on 19/03/2010 20:26 Paul B Mahol said the following: > On Fri, Mar 19, 2010 at 7:11 PM, Fabian Keil > <freebsd-listen_at_fabiankeil.de> wrote: >> Paul B Mahol <onemda_at_gmail.com> wrote: >> >>> FreeBSD 9.0 CURRENT panics when mounting file system created via >>> newfs_msdos on DVD-RAM disc. >>> Something to do about divide by zero. >> I recently had a similar problem with a 16GB iPod. I still haven't >> managed to actually mount it, but the patch below at least works >> around the panic. >> >> Does it work for you, too? > > Obviously it will fix panic, but will not allow to mount. Zero value > should be handled > already much before. It looks the real bug is in newfs_msdos. > Looking at the code in mountmsdosfs(), it seems that SecPerClust can have zero value at the place of the crash only if pm_BlkPerSec is zero. See this line and the check above it: SecPerClust *= pmp->pm_BlkPerSec; But that is impossible because of the same if statement. In my opinion, the only possible explanation is an overflow of a SecPerClust value. Given that its type is u_int8_t, it seems plausible. It would be really nice if people who can reproduce this issue could either add a couple of printfs before the quoted above line or examined a crashdump to determine values of SecPerClust and pm_BlkPerSec before the multiplication. Could you guys please do it? Thanks! -- Andriy GaponReceived on Wed Mar 24 2010 - 14:33:45 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:40:02 UTC