[xfs-masters] [Bug 704] Segfault on mkfs.xfs on uninitialized devices on ppc

[bugzilla-daemon@xxxxxxxxxxx]

http://oss.sgi.com/bugzilla/show_bug.cgi?id=704





------- Additional Comments From acorliss@xxxxxxxxxxxxxxxx  2006-07-21 06:43 
CST -------
Output of 'bt full' from 'gdb --args mkfs.xfs /dev/rootvg/lvtest1':

#0  0x0ff0cd80 in strncmp () from /lib/tls/libc.so.6
No symbol table info available.
#1  0x10040d68 in may_be_swap (s=0xfc307366 <Address 0xfc307366 out of bounds>)
    at fstype.c:138
No locals.
#2  0x100416b0 in fstype (device=0xfc2f6610 "") at fstype.c:399
        pagesize = 65536
        rd = 32768
        buf = '\0' <repeats 4096 times>,
"ABTB\000\000\000\001ÿÿÿÿÿÿÿÿ\000\000\000\f\000\002\177ô", '\0' <repeats 4072
times>, "ABTC\000\000\000\001ÿÿÿÿÿÿÿÿ\000\000\000\f\000\002\177ô", '\0' <repeats
4072 times>,
"IABT\000\000\000\001ÿÿÿÿÿÿÿÿ\000\000\000\200\000\000\000=ÿÿÿÿÿÿÿø", '\0'
<repeats 20447 times>
        fd = 6
        type = 0x0
        sb = {ms = {s_dummy = '\0' <repeats 15 times>, s_magic = "\000"}, 
  es = {s_dummy = '\0' <repeats 55 times>, s_magic = "\000"}, e2s = {
    s_dummy1 = '\0' <repeats 55 times>, s_magic = "\000", 
    s_dummy2 = '\0' <repeats 33 times>, s_feature_compat = "\000\000\000", 
    s_feature_incompat = "\000\000\000", s_feature_ro_compat = "\000\000\000", 
    s_uuid = '\0' <repeats 15 times>, s_volume_name = '\0' <repeats 15 times>, 
    s_dummy3 = '\0' <repeats 87 times>, s_journal_inum = "\000\000\000"}, 
  vs = {s_magic = "\000\000\000"}, hs = {s_magic = "\000", s_version = "\000"}}
        xsb = {xiasb = {s_boot_segment = '\0' <repeats 511 times>, 
    s_dummy = '\0' <repeats 59 times>, s_magic = "\000\000\000"}, 
  romfs_magic = "\000\000\000\000\000\000\000", 
  qnx4fs_magic = "\000\000\000\000\000\000\000\000\000", bfs_magic = 0, 
  ntfssb = {s_dummy = "\000\000", s_magic = "\000\000\000"}, fatsb = {
    s_dummy = "\000\000", s_os = "\000\000\000\000\000\000\000", 
    s_dummy2 = '\0' <repeats 31 times>, 
    s_label = "\000\000\000\000\000\000\000\000\000\000", 
    s_fs = "\000\000\000\000\000\000\000", 
    s_dummy3 = "\000\000\000\000\000\000\000\000", 
    s_label2 = "\000\000\000\000\000\000\000\000\000\000", 
    s_fs2 = "\000\000\000\000\000\000\000"}, xfsb = {s_magic = "\000\000\000", 
    s_dummy = '\0' <repeats 27 times>, s_uuid = '\0' <repeats 15 times>, 
    s_dummy2 = '\0' <repeats 59 times>, s_fname = '\0' <repeats 11 times>}, 
  cramfssb = {s_magic = "\000\000\000", s_dummy = '\0' <repeats 11 times>, 
    s_id = '\0' <repeats 15 times>}}
        ufssb = {
  s_dummy = "ABTC\000\000\000\001ÿÿÿÿÿÿÿÿ\000\000\000\f\000\002\177ô", '\0'
<repeats 1347 times>, s_magic = "\000\000\000"}
        isosb = {iso = {type = "I", id = "NAí\001\001", version = "", 
    data = "\002", '\0' <repeats 11 times>, "\002", '\0' <repeats 12 times>,
"D®N³3üB\020D®N³3üB\020D®N³3üB\020\000\000\000\000\000\000\000\006", '\0'
<repeats 19 times>, "\002", '\0' <repeats 12 times>,
"ÿÿÿÿ\000\000\000\000\000\200", '\0' <repeats 150 times>,
"IN\200\000\001\002\000\001", '\0' <repeats 11 times>, "\001", '\0' <repeats 20
times>, "D®N³3þ\026ÐD®N³3þ\026Ð", '\0' <repeats 27 times>,
"\002\000\000\000\000\000\000\000\004\000\000\000\000ÿÿÿÿ", '\0' <repeats 156
times>, "IN\200\000\001\002\000\001", '\0' <repeats 11 times>, "\001", '\0'
<repeats 12 times>...}, hs = {foo = "INAí\001\001\000\002", type = "", 
    id = "\000\000\000\000", version = "", 
    data = "\000\000\000\000\002", '\0' <repeats 12 times>,
"D®N³3üB\020D®N³3üB\020D®N³3üB\020\000\000\000\000\000\000\000\006", '\0'
<repeats 19 times>, "\002", '\0' <repeats 12 times>,
"ÿÿÿÿ\000\000\000\000\000\200", '\0' <repeats 150 times>,
"IN\200\000\001\002\000\001", '\0' <repeats 11 times>, "\001", '\0' <repeats 20
times>, "D®N³3þ\026ÐD®N³3þ\026Ð", '\0' <repeats 27 times>,
"\002\000\000\000\000\000\000\000\004\000\000\000\000ÿÿÿÿ", '\0' <repeats 156
times>, "IN\200\000\001\002\000\001", '\0' <repeats 11 times>, "\001", '\0'
<repeats 12 times>, "D"...}}
        reiserfssb = {s_block_count = "\000\000\000", 
  s_free_blocks = "\000\000\000", s_root_block = "\000\000\000", 
  s_journal_block = "\000\000\000", s_journal_dev = "\000\000\000", 
  s_orig_journal_size = "\000\000\000", s_journal_trans_max = "\000\000\000", 
  s_journal_block_count = "\000\000\000", 
  s_journal_max_batch = "\000\000\000", 
  s_journal_max_commit_age = "\000\000\000", 
  s_journal_max_trans_age = "\000\000\000", s_blocksize = "\000", 
  s_oid_maxsize = "\000", s_oid_cursize = "\000", s_state = "\000", 
  s_magic = '\0' <repeats 11 times>}
        jfssb = {s_magic = "INAí", s_version = "\001\001\000\002", 
  s_dummy1 = '\0' <repeats 11 times>, "\002", '\0' <repeats 12 times>,
"D®N³3üB\020D®N³3üB\020D®N³3üB\020\000\000\000\000\000\000\000\006", '\0'
<repeats 19 times>, "\002", '\0' <repeats 12 times>, "ÿÿÿÿ", 
  s_fpack = "\000\000\000\000\200\000\000\000\000\000", 
  s_dummy2 = '\0' <repeats 23 times>, s_uuid = '\0' <repeats 15 times>, 
  s_label = '\0' <repeats 15 times>}
        hpfssb = {s_magic = "ABTC", s_magic2 = "\000\000\000\001"}
        adfssb = {s_dummy = '\0' <repeats 447 times>, s_blksize = "", 
, '\0' <repeats 12 times>, "ÿÿÿÿ\000\000\000\000\000\200", '\0' <repeats 150
times>, "IN\200\000\001\002\000\001", '\0' <repeats 11 times>, "\001", '\0'
<repeats 20 times>, "D®N³3þ\026ÐD®N³3þ\026Ð", '\0' <repeats 27 times>,
"\002\000\000\000\000\000\000\000\004\000\000\000\000ÿÿÿÿ", '\0' <repeats 156
times>, "IN\200\000\001\002\000\001", '\0' <repeats 11 times>, "\001", '\0'
<repeats 12 times>, "D"...}}
        reiserfssb = {s_block_count = "\000\000\000", 
  s_free_blocks = "\000\000\000", s_root_block = "\000\000\000", 
  s_journal_block = "\000\000\000", s_journal_dev = "\000\000\000", 
  s_orig_journal_size = "\000\000\000", s_journal_trans_max = "\000\000\000", 
  s_journal_block_count = "\000\000\000", 
  s_journal_max_batch = "\000\000\000", 
  s_journal_max_commit_age = "\000\000\000", 
  s_journal_max_trans_age = "\000\000\000", s_blocksize = "\000", 
  s_oid_maxsize = "\000", s_oid_cursize = "\000", s_state = "\000", 
  s_magic = '\0' <repeats 11 times>}
        jfssb = {s_magic = "INAí", s_version = "\001\001\000\002", 
  s_dummy1 = '\0' <repeats 11 times>, "\002", '\0' <repeats 12 times>,
"D®N³3üB\020D®N³3üB\020D®N³3üB\020\000\000\000\000\000\000\000\006", '\0'
<repeats 19 times>, "\002", '\0' <repeats 12 times>, "ÿÿÿÿ", 
  s_fpack = "\000\000\000\000\200\000\000\000\000\000", 
  s_dummy2 = '\0' <repeats 23 times>, s_uuid = '\0' <repeats 15 times>, 
  s_label = '\0' <repeats 15 times>}
        hpfssb = {s_magic = "ABTC", s_magic2 = "\000\000\000\001"}
        adfssb = {s_dummy = '\0' <repeats 447 times>, s_blksize = "", 
  s_dummy2 = '\0' <repeats 61 times>, s_checksum = ""}
        svsb = {s_dummy1 = '\0' <repeats 503 times>, s_magic = "\000\000\000", 
  type = "\000\000\000"}
        statbuf = {st_dev = 2050, st_ino = 1050025, st_mode = 24960, 
  st_nlink = 1, st_uid = 0, st_gid = 0, st_rdev = 64774, __pad2 = 0, 
  st_size = 0, st_blksize = 65536, st_blocks = 0, st_atim = {
    tv_sec = 1153487498, tv_nsec = 92140481}, st_mtim = {tv_sec = 1153484262, 
    tv_nsec = 958301507}, st_ctim = {tv_sec = 1153484262, 
    tv_nsec = 962301507}, __unused4 = 0, __unused5 = 0}
#3  0x100416b0 in fstype (device=0xfc2f6610 "") at fstype.c:399
        pagesize = 65536
        rd = 32768
        buf = Cannot access memory at address 0xfc3011b0

You've allocated 32KB for buf, but you're passing buf+pagesize to may_be_swap,
which at 64KB obviously exceeds your address space.

-- 
Configure bugmail: http://oss.sgi.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.