kern/120967: the crash happens on mounting an UDF DVD

Andrew Muhametshin andrew at dobrohot.org
Fri Feb 22 13:30:04 UTC 2008 

>Number:         120967
>Category:       kern
>Synopsis:       the crash happens on mounting an UDF DVD
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Feb 22 13:30:03 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator:     Andrew Muhametshin
>Release:        FreeBSD-7.0-RC2 & 6.3-RELEASE
>Organization:
>Environment:
FreeBSD inspirra.localdomain 6.3-RELEASE FreeBSD 6.3-RELEASE #3: Wed Feb  6 10:00:26 MSK 2008     root at inspirra.localdomain:/SHARED/obj.inspirra/usr/src/sys/INSPIRRA  i386

FreeBSD host01.localdomain 7.0-RC2 FreeBSD 7.0-RC2 #3: Mon Feb 18 09:30:32 MSK 2008     root at host01.localdomain:/usr/obj/usr/src/sys/HOST01  i386
>Description:
Given a disc with UDF. Trying to mount it and further changing to any directory give: reboot after panic: getblk: size(67584) > MAXBSIZE(65536)"

This crash is constantly repeated in the FreeBSD-6.3 and 7-RC2

===============================
$ kgdb kernel.debug /var/crash/vmcore.2
GNU gdb 6.1.1 [FreeBSD]
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i386-marcel-freebsd".

Unread portion of the kernel message buffer:
uiomove returned -1
panic: getblk: size(67584) > MAXBSIZE(65536)

Uptime: 19m52s
Physical memory: 878 MB
Dumping 126 MB: 111 95 79 63 47 31 15

#0  doadump () at pcpu.h:195
195             __asm __volatile("movl %%fs:0,%0" : "=r" (td));
(kgdb) bt
#0  doadump () at pcpu.h:195
#1  0xc0556c84 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2  0xc0556e84 in panic (fmt=) at /usr/src/sys/kern/kern_shutdown.c:563
#3  0xc05ba3dd in getblk (vp=0xc491d880, blkno=4192, size=67584, slpflag=0, slptimeo=0, flags=0)
    at /usr/src/sys/kern/vfs_bio.c:2438
#4  0xc05bb2c4 in breadn (vp=0xc491d880, blkno=) at /usr/src/sys/kern/vfs_bio.c:786
#5  0xc05bb3fc in bread (vp=0xc491d880, blkno=) at /usr/src/sys/kern/vfs_bio.c:734
#6  0xc0501ab5 in udf_readatoffset (node=) at udf.h:100
#7  0xc0501b62 in udf_getfid (ds=0xc71914e0) at /usr/src/sys/fs/udf/udf_vnops.c:549
#8  0xc0502257 in udf_readdir (a=0xe5762c24) at /usr/src/sys/fs/udf/udf_vnops.c:710
#9  0xc0787382 in VOP_READDIR_APV (vop=0xc07dd4e0, a=0xe5762c24) at vnode_if.c:1407
#10 0xc05d8a3e in getdirentries (td=0xc497e630, uap=0xe5762cfc) at vnode_if.h:747
#11 0xc077ac95 in syscall (frame=0xe5762d38) at /usr/src/sys/i386/i386/trap.c:1035
#12 0xc0764ec0 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:196
#13 0x00000033 in ?? ()
(kgdb) bt full
#0  doadump () at pcpu.h:195
No locals.
#1  0xc0556c84 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
        _giantcnt = (kgdb) where
#0  doadump () at pcpu.h:195
#1  0xc0556c84 in boot (howto=260) at /usr/src/sys/kern/kern_shutdown.c:409
#2  0xc0556e84 in panic (fmt=) at /usr/src/sys/kern/kern_shutdown.c:563
#3  0xc05ba3dd in getblk (vp=0xc491d880, blkno=4192, size=67584, slpflag=0, slptimeo=0, flags=0)
    at /usr/src/sys/kern/vfs_bio.c:2438
#4  0xc05bb2c4 in breadn (vp=0xc491d880, blkno=) at /usr/src/sys/kern/vfs_bio.c:786
#5  0xc05bb3fc in bread (vp=0xc491d880, blkno=) at /usr/src/sys/kern/vfs_bio.c:734
#6  0xc0501ab5 in udf_readatoffset (node=) at udf.h:100
#7  0xc0501b62 in udf_getfid (ds=0xc71914e0) at /usr/src/sys/fs/udf/udf_vnops.c:549
#8  0xc0502257 in udf_readdir (a=0xe5762c24) at /usr/src/sys/fs/udf/udf_vnops.c:710
#9  0xc0787382 in VOP_READDIR_APV (vop=0xc07dd4e0, a=0xe5762c24) at vnode_if.c:1407
#10 0xc05d8a3e in getdirentries (td=0xc497e630, uap=0xe5762cfc) at vnode_if.h:747
#11 0xc077ac95 in syscall (frame=0xe5762d38) at /usr/src/sys/i386/i386/trap.c:1035
#12 0xc0764ec0 in Xint0x80_syscall () at /usr/src/sys/i386/i386/exception.s:196
#13 0x00000033 in ?? ()
(kgdb) quit

>How-To-Repeat:
$ mount_udf /dev/acd0 /cdrom
$ ls /cdrom/data/photos/
!!!panic!!!
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list