[Bugme-new] [Bug 10802] New: BUG at fs/hfs/bnode.c:416 with corrupted image

bugme-daemon at bugzilla.kernel.org bugme-daemon at bugzilla.kernel.org
Tue May 27 01:21:24 PDT 2008 

http://bugzilla.kernel.org/show_bug.cgi?id=10802

           Summary: BUG at fs/hfs/bnode.c:416 with corrupted image
           Product: File System
           Version: 2.5
     KernelVersion: 2.6.26-rc4
          Platform: All
        OS/Version: Linux
              Tree: Mainline
            Status: NEW
          Severity: normal
          Priority: P1
         Component: HFS/HFSPLUS
        AssignedTo: zippel at linux-m68k.org
        ReportedBy: snakebyte at gmx.de


Latest working kernel version: - 
Earliest failing kernel version:2.6.26-rc2 (didnt test older versions)
Distribution: Ubuntu
Hardware Environment: Pentium III
Problem Description:

running fsfuzzer to produce a corrupted image and running some
tests on it produces the oops, fsfuzzer only mounts the image
and runs the following commands:

        echo "+++ Checking dir..."
        ls /media/test >/dev/null 2>&1
        ls -Z /media/test >/dev/null 2>&1
        echo "+++ Making files..."
        touch /media/test/file >/dev/null 2>&1
        ln -s /media/test/file /media/test/fileb >/dev/null 2>&1
        mkdir /media/test/dir1 >/dev/null 2>&1
        echo "+++ Checking stat..."
        stat /media/test/file >/dev/null 2>&1
        stat /media/test/fileb >/dev/null 2>&1
        stat /media/test/dir1 >/dev/null 2>&1
        echo "+++ Writing to files..."
        echo "test" > /media/test/file
        cat /media/test/file > /dev/null 2>&1
        chcon -u user_u /media/test/file 2>/dev/null
        chown nobody,nobody COPYING 2>/dev/null
        chmod 0600 COPYING 2>/dev/null
        echo "+++ Reading from files..."
        cat /media/test/* > /dev/null 2>&1
        echo "+++ device files..."
        rm /media/test/null > /dev/null 2>&1
        mknod /media/test/null c 1 3 > /dev/null 2>&1
        echo "+++ Writing to dirs..."
        cat /media/test/file > /media/test/dir1 2>/dev/null
        cp /media/test/file /media/test/dir1 >/dev/null 2>&1

after this one the oops appears, the cp segfaults

[  172.512183] ------------[ cut here ]------------
[  172.512357] kernel BUG at fs/hfs/bnode.c:416!
[  172.512375] invalid opcode: 0000 [#1] PREEMPT DEBUG_PAGEALLOC
[  172.512375] Modules linked in:
[  172.512375] 
[  172.512375] Pid: 4243, comm: cp Not tainted (2.6.26-rc4 #44)
[  172.512375] EIP: 0060:[<c0252c1f>] EFLAGS: 00010286 CPU: 0
[  172.512375] EIP is at hfs_bnode_create+0x13f/0x150
[  172.512375] EAX: cafb0000 EBX: 00000000 ECX: 00000001 EDX: 00000000
[  172.512375] ESI: cae54a1c EDI: cacc25a0 EBP: cafb0cec ESP: cafb0cc8
[  172.512375]  DS: 007b ES: 007b FS: 0000 GS: 0033 SS: 0068
[  172.512375] Process cp (pid: 4243, ti=cafb0000 task=caf7eeb0
task.ti=cafb0000)
[  172.512375] Stack: cafb0cd4 c06c85c7 00000001 cae549b0 c025229d cae54a1c
00000000 00000001 
[  172.512375]        cacc27a0 cafb0d34 c0254128 cafb0d10 cae549b0 00000246
cacc2750 00000000 
[  172.512375]        00000100 c8b0a000 000003f2 cafb0d4a cafb0d24 c011b552
00000002 00f80d3c 
[  172.512375] Call Trace:
[  172.512375]  [<c06c85c7>] ? _spin_unlock+0x27/0x50
[  172.512375]  [<c025229d>] ? hfs_bnode_put+0x7d/0x90
[  172.512375]  [<c0254128>] ? hfs_bmap_alloc+0x328/0x350
[  172.512375]  [<c011b552>] ? kmap+0x42/0x70
[  172.512375]  [<c0253060>] ? hfs_bnode_split+0x20/0x360
[  172.512375]  [<c0252411>] ? hfs_bnode_read+0x41/0x50
[  172.512375]  [<c0253446>] ? hfs_brec_insert+0xa6/0x320
[  172.512375]  [<c025484b>] ? hfs_cat_create+0x10b/0x2d0
[  172.512375]  [<c02554ac>] ? hfs_create+0x3c/0x80
[  172.512375]  [<c01883e4>] ? vfs_create+0xa4/0x100
[  172.512375]  [<c018b542>] ? do_filp_open+0x672/0x770
[  172.512375]  [<c06c85c7>] ? _spin_unlock+0x27/0x50
[  172.512375]  [<c017e489>] ? do_sys_open+0x49/0xe0
[  172.512375]  [<c017e589>] ? sys_open+0x29/0x40
[  172.512375]  [<c0103d7d>] ? sysenter_past_esp+0x6a/0xb1
[  172.512375]  =======================
[  172.512375] Code: 18 5b 5e 5f 5d c3 89 d8 bb fb ff ff ff e8 1a f6 ff ff 89
d8 83 c4 18 5b 5e 5f 5d c3 83 c4 18 bb f4 ff ff ff 89 d8 5b 5e 5f 5d c3 <0f> 0b
eb fe 8d b6 00 00 00 00 8d bc 27 00 00 00 00 55 89 e5 83 
[  172.512375] EIP: [<c0252c1f>] hfs_bnode_create+0x13f/0x150 SS:ESP
0068:cafb0cc8
[  172.638459] ---[ end trace 7ddc9efd931d077f ]---


-- 
Configure bugmail: http://bugzilla.kernel.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.

More information about the Bugme-new mailing list