Created attachment 355029 [details] image reproducing latest crash Description of problem: Running fsfuzzer against the romfs yields a kernel panic quickly Version-Release number of selected component (if applicable): kernel-2.6.31-0.81.rc3.git4 Steps to Reproduce: 1. ./fsfuzz romfs Actual results: Jul 24 10:43:49 livestrong kernel: ROMFS MTD (C) 2007 Red Hat, Inc. Jul 24 10:43:49 livestrong kernel: ROMFS: Mounting image 'rom 4a69c550' through the block layer Jul 24 10:43:49 livestrong kernel: general protection fault: 0000 [#1] SMP Jul 24 10:43:49 livestrong kernel: last sysfs file: /sys/devices/virtual/block/loop0/removable Jul 24 10:43:49 livestrong kernel: CPU 0 Jul 24 10:43:49 livestrong kernel: Modules linked in: romfs cpufreq_ondemand powernow_k8 freq_table uinput arc4 snd_atiixp_modem snd_atiixp ecb b43 mac80211 cfg80211 rfkill ssb snd_ac97_codec ac97_bus snd_pcm 8139too sdhci_pci tifm_7xx1 video tifm_core snd_timer sdhci 8139cp yenta_socket rsrc_nonstatic firewire_ohci snd wmi firewire_core mmc_core mii output amd64_edac_mod soundcore snd_page_alloc edac_core i2c_piix4 k8temp hwmon shpchp crc_itu_t joydev ata_generic pata_acpi pata_atiixp radeon ttm drm i2c_algo_bit i2c_core [last unloaded: pcspkr] Jul 24 10:43:49 livestrong kernel: Pid: 1623, comm: fstest Not tainted 2.6.31-0.81.rc3.git4.fc12.x86_64 #1 Presario V2000 (EC182UA#ABA) Jul 24 10:43:49 livestrong kernel: RIP: 0010:[<ffffffff81163908>] [<ffffffff81163908>] __find_get_block_slow+0x2d/0x120 Jul 24 10:43:49 livestrong kernel: RSP: 0018:ffff880034dbdbc8 EFLAGS: 00010246 Jul 24 10:43:49 livestrong kernel: RAX: 0000000000000000 RBX: 0000000000000000 RCX: 000000000000000c Jul 24 10:43:49 livestrong kernel: RDX: 0000000000000000 RSI: 000000000000032d RDI: 72656c69706d6f63 Jul 24 10:43:49 livestrong kernel: RBP: ffff880034dbdc08 R08: 0000000000000008 R09: 0000000022dcbe42 Jul 24 10:43:49 livestrong kernel: R10: ffffffff81dd90c0 R11: 0000000000000000 R12: 72656c69706d6f63 Jul 24 10:43:49 livestrong kernel: R13: 000000000000032d R14: ffff880034dc0508 R15: 0000000000000000 Jul 24 10:43:49 livestrong kernel: FS: 00007fa1094e86f0(0000) GS:ffff88000265a000(0000) knlGS:0000000000000000 Jul 24 10:43:49 livestrong kernel: CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b Jul 24 10:43:49 livestrong kernel: CR2: 00007f0778285010 CR3: 0000000034db7000 CR4: 00000000000006f0 Jul 24 10:43:49 livestrong kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Jul 24 10:43:49 livestrong kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Jul 24 10:43:49 livestrong kernel: Process fstest (pid: 1623, threadinfo ffff880034dbc000, task ffff880027cba4a0) Jul 24 10:43:49 livestrong kernel: Stack: Jul 24 10:43:49 livestrong kernel: 0000000000000008 0000000022dcbe42 0000000000000000 0000000000000000 Jul 24 10:43:49 livestrong kernel: <0> 72656c69706d6f63 000000000000032d ffff880034dc0508 000000000000032d Jul 24 10:43:49 livestrong kernel: <0> ffff880034dbdca8 ffffffff81163f31 ffff880027cba890 000000000000fa20 Jul 24 10:43:49 livestrong kernel: Call Trace: Jul 24 10:43:49 livestrong kernel: [<ffffffff81163f31>] __find_get_block+0xcc/0x1e3 Jul 24 10:43:49 livestrong kernel: [<ffffffff8116407b>] __getblk+0x33/0x2e2 Jul 24 10:43:49 livestrong kernel: [<ffffffff814f0bb4>] ? _cond_resched+0x3f/0x5e Jul 24 10:43:49 livestrong kernel: [<ffffffff811669f9>] __bread+0x22/0x91 Jul 24 10:43:49 livestrong kernel: [<ffffffff81270991>] ? memchr+0x1f/0x46 Jul 24 10:43:49 livestrong kernel: [<ffffffffa035c02c>] sb_bread+0x2c/0x42 [romfs] Jul 24 10:43:49 livestrong kernel: [<ffffffffa035c362>] romfs_dev_read+0x65/0xdb [romfs] Jul 24 10:43:49 livestrong kernel: [<ffffffff8114ccb3>] ? vfs_readdir+0x65/0xd9 Jul 24 10:43:49 livestrong kernel: [<ffffffffa035c6dc>] romfs_readdir+0x124/0x1c0 [romfs] Jul 24 10:43:49 livestrong kernel: [<ffffffff8114ca83>] ? filldir+0x0/0xe7 Jul 24 10:43:49 livestrong kernel: Code: 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 0f 1f 44 00 00 b9 0c 00 00 00 45 31 ff 65 48 8b 04 25 28 00 00 00 48 89 45 c8 31 c0 <4c> 8b 67 08 49 89 f5 41 2b 8c 24 a8 00 00 00 4d 8b b4 24 28 02 Jul 24 10:43:49 livestrong kernel: RIP [<ffffffff81163908>] __find_get_block_slow+0x2d/0x120 Jul 24 10:43:49 livestrong kernel: RSP <ffff880034dbdbc8> Jul 24 10:43:49 livestrong kernel: ---[ end trace f17bf1f30b46fcb3 ]--- Jul 24 10:43:50 livestrong kernel: general protection fault: 0000 [#2] SMP Jul 24 10:43:50 livestrong kernel: last sysfs file: /sys/devices/virtual/block/loop0/range Jul 24 10:43:50 livestrong kernel: CPU 0 Jul 24 10:43:50 livestrong kernel: Modules linked in: romfs cpufreq_ondemand powernow_k8 freq_table uinput arc4 snd_atiixp_modem snd_atiixp ecb b43 mac80211 cfg80211 rfkill ssb snd_ac97_codec ac97_bus snd_pcm 8139too sdhci_pci tifm_7xx1 video tifm_core snd_timer sdhci 8139cp yenta_socket rsrc_nonstatic firewire_ohci snd wmi firewire_core mmc_core mii output amd64_edac_mod soundcore snd_page_alloc edac_core i2c_piix4 k8temp hwmon shpchp crc_itu_t joydev ata_generic pata_acpi pata_atiixp radeon ttm drm i2c_algo_bit i2c_core [last unloaded: pcspkr] Jul 24 10:43:50 livestrong kernel: Pid: 23, comm: pdflush Tainted: G D 2.6.31-0.81.rc3.git4.fc12.x86_64 #1 Presario V2000 (EC182UA#ABA) Jul 24 10:43:50 livestrong kernel: RIP: 0010:[<ffffffff8113f250>] [<ffffffff8113f250>] sync_supers+0x38/0xd3 Jul 24 10:43:50 livestrong kernel: RSP: 0018:ffff8800344f1d50 EFLAGS: 00010287 Jul 24 10:43:50 livestrong kernel: RAX: 5f74757074756f24 RBX: ffff880034dc0000 RCX: ffffffff8113f243 Jul 24 10:43:50 livestrong kernel: RDX: 0000000000000000 RSI: ffffffff817431f8 RDI: 0000000000000246 Jul 24 10:43:50 livestrong kernel: RBP: ffff8800344f1d70 R08: 0000000000000002 R09: 0000000000000000 Jul 24 10:43:50 livestrong kernel: R10: 0000000000000000 R11: 0000000000000000 R12: 0000000000000001 Jul 24 10:43:50 livestrong kernel: R13: ffff8800344f1d90 R14: 0000000000000000 R15: 0000000000094020 Jul 24 10:43:50 livestrong kernel: FS: 00007f16ac097910(0000) GS:ffff88000265a000(0000) knlGS:0000000000000000 Jul 24 10:43:50 livestrong kernel: CS: 0010 DS: 0018 ES: 0018 CR0: 000000008005003b Jul 24 10:43:50 livestrong kernel: CR2: 00000000006d8898 CR3: 00000000378c6000 CR4: 00000000000006f0 Jul 24 10:43:50 livestrong kernel: DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 Jul 24 10:43:50 livestrong kernel: DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Jul 24 10:43:50 livestrong kernel: Process pdflush (pid: 23, threadinfo ffff8800344f0000, task ffff8800344ea4a0) Jul 24 10:43:50 livestrong kernel: Stack: Jul 24 10:43:50 livestrong kernel: ffff8800344f1dc0 000000002cb27325 ffff8800344f1e28 0000000000000001 Jul 24 10:43:50 livestrong kernel: <0> ffff8800344f1e00 ffffffff810ff5f4 ffff8800344f1db0 0000000000000000 Jul 24 10:43:50 livestrong kernel: <0> 0000000000000000 0000000000000000 ffff8800344f1dd0 0000000000000000 Jul 24 10:43:50 livestrong kernel: Call Trace: Jul 24 10:43:50 livestrong kernel: [<ffffffff810ff5f4>] wb_kupdate+0x45/0x147 Jul 24 10:43:50 livestrong kernel: [<ffffffff811005c7>] ? pdflush+0x0/0x26c Jul 24 10:43:50 livestrong kernel: [<ffffffff81100737>] pdflush+0x170/0x26c Jul 24 10:43:50 livestrong kernel: [<ffffffff810ff5af>] ? wb_kupdate+0x0/0x147 Jul 24 10:43:50 livestrong kernel: [<ffffffff8107f339>] kthread+0xa5/0xad Jul 24 10:43:50 livestrong kernel: [<ffffffff8101412a>] child_rip+0xa/0x20 Jul 24 10:43:50 livestrong kernel: [<ffffffff81013a90>] ? restore_args+0x0/0x30 Jul 24 10:43:50 livestrong kernel: [<ffffffff8107f294>] ? kthread+0x0/0xad Jul 24 10:43:50 livestrong kernel: [<ffffffff81014120>] ? child_rip+0x0/0x20 Jul 24 10:43:50 livestrong kernel: Code: 44 00 00 48 c7 c7 e0 31 74 81 65 48 8b 04 25 28 00 00 00 48 89 45 e8 31 c0 e8 0f 42 3b 00 48 8b 1d 86 3f 60 00 eb 69 48 8b 43 38 <48> 83 78 38 00 74 5b 80 7b 21 00 74 55 ff 83 88 01 00 00 4c 8d Jul 24 10:43:50 livestrong kernel: RIP [<ffffffff8113f250>] sync_supers+0x38/0xd3 Jul 24 10:43:50 livestrong kernel: RSP <ffff8800344f1d50> Jul 24 10:43:50 livestrong kernel: ---[ end trace f17bf1f30b46fcb4 ]---
This bug appears to have been reported against 'rawhide' during the Fedora 12 development cycle. Changing version to '12'. More information and reason for this action is here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
This message is a reminder that Fedora 12 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 12. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '12'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 12's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 12 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping
Fedora 12 changed to end-of-life (EOL) status on 2010-12-02. Fedora 12 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.