Summary: | UFS fuzz metabug | ||
---|---|---|---|
Product: | Base System | Reporter: | Conrad Meyer <cem> |
Component: | kern | Assignee: | freebsd-fs (Nobody) <fs> |
Status: | Closed FIXED | ||
Severity: | Affects Only Me | CC: | chris, emaste, grahamperrin, mckusick |
Priority: | --- | ||
Version: | CURRENT | ||
Hardware: | Any | ||
OS: | Any | ||
See Also: | https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=263979 | ||
Bug Depends on: | 244342, 244344, 244346, 244348, 244349, 244350, 244351, 244352 | ||
Bug Blocks: |
Description
Conrad Meyer
2020-02-25 00:04:24 UTC
From <https://pastebin.com/ErBDidYG> (2021-03-27): Panic String: ufs_dirbad: /media/da1p1: bad dir ino 2 at offset 0: mangled entry Unlike the mangling in bug 244352 (proof of concept involving a malicious UFS filesystem image), my case involved no malice. If you'd like proper background – something more eloquent than what I threw in the bin – I can spin it into a new linked bug report although honestly, I never thought to treat it as a bug. (In a nutshell: wreckage probably originated with an untimely automount – before completion of an initial write of the file system to its partition.) (In reply to Graham Perrin from comment #1) Thanks for your report that this bug can happen in actual use cases. I don't think that we need a separate bug report opened for it. I will move up the priority of dealing with this particular fuzz case. This class of bugs has been fixed in 14 as detailed in https://reviews.freebsd.org/D35219 MFC'ed to 13 with commit b999366aab4e2d59cb8869b0e5ef0f70ab9b9bbe on Fri May 27 12:21:11 2022 -0700 Too old in 12 life to be candidate for MFC. |