From owner-freebsd-bugs Fri Jan 4 7:50:30 2002 Delivered-To: freebsd-bugs@hub.freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D0A2D37B41D for ; Fri, 4 Jan 2002 07:50:00 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g04Fo0f91656; Fri, 4 Jan 2002 07:50:00 -0800 (PST) (envelope-from gnats) Received: from vbook.express.ru (asplinux.ru [195.133.213.194]) by hub.freebsd.org (Postfix) with ESMTP id F209437B417 for ; Fri, 4 Jan 2002 07:44:27 -0800 (PST) Received: from vova by vbook.express.ru with local (Exim 3.31 #2) id 16MWWK-0001hP-00 for FreeBSD-gnats-submit@freebsd.org; Fri, 04 Jan 2002 18:44:36 +0300 Message-Id: Date: Fri, 04 Jan 2002 18:44:36 +0300 From: "Vladimir B.Grebenschikov" Reply-To: "Vladimir B.Grebenschikov" To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.113 Subject: bin/33537: savecore cannot save kernel core if it's size > 2Gb Sender: owner-freebsd-bugs@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 33537 >Category: bin >Synopsis: savecore cannot save kernel core if it's size > 2Gb >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Jan 04 07:50:00 PST 2002 >Closed-Date: >Last-Modified: >Originator: Vladimir B. Grebenschikov >Release: FreeBSD 5.0-CURRENT i386 >Organization: SWsoft >Environment: System: FreeBSD vbook.express.ru 5.0-CURRENT FreeBSD 5.0-CURRENT #10: Fri Dec 28 19:17:02 MSK 2001 root@walder.asplinux.ru:/usr/obj/ext/current/src/sys/VBOOK i386 checked also on 4.4-RELEASE and RELENG_4 >Description: Due to integer overflows and fseek overflow savecore can't save kernel core on machine with more than 2Gb Bug related to kern/33535 (but not depends on) >How-To-Repeat: # dumpon sysctl debug.enter_debugger=ddb db> call dumpsys() .... succeeded db> c # savecore /var/crash # ls -l /var/crash ls -l /var/crash/vmcore.? total 0 -rw-r--r-- 1 root wheel 0 Jan 4 18:32 vmcore.0 # There two problems in code: - signed/unsigned integer overflow while counting size of corefile - fseek problem (fseek cannot seek over 2 Gb boundary) >Fix: diff -u -r1.28.2.8 savecore.c --- sbin/savecore/savecore.c 2001/08/01 09:04:22 1.28.2.8 +++ sbin/savecore/savecore.c 2002/01/04 15:15:40 @@ -221,7 +221,7 @@ int kmem, i; const char *dump_sys; size_t len; - long kdumplo; /* block number where dump starts on dumpdev */ + unsigned long kdumplo; /* block number where dump starts on dumpdev */ char *p; /* @@ -266,7 +266,7 @@ (void)Read(kmem, &kdumplo, sizeof(kdumplo)); dumplo = (off_t)kdumplo * DEV_BSIZE; if (verbose) - (void)printf("dumplo = %lld (%ld * %d)\n", + (void)printf("dumplo = %lld (%lu * %d)\n", (long long)dumplo, kdumplo, DEV_BSIZE); Lseek(kmem, (off_t)current_nl[X_DUMPMAG].n_value, L_SET); (void)Read(kmem, &dumpmag, sizeof(dumpmag)); @@ -446,7 +446,7 @@ if (fwrite(buf + nw, hs - nw, 1, fp) != 1) break; if (he > hs) - if (fseek(fp, he - hs, SEEK_CUR) == -1) + if (fseeko(fp, he - hs, SEEK_CUR) == -1) break; } if (nw != nr) { @@ -581,12 +581,12 @@ void get_dumpsize() { - int kdumpsize; + unsigned int kdumpsize; /* Read the dump size. */ DumpRead(dumpfd, &kdumpsize, sizeof(kdumpsize), (off_t)(dumplo + ok(dump_nl[X_DUMPSIZE].n_value)), L_SET); - dumpsize = kdumpsize * getpagesize(); + dumpsize = kdumpsize * (unsigned)getpagesize(); } /* >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message