From owner-freebsd-bugs@freebsd.org Tue Aug 15 15:53:08 2017 Return-Path: Delivered-To: freebsd-bugs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 45660DDC426 for ; Tue, 15 Aug 2017 15:53:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2001:1900:2254:206a::16:76]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 31A1274D29 for ; Tue, 15 Aug 2017 15:53:08 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from bugs.freebsd.org ([127.0.1.118]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id v7FFr8gi090137 for ; Tue, 15 Aug 2017 15:53:08 GMT (envelope-from bugzilla-noreply@freebsd.org) From: bugzilla-noreply@freebsd.org To: freebsd-bugs@FreeBSD.org Subject: [Bug 221501] [msdosfs] panic 11.0-RELEASE by mounting a malformed msdosfs image Date: Tue, 15 Aug 2017 15:53:08 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: changed X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: kern X-Bugzilla-Version: 11.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Many People X-Bugzilla-Who: emaste@freebsd.org X-Bugzilla-Status: Open X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: freebsd-bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_status Message-ID: In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated MIME-Version: 1.0 X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 15 Aug 2017 15:53:08 -0000 https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D221501 Ed Maste changed: What |Removed |Added ---------------------------------------------------------------------------- Status|New |Open --- Comment #4 from Ed Maste --- Confirmed on FreeBSD/arm64 -current root@od1000:~/fuzzbsd/results/freebsd_11.0/msdos/12 # mount -t msdosfs /dev= /md0 /mnt panic: vm_fault_hold: fault on nofault entry, addr: 0xffff0000e6ee1000 cpuid =3D 1 time =3D 1502812161 KDB: stack backtrace: ... panic() at vm_fault_hold+0x1d90 pc =3D 0xffff00000030f31c lr =3D 0xffff000000595894 sp =3D 0xffff00010a9fc0c0 fp =3D 0xffff00010a9fc220 vm_fault_hold() at vm_fault+0x70 pc =3D 0xffff000000595894 lr =3D 0xffff000000593ab4 sp =3D 0xffff00010a9fc230 fp =3D 0xffff00010a9fc260 vm_fault() at data_abort+0x100 pc =3D 0xffff000000593ab4 lr =3D 0xffff0000005faacc sp =3D 0xffff00010a9fc270 fp =3D 0xffff00010a9fc320 data_abort() at do_el1h_sync+0xfc pc =3D 0xffff0000005faacc lr =3D 0xffff0000005fa8d8 sp =3D 0xffff00010a9fc330 fp =3D 0xffff00010a9fc360 do_el1h_sync() at handle_el1h_sync+0x74 pc =3D 0xffff0000005fa8d8 lr =3D 0xffff0000005e3874 sp =3D 0xffff00010a9fc370 fp =3D 0xffff00010a9fc480 handle_el1h_sync() at fillinusemap+0x224 pc =3D 0xffff0000005e3874 lr =3D 0xffff000000200ca4 sp =3D 0xffff00010a9fc490 fp =3D 0xffff00010a9fc570 fillinusemap() at msdosfs_mount+0xd78 pc =3D 0xffff000000200ca4 lr =3D 0xffff000000203a84 sp =3D 0xffff00010a9fc580 fp =3D 0xffff00010a9fc710 msdosfs_mount() at vfs_donmount+0xd0c pc =3D 0xffff000000203a84 lr =3D 0xffff0000003c2c58 sp =3D 0xffff00010a9fc720 fp =3D 0xffff00010a9fc960 --=20 You are receiving this mail because: You are the assignee for the bug.=