Uploaded image for project: 'Lustre'
  1. Lustre
  2. LU-19893

LU-17983 causes a reading outside of allocated memory

    XMLWordPrintable

Details

    • Bug
    • Resolution: Unresolved
    • Blocker
    • None
    • None
    • None
    • RHEL 9.5+KASAN
    • 3
    • 9223372036854775807

    Description

      [  305.643667] ==================================================================
[  305.643685] BUG: KASAN: slab-out-of-bounds in __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.643786] Read of size 4 at addr ffff88805e01bb24 by task mdt_rdpg00_001/4715
[  305.643789]
[  305.643793] CPU: 0 PID: 4715 Comm: mdt_rdpg00_001 Tainted: G        W  OE     -------  ---  5.14.0-503.40.1.el9_5.x86_64+debug #1
[  305.643797] Hardware name: Red Hat KVM/RHEL, BIOS 1.16.3-4.el9.alma.1 04/01/2014
[  305.643800] Call Trace:
[  305.643802]  <TASK>
[  305.643806]  ? __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.643885]  dump_stack_lvl+0x57/0x81
[  305.643894]  print_address_description.constprop.0+0x8b/0x2ed
[  305.643902]  ? __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.643979]  print_report+0x132/0x21c
[  305.643985]  ? __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.644061]  ? kasan_addr_to_slab+0x9/0xa0
[  305.644070]  ? __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.644145]  kasan_report+0x91/0xc0
[  305.644152]  ? __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.644232]  __mdt_stripe_get+0xb5e/0x1130 [mdt]
[  305.644313]  mdt_attr_get_complex+0x5de/0x1b20 [mdt]
[  305.644404]  mdt_hsm_release+0xb0b/0x3c70 [mdt]
[  305.644498]  mdt_mfd_close+0x45b/0x28d0 [mdt]
[  305.644581]  ? __pfx_do_raw_spin_trylock+0x10/0x10
[  305.644594]  mdt_close_internal+0x249/0x7e0 [mdt]
[  305.644677]  ? mdt_check_resent.constprop.0+0x1de/0x8b0 [mdt]
[  305.644762]  mdt_close+0x3ce/0xc90 [mdt]
[  305.644847]  tgt_handle_request0+0x286/0x1370 [ptlrpc]
[  305.645159]  tgt_request_handle+0x716/0x1e50 [ptlrpc]
[  305.645425]  ? __pfx_tgt_request_handle+0x10/0x10 [ptlrpc]
[  305.645695]  ptlrpc_server_handle_request.isra.0+0x9c7/0x21d0 [ptlrpc]
[  305.645938]  ptlrpc_main+0x1a37/0x2db0 [ptlrpc]
[  305.646180]  ? __kthread_parkme+0xc7/0x200
[  305.646187]  ? __pfx_ptlrpc_main+0x10/0x10 [ptlrpc]
[  305.646436]  kthread+0x2ae/0x360
[  305.646441]  ? trace_irq_enable.constprop.0+0x14f/0x1e0
[  305.646447]  ? __pfx_kthread+0x10/0x10
[  305.646451]  ret_from_fork+0x2c/0x50
[  305.646462]  </TASK>

      __mdt_stripe_get had loop to the big xattr get and return to the got: label.

      Attachments

        Issue Links

          is related to

          Bug - A problem which impairs or prevents the functions of the product. LU-17983 LBUG: in mdt_fix_reply() hit during FOFB testing

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Resolved

          Activity

            People

              shadow Alexey Lyashkov
              shadow Alexey Lyashkov
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated: