From owner-freebsd-ports@FreeBSD.ORG  Sun Mar 11 18:09:59 2012
Return-Path: <owner-freebsd-ports@FreeBSD.ORG>
Delivered-To: freebsd-ports@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 47F63106564A
	for <freebsd-ports@freebsd.org>; Sun, 11 Mar 2012 18:09:59 +0000 (UTC)
	(envelope-from cg@drimsel.org)
Received: from core.mokelbu.de (core.mokelbu.de [85.10.222.94])
	by mx1.freebsd.org (Postfix) with ESMTP id C76CF8FC12
	for <freebsd-ports@freebsd.org>; Sun, 11 Mar 2012 18:09:58 +0000 (UTC)
Received: from [192.168.2.103] (port-92-201-171-65.dynamic.qsc.de
	[92.201.171.65]) (using TLSv1 with cipher AES256-SHA (256/256 bits))
	(No client certificate requested)
	by core.mokelbu.de (Postfix) with ESMTP id A134C49297;
	Sun, 11 Mar 2012 18:37:00 +0100 (CET)
Message-ID: <4F5CE2B9.7050002@drimsel.org>
Date: Sun, 11 Mar 2012 18:36:57 +0100
From: =?ISO-8859-1?Q?Carsten_Gn=F6rlich?= <cg@drimsel.org>
User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US;
	rv:1.9.1.16) Gecko/20111110 Icedove/3.0.11
MIME-Version: 1.0
To: "C. P. Ghost" <cpghost@cordula.ws>
References: <CADGWnjWFkxQaSbsg=OmTGu-02hDaTU0rs9Oy5tafppFdsynADg@mail.gmail.com>
	<CADGWnjVFwSgBvYddU33EAPZW0B5to35UJcrW=uvUv8UXEWFawQ@mail.gmail.com>
In-Reply-To: <CADGWnjVFwSgBvYddU33EAPZW0B5to35UJcrW=uvUv8UXEWFawQ@mail.gmail.com>
Content-Type: multipart/mixed; boundary="------------070909000806020608020009"
Cc: chalpin@cs.wisc.edu, freebsd-ports@freebsd.org, carsten@dvdisaster.org
Subject: Re: sysutils/dvdisaster coredumps on FreeBSD/amd64 RELENG_9
X-BeenThere: freebsd-ports@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Porting software to FreeBSD <freebsd-ports.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports>
List-Post: <mailto:freebsd-ports@freebsd.org>
List-Help: <mailto:freebsd-ports-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports>,
	<mailto:freebsd-ports-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 11 Mar 2012 18:09:59 -0000

This is a multi-part message in MIME format.
--------------070909000806020608020009
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit

Hi C. P. and all,

> @Carsten: I hope you can pinpoint the problem. I suspect
> a change in FreeBSD's CAM layer API/ABI that causes some
> sort of buffer overrun on RELENG_9. The patch points to the
> exact line of code that causes dvdisaster 0.72.3 to crash.

Thanks for the report. You're right about the memory
corruption occurring in the line you commented out;
it's a data size mismatch triggered by a size change
in struct scsi_sense_data.

The attached patch corrects the problem.
A new upstream release will be made after some
more testing.

Cheers,
   Carsten

-- 
Carsten Gnörlich * Project homepage http://www.dvdisaster.org
dvdisaster: Additional error correction for CD and DVD media.
GnuPG FP: 12B3 1535 AF90 3ADE 9E73  BA7E 5A59 0EFE F5F6 C46C

--------------070909000806020608020009
Content-Type: text/x-patch;
 name="freebsd.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
 filename="freebsd.patch"

--- /dev/shm/dvdisaster-0.72.3/scsi-freebsd.c	2011-10-02 20:32:04.000000000 +0200
+++ scsi-freebsd.c	2012-03-11 18:19:09.000000000 +0100
@@ -177,7 +177,6 @@
 	Stop("illegal data_mode: %d", data_mode);
    }
 
-
    cam_fill_csio(&ccb->csio, 1, NULL, flags, CAM_TAG_ACTION_NONE,//MSG_SIMPLE_Q_TAG,
 		 buf, size, sizeof(struct scsi_sense_data), cdb_size, 
 		 120*1000);  /* 120 secs timeout */
@@ -194,7 +193,7 @@
 
    /* Extract sense data */
 
-   memcpy(sense, &(ccb->csio.sense_data), sizeof(struct scsi_sense_data));
+   memcpy(sense, &(ccb->csio.sense_data), sizeof(Sense));
 
    if((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_CMP)
      return 0;
@@ -204,8 +203,6 @@
    status = ccb->csio.scsi_status;
 
    return -1;
-
-   
 }
 
 #endif /* SYS_FREEBSD */

--------------070909000806020608020009--