hi,
after fsfuzz
(http://www.securityfocus.com/archive/1/449568/30/0/threaded) was
released i decided to give it a spin. So far I got two problematic
images:
http://www.cobra-basket.de/ext3_ls_prozzy_hog.img.bz2
which makes the kernel use as much cpu as it can get
http://www.cobra-basket.de/ext3_memhog.img.bz2
eats all memory it can get
I enabled jbd debugging for a while, and the traces looked
similar, but made not much sense to me. kmemleak
locked my box, so I was not able to get some debugging
info from there.
To test the images, just mount them, and do an ls
on the image.
Greetings, Eric
--
http://www.cobra-basket.de -- just my stuff
Eric Sesterhenn / Snakebyte wrote:
> hi,
>
> after fsfuzz
> (http://www.securityfocus.com/archive/1/449568/30/0/threaded) was
> released i decided to give it a spin. So far I got two problematic
> images:
>
> http://www.cobra-basket.de/ext3_ls_prozzy_hog.img.bz2
> which makes the kernel use as much cpu as it can get
>
> http://www.cobra-basket.de/ext3_memhog.img.bz2
> eats all memory it can get
>
> I enabled jbd debugging for a while, and the traces looked
> similar, but made not much sense to me. kmemleak
> locked my box, so I was not able to get some debugging
> info from there.
> To test the images, just mount them, and do an ls
> on the image.
Hi Eric, I recently posted a patch to LKML ([PATCH] handle ext3 directory
corruption better) to handle the broken fuzz cases I found. You might try again
w/ that patch... I can also give your images a whirl. With the patch I
submitted, I had thousands of successful fsfuzz runs. The only snag I hit was
actually an fsfuzz bug; lost+found/ had been fuzzed so it looked like a pipe,
and the "cat" part of the test hung up - not really an ext3 bug.
Thanks,
-Eric
Eric Sandeen wrote:
> Eric Sesterhenn / Snakebyte wrote:
>> hi,
>>
>> after fsfuzz
>> (http://www.securityfocus.com/archive/1/449568/30/0/threaded) was
>> released i decided to give it a spin. So far I got two problematic
>> images:
>>
>> http://www.cobra-basket.de/ext3_ls_prozzy_hog.img.bz2
>> which makes the kernel use as much cpu as it can get
>>
>> http://www.cobra-basket.de/ext3_memhog.img.bz2
>> eats all memory it can get
Works for me w/ that patch:
[root@link-07 ~]# mount -o loop ext3_ls_prozzy_hog.img mnt/
[root@link-07 ~]# ls mnt/
[root@link-07 ~]# dmesg | tail -n 6
EXT3-fs: mounted filesystem with ordered data mode.
EXT3-fs error (device loop0): htree_dirblock_to_tree: bad entry in
directory #2: rec_len % 4 != 0 - offset=24, inode=11, rec_len=989,
name_len=10
Aborting journal on device loop0.
ext3_abort called.
EXT3-fs error (device loop0): ext3_journal_start_sb: Detected aborted
journal
Remounting filesystem read-only
[root@link-07 ~]# mount -o loop ext3_memhog.img mnt/
[root@link-07 ~]# ls mnt
[root@link-07 ~]# dmesg | tail -n 6
EXT3-fs: mounted filesystem with ordered data mode.
EXT3-fs error (device loop0): htree_dirblock_to_tree: bad entry in
directory #2: rec_len is smaller than minimal - offset=0, inode=75,
rec_len=0, name_len=0
Aborting journal on device loop0.
ext3_abort called.
EXT3-fs error (device loop0): ext3_journal_start_sb: Detected aborted
journal
Remounting filesystem read-only
-Eric