From owner-freebsd-stable@FreeBSD.ORG Tue Jan 18 04:46:57 2005 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A2D316A4CE; Tue, 18 Jan 2005 04:46:57 +0000 (GMT) Received: from electra.cse.Buffalo.EDU (electra.cse.Buffalo.EDU [128.205.32.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id E5CA243D46; Tue, 18 Jan 2005 04:46:56 +0000 (GMT) (envelope-from kensmith@cse.Buffalo.EDU) Received: from electra.cse.Buffalo.EDU (kensmith@localhost [127.0.0.1]) j0I4kuIo018631; Mon, 17 Jan 2005 23:46:56 -0500 (EST) Received: (from kensmith@localhost) by electra.cse.Buffalo.EDU (8.12.10/8.12.9/Submit) id j0I4ktcv018630; Mon, 17 Jan 2005 23:46:55 -0500 (EST) Date: Mon, 17 Jan 2005 23:46:55 -0500 From: Ken Smith To: Matthias Andree Message-ID: <20050118044655.GB16322@electra.cse.Buffalo.EDU> References: <20050117020739.GA2736@bobbi.cse.buffalo.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i cc: re@freebsd.org cc: freebsd-stable@freebsd.org cc: kensmith@freebsd.org Subject: Re: remaining FreeBSD 4.11-RC3 bugs X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 18 Jan 2005 04:46:57 -0000 On Mon, Jan 17, 2005 at 10:28:53AM +0100, Matthias Andree wrote: > critical: > kern/60313 (silent data corruption on block devices) > still open, may be FreeBSD 4 specific after the GEOM flurry > in FreeBSD 5 and 6. I took a look at that one. The patch provided doesn't map exactly into RELENG_4 but I gave this a try: Index: subr_diskslice.c =================================================================== RCS file: /home/ncvs/src/sys/kern/Attic/subr_diskslice.c,v retrieving revision 1.82.2.6 diff -u -r1.82.2.6 subr_diskslice.c --- subr_diskslice.c 24 Jul 2001 09:49:41 -0000 1.82.2.6 +++ subr_diskslice.c 17 Jan 2005 23:40:42 -0000 @@ -147,6 +147,7 @@ daddr_t slicerel_secno; struct diskslice *sp; int s; + off_t offset; blkno = bp->b_blkno; if (blkno < 0) { @@ -155,6 +156,14 @@ bp->b_error = EINVAL; goto bad; } + offset = bp->b_offset; + if (offset % (off_t)DEV_BSIZE) { + printf( + "dscheck(%s): b_offset %ld is not on a DEV_BSIZE boundary\n", + devtoname(bp->b_dev), (long)offset); + bp->b_error = EINVAL; + goto bad; + } sp = &ssp->dss_slices[dkslice(bp->b_dev)]; lp = sp->ds_label; if (ssp->dss_secmult == 1) { With that in place the kernel won't boot because the stuff dealing with disk labels in at least two places on my machine didn't set the offset properly in the buf structures it used. Once I fixed that the machine booted but *some* executables wouldn't start because spec_getpages() was doing reads with an offset of 256 (DEV_BSIZE is 512). I'll see if I can follow up on this and eventually get RELENG_4 fixed (and perhaps even an Errata) but there is no way I'd be comfortable with a fix for this going into 4.11 unless an expert worked on it and we did an RC4. > serious: > bin/71453 (tcpdump ipv6 crash, trivial fix -- MFC sufficient) still open It looks like the right way to fix this is with a fresh vendor import if I'm understanding things correctly. Again something that would require more time than we have and might be best handled as an Errata item after the release. > bin/46866 (false data from getpwent, easy to fix) still open There has been ongoing disagreements about how best to handle this one, as far as I can tell the disagreements are still ongoing. > non-critical: > kern/44260 (missing device in LINT configuration) > is long-standing although trivial to fix (patch included) Scott fixed that earlier today (MFS pending). -- Ken Smith - From there to here, from here to | kensmith@cse.buffalo.edu there, funny things are everywhere. | - Theodore Geisel |