Bug 835084 - trying to mount an empty partition (between 2048 and 203775 bytes) causes a hang in isofs driver, using 100% CPU
Summary: trying to mount an empty partition (between 2048 and 203775 bytes) causes a h...
Keywords:
Status: CLOSED DUPLICATE of bug 835019
Alias: None
Product: Fedora
Classification: Fedora
Component: kernel
Version: 17
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Kernel Maintainer List
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks: 834896
TreeView+ depends on / blocked
 
Reported: 2012-06-25 13:50 UTC by Richard W.M. Jones
Modified: 2012-06-25 20:42 UTC (History)
9 users (show)

Fixed In Version:
Clone Of: 835019
Environment:
Last Closed: 2012-06-25 20:42:45 UTC
Type: Bug
Embargoed:

Attachments (Terms of Use)

Description Richard W.M. Jones 2012-06-25 13:50:29 UTC 
+++ This bug was initially created as a clone of Bug #835019 +++

If you try to mount an empty partition, the mount command hangs
using 100% of CPU and being unkillable.  Stack trace points to
a problem in the isofs driver.

Here is a simple reproducer:

size=2048
guestfish -x -v <<EOF
  sparse test1.img $size
  run
  mount /dev/sda /
EOF

Any size between 2048 and 203775 (== 199*1024 - 1) will
give the same problem.  Sizes under 2048 hit bug 835019.
Sizes over 203775 cause the mount to return an error.

Stack trace of mount, capturing using sysrq + t:

[    7.761017] mount           R  running task        0   116    115 0x00000000
[    7.761017]  ffff88001c8c9ac8 0000000000000082 ffff88001c899700 ffff88001c8c9fd8
[    7.761017]  ffff88001c8c9fd8 ffff88001c8c9fd8 ffff88001ee14500 ffff88001c899700
[    7.761017]  0000000000000000 ffff88001c8c8000 0000000000000030 ffff88001dc24560
[    7.761017] Call Trace:
[    7.761017]  [<ffffffff8108671a>] __cond_resched+0x2a/0x40
[    7.761017]  [<ffffffff815ef820>] _cond_resched+0x30/0x40
[    7.761017]  [<ffffffff8111d2eb>] find_lock_page+0x3b/0x80
[    7.761017]  [<ffffffff8111d9df>] find_or_create_page+0x3f/0xb0
[    7.761017]  [<ffffffff811acf12>] __getblk+0xf2/0x2a0
[    7.761017]  [<ffffffff811ad113>] __bread+0x13/0xb0
[    7.761017]  [<ffffffff81247b30>] isofs_fill_super+0x240/0xf40
[    7.761017]  [<ffffffff8118055b>] mount_bdev+0x1cb/0x210
[    7.761017]  [<ffffffff812478f0>] ? isofs_iget+0x8a0/0x8a0
[    7.761017]  [<ffffffff8116b611>] ? __kmalloc_track_caller+0x51/0x180
[    7.761017]  [<ffffffff81246bd5>] isofs_mount+0x15/0x20
[    7.761017]  [<ffffffff81181063>] mount_fs+0x43/0x1b0
[    7.761017]  [<ffffffff8113de80>] ? __alloc_percpu+0x10/0x20
[    7.761017]  [<ffffffff81199bc7>] vfs_kern_mount+0x67/0xf0
[    7.761017]  [<ffffffff8119a6e4>] do_kern_mount+0x54/0x110
[    7.761017]  [<ffffffff8119bf4a>] do_mount+0x26a/0x840
[    7.761017]  [<ffffffff8113832b>] ? strndup_user+0x5b/0x80
[    7.761017]  [<ffffffff8119c65d>] sys_mount+0x8d/0xe0
[    7.761017]  [<ffffffff815f8ae9>] system_call_fastpath+0x16/0x1b
Comment 1 Richard W.M. Jones 2012-06-25 19:38:01 UTC 
Thanks to Jeff Moyer who suggested the following patch:

https://lkml.org/lkml/2012/6/25/306

which fixes this bug.
Comment 2 Josh Boyer 2012-06-25 20:42:45 UTC 
We'll fix these with one bug.

*** This bug has been marked as a duplicate of bug 835019 ***
Note You need to log in before you can comment on or make changes to this bug.