*** This bug is a security vulnerability *** You have been subscribed to a public security bug by Seth Arnold (seth-arnold):
А “!PagePrivate(page)” assertion fail was discovered in “ext4_writepage”. The problem was originally found by syzbot, https://syzkaller.appspot.com/bug?id=ae0125a57674f57b675fad8f1440eb2be4790fba. It is reproduced by the root user in the docker container or host on Ubuntu 20.04.3 LTS with Linux 5.4.0-91-generic. The bug reproducer is built from https://raw.githubusercontent.com/dvyukov/syzkaller- repros/master/linux/ae0125a57674f57b675fad8f1440eb2be4790fba.c. It reproduces in Ubuntu 18.04.6 LTS with Linux 4.15.0-163-generic and Ubuntu 20.04.3 LTS with Linux mainline v5.16-rc4 also. There are steps to reproduce in the Docker container: ----------------------------------------------------------- docker pull ubuntu docker run -ti ubuntu bash apt update apt install gcc wget wget https://raw.githubusercontent.com/dvyukov/syzkaller-repros/master/linux/ae0125a57674f57b675fad8f1440eb2be4790fba.c gcc ./ae0125a57674f57b675fad8f1440eb2be4790fba.c -static -pthread -o ae0125a57674f57b675fad8f1440eb2be4790fba ./ae0125a57674f57b675fad8f1440eb2be4790fba The kernel crash contains as a result: ---------------------------------------- kernel BUG at fs/ext4/inode.c:2163! invalid opcode: 0000 [#1] SMP PTI CPU: 1 PID: 280 Comm: jbd2/vda2-8 Kdump: loaded Tainted: G W 5.4.0-91-generic #102-Ubuntu Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.13.0-1ubuntu1.1 04/01/2014 RIP: 0010:ext4_writepage+0x2d6/0x310 Code: 8b 45 30 ba 00 10 00 00 31 f6 41 bc fb ff ff ff 48 8b 40 70 48 8b 40 40 e8 47 20 a6 00 4c 89 f7 e8 2f 2c e7 ff e9 86 fe ff ff <0f> 0b 0f 0b e9 78 ff ff ff 4c 89 e7 4c 89 f6 41 bc f4 ff ff ff e8 RSP: 0018:ffffadaf401dfa28 EFLAGS: 00010246 RAX: 000fffffc0000037 RBX: ffff94ec39b9bb48 RCX: 0000000000000010 RDX: 0000000000000008 RSI: ffffadaf401dfc10 RDI: ffffd75e81decd00 RBP: ffffadaf401dfa78 R08: ffff94ecfffd3000 R09: 0000000000031155 R10: 0000000000031100 R11: 0000000000000015 R12: ffffadaf401dfc10 R13: ffff94ec39b9b9d0 R14: ffffd75e81decd00 R15: 0000000000001000 FS: 0000000000000000(0000) GS:ffff94ecfbb00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 00007f8a055c3010 CR3: 0000000137362002 CR4: 0000000000360ee0 Call Trace: ? __mod_lruvec_state+0x44/0xf0 __writepage+0x1d/0x50 write_cache_pages+0x1ae/0x4b0 ? __wb_calc_thresh+0x130/0x130 ? check_preempt_curr+0x7a/0x90 ? ttwu_do_wakeup+0x1e/0x150 ? ttwu_do_activate+0x5b/0x70 generic_writepages+0x57/0x90 jbd2_journal_submit_inode_data_buffers+0x63/0x80 ext4_journal_submit_inode_data_buffers+0xd5/0x100 jbd2_journal_commit_transaction+0x48f/0x18c0 ProblemType: Bug DistroRelease: Ubuntu 20.04 Package: linux-image-5.4.0-91-generic 5.4.0-91.102 ProcVersionSignature: Ubuntu 5.4.0-91.102-generic 5.4.151 Uname: Linux 5.4.0-91-generic x86_64 AlsaDevices: total 0 crw-rw---- 1 root audio 116, 1 Dec 7 14:39 seq crw-rw---- 1 root audio 116, 33 Dec 7 14:39 timer AplayDevices: Error: [Errno 2] No such file or directory: 'aplay' ApportVersion: 2.20.11-0ubuntu27.21 Architecture: amd64 ArecordDevices: Error: [Errno 2] No such file or directory: 'arecord' AudioDevicesInUse: Error: command ['fuser', '-v', '/dev/snd/seq', '/dev/snd/timer'] failed with exit code 1: Date: Tue Dec 7 14:40:03 2021 InstallationDate: Installed on 2021-11-29 (8 days ago) InstallationMedia: Ubuntu-Server 20.04.3 LTS "Focal Fossa" - Release amd64 (20210824) IwConfig: Error: [Errno 2] No such file or directory: 'iwconfig' Lsusb: Error: command ['lsusb'] failed with exit code 1: Lsusb-t: Lsusb-v: Error: command ['lsusb', '-v'] failed with exit code 1: MachineType: QEMU Standard PC (i440FX + PIIX, 1996) PciMultimedia: ProcEnviron: TERM=vt220 PATH=(custom, no user) XDG_RUNTIME_DIR=<set> LANG=C.UTF-8 SHELL=/bin/bash ProcFB: 0 bochs-drmdrmfb ProcKernelCmdLine: BOOT_IMAGE=/boot/vmlinuz-5.4.0-91-generic root=UUID=2ad85404-d6b7-4c7d-a860-b873557a175c ro console=ttyS0 slub_debug=FZ crashkernel=256M RelatedPackageVersions: linux-restricted-modules-5.4.0-91-generic N/A linux-backports-modules-5.4.0-91-generic N/A linux-firmware 1.187.20 RfKill: Error: [Errno 2] No such file or directory: 'rfkill' SourcePackage: linux UpgradeStatus: No upgrade log present (probably fresh install) dmi.bios.date: 04/01/2014 dmi.bios.vendor: SeaBIOS dmi.bios.version: 1.13.0-1ubuntu1.1 dmi.chassis.type: 1 dmi.chassis.vendor: QEMU dmi.chassis.version: pc-i440fx-focal dmi.modalias: dmi:bvnSeaBIOS:bvr1.13.0-1ubuntu1.1:bd04/01/2014:svnQEMU:pnStandardPC(i440FX+PIIX,1996):pvrpc-i440fx-focal:cvnQEMU:ct1:cvrpc-i440fx-focal: dmi.product.name: Standard PC (i440FX + PIIX, 1996) dmi.product.version: pc-i440fx-focal dmi.sys.vendor: QEMU ** Affects: linux (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug focal uec-images -- BUG_ON(!PagePrivate(page)) https://bugs.launchpad.net/bugs/1953514 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to the bug report. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
