Summary: | sys-kernel/hardened-sources-4.5.7 - PAX: size overflow detected in function ext4_mb_new_group_pa fs/ext4/mballoc.c:3696 | ||
---|---|---|---|
Product: | Gentoo Linux | Reporter: | Hank Leininger <hlein> |
Component: | Hardened | Assignee: | The Gentoo Linux Hardened Team <hardened> |
Status: | RESOLVED OBSOLETE | ||
Severity: | normal | CC: | alexanderyt, pageexec, re.emese, spender |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Package list: | Runtime testing required: | --- |
Description
Hank Leininger
2016-06-11 22:10:28 UTC
FWIW, another box with similar hardware does not trigger overflows in ext4_mb_new_group_pa, using the exact same .config as the problem box. Varying the .config on the problem box (in various minor ways I would not have expected to make a difference) does not make a difference. Same: motherboard, RAM size, hardened gcc 4.9.3, Adaptec RAID controller, 18 TB device, loop-aes. Different: BIOS (stable box has 2.0c, unstable has 2.1b), CPUs (stable: E5607, unstable: E5645), RAM chips (stable: 6x 1066 Kingstons, unstable: 6x 1333 Samsungs). ...And, the contents of the filesystems themselves. The unstable system's 18 TB array is only 46% full, _but_ it has a quite unusually high inode consumption: over 171 million inodes in use. I would blame the hardware since I can't reproduce elsewhere yet, but prior to this I've not had any stability issues or unusual errors out of the system that is hitting this. can you test hardened-sources-4.7.6 can you still reproduce this? the offending ext4_grp_offs_to_block calculation is a somewhat complex arithmetic expression, we'd need to print out the runtime values of the terms to know if there's a real problem in there. e.g., ext4_free_extent.fe_start is an int that is left shifted and it's sign extended only after that, it can easily truncate (and IIRC the signed shift is undefined if that happens). |