Bug 27932

Summary: [2.6.38-0.rc2.git7.1.fc15] Kernel oops opening possible HFS disk image
Product: File System Reporter: Dan Williams (dcbw)
Component: HFS/HFSPLUSAssignee: Christoph Hellwig (hch)
Status: CLOSED CODE_FIX    
Severity: normal CC: andreas.bahr1967, florian, hch, maciej.rutecki, rjw
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 2.6.38-rc2-git7 Subsystem:
Regression: Yes Bisected commit-id:
Bug Depends on:    
Bug Blocks: 27352    
Attachments: oops
fix failed mount handling

Description Dan Williams 2011-01-31 23:31:07 UTC 
Created attachment 45672 [details]
oops

Attempted to mount this image:

http://pcdn2-download.vzw.com/mac/7.2/VZAM_7.2.4_2534b_UML290.dmg

using the following command, resulting in a kernel oops:

sudo mount -t hfsplus -o loop VZAM_7.2.4_2534b_UML290.dmg /tmp/mac290/


[  655.841507] Pid: 2478, comm: mount Not tainted 2.6.38-0.rc2.git7.1.fc15.x86_64 #1 30E1/HP EliteBook 2530p
[  655.841507] RIP: 0010:[<ffffffffa047723d>]  [<ffffffffa047723d>] hfsplus_sync_fs+0x3a/0x174 [hfsplus]
[  655.841507] RSP: 0018:ffff880108c15a48  EFLAGS: 00010202
[  655.841507] RAX: 0000000000000000 RBX: ffff880131bb6400 RCX: 000000000000200b
[  655.841507] RDX: 00000000ffffffea RSI: 0000000000000001 RDI: ffff880114989c00
[  655.841507] RBP: ffff880108c15a88 R08: 0000000000000002 R09: 0000000000000005
[  655.841507] R10: 0000000000000005 R11: 0000000000000000 R12: 0000000000000000
[  655.841507] R13: ffff880114989c00 R14: ffff880119854800 R15: ffff880131bb6478
[  655.841507] FS:  00007fe1c2055820(0000) GS:ffff8800b4c00000(0000) knlGS:0000000000000000
[  655.841507] CS:  0010 DS: 0000 ES: 0000 CR0: 000000008005003b
[  655.841507] CR2: 0000000000000008 CR3: 0000000108d80000 CR4: 00000000000406f0
[  655.841507] DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000
[  655.841507] DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400
[  655.841507] Process mount (pid: 2478, threadinfo ffff880108c14000, task ffff880133788000)
[  655.841507] Stack:
[  655.841507]  ffffffffa042f0d0 ffff880131bb64a8 ffff880108c15ab8 ffff880131bb6400
[  655.841507]  ffff880114989c00 ffff880119854800 ffffffffa042f0d0 ffff880131bb64a8
[  655.841507]  ffff880108c15ab8 ffffffffa04773d7 0000000000000005 ffff880131bb6400
[  655.841507] Call Trace:
[  655.841507]  [<ffffffffa04773d7>] hfsplus_put_super+0x60/0xc0 [hfsplus]
[  655.841507]  [<ffffffffa0477b6f>] hfsplus_fill_super+0x475/0x4ae [hfsplus]
[  655.841507]  [<ffffffff8112ac0e>] ? do_lookup+0x11a/0x1f1
[  655.841507]  [<ffffffff81229fda>] ? kobject_get+0x17/0x1e
[  655.841507]  [<ffffffff8121b910>] ? get_disk+0x75/0x95
[  655.841507]  [<ffffffff8146eed4>] ? _cond_resched+0xe/0x22
[  655.841507]  [<ffffffff812e4ab4>] ? kobj_lookup+0x141/0x179
[  655.841507]  [<ffffffff810ef4fb>] ? pcpu_chunk_relocate+0x17/0x71
[  655.841507]  [<ffffffff810ef9a7>] ? pcpu_alloc_area+0x207/0x24a
[  655.841507]  [<ffffffff8122fa3a>] ? string.isra.6+0x3d/0xa2
[  655.841507]  [<ffffffff81230771>] ? vsnprintf+0x1d1/0x42c
[  655.841507]  [<ffffffff81230a58>] ? snprintf+0x34/0x36
[  655.841507]  [<ffffffff811227b5>] ? set_bdev_super+0x0/0x34
[  655.841507]  [<ffffffff8114a041>] ? set_blocksize+0x3a/0xb2
[  655.841507]  [<ffffffff81123769>] mount_bdev+0x14c/0x1ae
[  655.841507]  [<ffffffffa04776fa>] ? hfsplus_fill_super+0x0/0x4ae [hfsplus]
[  655.841507]  [<ffffffffa04770a0>] hfsplus_mount+0x15/0x17 [hfsplus]
[  655.841507]  [<ffffffff81122fdb>] vfs_kern_mount+0xaa/0x1d4
[  655.841507]  [<ffffffff8112316d>] do_kern_mount+0x4d/0xdf
[  655.841507]  [<ffffffff81139766>] do_mount+0x6c6/0x71a
[  655.841507]  [<ffffffff810ec220>] ? strndup_user+0x3b/0x51
[  655.841507]  [<ffffffff81139a4a>] sys_mount+0x88/0xc2
[  655.841507]  [<ffffffff81009bc2>] system_call_fastpath+0x16/0x1b
[  655.841507] Code: ec 18 0f 1f 44 00 00 48 8b 9f 78 02 00 00 45 31 e4 85 f6 49 89 fd 4c 8b 33 0f 84 34 01 00 00 c6 47 14 00 48 8b 43 18 4c 8d 7b 78 <48> 8b 40 08 48 8b b8 40 01 00 00 e8 ef 25 c6 e0 41 89 c4 48 8b 
[  655.841507] RIP  [<ffffffffa047723d>] hfsplus_sync_fs+0x3a/0x174 [hfsplus]
[  655.841507]  RSP <ffff880108c15a48>
[  655.841507] CR2: 0000000000000008
[  655.880364] ---[ end trace b7f9f6ae912bbe10 ]---
Comment 1 Christoph Hellwig 2011-02-01 20:41:57 UTC 
Created attachment 45902 [details]
fix failed mount handling

The patch below fixes up the mount error handling in hfsplus so that it doesn't oops anymore when trying to mount some other format images likes yours.
Comment 2 Christoph Hellwig 2011-02-03 22:30:08 UTC 
*** Bug 27782 has been marked as a duplicate of this bug. ***
Comment 3 Rafael J. Wysocki 2011-02-12 22:28:54 UTC 
Patch : https://bugzilla.kernel.org/attachment.cgi?id=45902
Handled-By : Christoph Hellwig <hch@lst.de>
Comment 4 Rafael J. Wysocki 2011-02-12 22:42:03 UTC 
Fixed by commit c5b8d0bce052949e173b5b32f96bd59bceaa2ab0 .