Date: Sun, 11 Mar 2012 13:07:11 -0500 From: Corey Halpin <chalpin@cs.wisc.edu> To: Carsten =?iso-8859-1?Q?Gn=F6rlich?= <cg@drimsel.org> Cc: "C. P. Ghost" <cpghost@cordula.ws>, freebsd-ports@freebsd.org Subject: Re: sysutils/dvdisaster coredumps on FreeBSD/amd64 RELENG_9 Message-ID: <20120311180711.GA2089@hobbes.home.crhalpin.org> In-Reply-To: <4F5CE2B9.7050002@drimsel.org> References: <CADGWnjWFkxQaSbsg=OmTGu-02hDaTU0rs9Oy5tafppFdsynADg@mail.gmail.com> <CADGWnjVFwSgBvYddU33EAPZW0B5to35UJcrW=uvUv8UXEWFawQ@mail.gmail.com> <4F5CE2B9.7050002@drimsel.org>
next in thread | previous in thread | raw e-mail | index | archive | help
--0F1p//8PRICkK4MW Content-Type: text/plain; charset=iso-8859-1; format=flowed Content-Disposition: inline Content-Transfer-Encoding: quoted-printable That's excellent. Thank you, Carsten. I'll update the FreeBSD port to= =20 include your patch, and will be watching for the new upstream release. CPGhost: thank you for your work to track this down. ~crh On 2012-03-11, Carsten Gn=F6rlich wrote: >Hi C. P. and all, > >> @Carsten: I hope you can pinpoint the problem. I suspect >> a change in FreeBSD's CAM layer API/ABI that causes some >> sort of buffer overrun on RELENG_9. The patch points to the >> exact line of code that causes dvdisaster 0.72.3 to crash. > >Thanks for the report. You're right about the memory >corruption occurring in the line you commented out; >it's a data size mismatch triggered by a size change >in struct scsi_sense_data. > >The attached patch corrects the problem. >A new upstream release will be made after some >more testing. > >Cheers, > Carsten > >--=20 >Carsten Gn=F6rlich * Project homepage http://www.dvdisaster.org >dvdisaster: Additional error correction for CD and DVD media. >GnuPG FP: 12B3 1535 AF90 3ADE 9E73 BA7E 5A59 0EFE F5F6 C46C >--- /dev/shm/dvdisaster-0.72.3/scsi-freebsd.c 2011-10-02 20:32:04.00000000= 0 +0200 >+++ scsi-freebsd.c 2012-03-11 18:19:09.000000000 +0100 >@@ -177,7 +177,6 @@ > Stop("illegal data_mode: %d", data_mode); > } >=20 >- > cam_fill_csio(&ccb->csio, 1, NULL, flags, CAM_TAG_ACTION_NONE,//MSG_SI= MPLE_Q_TAG, > buf, size, sizeof(struct scsi_sense_data), cdb_size,=20 > 120*1000); /* 120 secs timeout */ >@@ -194,7 +193,7 @@ >=20 > /* Extract sense data */ >=20 >- memcpy(sense, &(ccb->csio.sense_data), sizeof(struct scsi_sense_data)); >+ memcpy(sense, &(ccb->csio.sense_data), sizeof(Sense)); >=20 > if((ccb->ccb_h.status & CAM_STATUS_MASK) =3D=3D CAM_REQ_CMP) > return 0; >@@ -204,8 +203,6 @@ > status =3D ccb->csio.scsi_status; >=20 > return -1; >- >- =20 > } >=20 > #endif /* SYS_FREEBSD */ --0F1p//8PRICkK4MW Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.18 (FreeBSD) iF4EAREIAAYFAk9c6c4ACgkQR8PgTIRJoTXYuQD9HZZyf8hC7eoCQHzH2oU+pXnG m1CZX4jy7Br2aCmtm2cBAIHFhQpGz/jdmQGal04tC9iWgADMHKqPxeNo4NtJnNSH =jPlB -----END PGP SIGNATURE----- --0F1p//8PRICkK4MW--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20120311180711.GA2089>