| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <bug-200071-13602@https.bugzilla.kernel.org/>
Date: Thu, 14 Jun 2018 04:04:21 +0000
From: bugzilla-daemon@...zilla.kernel.org
To: linux-ext4@...nel.org
Subject: [Bug 200071] New: BUG() in jbd2_journal_dirty_metadata() that kernel
cannot handle when mounting and operating a crafted ext4 image
https://bugzilla.kernel.org/show_bug.cgi?id=200071
Bug ID: 200071
Summary: BUG() in jbd2_journal_dirty_metadata() that kernel
cannot handle when mounting and operating a crafted
ext4 image
Product: File System
Version: 2.5
Kernel Version: 4.17
Hardware: All
OS: Linux
Tree: Mainline
Status: NEW
Severity: normal
Priority: P1
Component: ext4
Assignee: fs_ext4@...nel-bugs.osdl.org
Reporter: wen.xu@...ech.edu
Regression: No
This is also an issue finally triggered in the code path of JBD2 when operating
an ext4 image.
- Reproduce
# mkdir mnt
# mount -t ext4 0.img mnt
# gcc -o poc poc.c
# ./poc ./mnt
I reproduce on both dev branch of ext4.git and also upstream kernel.
- Kernel message
[ 919.113698] EXT4-fs: ext4_mb_mark_diskspace_used:3044: aborting transaction:
error 28 in __ext4_handle_dirty_metadata
[ 919.115977] EXT4: jbd2_journal_dirty_metadata failed: handle type 1 started
at line 867, credits 1/0, errcode -28
[ 919.116014] EXT4-fs error (device loop0) in ext4_do_update_inode:5273:
Readonly filesystem
[ 919.176196] EXT4-fs error (device loop0) in ext4_dirty_inode:5984: error 28
[ 919.208726] EXT4-fs error (device loop0) in ext4_do_update_inode:5273:
Readonly filesystem
[ 919.239194] EXT4-fs error (device loop0) in
ext4_da_write_inline_data_begin:893: error 28
[ 919.260225] kernel BUG at fs/jbd2/transaction.c:1365!
[ 919.261385] invalid opcode: 0000 [#1] SMP KASAN PTI
[ 919.262367] Modules linked in: snd_hda_codec_generic snd_hda_intel
snd_hda_codec snd_hwdep snd_hda_core snd_pcm snd_timer snd i2c_piix4 mac_hid
soundcore ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi
scsi_transport_iscsi autofs4 btrfs zstd_decompress zstd_compress xxhash raid10
raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq
raid1 raid0 multipath linear 8139too qxl drm_kms_helper syscopyarea sysfillrect
crct10dif_pclmul sysimgblt fb_sys_fops ttm crc32_pclmul drm aesni_intel
aes_x86_64 crypto_simd cryptd glue_helper pata_acpi 8139cp floppy mii
[ 919.272919] CPU: 1 PID: 28962 Comm: poc Tainted: G W
4.17.0-rc4+ #5
[ 919.274408] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 919.276301] RIP: 0010:jbd2_journal_dirty_metadata+0x4b6/0x4d0
[ 919.277437] RSP: 0018:ffff8801de9574d8 EFLAGS: 00010206
[ 919.278479] RAX: 0000000000000000 RBX: ffff880187b2d2a0 RCX:
ffffffff865603ca
[ 919.279874] RDX: 0000000000000007 RSI: dffffc0000000000 RDI:
ffff8801dbc5700c
[ 919.281280] RBP: ffff8801de957528 R08: ffff880187b2d2a0 R09:
ffffed003dac53b5
[ 919.282681] R10: 0000000000000001 R11: ffffed003dac53b4 R12:
ffff8801dbc57000
[ 919.284096] R13: ffff8801953dca00 R14: ffff8801dbc5700c R15:
ffff8801e11b8000
[ 919.285501] FS: 00007f41395dc700(0000) GS:ffff8801f7100000(0000)
knlGS:0000000000000000
[ 919.287109] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 919.288282] CR2: 00007f819decd624 CR3: 00000001e7d24000 CR4:
00000000000006e0
[ 919.289706] Call Trace:
[ 919.290220] ? ext4_mb_good_group+0x206/0x260
[ 919.291104] __ext4_handle_dirty_metadata+0x61/0x2a0
[ 919.292107] ext4_mb_mark_diskspace_used+0x4ee/0x6d0
[ 919.293096] ? ext4_mb_regular_allocator+0x840/0x840
[ 919.294089] ext4_mb_new_blocks+0x59d/0x15e0
[ 919.294959] ? __kmalloc+0x11f/0x240
[ 919.295690] ? ext4_find_extent+0x3cf/0x450
[ 919.296532] ext4_ext_map_blocks+0x1285/0x1f60
[ 919.297419] ? ext4_find_delalloc_cluster+0x60/0x60
[ 919.298395] ? __put_compound_page+0x50/0x50
[ 919.299252] ? mpage_process_page_bufs+0x211/0x270
[ 919.300215] ? __pagevec_release+0x55/0x60
[ 919.301033] ? mpage_prepare_extent_to_map+0x56f/0x590
[ 919.302051] ? kasan_check_write+0x14/0x20
[ 919.302873] ? ext4_es_lookup_extent+0x276/0x310
[ 919.303808] ext4_map_blocks+0x246/0xa50
[ 919.304597] ? memcg_kmem_put_cache+0x1b/0xa0
[ 919.305472] ? ext4_issue_zeroout+0xa0/0xa0
[ 919.306308] ? __ext4_journal_start_sb+0x89/0x180
[ 919.307249] ext4_writepages+0xcd5/0x1500
[ 919.308072] ? ext4_mark_inode_dirty+0x3d0/0x3d0
[ 919.309010] ? aa_path_link+0x210/0x210
[ 919.309786] ? kasan_slab_free+0xe/0x10
[ 919.310559] ? kmem_cache_free+0x89/0x1e0
[ 919.311362] ? putname+0x80/0x90
[ 919.312033] ? do_sys_open+0x22e/0x2c0
[ 919.312788] ? __x64_sys_open+0x4c/0x60
[ 919.313575] ? iov_iter_init+0x82/0xc0
[ 919.314330] do_writepages+0x37/0xb0
[ 919.315056] ? ext4_mark_inode_dirty+0x3d0/0x3d0
[ 919.315998] ? do_writepages+0x37/0xb0
[ 919.316763] __filemap_fdatawrite_range+0x19a/0x1f0
[ 919.317731] ? delete_from_page_cache_batch+0x4e0/0x4e0
[ 919.318775] ? fsnotify+0x695/0x720
[ 919.319478] ? __fsnotify_inode_delete+0x20/0x20
[ 919.320415] file_write_and_wait_range+0x66/0xb0
[ 919.321337] ext4_sync_file+0x1e3/0x670
[ 919.322114] ? ext4_getfsmap+0x4d0/0x4d0
[ 919.322909] vfs_fsync_range+0x68/0x100
[ 919.323698] ? __fget_light+0xc9/0xe0
[ 919.324437] do_fsync+0x3d/0x70
[ 919.325074] __x64_sys_fdatasync+0x24/0x30
[ 919.325899] do_syscall_64+0x78/0x170
[ 919.326651] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 919.327662] RIP: 0033:0x7f41390f4800
[ 919.328379] RSP: 002b:00007fff8fe02e78 EFLAGS: 00000246 ORIG_RAX:
000000000000004b
[ 919.329863] RAX: ffffffffffffffda RBX: 0000000000000000 RCX:
00007f41390f4800
[ 919.331257] RDX: 0000000000008000 RSI: 0000000000602140 RDI:
0000000000000003
[ 919.332665] RBP: 00007fff8fe02fe0 R08: 0000000000000003 R09:
0000000000000000
[ 919.334058] R10: 00000000000002e8 R11: 0000000000000246 R12:
0000000000400c20
[ 919.335449] R13: 00007fff8fe030e0 R14: 0000000000000000 R15:
0000000000000000
[ 919.336851] Code: 2a fd ff ff 31 c0 e9 e0 fe ff ff c7 45 c8 00 00 00 00 e9
b6 fe ff ff 4c 89 f7 e8 a6 2b e3 ff 41 83 7c 24 0c 01 0f 84 4f fe ff ff <0f> 0b
0f 0b 45 31 f6 e9 71 ff ff ff 0f 1f 40 00 66 2e 0f 1f 84
[ 919.340550] RIP: jbd2_journal_dirty_metadata+0x4b6/0x4d0 RSP:
ffff8801de9574d8
[ 919.342119] ---[ end trace 9f703e0d0e15b355 ]---
[ 919.342994]
==================================================================
[ 919.344683] BUG: KASAN: stack-out-of-bounds in
arch_tlb_gather_mmu+0x21/0x170
[ 919.346144] Write of size 8 at addr ffff8801de957bc8 by task poc/28962
[ 919.347461]
[ 919.347820] CPU: 1 PID: 28962 Comm: poc Tainted: G D W
4.17.0-rc4+ #5
[ 919.349341] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 919.351211] Call Trace:
[ 919.351734] dump_stack+0x7b/0xb5
[ 919.352418] print_address_description+0x70/0x290
[ 919.353368] kasan_report+0x291/0x390
[ 919.354112] ? arch_tlb_gather_mmu+0x21/0x170
[ 919.354992] __asan_store8+0x57/0x90
[ 919.355731] arch_tlb_gather_mmu+0x21/0x170
[ 919.356575] tlb_gather_mmu+0x12/0x40
[ 919.357325] free_ldt_pgtables.part.2+0x90/0x110
[ 919.358261] ? map_ldt_struct+0x430/0x430
[ 919.359098] ? compat_start_thread+0x60/0x60
[ 919.359996] ? finish_task_switch+0x94/0x330
[ 919.360857] ? switch_mm_irqs_off+0x28d/0x510
[ 919.361726] ? __schedule+0x6dc/0xd80
[ 919.362465] free_ldt_pgtables+0x13/0x20
[ 919.363257] ldt_arch_exit_mmap+0xe/0x10
[ 919.364061] exit_mmap+0xcd/0x280
[ 919.364736] ? __ia32_sys_munmap+0x50/0x50
[ 919.365559] ? exit_aio+0x98/0x230
[ 919.366254] ? __x32_compat_sys_io_submit+0x100/0x100
[ 919.367270] ? taskstats_exit+0x1f4/0x640
[ 919.368086] ? kasan_check_read+0x11/0x20
[ 919.368899] ? mm_update_next_owner+0x322/0x380
[ 919.369806] mmput+0x8b/0x1d0
[ 919.370411] do_exit+0x43a/0x1390
[ 919.371084] ? file_write_and_wait_range+0x66/0xb0
[ 919.372057] ? mm_update_next_owner+0x380/0x380
[ 919.372969] ? ext4_getfsmap+0x4d0/0x4d0
[ 919.373761] ? vfs_fsync_range+0x68/0x100
[ 919.374570] ? __fget_light+0xc9/0xe0
[ 919.375314] ? do_fsync+0x3d/0x70
[ 919.376012] ? __x64_sys_fdatasync+0x24/0x30
[ 919.376873] rewind_stack_do_exit+0x17/0x20
[ 919.377714] RIP: 0033:0x7f41390f4800
[ 919.378456] RSP: 002b:00007fff8fe02e78 EFLAGS: 00000246 ORIG_RAX:
000000000000004b
[ 919.379982] RAX: ffffffffffffffda RBX: 0000000000000000 RCX:
00007f41390f4800
[ 919.381399] RDX: 0000000000008000 RSI: 0000000000602140 RDI:
0000000000000003
[ 919.382812] RBP: 00007fff8fe02fe0 R08: 0000000000000003 R09:
0000000000000000
[ 919.384246] R10: 00000000000002e8 R11: 0000000000000246 R12:
0000000000400c20
[ 919.385663] R13: 00007fff8fe030e0 R14: 0000000000000000 R15:
0000000000000000
[ 919.387075]
[ 919.387394] The buggy address belongs to the page:
[ 919.395943] page:ffffea00077a55c0 count:0 mapcount:0
mapping:0000000000000000 index:0x0
[ 919.397528] flags: 0x2ffff0000000000()
[ 919.398302] raw: 02ffff0000000000 0000000000000000 0000000000000000
00000000ffffffff
[ 919.399852] raw: 0000000000000000 dead000000000200 0000000000000000
0000000000000000
[ 919.401379] page dumped because: kasan: bad access detected
[ 919.402481]
[ 919.402799] Memory state around the buggy address:
[ 919.403768] ffff8801de957a80: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
00
[ 919.405192] ffff8801de957b00: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 f1
f1
[ 919.406616] >ffff8801de957b80: f1 f1 00 00 00 f1 f1 f1 f1 f4 f2 00 00 00 00
00
[ 919.408046] ^
[ 919.409155] ffff8801de957c00: 00 00 00 00 00 00 00 00 00 00 f4 f4 f4 f3 f3
f3
[ 919.410581] ffff8801de957c80: f3 f3 00 00 00 00 00 00 f1 f1 f1 f1 00 00 00
00
[ 919.412015]
==================================================================
[ 919.414859] kernel tried to execute NX-protected page - exploit attempt?
(uid: 0)
[ 919.416424] BUG: unable to handle kernel paging request at ffff88018c306ec1
[ 919.417829] PGD 4ff40067 P4D 4ff40067 PUD 4ff46067 PMD 800000018c2000e3
[ 919.419180] Oops: 0011 [#2] SMP KASAN PTI
[ 919.419997] Modules linked in: snd_hda_codec_generic snd_hda_intel
snd_hda_codec snd_hwdep snd_hda_core snd_pcm snd_timer snd i2c_piix4 mac_hid
soundcore ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi
scsi_transport_iscsi autofs4 btrfs zstd_decompress zstd_compress xxhash raid10
raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq
raid1 raid0 multipath linear 8139too qxl drm_kms_helper syscopyarea sysfillrect
crct10dif_pclmul sysimgblt fb_sys_fops ttm crc32_pclmul drm aesni_intel
aes_x86_64 crypto_simd cryptd glue_helper pata_acpi 8139cp floppy mii
[ 919.430926] CPU: 1 PID: 28962 Comm: poc Tainted: G B D W
4.17.0-rc4+ #5
[ 919.432524] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 919.434371] RIP: 0010:0xffff88018c306ec1
[ 919.435162] RSP: 0018:ffff8801de957538 EFLAGS: 00010246
[ 919.436214] RAX: 0000000000000000 RBX: ffff8801de9575c8 RCX:
ffffffff8680273c
[ 919.437631] RDX: ffff88018c306ec1 RSI: 0000000000000001 RDI:
ffff880194f05e80
[ 919.439058] RBP: ffff8801de957630 R08: fffffbfff0fc16c7 R09:
fffffbfff0fc16c7
[ 919.440499] R10: 0000000000000001 R11: fffffbfff0fc16c6 R12:
ffff880194f05d08
[ 919.441930] R13: ffff8801de957608 R14: ffff8801de9575c8 R15:
ffff880194f05e80
[ 919.443359] FS: 00007f41395dc700(0000) GS:ffff8801f7100000(0000)
knlGS:0000000000000000
[ 919.444972] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 919.446115] CR2: ffff88018c306ec1 CR3: 00000001ef71a000 CR4:
00000000000006e0
[ 919.447526] Call Trace:
[ 919.448050] ? blk_flush_plug_list+0x20e/0x4d0
[ 919.448951] ? blk_init_request_from_bio+0x160/0x160
[ 919.449955] ? unwind_get_return_address+0x36/0x50
[ 919.450924] ? kasan_check_write+0x14/0x20
[ 919.451762] ? _raw_spin_lock_irqsave+0x2a/0x60
[ 919.452671] ? radix_tree_next_chunk+0xc0/0x4a0
[ 919.453593] io_schedule_prepare+0x66/0x70
[ 919.454421] io_schedule+0x1a/0x50
[ 919.455118] __lock_page+0x1c9/0x240
[ 919.455856] ? __lock_page_killable+0x280/0x280
[ 919.456882] ? find_get_entries_tag+0x3d0/0x3d0
[ 919.457860] ? ext4_release_file+0x13d/0x150
[ 919.458731] ? page_cache_tree_insert+0x1d0/0x1d0
[ 919.459692] mpage_prepare_extent_to_map+0x545/0x590
[ 919.460734] ? __ext4_get_inode_loc+0x680/0x680
[ 919.461671] ? save_stack_trace+0x1f/0x30
[ 919.462486] ? save_stack_trace+0x1f/0x30
[ 919.463297] ? memcg_kmem_put_cache+0x1b/0xa0
[ 919.464276] ? kmem_cache_alloc+0x17c/0x1e0
[ 919.465121] ? ext4_init_io_end+0x21/0x80
[ 919.465938] ext4_writepages+0x78a/0x1500
[ 919.466750] ? ext4_mark_inode_dirty+0x3d0/0x3d0
[ 919.467693] ? kasan_check_write+0x14/0x20
[ 919.468533] ? _raw_spin_lock_irqsave+0x2a/0x60
[ 919.469452] ? depot_save_stack+0x2cd/0x470
[ 919.470300] ? free_fs_struct+0x3a/0x40
[ 919.471083] ? save_stack+0x46/0xd0
[ 919.471807] ? __kasan_slab_free+0x13c/0x1a0
[ 919.472671] ? kasan_slab_free+0xe/0x10
[ 919.473446] ? kmem_cache_free+0x89/0x1e0
[ 919.474256] ? free_fs_struct+0x3a/0x40
[ 919.475036] do_writepages+0x37/0xb0
[ 919.475780] ? ext4_mark_inode_dirty+0x3d0/0x3d0
[ 919.476712] ? do_writepages+0x37/0xb0
[ 919.477476] __filemap_fdatawrite_range+0x19a/0x1f0
[ 919.478457] ? delete_from_page_cache_batch+0x4e0/0x4e0
[ 919.479510] ? locks_remove_file+0x9f/0x2a0
[ 919.480366] filemap_flush+0x1c/0x20
[ 919.481095] ext4_alloc_da_blocks+0x41/0xc0
[ 919.481948] ext4_release_file+0x13d/0x150
[ 919.482781] __fput+0x17a/0x380
[ 919.483426] ____fput+0xe/0x10
[ 919.484154] task_work_run+0xc8/0xf0
[ 919.484885] do_exit+0x4a4/0x1390
[ 919.485564] ? file_write_and_wait_range+0x66/0xb0
[ 919.486532] ? mm_update_next_owner+0x380/0x380
[ 919.487445] ? ext4_getfsmap+0x4d0/0x4d0
[ 919.488257] ? vfs_fsync_range+0x68/0x100
[ 919.489071] ? __fget_light+0xc9/0xe0
[ 919.489815] ? do_fsync+0x3d/0x70
[ 919.490493] ? __x64_sys_fdatasync+0x24/0x30
[ 919.491356] rewind_stack_do_exit+0x17/0x20
[ 919.492213] RIP: 0033:0x7f41390f4800
[ 919.492934] RSP: 002b:00007fff8fe02e78 EFLAGS: 00000246 ORIG_RAX:
000000000000004b
[ 919.494429] RAX: ffffffffffffffda RBX: 0000000000000000 RCX:
00007f41390f4800
[ 919.502043] RDX: 0000000000008000 RSI: 0000000000602140 RDI:
0000000000000003
[ 919.503471] RBP: 00007fff8fe02fe0 R08: 0000000000000003 R09:
0000000000000000
[ 919.504976] R10: 00000000000002e8 R11: 0000000000000246 R12:
0000000000400c20
[ 919.506395] R13: 00007fff8fe030e0 R14: 0000000000000000 R15:
0000000000000000
[ 919.507826] Code: 00 00 00 8c bd 8b 01 88 ff ff 00 00 00 00 00 00 00 00 00
00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 b8 6e 30 8c 01 88 ff ff 00 <00> 09
00 00 00 00 00 00 00 00 00 00 00 00 00 88 5e f0 94 01 88
[ 919.511560] RIP: 0xffff88018c306ec1 RSP: ffff8801de957538
[ 919.512644] CR2: ffff88018c306ec1
[ 919.513312] ---[ end trace 9f703e0d0e15b356 ]---
[ 919.514260] WARNING: CPU: 1 PID: 28962 at kernel/exit.c:771
do_exit+0xd2/0x1390
[ 919.515712] Modules linked in: snd_hda_codec_generic snd_hda_intel
snd_hda_codec snd_hwdep snd_hda_core snd_pcm snd_timer snd i2c_piix4 mac_hid
soundcore ib_iser rdma_cm iw_cm ib_cm ib_core iscsi_tcp libiscsi_tcp libiscsi
scsi_transport_iscsi autofs4 btrfs zstd_decompress zstd_compress xxhash raid10
raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq
raid1 raid0 multipath linear 8139too qxl drm_kms_helper syscopyarea sysfillrect
crct10dif_pclmul sysimgblt fb_sys_fops ttm crc32_pclmul drm aesni_intel
aes_x86_64 crypto_simd cryptd glue_helper pata_acpi 8139cp floppy mii
[ 919.526225] CPU: 1 PID: 28962 Comm: poc Tainted: G B D W
4.17.0-rc4+ #5
[ 919.527755] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS
Ubuntu-1.8.2-1ubuntu1 04/01/2014
[ 919.529625] RIP: 0010:do_exit+0xd2/0x1390
[ 919.530432] RSP: 0018:ffff8801de957df8 EFLAGS: 00010087
[ 919.531480] RAX: ffffffff864f0a00 RBX: ffff88018a252880 RCX:
ffffffff860d3ec5
[ 919.532907] RDX: dffffc0000000000 RSI: 0000000000000000 RDI:
ffff8801de957b90
[ 919.534323] RBP: ffff8801de957f48 R08: 0000000000000000 R09:
ffffed003ee23ebb
[ 919.535748] R10: 0000000000000001 R11: ffffed003ee23eba R12:
0000000000000009
[ 919.537164] R13: ffff8801de957b90 R14: 0000000000000046 R15:
0000000000000011
[ 919.538580] FS: 00007f41395dc700(0000) GS:ffff8801f7100000(0000)
knlGS:0000000000000000
[ 919.540187] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 919.541351] CR2: ffff88018c306ec1 CR3: 00000001ef71a000 CR4:
00000000000006e0
[ 919.542778] Call Trace:
[ 919.543288] ? file_write_and_wait_range+0x66/0xb0
[ 919.544270] ? mm_update_next_owner+0x380/0x380
[ 919.545192] ? ext4_getfsmap+0x4d0/0x4d0
[ 919.545990] ? vfs_fsync_range+0x68/0x100
[ 919.546807] ? __fget_light+0xc9/0xe0
[ 919.547555] ? do_fsync+0x3d/0x70
[ 919.548248] ? __x64_sys_fdatasync+0x24/0x30
[ 919.549119] rewind_stack_do_exit+0x17/0x20
[ 919.549970] RIP: 0033:0x7f41390f4800
[ 919.550697] RSP: 002b:00007fff8fe02e78 EFLAGS: 00000246 ORIG_RAX:
000000000000004b
[ 919.552209] RAX: ffffffffffffffda RBX: 0000000000000000 RCX:
00007f41390f4800
[ 919.553622] RDX: 0000000000008000 RSI: 0000000000602140 RDI:
0000000000000003
[ 919.555030] RBP: 00007fff8fe02fe0 R08: 0000000000000003 R09:
0000000000000000
[ 919.556454] R10: 00000000000002e8 R11: 0000000000000246 R12:
0000000000400c20
[ 919.557870] R13: 00007fff8fe030e0 R14: 0000000000000000 R15:
0000000000000000
[ 919.559282] Code: bb 60 07 00 00 e8 bf f1 2b 00 4c 8b ab 60 07 00 00 4d 85
ed 74 17 4c 89 ef e8 ab f1 2b 00 49 8b 45 00 49 39 c5 0f 84 ea 0c 00 00 <0f> 0b
65 8b 05 b5 ac f4 79 25 00 ff 1f 00 89 85 d0 fe ff ff 0f
[ 919.563037] ---[ end trace 9f703e0d0e15b357 ]---
[ 919.563980] Fixing recursive fault but reboot is needed!
- Location
https://elixir.bootlin.com/linux/latest/source/fs/jbd2/transaction.c#L1366
J_ASSERT_JH(jh, jh->b_transaction != transaction ||
jh->b_jlist == BJ_Metadata);
It seems that kernel cannot recover from this critical fault and requires
reboot.
Reported by Wen Xu (wen.xu@...ech.edu) from SSLab at Gatech.
--
You are receiving this mail because:
You are watching the assignee of the bug.
Powered by blists - more mailing lists