From: Marios Makassikis <mmakassikis@freebox.fr>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: linux-fsdevel@vger.kernel.org
Subject: Re: [BUG] KASAN: global-out-of-bounds in __fuse_write_file_get.isra.0+0x81/0xe0
Date: Fri, 26 Feb 2021 12:14:08 +0100 [thread overview]
Message-ID: <d2ca20d40dfe23304072815f4733ffc25b7967cb.camel@freebox.fr> (raw)
In-Reply-To: <CAJfpegsJ0kWcGS1Si1dWHmpORKk3c7PUNO2tJdh3_W2YWmY5gg@mail.gmail.com>
On Mon, 2021-02-22 at 11:43 +0100, Miklos Szeredi wrote:
> On Sun, Feb 21, 2021 at 2:30 AM Marios Makassikis
> <mmakassikis@freebox.fr> wrote:
> > Hello,
> >
> > I hope this is the correct list to report this bug I've been
> > seeing.
> >
> > Background: I am testing a kernel SMB server implementation
> > ("ksmbd": https://github.com/cifsd-team/cifsd).
> >
> > As part of my tests, I tried having a Windows client store a backup
> > on a SMB
> > share that is backed by an NTFS formatted disk. In doing so, the
> > kernel
> > reports a BUG and locks up (either immediately, or after a few
> > minutes).
>
> Seems like fi->write_files list gets corrupted.
>
> Is list debugging turned on?
>
> Can you get a crashdump, and see if the rest of the fi structure is
> okay?
>
> Thanks,
> Miklos
Hello Miklos,
I managed to get a crashdump, but couldn't get the crash utility to
work (I fed it the kernel and the crashdump but it exited without any
error message and I didn't get a chance to figure out what was wrong).
Meanwhile, a fix was committed on ksmbd with which I cannot reproduce
the issue [1]. Previously, the i_mutex lock was not held in
set_file_basic_info(): I'm guessing this is what caused the list
corruption.
Marios
[1]
https://github.com/cifsd-team/cifsd/commit/5e929125e519acaf48abc4c42f8389caa26c4d5a
prev parent reply other threads:[~2021-02-26 11:15 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-02-21 1:26 [BUG] KASAN: global-out-of-bounds in __fuse_write_file_get.isra.0+0x81/0xe0 Marios Makassikis
2021-02-22 10:43 ` Miklos Szeredi
2021-02-26 11:14 ` Marios Makassikis [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=d2ca20d40dfe23304072815f4733ffc25b7967cb.camel@freebox.fr \
--to=mmakassikis@freebox.fr \
--cc=linux-fsdevel@vger.kernel.org \
--cc=miklos@szeredi.hu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).