Bug 768061

Summary: [abrt] hfsplus-tools-332.14-12.fc15: Process /sbin/fsck.hfsplus was killed by signal 11 (SIGSEGV)
Product: [Fedora] Fedora Reporter: Mads Kiilerich <mads>
Component: hfsplus-toolsAssignee: Adam Jackson <ajax>
Status: CLOSED RAWHIDE QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 16CC: cweyl
Target Milestone: ---   
Target Release: ---   
Hardware: x86_64   
OS: Unspecified   
Whiteboard: abrt_hash:df2a3e63d779b15f4656bea3ff0c44674270b8cf
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2012-06-05 15:17:40 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Attachments:
Description Flags
File: backtrace
none
content of the hfs partition that reproduces the problem none

Description Mads Kiilerich 2011-12-15 16:35:23 UTC 
libreport version: 2.0.8
abrt_version:   2.0.7
backtrace_rating: 4
cmdline:        fsck.hfsplus /dev/sda6
comment:        While testing https://bugzilla.redhat.com/show_bug.cgi?id=755093 I ended up with a partition that can't be mounted, and fsck gives this.
crash_function: hfs_swap_HFSPlusBTInternalNode
executable:     /sbin/fsck.hfsplus
kernel:         3.1.2-1.fc16.x86_64
pid:            1592
pwd:            /root
reason:         Process /sbin/fsck.hfsplus was killed by signal 11 (SIGSEGV)
time:           Thu 15 Dec 2011 05:30:54 PM CET
uid:            0
username:       root

backtrace:      Text file, 96613 bytes

build_ids:
:dd0b7c7a4e1191211fd25ce70a41c078a3f7c6a8
:3ed9e61c2b7e707ce244816335776afa2ad0307d
:e02146cbd7b3747790cf4808baa58dc78c2e0042

dso_list:
:/sbin/fsck.hfsplus hfsplus-tools-332.14-12.fc15.x86_64 (Fedora Project) 1321656745
:/lib64/libc-2.14.90.so glibc-2.14.90-21.x86_64 (Fedora Project) 1323092243
:/lib64/ld-2.14.90.so glibc-2.14.90-21.x86_64 (Fedora Project) 1323092243

environ:
:XDG_SESSION_ID=2
:HOSTNAME=fladmast
:SELINUX_ROLE_REQUESTED=
:TERM=xterm
:SHELL=/bin/bash
:HISTSIZE=1000
:'SSH_CLIENT=192.168.42.117 36889 22'
:SELINUX_USE_CURRENT_RANGE=
:OLDPWD=/boot/efi/System/Library/CoreServices
:SSH_TTY=/dev/pts/0
:USER=root
:LS_COLORS=rs=0:di=01;34:ln=01;36:mh=00:pi=40;33:so=01;35:do=01;35:bd=40;33;01:cd=40;33;01:or=40;31;01:mi=01;05;37;41:su=37;41:sg=30;43:ca=30;41:tw=30;42:ow=34;42:st=37;44:ex=01;32:*.tar=01;31:*.tgz=01;31:*.arj=01;31:*.taz=01;31:*.lzh=01;31:*.lzma=01;31:*.tlz=01;31:*.txz=01;31:*.zip=01;31:*.z=01;31:*.Z=01;31:*.dz=01;31:*.gz=01;31:*.lz=01;31:*.xz=01;31:*.bz2=01;31:*.tbz=01;31:*.tbz2=01;31:*.bz=01;31:*.tz=01;31:*.deb=01;31:*.rpm=01;31:*.jar=01;31:*.war=01;31:*.ear=01;31:*.sar=01;31:*.rar=01;31:*.ace=01;31:*.zoo=01;31:*.cpio=01;31:*.7z=01;31:*.rz=01;31:*.jpg=01;35:*.jpeg=01;35:*.gif=01;35:*.bmp=01;35:*.pbm=01;35:*.pgm=01;35:*.ppm=01;35:*.tga=01;35:*.xbm=01;35:*.xpm=01;35:*.tif=01;35:*.tiff=01;35:*.png=01;35:*.svg=01;35:*.svgz=01;35:*.mng=01;35:*.pcx=01;35:*.mov=01;35:*.mpg=01;35:*.mpeg=01;35:*.m2v=01;35:*.mkv=01;35:*.ogm=01;35:*.mp4=01;35:*.m4v=01;35:*.mp4v=01;35:*.vob=01;35:*.qt=01;35:*.nuv=01;35:*.wmv=01;35:*.asf=01;35:*.rm=01;35:*.rmvb=01;35:*.flc=01;35:*.avi=01;35:*.fli=01;35:*.flv=01;35:*.gl=01;35:*.dl=01;35:*.xcf=01;35:*.xwd=01;35:*.yuv=01;35:*.cgm=01;35:*.emf=01;35:*.axv=01;35:*.anx=01;35:*.ogv=01;35:*.ogx=01;35:*.aac=01;36:*.au=01;36:*.flac=01;36:*.mid=01;36:*.midi=01;36:*.mka=01;36:*.mp3=01;36:*.mpc=01;36:*.ogg=01;36:*.ra=01;36:*.wav=01;36:*.axa=01;36:*.oga=01;36:*.spx=01;36:*.xspf=01;36:*.pdf=00;33:*.ps=00;33:*.ps.gz=00;33:*.txt=00;33:*.patch=00;33:*.diff=00;33:*.log=00;33:*.tex=00;33:*.xls=00;33:*.xlsx=00;33:*.ppt=00;33:*.pptx=00;33:*.rtf=00;33:*.doc=00;33:*.docx=00;33:*.odt=00;33:*.ods=00;33:*.odp=00;33:*.xml=00;33:*.epub=00;33:*.abw=00;33:*.html=00;33:*.wpd=00;33:
:MAIL=/var/spool/mail/root
:PATH=/usr/lib64/ccache:/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin:/root/bin
:PWD=/root
:XMODIFIERS=@im=none
:LANG=en_US.UTF-8
:SELINUX_LEVEL_REQUESTED=
:HISTCONTROL=ignoredups
:SHLVL=1
:HOME=/root
:LOGNAME=root
:'SSH_CONNECTION=192.168.42.117 36889 192.168.42.116 22'
:'LESSOPEN=||/usr/bin/lesspipe.sh %s'
:XDG_RUNTIME_DIR=/run/user/root
:DISPLAY=localhost:10.0
:_=/sbin/fsck

maps:
:00400000-00429000 r-xp 00000000 fd:02 27582                              /sbin/fsck.hfsplus
:00628000-0062b000 rw-p 00028000 fd:02 27582                              /sbin/fsck.hfsplus
:0062b000-0062f000 rw-p 00000000 00:00 0 
:0082a000-0082c000 rw-p 0002a000 fd:02 27582                              /sbin/fsck.hfsplus
:023ed000-0240e000 rw-p 00000000 00:00 0                                  [heap]
:3e98a00000-3e98a22000 r-xp 00000000 fd:02 5704                           /lib64/ld-2.14.90.so
:3e98c21000-3e98c22000 r--p 00021000 fd:02 5704                           /lib64/ld-2.14.90.so
:3e98c22000-3e98c23000 rw-p 00022000 fd:02 5704                           /lib64/ld-2.14.90.so
:3e98c23000-3e98c24000 rw-p 00000000 00:00 0 
:3e98e00000-3e98fab000 r-xp 00000000 fd:02 8869                           /lib64/libc-2.14.90.so
:3e98fab000-3e991ab000 ---p 001ab000 fd:02 8869                           /lib64/libc-2.14.90.so
:3e991ab000-3e991af000 r--p 001ab000 fd:02 8869                           /lib64/libc-2.14.90.so
:3e991af000-3e991b1000 rw-p 001af000 fd:02 8869                           /lib64/libc-2.14.90.so
:3e991b1000-3e991b6000 rw-p 00000000 00:00 0 
:7f79b9833000-7f79b9c36000 rw-p 00000000 00:00 0 
:7f79b9c4a000-7f79b9c4c000 rw-p 00000000 00:00 0 
:7fff0f59c000-7fff0f5bd000 rw-p 00000000 00:00 0                          [stack]
:7fff0f5ff000-7fff0f600000 r-xp 00000000 00:00 0                          [vdso]
:ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0                  [vsyscall]

var_log_messages:
:Dec 15 17:30:04 fladmast kernel: [  167.854412] hfs: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
:Dec 15 17:30:28 fladmast kernel: [  191.776081] hfs: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
:Dec 15 17:30:37 fladmast kernel: [  200.155848] hfs: Filesystem was not cleanly unmounted, running fsck.hfsplus is recommended.  mounting read-only.
:Dec 15 17:30:54 fladmast kernel: [  217.056639] fsck.hfsplus[1592]: segfault at 7f7bb984cffa ip 00000000004176a6 sp 00007fff0f5b8900 error 4 in fsck.hfsplus[400000+29000]
:Dec 15 17:30:54 fladmast abrt[1593]: Saved core dump of pid 1592 (/sbin/fsck.hfsplus) to /var/spool/abrt/ccpp-2011-12-15-17:30:54-1592 (4595712 bytes)
Comment 1 Mads Kiilerich 2011-12-15 16:35:26 UTC 
Created attachment 547351 [details]
File: backtrace
Comment 2 Mads Kiilerich 2011-12-15 16:38:03 UTC 
Created attachment 547352 [details]
content of the hfs partition that reproduces the problem

[root@fladmast ~]# valgrind fsck.hfsplus crasher.hfs 
==1682== Memcheck, a memory error detector
==1682== Copyright (C) 2002-2010, and GNU GPL'd, by Julian Seward et al.
==1682== Using Valgrind-3.6.1 and LibVEX; rerun with -h for copyright info
==1682== Command: fsck.hfsplus crasher.hfs
==1682== 
** crasher.hfs
** Checking HFS Plus volume.
==1682== Invalid read of size 2
==1682==    at 0x4176A6: hfs_swap_BTNode (hfs_endian.c:519)
==1682==    by 0x41B3F1: GetNode (BTreeNodeOps.c:147)
==1682==    by 0x41D095: SearchTree (BTreeTreeOps.c:231)
==1682==    by 0x4191A0: BTSearchRecord (BTree.c:761)
==1682==    by 0x4203A4: SearchBTreeRecord (SBTree.c:83)
==1682==    by 0x407744: CreateCatalogBTreeControlBlock (SVerify1.c:1148)
==1682==    by 0x403C2C: ScavCtrl (SControl.c:393)
==1682==    by 0x404392: CheckHFS (SControl.c:145)
==1682==    by 0x401A01: main (fsck_hfs.c:296)
==1682==  Address 0x20503effa is not stack'd, malloc'd or (recently) free'd
==1682== 
==1682== 
==1682== Process terminating with default action of signal 11 (SIGSEGV)
==1682==  Access not within mapped region at address 0x20503EFFA
==1682==    at 0x4176A6: hfs_swap_BTNode (hfs_endian.c:519)
==1682==    by 0x41B3F1: GetNode (BTreeNodeOps.c:147)
==1682==    by 0x41D095: SearchTree (BTreeTreeOps.c:231)
==1682==    by 0x4191A0: BTSearchRecord (BTree.c:761)
==1682==    by 0x4203A4: SearchBTreeRecord (SBTree.c:83)
==1682==    by 0x407744: CreateCatalogBTreeControlBlock (SVerify1.c:1148)
==1682==    by 0x403C2C: ScavCtrl (SControl.c:393)
==1682==    by 0x404392: CheckHFS (SControl.c:145)
==1682==    by 0x401A01: main (fsck_hfs.c:296)
==1682==  If you believe this happened as a result of a stack
==1682==  overflow in your program's main thread (unlikely but
==1682==  possible), you can try to increase the size of the
==1682==  main thread stack using the --main-stacksize= flag.
==1682==  The main thread stack size used in this run was 8388608.
==1682== 
==1682== HEAP SUMMARY:
==1682==     in use at exit: 130,871 bytes in 16 blocks
==1682==   total heap usage: 17 allocs, 1 frees, 130,884 bytes allocated
==1682== 
==1682== LEAK SUMMARY:
==1682==    definitely lost: 0 bytes in 0 blocks
==1682==    indirectly lost: 0 bytes in 0 blocks
==1682==      possibly lost: 0 bytes in 0 blocks
==1682==    still reachable: 130,871 bytes in 16 blocks
==1682==         suppressed: 0 bytes in 0 blocks
==1682== Rerun with --leak-check=full to see details of leaked memory
==1682== 
==1682== For counts of detected and suppressed errors, rerun with: -v
==1682== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 2 from 2)
Segmentation fault (core dumped)
Comment 3 Fedora Admin XMLRPC Client 2012-01-11 16:09:37 UTC 
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.
Comment 4 Adam Jackson 2012-06-05 15:17:40 UTC 
Unable to reproduce this in hfsplus-tools-540.1.linux3-1.fc17.x86_64:

synephrine:~/hfsplus% fsck.hfsplus crasher.hfs 
** crasher.hfs
   Executing fsck_hfs (version 540.1-Linux).
** Checking non-journaled HFS Plus Volume.
   The volume name is fedora-hfsplus
** Checking extents overflow file.
** Checking catalog file.
   Unused node is not erased (node = 2)
** Checking multi-linked files.
** Checking catalog hierarchy.
** Checking extended attributes file.
   Incorrect number of extended attributes
   (It should be 6 instead of 1)
** Checking volume bitmap.
** Checking volume information.
** Repairing volume.
** Rechecking volume.
** Checking non-journaled HFS Plus Volume.
   The volume name is fedora-hfsplus
** Checking extents overflow file.
** Checking catalog file.
** Checking multi-linked files.
** Checking catalog hierarchy.
** Checking extended attributes file.
** Checking volume bitmap.
** Checking volume information.
** The volume fedora-hfsplus was repaired successfully.

Unfortunately F15's llvm (and gcc) aren't up to the task of building newer hfsplus-tools, and F15 is pretty close to EOL anyway, so I'm just calling this fixed in rawhide.