infinite loop when copying to ext2fs

Kris Kennaway kris at FreeBSD.org
Mon Jun 16 09:27:57 UTC 2008 

Martin Cracauer wrote:
> Kris Kennaway wrote on Sat, Mar 01, 2008 at 10:22:26PM +0100: 
>> Jakub Siroky wrote:
>>> I've just confirmed the same situation on 6.2-RELEASE amd64/GENERIC. I
>>> did not noticed it before because I started using ext2fs extensively
>>> some months ago.
>>>
>>> Regards,
>>> Jakub
>>>
>>> On Sat, 19 Jan 2008 16:44:34 +0100
>>> Kris Kennaway <kris at FreeBSD.org> wrote:
>>>
>>>> Kris Kennaway wrote:
>>>>> Jakub Siroky wrote:
>>>>>> I have two large ext2fs partitions (368 and 313GB) to hold data
>>>>>> shared between several OSes. While there were no problems on
>>>>>> 6-STABLE branch I was quite disappointed after upgrade to
>>>>>> 7-STABLE. Whenever I copy/write to ext2fs partition the system
>>>>>> freezes totally without crashdump. So I set debugging settings to
>>>>>> kernel config (DEBUG,WITNESS,..) and in console I reproduced error
>>>>>> situation ending with full screen of unstoppable running text with
>>>>>> lot of memory addresses and a few recognisable words: 'new block
>>>>>> bit set for ext already' - again with no crashdump. Then I have
>>>>>> formatted 1GB partition with ext2fs and the problem on this small
>>>>>> partition appears only sometimes. 
>>>>> OK, I am able to reproduce this.
>>>>>
>>>>> Kris
>>>>>
>>>> Is anyone able to look at this?  I could not spot a candidate change 
>>>> that has not been merged to 6.x.
>>>>
>>>> Kris
>>>
>> Sounds like it may have been broken by the change to ext2_bitops.h by 
>> cracauer.  Can you confirm whether backing out 1.2.2.1 fixes it?
> 
> I don't think my change can cause a new endless loop.
> 
> I only reversed the order of tests to ensure we don't overrun a page
> bounddary (into possibly unmapped space).
> 
> -       while(*p == ~0U && ofs < sz) {
> +       while(ofs < sz && *p == ~0U) {
> 
> It is, however, likely that the code was buggy in the first place.
> Linux has replaced all this (the allocation code).
> 
> Also note that the code I fixed is amd64 only.  If the endless loop
> appears on i386 it's something else.
> 
> Martin

It is amd64 only.  I am able to reproduce using the method in the 
original mails, can you?

Kris

More information about the freebsd-fs mailing list