Date: Sat, 01 Apr 2023 21:11:16 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 270587] FAT12 with non-default parameters panics on mount Message-ID: <bug-270587-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D270587 Bug ID: 270587 Summary: FAT12 with non-default parameters panics on mount Product: Base System Version: CURRENT Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: kern Assignee: bugs@FreeBSD.org Reporter: se@FreeBSD.org The following sequence of commands leads to a panic due to a page fault in = the kernel: # mdconfig -s 64m md0 # newfs_msdos -F 12 -n 2 -e 128 -S 4096 -c 2 md0 newfs_msdos: cannot get number of sectors per track: Operation not supported newfs_msdos: cannot get number of heads: Operation not supported newfs_msdos: debug: cls=3D4084 x1=3D6 SecPerClust=3D2 newfs_msdos: warning: FAT type limits file system to 8175 sectors /dev/md0: 8168 sectors in 4084 FAT12 clusters (8192 bytes/cluster) BytesPerSec=3D4096 SecPerClust=3D2 ResSectors=3D1 FATs=3D2 RootDirEnts=3D12= 8 Sectors=3D8175 Media=3D0xf0 FATsecs=3D2 SecPerTrack=3D63 Heads=3D1 HiddenSecs=3D0 # mount -t msdosfs /dev/md0 /mnt The cause is the fact that a FAT entry crosses the boundary between the 1st= and 2nd FAT sector (byte offset 4095 is the last byte in the 1st sector and 4096 the first byte in the 2nd sector). This reads 1 byte beyond the page alloca= ted for the 1st sector. There are other issues, with less drastic consequences, e.g.: # newfs_msdos -F 12 -s 64m -n 2 -e 1024 -S 512 newfs_msdos: cannot get number of sectors per track: Operation not supported newfs_msdos: cannot get number of heads: Operation not supported newfs_msdos: warning: FAT type limits file system to 32768 sectors /dev/md1: 32672 sectors in 4084 FAT12 clusters (4096 bytes/cluster) BytesPerSec=3D512 SecPerClust=3D8 ResSectors=3D1 FATs=3D2 RootDirEnts=3D1024 Sectors=3D32768 Media=3D0xf0 FATsecs=3D12 SecPerTrack=3D63 Heads=3D16 Hidde= nSecs=3D0 # df -i /mnt Filesystem 1K-blocks Used Avail Capacity iused ifree %iused Mounted on /dev/md1 12288 8 12280 0% 0 1024 0% /mnt # mount -t msdosfs /dev/md0 /mnt # ls -lsd /mnt 32 drwxr-xr-x 1 root wheel 32768 Jan 1 1980 /mnt/ # dd if=3D/dev/zero of=3D/mnt/TEST.DAT bs=3D1k count=3D12288 dd: /mnt/TEST.DAT: No space left on device 12281+0 records in 12280+0 records out 12574720 bytes transferred in 0.013075 secs (961691614 bytes/sec) This file system has 4084 clusters of 4 KB (or roughly 16 MB), but df shows= the total size of the data area as only 12288 KB (12 MB), but trying to write a file of size 12 MB results in an error since apparently 8 KB have already b= een allocated (for the FAT sectors that actually exist outside the data area), = and "ls -lask /mnt" shows a "." entry with an apparent size of 32 KB (which also are allocated outside the data area). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-270587-227>