* [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
@ 2011-05-29 19:23 bugzilla-daemon
2011-05-29 21:50 ` [Bug 36172] " bugzilla-daemon
` (5 more replies)
0 siblings, 6 replies; 7+ messages in thread
From: bugzilla-daemon @ 2011-05-29 19:23 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
Summary: "kernel BUG at fs/ext4/super.c" triggered after
tune2fs/remount
Product: File System
Version: 2.5
Kernel Version: 2.6.39
Platform: All
OS/Version: Linux
Tree: Mainline
Status: NEW
Severity: normal
Priority: P1
Component: ext4
AssignedTo: fs_ext4@kernel-bugs.osdl.org
ReportedBy: bugzilla.kernel.bpeb@manchmal.in-ulm.de
Regression: No
So I wanted to create an ext4 without a journal, but I noticed after mkfs.ext4
and mount, so I decided to do this online. Now tune2fs says the file system has
to be mounted r/o, no problem. The result was not what I expected.
How to repeat:
truncate --size 128M fsfile
mkfs.ext4 -F fsfile
mkdir mnt
losetup /dev/loop0 fsfile
mount /dev/loop0 mnt
mount -o remount,ro /dev/loop0
tune2fs -O ^has_journal /dev/loop0
mount -o remount,rw /dev/loop0
Observed behaviour:
"Segmentation fault" from mount, and
------------[ cut here ]------------
kernel BUG at fs/ext4/super.c:4094!
invalid opcode: 0000 [#1]
last sysfs file: /sys/devices/virtual/block/loop0/removable
Modules linked in: evdev
Pid: 2068, comm: mount Tainted: G W 2.6.39 #1 innotek GmbH VirtualBox
EIP: 0060:[<c10d5b34>] EFLAGS: 00010246 CPU: 0
EIP is at ext4_clear_journal_err+0x19/0x91
EAX: cfa5a200 EBX: cecab800 ECX: 00000000 EDX: cdd6f400
ESI: cdd6f400 EDI: cdd6f400 EBP: 00000010 ESP: cfa25ea0
DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0069
Process mount (pid: 2068, ti=cfa24000 task=cfa8f990 task.ti=cfa24000)
Stack:
c10d577d 0000000f 0000cca5 cdd6f400 cfa5a200 cecab800 cdd6f400 c10d9358
cdd6f9e0 00000000 00000000 60010001 00000000 00003a98 00000000 000001f4
00000000 00000000 00000000 8c02c810 cf6cb414 00271d65 00000003 cf83b005
Call Trace:
[<c10d577d>] ? ext4_group_desc_csum+0x47/0x6e
[<c10d9358>] ? ext4_remount+0x2cc/0x485
[<c10d908c>] ? __ext4_abort+0xb0/0xb0
[<c1071909>] ? do_remount_sb+0x9d/0xdb
[<c10829bd>] ? do_mount+0x1c1/0x5e5
[<c105f011>] ? memdup_user+0x29/0x3f
[<c1082e47>] ? sys_mount+0x66/0x97
[<c1363995>] ? syscall_call+0x7/0xb
Code: ba 01 00 00 00 e8 c6 fe ff ff 89 d8 5b e9 97 bb f9 ff 57 56 89 d6 53 89
c3 83 ec 10 8b 80 68 01 00 00 8b 50 38 f6 42 5c 04 75 04 <0f> 0b eb fe 8b b8 ec
00 00 0
EIP: [<c10d5b34>] ext4_clear_journal_err+0x19/0x91 SS:ESP 0069:cfa25ea0
---[ end trace 93cca63c7a7f6c4d ]---
------------[ cut here ]------------
WARNING: at kernel/exit.c:910 do_exit+0x28/0x55d()
Hardware name: VirtualBox
Modules linked in: evdev
Pid: 2068, comm: mount Tainted: G D W 2.6.39 #1
Call Trace:
[<c101d141>] ? warn_slowpath_common+0x6a/0x7b
[<c101f64a>] ? do_exit+0x28/0x55d
[<c101d15f>] ? warn_slowpath_null+0xd/0x10
[<c101f64a>] ? do_exit+0x28/0x55d
[<c1003ddc>] ? oops_end+0x7f/0x83
[<c1002a9f>] ? do_coprocessor_segment_overrun+0x4b/0x4b
[<c1002b06>] ? do_invalid_op+0x67/0x70
[<c10d5b34>] ? ext4_clear_journal_err+0x19/0x91
[<c10768fa>] ? __follow_mount_rcu+0x5c/0x8e
[<c1076f12>] ? do_lookup+0xa6/0x1f6
[<c10768fa>] ? __follow_mount_rcu+0x5c/0x8e
[<c1363bd4>] ? error_code+0x58/0x60
[<c1002a9f>] ? do_coprocessor_segment_overrun+0x4b/0x4b
[<c10d5b34>] ? ext4_clear_journal_err+0x19/0x91
[<c10d577d>] ? ext4_group_desc_csum+0x47/0x6e
[<c10d9358>] ? ext4_remount+0x2cc/0x485
[<c10d908c>] ? __ext4_abort+0xb0/0xb0
[<c1071909>] ? do_remount_sb+0x9d/0xdb
[<c10829bd>] ? do_mount+0x1c1/0x5e5
[<c105f011>] ? memdup_user+0x29/0x3f
[<c1082e47>] ? sys_mount+0x66/0x97
[<c1363995>] ? syscall_call+0x7/0xb
---[ end trace 93cca63c7a7f6c4e ]---
This is:
static void ext4_clear_journal_err(struct super_block *sb,
struct ext4_super_block *es)
{
c10d5b1b: 57 push %edi
c10d5b1c: 56 push %esi
c10d5b1d: 89 d6 mov %edx,%esi
c10d5b1f: 53 push %ebx
c10d5b20: 89 c3 mov %eax,%ebx
c10d5b22: 83 ec 10 sub $0x10,%esp
unsigned int s_li_wait_mult;
};
static inline struct ext4_sb_info *EXT4_SB(struct super_block *sb)
{
return sb->s_fs_info;
c10d5b25: 8b 80 68 01 00 00 mov 0x168(%eax),%eax
journal_t *journal;
int j_errno;
const char *errstr;
BUG_ON(!EXT4_HAS_COMPAT_FEATURE(sb, EXT4_FEATURE_COMPAT_HAS_JOURNAL));
c10d5b2b: 8b 50 38 mov 0x38(%eax),%edx
c10d5b2e: f6 42 5c 04 testb $0x4,0x5c(%edx)
c10d5b32: 75 04 jne c10d5b38
<ext4_clear_journal_err+0x1d>
c10d5b34: 0f 0b ud2a
c10d5b36: eb fe jmp c10d5b36
<ext4_clear_journal_err+0x1b>
journal = EXT4_SB(sb)->s_journal;
c10d5b38: 8b b8 ec 00 00 00 mov 0xec(%eax),%edi
/*
* Now check for any error status which may have been recorded in the
* journal by a prior ext4_error() or ext4_abort()
*/
Versions affected:
All versions tested, that is
* 2.6.39 on i386
* 2.6.38.7 on i386
* 2.6.32.41 on i386 and armel
e2fsprogs version is tune2fs 1.41.12 (17-May-2010)
mount from util-linux-ng 2.17.2 (with libblkid and selinux support)
Severity left to "normal" this is a rather unusual operation and a workaround
exists by umounting the device.
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug 36172] "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
@ 2011-05-29 21:50 ` bugzilla-daemon
2011-05-31 19:07 ` bugzilla-daemon
` (4 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: bugzilla-daemon @ 2011-05-29 21:50 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
--- Comment #1 from Manish Katiyar <mkatiyar@gmail.com> 2011-05-29 21:50:48 ---
Created an attachment (id=60002)
--> (https://bugzilla.kernel.org/attachment.cgi?id=60002)
Possible fix attached.
This patch fixes it for me.
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug 36172] "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
2011-05-29 21:50 ` [Bug 36172] " bugzilla-daemon
@ 2011-05-31 19:07 ` bugzilla-daemon
2011-05-31 19:29 ` bugzilla-daemon
` (3 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: bugzilla-daemon @ 2011-05-31 19:07 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
Jan Kara <jack@suse.cz> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |jack@suse.cz
--- Comment #2 from Jan Kara <jack@suse.cz> 2011-05-31 19:07:00 ---
Sorry, the fix is wrong. The problem is that we set EXT4_SB(sb)->s_journal in
ext4_fill_super() but we don't change it appropriately in ext4_remount() when
journal feature could have changed. I'm actually not sure if this is even
supposed to work - whether it isn't bug in tune2fs that it allows changing of
has_journal feature on mounted filesystem. Because when tune2fs removes the
feature and possibly other journal parameters from superblock, we really have
not any guarantee that the journal is still correct. In fact the journal space
could have been already reused for something else. So fixing this would need
some careful look... Ted?
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug 36172] "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
2011-05-29 21:50 ` [Bug 36172] " bugzilla-daemon
2011-05-31 19:07 ` bugzilla-daemon
@ 2011-05-31 19:29 ` bugzilla-daemon
2012-08-24 12:48 ` bugzilla-daemon
` (2 subsequent siblings)
5 siblings, 0 replies; 7+ messages in thread
From: bugzilla-daemon @ 2011-05-31 19:29 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
Manish Katiyar <mkatiyar@gmail.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mkatiyar@gmail.com
--- Comment #3 from Manish Katiyar <mkatiyar@gmail.com> 2011-05-31 19:29:40 ---
Yes, either tune2fs should be fixed to not change the mounted fs state, or the
code should be prepared to deal with it silently. Since the next mount isn't
going
to see the journal, it doesn't matter whether we clear the errors or not.
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug 36172] "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
` (2 preceding siblings ...)
2011-05-31 19:29 ` bugzilla-daemon
@ 2012-08-24 12:48 ` bugzilla-daemon
2012-08-24 14:01 ` bugzilla-daemon
2012-08-24 15:36 ` bugzilla-daemon
5 siblings, 0 replies; 7+ messages in thread
From: bugzilla-daemon @ 2012-08-24 12:48 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
Alan <alan@lxorguk.ukuu.org.uk> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
CC| |alan@lxorguk.ukuu.org.uk
--- Comment #4 from Alan <alan@lxorguk.ukuu.org.uk> 2012-08-24 12:48:36 ---
Is this bug still present and relevant ?
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug 36172] "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
` (3 preceding siblings ...)
2012-08-24 12:48 ` bugzilla-daemon
@ 2012-08-24 14:01 ` bugzilla-daemon
2012-08-24 15:36 ` bugzilla-daemon
5 siblings, 0 replies; 7+ messages in thread
From: bugzilla-daemon @ 2012-08-24 14:01 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
Theodore Tso <tytso@mit.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEEDINFO |CLOSED
CC| |tytso@mit.edu
Resolution| |INVALID
--- Comment #5 from Theodore Tso <tytso@mit.edu> 2012-08-24 14:01:37 ---
We should just fix this in tune2fs, and not allow the journal to be removed
when the file system is mounted, even if it is only mounted read/only. I
don't know what I was thinking when I allowed tune2fs to do this, but it just
doesn't work. Even with this patch, the problem is that the journal (and its
blocks) are released, and so when the file system gets remounted read/write,
the kernel will try to use journaling after the remount, and this will cause
all sorts of problems.
We could add code to ext4 to detect this case and release the journalling
structure, but it's going to be problematic for ext3, so we should just remove
this capability from tune2fs. Fortunately it's not going to hit that many
people, so it's probably not worth it to add support in ext4 just for the older
versions of e2fsprogs; it's pretty rare that someone will want to disable the
journal while the fs is mounted.
So I'm going to close this as a kernel bug, and treat it as an e2fsprogs bug.
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread* [Bug 36172] "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
` (4 preceding siblings ...)
2012-08-24 14:01 ` bugzilla-daemon
@ 2012-08-24 15:36 ` bugzilla-daemon
5 siblings, 0 replies; 7+ messages in thread
From: bugzilla-daemon @ 2012-08-24 15:36 UTC (permalink / raw)
To: linux-ext4
https://bugzilla.kernel.org/show_bug.cgi?id=36172
--- Comment #6 from Christoph Biedl <bugzilla.kernel.bpeb@manchmal.in-ulm.de> 2012-08-24 15:36:22 ---
> So I'm going to close this as a kernel bug, and treat it as an e2fsprogs bug.
I'm totally fine with this.
Regards, Christoph
--
Configure bugmail: https://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2012-08-24 15:36 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2011-05-29 19:23 [Bug 36172] New: "kernel BUG at fs/ext4/super.c" triggered after tune2fs/remount bugzilla-daemon
2011-05-29 21:50 ` [Bug 36172] " bugzilla-daemon
2011-05-31 19:07 ` bugzilla-daemon
2011-05-31 19:29 ` bugzilla-daemon
2012-08-24 12:48 ` bugzilla-daemon
2012-08-24 14:01 ` bugzilla-daemon
2012-08-24 15:36 ` bugzilla-daemon
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).