Bug 489248

Summary: Oops using hfs
Product: [Fedora] Fedora Reporter: Daryll <daryll>
Component: kernelAssignee: Kernel Maintainer List <kernel-maint>
Status: CLOSED WONTFIX QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: low    
Version: 10CC: kernel-maint
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-12-18 08:58:43 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Daryll 2009-03-09 05:25:32 UTC 
Fedora 10, just updated
kernel-2.6.27.19-170.2.35.fc10.x86_64

I took a 1.5TB USB disk.
I used parted to create a gpt label and single partition.
I used mkfs -t hfsplus to initialize the partition.
I mounted the partition
I copied 60,000 10MB files (split in two directories) to the partition.
Somewhere past 30,000 files I got the Oops
I repeated the process three times. The number of files copied varies.

general protection fault: 0000 [1] SMP 
CPU 3 
Modules linked in: nls_utf8 hfsplus usb_storage nfsd lockd nfs_acl auth_rpcgss exportfs sco bridge stp bnep l2cap bluetooth vboxnetflt vboxdrv sunrpc ipv6 cpufreq_ondemand powernow_k8 freq_table ext4 jbd2 crc16 dm_multipath uinput snd_intel8x0 snd_ac97_codec ac97_bus snd_seq_dummy snd_seq_oss shpchp snd_seq_midi_event cfi_cmdset_0002 cfi_util snd_seq k8temp jedec_probe hwmon cfi_probe gen_probe snd_seq_device ck804xrom snd_pcm_oss snd_mixer_oss forcedeth pata_amd snd_pcm snd_timer snd firewire_ohci mtd chipreg map_funcs i2c_nforce2 i2c_core soundcore snd_page_alloc firewire_core crc_itu_t aacraid floppy pcspkr ata_generic pata_acpi sata_nv [last unloaded: scsi_wait_scan]
Pid: 3272, comm: cp Not tainted 2.6.27.19-170.2.35.fc10.x86_64 #1 S2895
RIP: 0010:[<ffffffffa04d264f>]  [<ffffffffa04d264f>] hfsplus_bnode_read+0x5c/0x9c [hfsplus]
RSP: 0018:ffff880150513998  EFLAGS: 00010a96
RAX: db78896db6dde000 RBX: 0000000000000002 RCX: 0000000000000002
RDX: 00000000000008c8 RSI: db78896db6dde8c8 RDI: ffff8801505139e6
RBP: ffff8801505139c8 R08: 0000000000000005 R09: 0000000000000005
R10: 0000000000000078 R11: 000000d000033020 R12: 0000000000000002
R13: ffff8801505139e6 R14: ffff88002fd9c4e8 R15: 0000000000001000
FS:  00007f57453c5780(0000) GS:ffff88015ff3a700(0000) knlGS:0000000000000000
CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
CR2: 00007f58ea9eb000 CR3: 000000005cdf2000 CR4: 00000000000006e0
DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
Process cp (pid: 3272, threadinfo ffff880150512000, task ffff880152ddc530)
Stack:  ffff8801505139d8 ffff88002fd9c420 ffff88002fd9c420 000000000000000d
 ffff880150513d08 0000000000000006 ffff8801505139e8 ffffffffa04d26ca
 ffff880150513a08 c8f8ffffa04d3084 ffff880150513a08 ffffffffa04d37dc
Call Trace:
 [<ffffffffa04d26ca>] hfsplus_bnode_read_u16+0x1b/0x23 [hfsplus]
 [<ffffffffa04d37dc>] hfsplus_brec_keylen+0x5a/0x7a [hfsplus]
 [<ffffffffa04d3856>] __hplusfs_brec_find+0x5a/0x117 [hfsplus]
 [<ffffffffa04d3af6>] hfsplus_brec_find+0x9b/0x116 [hfsplus]
 [<ffffffffa04d3b8a>] hfsplus_brec_read+0x19/0x4b [hfsplus]
 [<ffffffffa04d10d8>] hfsplus_lookup+0x84/0x244 [hfsplus]
 [<ffffffff8113f357>] ? avc_has_perm+0x4e/0x60
 [<ffffffffa04d3ce4>] ? asc2unichar+0x25/0x53 [hfsplus]
 [<ffffffff8113f357>] ? avc_has_perm+0x4e/0x60
 [<ffffffff810c7da3>] __lookup_hash+0xcf/0xf4
 [<ffffffff810c8198>] lookup_hash+0x35/0x3f
 [<ffffffff810c9ff4>] do_filp_open+0x141/0x7db
 [<ffffffff810c37b0>] ? cp_new_stat+0xe2/0xef
 [<ffffffff81031103>] ? need_resched+0x1e/0x28
 [<ffffffff813321a2>] ? _cond_resched+0x9/0x38
 [<ffffffff8116e5a4>] ? __strncpy_from_user+0x2c/0x56
 [<ffffffff810d4e51>] ? alloc_fd+0x110/0x123
 [<ffffffff810beb77>] do_sys_open+0x53/0xd3
 [<ffffffff810bec20>] sys_open+0x1b/0x1d
 [<ffffffff8101027a>] system_call_fastpath+0x16/0x1b


Code: 29 fb 48 83 c0 0a 39 cb 4c 8d 34 c7 48 8b 3c c7 0f 4f d9 e8 9e f7 ff ff 49 63 d7 48 63 cb 4c 89 ef 48 8d 34 10 41 bf 00 10 00 00 <f3> a4 eb 2b 48 63 c3 44 89 fb 49 01 c5 41 81 fc 00 10 00 00 41 
RIP  [<ffffffffa04d264f>] hfsplus_bnode_read+0x5c/0x9c [hfsplus]
 RSP <ffff880150513998>
---[ end trace a723821dc22d196a ]---
Comment 1 Chuck Ebbert 2009-03-28 12:29:05 UTC 
RSI: db78896db6dde8c8 is an illegal address

  18:	49 63 d7             	movslq %r15d,%rdx
  1b:	48 63 cb             	movslq %ebx,%rcx
  1e:	4c 89 ef             	mov    %r13,%rdi
  21:	48 8d 34 10          	lea    (%rax,%rdx,1),%rsi
  25:	41 bf 00 10 00 00    	mov    $0x1000,%r15d

   0:	f3 a4                	rep movsb %ds:(%rsi),%es:(%rdi)
   2:	eb 2b                	jmp    0x2f
   4:	48 63 c3             	movslq %ebx,%rax
   7:	44 89 fb             	mov    %r15d,%ebx
   a:	49 01 c5             	add    %rax,%r13
   d:	41 81 fc 00 10 00 00 	cmp    $0x1000,%r12d
Comment 2 Bug Zapper 2009-11-18 11:18:33 UTC 
This message is a reminder that Fedora 10 is nearing its end of life.
Approximately 30 (thirty) days from now Fedora will stop maintaining
and issuing updates for Fedora 10.  It is Fedora's policy to close all
bug reports from releases that are no longer maintained.  At that time
this bug will be closed as WONTFIX if it remains open with a Fedora 
'version' of '10'.

Package Maintainer: If you wish for this bug to remain open because you
plan to fix it in a currently maintained version, simply change the 'version' 
to a later Fedora version prior to Fedora 10's end of life.

Bug Reporter: Thank you for reporting this issue and we are sorry that 
we may not be able to fix it before Fedora 10 is end of life.  If you 
would still like to see this bug fixed and are able to reproduce it 
against a later version of Fedora please change the 'version' of this 
bug to the applicable version.  If you are unable to change the version, 
please add a comment here and someone will do it for you.

Although we aim to fix as many bugs as possible during every release's 
lifetime, sometimes those efforts are overtaken by events.  Often a 
more recent Fedora release includes newer upstream software that fixes 
bugs or makes them obsolete.

The process we are following is described here: 
http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Comment 3 Bug Zapper 2009-12-18 08:58:43 UTC 
Fedora 10 changed to end-of-life (EOL) status on 2009-12-17. Fedora 10 is 
no longer maintained, which means that it will not receive any further 
security or bug fix updates. As a result we are closing this bug.

If you can reproduce this bug against a currently maintained version of 
Fedora please feel free to reopen this bug against that version.

Thank you for reporting this bug and we are sorry it could not be fixed.