Found kernel bug - fixpoint divide exception While working with fsfuzzer Environment: 2.6.31 and 2.6.32-rc1 Architecture: s390 and ppc64 ------------[ cut here ]------------ Kernel BUG at 000003e00429d934 [verbose debug info unavailable] fixpoint divide exception: 0009 [#1] SMP Modules linked in: ext4 jbd2 crc16 loop autofs4 lockd sunrpc ipv6 qeth_l2 qeth q dio vmur ccwgroup dm_round_robin dm_multipath scsi_dh sd_mod scsi_mod multipath dm_snapshot dm_zero dm_mirror dm_region_hash dm_log dm_mod dasd_fba_mod dasd_eck d_mod dasd_mod ext3 jbd CPU: 2 Not tainted 2.6.31-rc6 #1 Process mount (pid: 2675, task: 000000003ed06038, ksp: 0000000036217920) Krnl PSW : 0704200180000000 000003e00429d934 (ext4_fill_super+0x1478/0x2908 [ext 4]) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:0 CC:2 PM:0 EA:3 Krnl GPRS: 0000000000000100 0000000000000100 0000000000000006 000000002fc61800 0000000000000000 0000000000000100 000000002fc61800 000000002fc61800 000000003143a800 00000000000000e0 0000000000000000 000000003eb0d800 000003e00427c000 000003e0042b8958 000003e00429d87c 0000000036217b10 Krnl Code: 000003e00429d928: b9160050 llgfr %r5,%r0 000003e00429d92c: a7490000 lghi %r4,0 000003e00429d930: b987004a dlgr %r4,%r10 >000003e00429d934: b91600a5 llgfr %r10,%r5 000003e00429d938: a53f80d0 llill %r3,32976 000003e00429d93c: a7ad000c mghi %r10,12 000003e00429d940: b904002a lgr %r2,%r10 000003e00429d944: 1895 lr %r9,%r5 Call Trace: ([<000003e00429d87c>] ext4_fill_super+0x13c0/0x2908 [ext4]) [<00000000000f46f2>] get_sb_bdev+0x13e/0x19c [<000003e00429230e>] ext4_get_sb+0x2e/0x40 [ext4] [<00000000000f3f98>] vfs_kern_mount+0xc0/0x168 [<00000000000f40ac>] do_kern_mount+0x58/0x114 [<000000000010e558>] do_mount+0x798/0x830 [<000000000010e6a0>] SyS_mount+0xb0/0x100 [<00000000000266be>] sysc_noemu+0x10/0x16 [<0000004e53f234e2>] 0x4e53f234e2 Last Breaking-Event-Address: [<000003e00429d8d8>] ext4_fill_super+0x141c/0x2908 [ext4] ---[ end trace b5563edf9c0c9b52 ]--- 2.6.32-rc1 stack trace ------------[ cut here ]------------ Kernel BUG at 000003e0024d6b52 [verbose debug info unavailable] fixpoint divide exception: 0009 [#1] SMP Modules linked in: ext4 jbd2 crc16 autofs4 lockd sunrpc ipv6 loop qeth_l2 qeth vmur qdio ccwgroup dm_round_robin dm_multipath scsi_dh sd_mod scsi_mod multipath dm_snapshot dm_zero dm_mirror dm_region_hash dm_log dm_mod dasd_fba_mod dasd_eckd_mod dasd_mod ext3 jbd CPU: 2 Not tainted 2.6.32-rc2 #1 Process mount (pid: 2752, task: 00000000233e47c0, ksp: 00000000233a3910) Krnl PSW : 0704200180000000 000003e0024d6b52 (ext4_fill_super+0x1506/0x29c0 [ext4]) R:0 T:1 IO:1 EX:1 Key:0 M:1 W:0 P:0 AS:0 CC:2 PM:0 EA:3 Krnl GPRS: 0000000e00000100 0000000000000100 0000000000000006 00000000200ad000 0000000000000000 0000000000000100 00000000200ad000 00000000200ad000 00000000200ae000 000000001ab6d800 0000000000000000 00000000000000e0 000003e0024b3000 000003e0024f2d28 000003e0024d6ab8 00000000233a3b00 Krnl Code: 000003e0024d6b46: b9160050 llgfr %r5,%r0 000003e0024d6b4a: a7490000 lghi %r4,0 000003e0024d6b4e: b987004a dlgr %r4,%r10 >000003e0024d6b52: b91600b5 llgfr %r11,%r5 000003e0024d6b56: a53f80d0 llill %r3,32976 000003e0024d6b5a: a7bd000c mghi %r11,12 000003e0024d6b5e: b904002b lgr %r2,%r11 000003e0024d6b62: 18a5 lr %r10,%r5 Call Trace: ([<000003e0024d6ab8>] ext4_fill_super+0x146c/0x29c0 [ext4]) [<0000000000111ed8>] get_sb_bdev+0x158/0x1b4 [<000003e0024cbe16>] ext4_get_sb+0x2e/0x40 [ext4] [<00000000001119ac>] vfs_kern_mount+0xc0/0x19c [<0000000000111af4>] do_kern_mount+0x58/0x114 [<000000000012d760>] do_mount+0x7b4/0x84c [<000000000012d89c>] SyS_mount+0xa4/0xec [<0000000000027f5a>] sysc_tracego+0xe/0x14 [<0000004e53f234e2>] 0x4e53f234e2 Last Breaking-Event-Address: [<000003e0024d6afa>] ext4_fill_super+0x14ae/0x29c0 [ext4] ---[ end trace b8c3330dd3812f17 ]---
Created attachment 23215 [details] fsfuzzer image to recreate the kernel stack trace in tar gzipped format
Use the ext4.base file from already attached to other bug #14286 http://bugzilla.kernel.org/attachment.cgi?id=23214 unzip the above file(s) ext4.319.img.tar.gz ext4.base.tar.gz And download the fsfuzzer from site http://www.risesecurity.org/files/fsfuzzer-0.7.3.tar.gz Untar it cd fsfuzzer-0.7.3 ./configure make cp ext4.319.img to fsfuzzer-0.7.3/cfs cp ext4.base to fsfuzzer-0.7.3/fs and run the file named run_test in fsfuzzer-0.7.3 ./run_test ext4 319 Check the dmesg. Thanks!!
Any updates!!
No updates, this issue is not as pressing as other things the ext4 development team is currently working on ...
Created attachment 23647 [details] Patch which solves this fixpoint division exception
Created attachment 23648 [details] Patch which solves this fixpoint division exception