Date: Wed, 24 Mar 2010 17:33:31 +0200 From: Andriy Gapon <avg@icyb.net.ua> To: Paul B Mahol <onemda@gmail.com>, Fabian Keil <freebsd-listen@fabiankeil.de> Cc: Kostik Belousov <kostikbel@gmail.com>, freebsd-current@freebsd.org Subject: Re: newfs_msdos and DVD-RAM Message-ID: <4BAA30CB.1070707@icyb.net.ua> In-Reply-To: <3a142e751003191126j331e525fwb9e5573bbf6f7d58@mail.gmail.com> References: <3a142e751003190508x6a06868ene2e8fd9ddd977f66@mail.gmail.com> <3a142e751003191021p141af009m6acf7d160c890cbb@mail.gmail.com> <20100319191133.46fe271c@r500.local> <3a142e751003191126j331e525fwb9e5573bbf6f7d58@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
on 19/03/2010 20:26 Paul B Mahol said the following: > On Fri, Mar 19, 2010 at 7:11 PM, Fabian Keil > <freebsd-listen@fabiankeil.de> wrote: >> Paul B Mahol <onemda@gmail.com> wrote: >> >>> FreeBSD 9.0 CURRENT panics when mounting file system created via >>> newfs_msdos on DVD-RAM disc. >>> Something to do about divide by zero. >> I recently had a similar problem with a 16GB iPod. I still haven't >> managed to actually mount it, but the patch below at least works >> around the panic. >> >> Does it work for you, too? > > Obviously it will fix panic, but will not allow to mount. Zero value > should be handled > already much before. It looks the real bug is in newfs_msdos. > Looking at the code in mountmsdosfs(), it seems that SecPerClust can have zero value at the place of the crash only if pm_BlkPerSec is zero. See this line and the check above it: SecPerClust *= pmp->pm_BlkPerSec; But that is impossible because of the same if statement. In my opinion, the only possible explanation is an overflow of a SecPerClust value. Given that its type is u_int8_t, it seems plausible. It would be really nice if people who can reproduce this issue could either add a couple of printfs before the quoted above line or examined a crashdump to determine values of SecPerClust and pm_BlkPerSec before the multiplication. Could you guys please do it? Thanks! -- Andriy Gapon
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4BAA30CB.1070707>