Xu, Wen wrote:
>>>>> Thanks very much! I would like to provide any further help or testing.
>>>>>
>>>>> -Wen
>>>>>
>>>>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>>>>
>>>>>> Hi Wen,
>>>>>>
>>>>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>>>>> Dear F2FS developers,
>>>>>>>
>>>>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>>>>
>>>>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>>>
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>>>
>>>>>>>
>>>>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>>>
>>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>>>>
>>>>>>>
>>>>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>>>>
>>>>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>>>
>>>> Fixes this issue with above commit.
>>>>
>>>> Thanks,
>>>>
>>>>>>>
>>>>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>>>>
>>>>>> Alright, I will dig into these issues in these days, once I have solution, will
>>>>>> let you know.
>>>>>>
>>>>>> Thanks,
>>>>>>
>>>>>>>
>>>>>>> -Wen
>>>>>
>>>>> ------------------------------------------------------------------------------
>>>>> Check out the vibrant tech community on one of the world's most
>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>> _______________________________________________
>>>>> Linux-f2fs-devel mailing list
>>>>> Linux-f2fs-devel@lists.sourceforge.net
>>>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>
>>> ------------------------------------------------------------------------------
>>> Check out the vibrant tech community on one of the world's most
>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>> _______________________________________________
>>> Linux-f2fs-devel mailing list
>>> Linux-f2fs-devel@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>
>
> ------------------------------------------------------------------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Linux-f2fs-devel mailing list
> Linux-f2fs-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
* Re: Bug report: some new bugs found by fuzzing
2018-07-09 15:10 ` Chao Yu
@ 2018-07-09 19:11 ` Xu, Wen
0 siblings, 0 replies; 12+ messages in thread
From: Xu, Wen @ 2018-07-09 19:11 UTC (permalink / raw)
To: Chao Yu; +Cc: linux-f2fs-devel
Yeah, the issues are all fixed by your commits regarding my tests.
Thanks,
Wen
> On Jul 9, 2018, at 11:10 AM, Chao Yu <chao@kernel.org> wrote:
>
> I guess, could you please test it?
>
> Thanks,
>
> On 2018/7/8 10:43, Xu, Wen wrote:
>> It is already fixed by the latest commit in your git tree?
>>
>> Thanks,
>> Wen
>>
>>> On Jul 7, 2018, at 12:32 PM, Chao Yu <chao@kernel.org> wrote:
>>>
>>> On 2018/7/7 23:48, Xu, Wen wrote:
>>>> Sure I will do it. So you are still willing to fix the issues even it may be affected by CHECK_FS config?
>>>
>>> Yes, let me figure out the problem.
>>>
>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>>
>>> Above commit seems breaking normal case, let me update it.
>>>
>>> Thanks,
>>>
>>>>
>>>> Thanks
>>>> -Wen
>>>>
>>>>> On Jul 6, 2018, at 12:22 PM, Chao Yu <chao@kernel.org> wrote:
>>>>>
>>>>> Hi Wen,
>>>>>
>>>>> I've update two patches today for these issues, could you please test them?
>>>>>
>>>>> On 2018/7/6 9:30, Xu, Wen wrote:
>>>>>> Thanks very much! I would like to provide any further help or testing.
>>>>>>
>>>>>> -Wen
>>>>>>
>>>>>>> On Jul 5, 2018, at 9:13 PM, Chao Yu <yuchao0@huawei.com> wrote:
>>>>>>>
>>>>>>> Hi Wen,
>>>>>>>
>>>>>>> On 2018/7/6 3:19, Xu, Wen wrote:
>>>>>>>> Dear F2FS developers,
>>>>>>>>
>>>>>>>> By fuzzing, I find some new issues in Linux f2fs kernel module. Here are the links on Bugzilla,
>>>>>>>>
>>>>>>>> 200419 NULL pointer dereference in __remove_dirty_segment() when mounting an f2fs image
>>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200419
>>>>>
>>>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ccf5e1525e92010dd2cb8ff5a820283f9bff5c78
>>>>>
>>>>>>>>
>>>>>>>> 200421 Buffer overrun in f2fs_truncate_inline_inode() when umounting an f2fs image
>>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200421
>>>>>
>>>>> https://git.kernel.org/pub/scm/linux/kernel/git/chao/linux.git/commit/?h=f2fs-dev&id=ea08202ee4ca67b31b3510591f2a8032ec3ac4cb
>>>>>
>>>>>>>>
>>>>>>>> 200423 Out-of-bound access in f2fs_get_dnode_of_data() when operating file on an f2fs image
>>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200423
>>>>>>>>
>>>>>>>> 200425 Invalid memory access in f2fs_find_target_dentry() when operating files on an f2fs image
>>>>>>>> https://bugzilla.kernel.org/show_bug.cgi?id=200425
>>>>>
>>>>> Fixes this issue with above commit.
>>>>>
>>>>> Thanks,
>>>>>
>>>>>>>>
>>>>>>>> Regarding my testing, they can all be reproduced w/ Chao’s f2fs-dev branch. Thanks!
>>>>>>>
>>>>>>> Alright, I will dig into these issues in these days, once I have solution, will
>>>>>>> let you know.
>>>>>>>
>>>>>>> Thanks,
>>>>>>>
>>>>>>>>
>>>>>>>> -Wen
>>>>>>
>>>>>> ------------------------------------------------------------------------------
>>>>>> Check out the vibrant tech community on one of the world's most
>>>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>>>> _______________________________________________
>>>>>> Linux-f2fs-devel mailing list
>>>>>> Linux-f2fs-devel@lists.sourceforge.net
>>>>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>>
>>>> ------------------------------------------------------------------------------
>>>> Check out the vibrant tech community on one of the world's most
>>>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>>>> _______________________________________________
>>>> Linux-f2fs-devel mailing list
>>>> Linux-f2fs-devel@lists.sourceforge.net
>>>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>>>
>>
>> ------------------------------------------------------------------------------
>> Check out the vibrant tech community on one of the world's most
>> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
>> _______________________________________________
>> Linux-f2fs-devel mailing list
>> Linux-f2fs-devel@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
>>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Linux-f2fs-devel mailing list
Linux-f2fs-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/linux-f2fs-devel
^ permalink raw reply [flat|nested] 12+ messages in thread
end of thread, other threads:[~2018-07-09 19:11 UTC | newest]
Thread overview: 12+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-05 19:19 Bug report: some new bugs found by fuzzing Xu, Wen
2018-07-06 1:13 ` Chao Yu
2018-07-06 1:30 ` Xu, Wen
2018-07-06 7:00 ` Chao Yu
2018-07-06 13:01 ` Xu, Wen
2018-07-06 16:22 ` Chao Yu
2018-07-07 15:48 ` Xu, Wen
2018-07-07 16:32 ` Chao Yu
2018-07-08 2:43 ` Xu, Wen
2018-07-09 2:24 ` Chao Yu
2018-07-09 15:10 ` Chao Yu
2018-07-09 19:11 ` Xu, Wen
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.