Bug 263979 - [meta] UFS / FFS / GEOM crash (panic) tracking
Summary: [meta] UFS / FFS / GEOM crash (panic) tracking
Status: In Progress
Alias: None
Product: Base System
Classification: Unclassified
Component: kern (show other bugs)
Version: Unspecified
Hardware: Any Any
: --- Affects Only Me
Assignee: Kirk McKusick
URL: https://reviews.freebsd.org/D35219
Keywords: crash, needs-qa, tracking
Depends on: 244342 244344 244346 244350 244351 244352 257557 263765 263811 263822 263836 263934 263971 253617
  Show dependency treegraph
Reported: 2022-05-15 02:30 UTC by Kubilay Kocak
Modified: 2022-05-27 19:23 UTC (History)
5 users (show)

See Also:
koobs: mfc-stable13?
koobs: mfc-stable12?


Note You need to log in before you can comment on or make changes to this bug.
Description Kubilay Kocak freebsd_committer freebsd_triage 2022-05-15 02:30:07 UTC
Tracking issue to make coordination of existing ffs/ufs crash reports easier. Linked issues involve at least some aspect of ffs in the crash backtraces
Comment 1 Graham Perrin 2022-05-15 10:06:17 UTC
See also: bug 244384
Comment 2 Kirk McKusick freebsd_committer 2022-05-15 18:50:55 UTC
(In reply to Kubilay Kocak from comment #0)
Thanks for pulling these all together in a single place.

I am working on a general fix that should cover all of these bugs. The fix verifies the superblock when it is read in. Since there is a single piece of code that is used to read the superblock that is shared by the kernel, boot, and user code, it should cover all of these bugs. Stay tuned for a phabricator review.
Comment 3 Kirk McKusick freebsd_committer 2022-05-16 00:08:53 UTC
See https://reviews.freebsd.org/D35219 for a proposed fix to these bug reports.
Comment 4 Kubilay Kocak freebsd_committer freebsd_triage 2022-05-17 08:40:47 UTC
(In reply to Kirk McKusick from comment #2)

My pleasure Kirk. I believe a couple/few look like dupes, I'll be normalizing the summaries to make those clearer and close any dupes (with the older remaining open) tomorrow
Comment 5 Kubilay Kocak freebsd_committer freebsd_triage 2022-05-17 08:43:54 UTC
P.S If this ends up being the issue in which analysis, comment and patches take place, rather than only a tracking issue, with resolution taking place separately for each existing issue, I'll switch the dependency to 'Blocks' rather than the current 'Depends on'.

^Triage: Kirks coordinating here (comment 2, assign accordingly)
Comment 6 commit-hook freebsd_committer 2022-05-27 19:23:24 UTC
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=076002f24d35962f0d21f44bfddd34ee4d7f015d

commit 076002f24d35962f0d21f44bfddd34ee4d7f015d
Author:     Kirk McKusick <mckusick@FreeBSD.org>
AuthorDate: 2022-05-27 19:21:11 +0000
Commit:     Kirk McKusick <mckusick@FreeBSD.org>
CommitDate: 2022-05-27 19:22:07 +0000

    Do comprehensive UFS/FFS superblock integrity checks when reading a superblock.

    Historically only minimal checks were made of a superblock when it
    was read in as it was assumed that fsck would have been run to
    correct any errors before attempting to use the filesystem. Recently
    several bug reports have been submitted reporting kernel panics
    that can be triggered by deliberately corrupting filesystem superblocks,
    see Bug 263979 - [meta] UFS / FFS / GEOM crash (panic) tracking
    which is tracking the reported corruption bugs.

    This change upgrades the checks that are performed. These additional
    checks should prevent panics from a corrupted superblock. Although
    it appears in only one place, the new code will apply to the kernel
    modules and (through libufs) user applications that read in superblocks.

    Reported by:  Robert Morris and Neeraj
    Reviewed by:  kib
    Tested by:    Peter Holm
    PR:           263979
    MFC after:    1 month
    Differential Revision: https://reviews.freebsd.org/D35219

 sys/ufs/ffs/ffs_subr.c | 163 +++++++++++++++++++++++++++++++++++++++++++------
 1 file changed, 146 insertions(+), 17 deletions(-)