MOKB-10-11-2006

• fsfuzzer for Linux

The bug has been found using the Linux version of fsfuzzer on a Fedora Core 6 installation, with up to date packages as of 10-11-2006. A read operation is necessary to trigger the bug. The architecture used to conduct the tests is IA32/x86, SMP enabled.

Related debugging information if available:

[root@fedoravm ~]# uname -a
Linux fedoravm 2.6.18-1.2798.fc6 #1 SMP Mon Oct 16 14:37:32 EDT 2006 i686 i686 i386 GNU/Linux

$ socat -d -d /tmp/com_1 stdout
2006/11/10 20:23:58 socat[8716] N successfully connected via
2006/11/10 20:23:58 socat[8716] N starting data transfer loop with FDs [3,3] and [1,1]
cramfs: wrong magic
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x5a/0x1c7 [ext3]
 [] do_IRQ+0xb0/0xbc
 [] common_interrupt+0x1a/0x20
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x4e/0x1c7 [ext3]
 [] do_IRQ+0xb0/0xbc
 [] common_interrupt+0x1a/0x20
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x5a/0x1c7 [ext3]
 [] apic_timer_interrupt+0x1f/0x24
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x58/0x1c7 [ext3]
 [] common_interrupt+0x1a/0x20
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x0/0x1c7 [ext3]
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x46/0x1c7 [ext3]
 [] apic_timer_interrupt+0x1f/0x24
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x72/0x1c7 [ext3]
 [] do_IRQ+0xb0/0xbc
 [] common_interrupt+0x1a/0x20
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fill_tree+0x63/0x1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
BUG: soft lockup detected on CPU#0!
 [] dump_trace+0x69/0x1af
 [] show_trace_log_lvl+0x18/0x2c
 [] show_trace+0xf/0x11
 [] dump_stack+0x15/0x17
 [] softlockup_tick+0xad/0xc4
 [] update_process_times+0x39/0x5c
 [] smp_apic_timer_interrupt+0x5c/0x64
 [] apic_timer_interrupt+0x1f/0x24
DWARF2 unwinder stuck at apic_timer_interrupt+0x1f/0x24
Leftover inexact backtrace:
 [] ext3fs_dirhash+0x4b/0x1c7 [ext3]
 [] apic_timer_interrupt+0x1f/0x24
 [] htree_dirblock_to_tree+0x64/0xb2 [ext3]
 [] ext3_htree_fx1ba [ext3]
 [] inode_has_perm+0x5b/0x63
 [] ext3_readdir+0x1da/0x5bc [ext3]
 [] file_has_perm+0x8c/0x94
 [] filldir64+0x0/0xc5
 [] vfs_readdir+0x66/0x90
 [] filldir64+0x0/0xc5
 [] sys_getdents64+0x63/0xa5
 [] syscall_call+0x7/0xb
 =======================
2006/11/10 20:27:03 socat[8716] N exiting on signal 2