[Bug 202879] Segmentation fault while running crafted program

[bugzilla-daemon@bugzilla.kernel.org]

https://bugzilla.kernel.org/show_bug.cgi?id=202879

--- Comment #7 from Jungyeon (jungyeon@gatech.edu) ---
Created attachment 281825
  --> https://bugzilla.kernel.org/attachment.cgi?id=281825&action=edit
another test set

I'm attaching another error case what shows the same failure.
This includes much less system call (15 calls) so I hope this can help to
figure out this bug.

- Reproduce
./lkl/tools/lkl/ext4-combined -t ext4 -i tmp.img -p min_11.c.raw -v
(min_11.c shows it's internal programs)

- Call stack
[    0.040743] BUG: failure at
fs/jbd2/journal.c:2538/__journal_remove_journal_head()!
[    0.040754] Kernel panic - not syncing: BUG!
[    0.040758] Call Trace:
[    0.040767] (____ptrval____):  [<55555559bc94>] .LC81+0x5f/0xfb
[    0.040775] (____ptrval____):  [<5555555c6025>] major_names+0x75/0x80
[    0.040782] (____ptrval____):  [<5555555978f4>] .LC11+0x14/0x20
[    0.040791] (____ptrval____):  [<555555604368>] kmem_cache_free+0x148/0x190
[    0.040796] (____ptrval____):  [<5555555978f4>] .LC11+0x14/0x20
[    0.040804] (____ptrval____):  [<55555580286d>]
jbd2_journal_put_journal_head+0x6cd/0x6d0
[    0.040811] (____ptrval____):  [<5555557f641a>]
__jbd2_journal_remove_checkpoint+0x17a/0x2f0
[    0.040822] (____ptrval____):  [<5555557f5608>]
jbd2_log_do_checkpoint+0x298/0xd10
[    0.040835] (____ptrval____):  [<555555850674>] atomic64_cmpxchg+0x54/0x80
[    0.040843] (____ptrval____):  [<5555557feda3>]
jbd2_journal_destroy+0x363/0x840
[    0.040856] (____ptrval____):  [<5555555bfd30>]
autoremove_wake_function+0x0/0x40
[    0.040865] (____ptrval____):  [<5555555ada2c>] input_timer_state+0x1c/0x20
[    0.040873] (____ptrval____):  [<5555557cb8ac>] ext4_put_super+0xac/0x7f0
[    0.040881] (____ptrval____):  [<555555616f5b>]
generic_shutdown_super+0x13b/0x370
[    0.040889] (____ptrval____):  [<55555561acc5>] kill_block_super+0x55/0x100
[    0.040897] (____ptrval____):  [<555555616abc>]
deactivate_locked_super+0x11c/0x170
[    0.040903] (____ptrval____):  [<555555616cb6>] deactivate_super+0x1a6/0x1b0
[    0.040911] (____ptrval____):  [<5555556538fb>] dput+0xcb/0x7c0
[    0.040919] (____ptrval____):  [<55555567d1a9>] cleanup_mnt+0xb9/0x170
[    0.040929] (____ptrval____):  [<55555567d0ed>] __cleanup_mnt+0x3d/0x40
[    0.040935] (____ptrval____):  [<5555555b24ca>] task_work_run+0xba/0xf0
[    0.040944] (____ptrval____):  [<55555559800f>] .LC2+0x3f/0x40
[    0.040951] (____ptrval____):  [<5555555978f4>] .LC11+0x14/0x20
[    0.040958] (____ptrval____):  [<5555555986d6>] .LC19+0x6/0x15
[    0.040966] 
[    0.040972] ---[ end Kernel panic - not syncing: BUG! ]---
ext4-combined: lib/posix-host.c:302: panic: Assertion `0' failed.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.