Description of problem: With F21-TC2 I noticed e2fsck crashing. Eventually, I tried unsetting MALLOC_PERTURB_ and it stopped crashing. Version-Release number of selected component (if applicable): e2fsprogs-1.42.11-3.fc21.x86_64 How reproducible: Reliably, but only when called from anaconda+blivet. Steps to Reproduce: 1. Tell anaconda to resize an existing ext4 filesystem 2. 3. Actual results: 20:33:09,791 INFO program: Running... e2fsck -f -p -C 0 /dev/sda1 20:33:10,677 INFO program: ^A/dev/sda1: |= | 1.1% 20:33:10,678 INFO program: ^B^A/dev/sda1: |========================================================| 100.0% 20:33:10,678 INFO program: ^B^A 20:33:10,678 INFO program: ^B/dev/sda1: 11/128016 files (0.0% non-contiguous), 26666/512000 blocks 20:33:10,678 INFO program: Signal (11) SIGSEGV si_code=SI_KERNEL fault addr=(nil) 20:33:10,679 INFO program: e2fsck[0x427292] 20:33:10,679 INFO program: /lib64/libc.so.6(+0x34950)[0x7f33965c1950] 20:33:10,679 INFO program: /lib64/libext2fs.so.2(ext2fs_free_dblist+0x1d)[0x7f33971b790d] 20:33:10,679 INFO program: e2fsck(e2fsck_reset_context+0x104)[0x40db54] 20:33:10,679 INFO program: e2fsck(e2fsck_free_context+0x26)[0x40dde6] 20:33:10,679 INFO program: e2fsck(main+0x1a7a)[0x40aeca] 20:33:10,680 INFO program: /lib64/libc.so.6(__libc_start_main+0xf0)[0x7f33965acfe0] 20:33:10,680 INFO program: e2fsck[0x40bc8c] 20:33:10,680 DEBUG program: Return code: 8 Expected results: No crash. Additional info:
Hm, any chance to get an e2image (-r or -q) of /dev/sda1, to see if it's anything unique to the geometry of the fs? -Eric
Pretty sure it's not. It also happens for the root and home lvs on this system. Here's a qcow image, just in case: https://dlehman.fedorapeople.org/sda1.e2img
Thanks, I thought perhaps if it was only triggerable by blivet it was something unique... I'll take a look.
Ok, probably the same as: ==38125== Invalid read of size 8 ==38125== at 0x411A73: e2fsck_reset_context (e2fsck.c:87) ==38125== by 0x411CED: e2fsck_free_context (e2fsck.c:177) ==38125== by 0x4111C7: main (unix.c:1779) ==38125== Address 0x4c2b220 is 144 bytes inside a block of size 296 free'd ==38125== at 0x4A063F0: free (vg_replace_malloc.c:446) ==38125== by 0x435713: ext2fs_close2 (closefs.c:492) ==38125== by 0x4357BD: ext2fs_close_free (closefs.c:445) ==38125== by 0x4111B3: main (unix.c:1776) Looks like possibly: commit a82d88ea99d3c5c21bf538b886da0482bf143fd5 Author: Darrick J. Wong <darrick.wong> Date: Thu Jul 24 21:03:54 2014 -0400 e2fsck: free ctx->fs, not fs, at the end of fsck When we call ext2fs_close_free at the end of main(), we need to supply the address of ctx->fs, because the subsequent e2fsck_free_context call will try to access ctx->fs (which is now set to a freed block) to see if it should free the directory block list. This is clearly not desirable, so fix the problem. Signed-off-by: Darrick J. Wong <darrick.wong> Signed-off-by: Theodore Ts'o <tytso>
e2fsprogs-1.42.11-4.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/e2fsprogs-1.42.11-4.fc21
Package e2fsprogs-1.42.11-4.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing e2fsprogs-1.42.11-4.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-15197/e2fsprogs-1.42.11-4.fc21 then log in and leave karma (feedback).
e2fsprogs-1.42.11-4.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.