https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=288536
Bug ID: 288536
Summary: makefs: crash when making cd9660 image
Product: Base System
Version: 14.3-RELEASE
Hardware: amd64
OS: Any
Status: New
Severity: Affects Only Me
Priority: ---
Component: bin
Assignee: [email protected]
Reporter: [email protected]
I was trying to make a release dvd with KDE desktop and makefs crashed when
making iso.
cd /usr/src
make buildworld buildkernel
make -C release dvd
chroot /usr/obj/usr/usr/src/amd64.amd64/release/dvd
# in chroot, /tmp/bsdinstall_etc/resolv.conf created
pkg install kde xorg sddm dbus plasma6-sddm-kcm
service sddm enable
service dbus enable
pkg install drm-kmod
sysrc kld_list="i915kms amdgpu"
pkg clean -a
exit
# outside chroot
make -C release dvdrom
# makefs crash and make a coredump when making iso
I used lldb to load the coredump file and here are some outputs:
(lldb) bt
* thread #1, name = 'makefs', stop reason = signal SIGSEGV
* frame #0: 0x00000eaaea2e346f libc.so.7`memcpy at memmove.S:304
frame #1: 0x00000ea2c8d51df2 makefs`cd9660_convert_structure [inlined]
cd9660_rename_filename(diskStructure=0x000034138e434000,
iter=0x00003413983108c0, num=24, delete_chars=16) at cd9660.c:1110:3
frame #2: 0x00000ea2c8d51cca makefs`cd9660_convert_structure [inlined]
cd9660_handle_collisions(diskStructure=0x000034138e434000,
colliding=0x000034139830ec00, past=24) at cd9660.c:1027:10
frame #3: 0x00000ea2c8d51b9a
makefs`cd9660_convert_structure(diskStructure=0x000034138e434000,
root=<unavailable>, parent_node=0x000034139830ec00, level=<unavailable>,
numDirectories=0x00000eaae98babec, error=0x00000eaae98babe8) at
cd9660.c:1458:10
frame #4: 0x00000ea2c8d51a36
makefs`cd9660_convert_structure(diskStructure=0x000034138e434000,
root=<unavailable>, parent_node=0x000034139830d800, level=5,
numDirectories=0x00000eaae98babec, error=0x00000eaae98babe8) at cd9660.c:1415:6
frame #5: 0x00000ea2c8d51a36
makefs`cd9660_convert_structure(diskStructure=0x000034138e434000,
root=<unavailable>, parent_node=0x00003413982dc980, level=4,
numDirectories=0x00000eaae98babec, error=0x00000eaae98babe8) at cd9660.c:1415:6
frame #6: 0x00000ea2c8d51a36
makefs`cd9660_convert_structure(diskStructure=0x000034138e434000,
root=<unavailable>, parent_node=0x0000341396b09640, level=3,
numDirectories=0x00000eaae98babec, error=0x00000eaae98babe8) at cd9660.c:1415:6
frame #7: 0x00000ea2c8d51a36
makefs`cd9660_convert_structure(diskStructure=0x000034138e434000,
root=<unavailable>, parent_node=0x000034138e42be80, level=2,
numDirectories=0x00000eaae98babec, error=0x00000eaae98babe8) at cd9660.c:1415:6
frame #8: 0x00000ea2c8d51a36
makefs`cd9660_convert_structure(diskStructure=0x000034138e434000,
root=<unavailable>, parent_node=0x000034138e428140, level=1,
numDirectories=0x00000eaae98babec, error=0x00000eaae98babe8) at cd9660.c:1415:6
frame #9: 0x00000ea2c8d50d0f makefs`cd9660_makefs(image="/root/dvd1.iso",
dir=<unavailable>, root=0x000034138e44d060, fsopts=<unavailable>) at
cd9660.c:512:2
frame #10: 0x00000ea2c8d569a5 makefs`main(argc=2, argv=0x00000eaae98baf38)
at makefs.c:347:2
frame #11: 0x00000eaaea20ee34 libc.so.7`__libc_start1(argc=24,
argv=0x00000eaae98bae88, env=0x00000eaae98baf50, cleanup=<unavailable>,
mainX=(makefs`main at makefs.c:95)) at libc_start1.c:157:7
frame #12: 0x00000ea2c8d4fcb1 makefs`_start at crt1_s.S:80
(lldb) frame select 1
frame #1: 0x00000ea2c8d51df2 makefs`cd9660_convert_structure [inlined]
cd9660_rename_filename(diskStructure=0x000034138e434000,
iter=0x00003413983108c0, num=24, delete_chars=16) at cd9660.c:1110:3
1107 #endif
1108
1109 /* (copying just the filename before the '.' */
-> 1110 memcpy(tmp, (iter->o_name), numbts);
1111
1112 /* adding the appropriate number following the name */
1113 temp = i;
(lldb) frame variable
(iso9660_disk *) diskStructure = 0x000034138e434000
(cd9660node *) iter = 0x00003413983108c0
(int) num = 24
(int) delete_chars = 16
(int) i = 0
(int) maxlength = 31
(char *) tmp = 0x00003413962492a0 "KTERMIN8;1"
(int) powers = <variable not available>
(int) digits = <variable not available>
(char *) naming = <variable not available>
(int) count = <variable not available>
(int) numbts = <register rcx is not available>
(int) temp = <variable not available>
(int) digit = <variable not available>
(lldb) register read
General Purpose Registers:
rbx = 0x000000000000001f
rbp = 0x00000eaae98ba7b0
rsp = 0x00000eaae98ba6f0
r12 = 0x0000000000000001
r13 = 0x0000000000000001
r14 = 0xffffffffffffffff
r15 = 0x0000000000000010
rip = 0x00000ea2c8d51df2 makefs`cd9660_convert_structure + 2322
[inlined] cd9660_rename_filename + 296 at cd9660.c:1114:3
makefs`cd9660_convert_structure + 2026 [inlined] cd9660_handle_collisions +
304 at cd9660.c:1027:10
makefs`cd9660_convert_structure + 1722 at cd9660.c:1458:10
16 registers were unavailable.
(lldb) p *iter
(cd9660node) {
type = '\x01'
parent = 0x000034139830ec00
cn_children = {
tqh_first = NULL
tqh_last = 0x00003413983108d0
}
cn_next_child = {
tqe_next = 0x0000341398310640
tqe_prev = 0x000034139830ec10
}
dot_record = NULL
dot_dot_record = NULL
node = 0x000034139014b920
isoDirRecord = 0x00003413982ffbb0
isoExtAttributes = NULL
fileDataSector = 0
fileDataLength = 5003
fileSectorsUsed = 0
fileRecordSize = 0
o_name = {
[0] = 'K'
[1] = 'I'
[2] = 'O'
[3] = 'G'
[4] = 'U'
[5] = 'I'
[6] = '_'
[7] = 'E'
[8] = 'X'
[9] = 'P'
[10] = 'O'
[11] = 'R'
[12] = 'T'
[13] = '.'
[14] = 'H'
[15] = ';'
[16] = '1'
[17] = '\0'
[18] = '\0'
[19] = '\0'
[20] = '\0'
[21] = '\0'
[22] = '\0'
[23] = '\0'
[24] = '\0'
[25] = '\0'
[26] = '\0'
[27] = '\0'
[28] = '\0'
[29] = '\0'
[30] = '\0'
[31] = '\0'
[32] = '\0'
[33] = '\0'
[34] = '\0'
[35] = '\0'
[36] = '\0'
[37] = '\0'
}
rr_real_parent = NULL
rr_relocated = NULL
susp_entry_size = 0
susp_dot_entry_size = 0
susp_dot_dot_entry_size = 0
susp_entry_ce_start = 0
susp_dot_ce_start = 0
susp_dot_dot_ce_start = 0
susp_entry_ce_length = 0
susp_dot_ce_length = 0
susp_dot_dot_ce_length = 0
su_tail_size = 0
su_tail_data = 0x0000000000000000
level = 6
ptnumber = 0
ptnext = NULL
ptprev = NULL
ptlast = NULL
head = {
tqh_first = NULL
tqh_last = NULL
}
}
It seems that delete_chars is too big. I didn't look into it deeply.
Here is the coredump file
https://www.dropbox.com/scl/fi/lw885udvbb0pz6ycntlig/makefs.core?rlkey=s2gnnffek230qbgqacub1fw57&st=k8o1xxh3&dl=0
--
You are receiving this mail because:
You are the assignee for the bug.
