Ubuntu
linux package

mount.ocfs2 causes kernel BUG at lib/string.c:1149!

Bug #1921137 reported by Dan Streetman on 2021-03-24

This bug affects 2 people

	Status	Importance	Assigned to
corosync (Ubuntu)	Confirmed	Undecided	Unassigned
libaio (Ubuntu)	Confirmed	Undecided	Unassigned
linux (Ubuntu)	Confirmed	Critical	Unassigned
ocfs2-tools (Ubuntu)	Confirmed	Undecided	Unassigned

Bug Description

the ocfs2-tools autopkgtests for hirsute recently started failing, and a local test run shows this kernel bug occurring during the test:

[ 100.791586] o2dlm: Leaving domain 1D5A19C6EC8F430AB4E29230BC54D70E
[ 108.864491] detected buffer overflow in strlen
[ 108.869193] ------------[ cut here ]------------
[ 108.869196] kernel BUG at lib/string.c:1149!
[ 108.869962] invalid opcode: 0000 [#1] SMP PTI
[ 108.870715] CPU: 15 PID: 1725 Comm: mount.ocfs2 Not tainted 5.11.0-11-generic #12-Ubuntu
[ 108.872156] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014
[ 108.873701] RIP: 0010:fortify_panic+0x13/0x15
[ 108.874452] Code: 35 28 e5 36 01 48 c7 c7 2b f2 80 92 e8 00 c4 fe ff 41 5c 41 5d 5d c3 55 48 89 fe 48 c7 c7 78 f2 80 92 48 89 e5 e8 e7 c3 fe ff <0f> 0b 48 c7 c7 d0 f7 48 92 e8 df ff ff ff 48 c7 c7 d8 f7 48 92 e8
[ 108.879043] RSP: 0018:ffffa9cf811afc90 EFLAGS: 00010246
[ 108.880396] RAX: 0000000000000022 RBX: ffff926a4cd06000 RCX: 0000000000000000
[ 108.882165] RDX: 0000000000000000 RSI: ffff926b77bd8ac0 RDI: ffff926b77bd8ac0
[ 108.883474] RBP: ffffa9cf811afc90 R08: 0000000000000000 R09: ffffa9cf811afa88
[ 108.884758] R10: ffffa9cf811afa80 R11: ffffffff92f53508 R12: 0000000000000004
[ 108.885961] R13: ffff926a49917800 R14: ffff926a54bdc800 R15: ffff926a4cd06291
[ 108.887163] FS: 00007f8440b60600(0000) GS:ffff926b77bc0000(0000) knlGS:0000000000000000
[ 108.888626] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 108.889607] CR2: 000055eec2b97dc8 CR3: 0000000106c64000 CR4: 00000000000006e0
[ 108.890823] Call Trace:
[ 108.891279] ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]
[ 108.892603] ? ocfs2_sb_probe+0x133/0x3a0 [ocfs2]
[ 108.893484] ? pointer+0x185/0x4d0
[ 108.894079] ocfs2_fill_super+0x15d/0x7a0 [ocfs2]
[ 108.894965] mount_bdev+0x18d/0x1c0
[ 108.895570] ? ocfs2_remount+0x450/0x450 [ocfs2]
[ 108.896518] ocfs2_mount+0x15/0x20 [ocfs2]
[ 108.897293] legacy_get_tree+0x2b/0x50
[ 108.897939] vfs_get_tree+0x2a/0xc0
[ 108.898542] do_new_mount+0x14b/0x1a0
[ 108.899175] path_mount+0x1d4/0x4e0
[ 108.899789] __x64_sys_mount+0x108/0x140
[ 108.900465] do_syscall_64+0x38/0x90
[ 108.901129] entry_SYSCALL_64_after_hwframe+0x44/0xa9
[ 108.902376] RIP: 0033:0x7f8441109bce
[ 108.903169] Code: 48 8b 0d 9d 72 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 6a 72 0c 00 f7 d8 64 89 01 48
[ 108.906322] RSP: 002b:00007fff92a4e2f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
[ 108.907610] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f8441109bce
[ 108.909000] RDX: 000055eec0e140ae RSI: 000055eec2b899e0 RDI: 000055eec2b8f060
[ 108.910727] RBP: 00007fff92a4e4a0 R08: 000055eec2b8f000 R09: 00007fff92a4bd00
[ 108.912443] R10: 0000000000000000 R11: 0000000000000246 R12: 00007fff92a4e390
[ 108.914190] R13: 00007fff92a4e310 R14: 000055eec2b8ac00 R15: 0000000000000000
[ 108.916009] Modules linked in: ocfs2 quota_tree ocfs2_dlmfs ocfs2_stack_o2cb ocfs2_dlm ocfs2_nodemanager ocfs2_stackglue 9p fscache nls_iso8859_1 dm_multipath scsi_dh_rdac scsi_dh_emc scsi_dh_alua ppdev bochs_drm drm_vram_helper drm_ttm_helper ttm kvm_intel drm_kms_helper parport_pc 9pnet_virtio cec input_leds joydev 9pnet parport rc_core fb_sys_fops serio_raw kvm syscopyarea sysfillrect sysimgblt mac_hid qemu_fw_cfg sch_fq_codel msr drm virtio_rng ip_tables x_tables autofs4 btrfs blake2b_generic xor raid6_pq libcrc32c virtio_net net_failover psmouse failover virtio_blk i2c_piix4 pata_acpi floppy
[ 108.925313] ---[ end trace 72e4f69b08b1a89a ]---
[ 108.927136] RIP: 0010:fortify_panic+0x13/0x15
[ 108.928706] Code: 35 28 e5 36 01 48 c7 c7 2b f2 80 92 e8 00 c4 fe ff 41 5c 41 5d 5d c3 55 48 89 fe 48 c7 c7 78 f2 80 92 48 89 e5 e8 e7 c3 fe ff <0f> 0b 48 c7 c7 d0 f7 48 92 e8 df ff ff ff 48 c7 c7 d8 f7 48 92 e8
[ 108.932308] RSP: 0018:ffffa9cf811afc90 EFLAGS: 00010246
[ 108.933231] RAX: 0000000000000022 RBX: ffff926a4cd06000 RCX: 0000000000000000
[ 108.934468] RDX: 0000000000000000 RSI: ffff926b77bd8ac0 RDI: ffff926b77bd8ac0
[ 108.935659] RBP: ffffa9cf811afc90 R08: 0000000000000000 R09: ffffa9cf811afa88
[ 108.936933] R10: ffffa9cf811afa80 R11: ffffffff92f53508 R12: 0000000000000004
[ 108.938141] R13: ffff926a49917800 R14: ffff926a54bdc800 R15: ffff926a4cd06291
[ 108.939458] FS: 00007f8440b60600(0000) GS:ffff926b77bc0000(0000) knlGS:0000000000000000
[ 108.940898] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033
[ 108.942104] CR2: 000055eec2b97dc8 CR3: 0000000106c64000 CR4: 00000000000006e0

For full logs see the autopkgtest results:
https://autopkgtest.ubuntu.com/packages/ocfs2-tools

To see the dmesg kernel BUG output requires running the autopkgtest locally with the --shell-fail command.

See original description

Tags:

Related branches

~rbalint/britney/+git/hints-ubuntu:devel

Merged into ~ubuntu-release/britney/+git/hints-ubuntu:devel at revision 2be6f3f5ea93f5073140e59c7e0b9868c3dc967f

Łukasz Zemczak (community): Approve on 2021-04-08

Dan Streetman (ddstreet) on 2021-03-24

description:

updated

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-03-24: Missing required logs.

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1921137

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete
tags:	added: hirsute

Revision history for this message

Dan Streetman (ddstreet) wrote on 2021-03-25:

marking as affecting ocfs2-tools due to breaking that package's autopkgtests, and affecting corosync as it runs the ocfs2-tools autopkgtests and this bug is blocking corosync's migration in hirsute

Changed in linux (Ubuntu):
status:	Incomplete → New
tags:	added: update-excuse

Revision history for this message

Dan Streetman (ddstreet) wrote on 2021-03-25:

this blocks libaio migration in hirsute, and will block glib2.0 migration once the ocfs2-tools autopkgtest completes (fails) for it

Revision history for this message

Ubuntu Kernel Bot (ubuntu-kernel-bot) wrote on 2021-03-25:

This bug is missing log files that will aid in diagnosing the problem. While running an Ubuntu kernel (not a mainline or third-party kernel) please enter the following command in a terminal window:

apport-collect 1921137

and then change the status of the bug to 'Confirmed'.

If, due to the nature of the issue you have encountered, you are unable to run this command, please add a comment stating that fact and change the bug status to 'Confirmed'.

This change has been made by an automated script, maintained by the Ubuntu Kernel Team.

Changed in linux (Ubuntu):
status:	New → Incomplete

Dan Streetman (ddstreet) on 2021-03-25

tags:	added: apport-collected
Changed in linux (Ubuntu):
status:	Incomplete → Confirmed

Matthias Klose (doko) on 2021-04-08

Changed in linux (Ubuntu):
importance:	Undecided → Critical
tags:	added: rls-ff-incoming

Revision history for this message

Valentin Vidic (vvidic) wrote on 2021-09-27:

More details and proposed patch for the mount bug is here:

https://<email address hidden>/

Revision history for this message

Launchpad Janitor (janitor) wrote on 2021-10-20:

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in corosync (Ubuntu):
status:	New → Confirmed
Changed in libaio (Ubuntu):
status:	New → Confirmed
Changed in ocfs2-tools (Ubuntu):
status:	New → Confirmed

Revision history for this message

Mikko Tanner (shapemaker) wrote on 2021-10-20:

Download full text (5.7 KiB)

Another data point here:

Another data point here:

kernel: [5150033.094216] kernel BUG at lib/string.c:1149!
kernel: [5150033.094224] invalid opcode: 0000 [#1] SMP NOPTI
kernel: [5150033.094229] CPU: 1 PID: 2940890 Comm: mount.ocfs2 Tainted: P           OE     5.13.12-051312-generic #202108181219-Ubuntu
kernel: [5150033.094233] Hardware name: Gigabyte Technology Co., Ltd. X399 DESIGNARE EX/X399 DESIGNARE EX-CF, BIOS F12i 09/24/2019
kernel: [5150033.094236] RIP: 0010:fortify_panic+0x13/0x15
kernel: [5150033.094244] Code: 35 37 a8 3b 01 48 c7 c7 93 63 01 b6 e8 c9 c9 fe ff 41 5c 41 5d 5d c3 55 48 89 fe 48 c7 c7 e0 63 01 b6 48 89 e5 e8 b0 c9 fe ff <0f> 0b 48 c7 c7 18 dc c8 b5 e8 df ff ff ff 48 c7 c7 10 dc c8 b5 e8
kernel: [5150033.094248] RSP: 0018:ffffb4f1ee523c50 EFLAGS: 00010246
kernel: [5150033.094252] RAX: 0000000000000022 RBX: ffff9cf5639bb000 RCX: 0000000000000000
kernel: [5150033.094254] RDX: 0000000000000000 RSI: ffff9d033e2589c0 RDI: ffff9d033e2589c0
kernel: [5150033.094257] RBP: ffffb4f1ee523c50 R08: ffff9d033e2589c0 R09: ffffb4f1ee523a30
kernel: [5150033.094258] R10: 0000000000000001 R11: 0000000000000001 R12: 0000000000000004
kernel: [5150033.094260] R13: ffff9cf496853000 R14: ffff9d00f6a91000 R15: ffff9cf5639bb291
kernel: [5150033.094262] FS:  00007fb7fd6d3b80(0000) GS:ffff9d033e240000(0000) knlGS:0000000000000000
kernel: [5150033.094265] CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033
kernel: [5150033.094267] CR2: 000055f52c08f040 CR3: 000000029a09e000 CR4: 00000000003506e0
kernel: [5150033.094270] Call Trace:
kernel: [5150033.094276]  ocfs2_initialize_super.isra.0.cold+0xc/0x18 [ocfs2]
kernel: [5150033.094347]  ? ocfs2_verify_volume+0x143/0x310 [ocfs2]
kernel: [5150033.094410]  ocfs2_fill_super+0x262/0xda0 [ocfs2]
kernel: [5150033.094473]  mount_bdev+0x18d/0x1c0
kernel: [5150033.094478]  ? ocfs2_initialize_super.isra.0+0x1070/0x1070 [ocfs2]
kernel: [5150033.094539]  ocfs2_mount+0x15/0x20 [ocfs2]
kernel: [5150033.094599]  legacy_get_tree+0x2b/0x50
kernel: [5150033.094604]  vfs_get_tree+0x2a/0xc0
kernel: [5150033.094607]  ? capable+0x19/0x20
kernel: [5150033.094612]  path_mount+0x468/0xa60
kernel: [5150033.094617]  do_mount+0x7c/0xa0
kernel: [5150033.094620]  __x64_sys_mount+0x8b/0xe0
kernel: [5150033.094623]  do_syscall_64+0x61/0xb0
kernel: [5150033.094627]  ? syscall_exit_to_user_mode+0x27/0x50
kernel: [5150033.094632]  ? __x64_sys_readlink+0x1f/0x30
kernel: [5150033.094635]  ? do_syscall_64+0x6e/0xb0
kernel: [5150033.094638]  ? irqentry_exit+0x19/0x30
kernel: [5150033.094641]  ? exc_page_fault+0x8f/0x170
kernel: [5150033.094645]  ? asm_exc_page_fault+0x8/0x30
kernel: [5150033.094649]  entry_SYSCALL_64_after_hwframe+0x44/0xae
kernel: [5150033.094651] RIP: 0033:0x7fb7fd88cdde
kernel: [5150033.094679] Code: 48 8b 0d b5 80 0c 00 f7 d8 64 89 01 48 83 c8 ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 49 89 ca b8 a5 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 8b 0d 82 80 0c 00 f7 d8 64 89 01 48
kernel: [5150033.094682] RSP: 002b:00007ffea9610c18 EFLAGS: 00000246 ORIG_RAX: 00000000000000a5
kernel: [5150033.094686] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007fb7fd88cdde
kernel: [5150033.094688] RDX: 000055cd6acb10ae RSI: 000055cd6c9a7340 RDI: 000055cd6c9ac140
kernel: [5150033.094689] RBP: 00007ffea9610dc0 R08: 000055cd6c9ac0e0 R09: 00007ffea960e650
kernel: [5150033.094691] R10: 0000000000000000 R11: 0000000000000246 R12: 00007ffea9610cb0
kernel: [5150033.094693] R13: 00007ffea9610c30 R14: 000055cd6c9ac0e0 R15: 0000000000000000
kernel: [5150033.094696] Modules linked in: ocfs2_stack_o2cb ocfs2_dlm ocfs2 ocfs2_nodemanager ocfs2_stackglue quota_tree nft_reject_inet nf_reject_ipv4 nf_reject_ipv6 nft_reject nft_ct nft_counter nft_limit nft_meta_bridge bridge stp llc snd_seq_dummy vhost_net vhost vhost_iotlb tap rfcomm nf_tables ip6table_filter ip6_tables iptable_filter bpfilter wireguard curve25519_x86_64 libchacha20poly1305 chacha_x86_64 poly1305_x86_64 libblake2s blake2s_x86_64 libcurve25519_generic libchacha libblake2s_generic ip6_udp_tunnel udp_tunnel nfnetlink_cttimeout nfnetlink cmac algif_hash openvswitch nsh algif_skcipher nf_conncount af_alg nf_nat bnep nf_conntrack nf_defrag_ipv6 nf_defrag_ipv4 binfmt_misc nls_iso8859_1 intel_rapl_msr intel_rapl_common amd64_edac edac_mce_amd kvm_amd kvm crct10dif_pclmul ghash_clmulni_intel aesni_intel snd_hda_codec_realtek snd_hda_codec_generic ledtrig_audio crypto_simd snd_hda_codec_hdmi cryptd rapl iwlmvm snd_hda_intel snd_intel_dspcfg snd_intel_sdw_acpi mac80211 uvcvideo
kernel: [5150033.094758]  snd_hda_codec videobuf2_vmalloc videobuf2_memops snd_hda_core snd_seq_midi videobuf2_v4l2 btusb snd_seq_midi_event libarc4 btrtl videobuf2_common snd_hwdep snd_rawmidi btbcm btintel videodev snd_seq joydev gigabyte_wmi mc input_leds serio_raw snd_pcm snd_seq_device wmi_bmof bluetooth iwlwifi snd_timer ecdh_generic efi_pstore snd ecc ccp mxm_wmi cfg80211 k10temp soundcore lz4 lz4_compress mac_hid nvidia_uvm(POE) tcp_htcp sch_cake ib_umad ib_ipoib ib_cm zram vendor_reset(OE) msr parport_pc ppdev lp parport ip_tables x_tables autofs4 zfs(POE) zunicode(POE) zzstd(OE) zlua(OE) zavl(POE) icp(POE) zcommon(POE) znvpair(POE) spl(OE) btrfs blake2b_generic zstd_compress raid10 raid456 async_raid6_recov async_memcpy async_pq async_xor async_tx xor raid6_pq libcrc32c raid1 raid0 multipath linear hid_logitech_hidpp mlx4_ib ib_uverbs ib_core uas usb_storage hid_logitech_dj hid_generic usbhid hid nvidia_drm(POE) nvidia_modeset(POE) nvidia(POE) drm_kms_helper syscopyarea sysfillrect
kernel: [5150033.094838]  sysimgblt fb_sys_fops cec rc_core igb crc32_pclmul dca psmouse mlx4_core drm megaraid_sas nvme i2c_algo_bit xhci_pci i2c_piix4 ahci nvme_core libahci xhci_pci_renesas gpio_amdpt wmi gpio_generic [last unloaded: ocfs2_nodemanager]

ocfs2 tools:
ii  ocfs2-tools    1.8.6-2ubuntu1 amd64

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntulinux package

mount.ocfs2 causes kernel BUG at lib/string.c:1149!

Bug Description

Related branches

Other bug subscribers

Remote bug watches

Ubuntu
linux package