From owner-freebsd-bugs  Sun Jun 24 18: 0:23 2001
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by hub.freebsd.org (Postfix) with ESMTP id 8379837B406
	for <freebsd-bugs@hub.freebsd.org>; Sun, 24 Jun 2001 18:00:11 -0700 (PDT)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.11.3/8.11.3) id f5P10B932162;
	Sun, 24 Jun 2001 18:00:11 -0700 (PDT)
	(envelope-from gnats)
Date: Sun, 24 Jun 2001 18:00:11 -0700 (PDT)
Message-Id: <200106250100.f5P10B932162@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Phil Homewood <pdh@lineo.com>
Subject: Re: kern/28164: [PATCH] crashdump can trash disklabel/other partitions
Reply-To: Phil Homewood <pdh@lineo.com>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR kern/28164; it has been noted by GNATS.

From: Phil Homewood <pdh@lineo.com>
To: Bruce Evans <bde@zeta.org.au>
Cc: FreeBSD-gnats-submit@FreeBSD.ORG
Subject: Re: kern/28164: [PATCH] crashdump can trash disklabel/other partitions
Date: Mon, 25 Jun 2001 10:54:23 +1000

 --pWyiEgJYm5f9v55/
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: inline
 
 Bruce Evans wrote:
 > > >How-To-Repeat:
 > > 	Set up a swap device of the same size as physical memory and
 > > 	force a crashdump (eg, from DDB).
 > 
 > This did not repeat it for me :-).
 
 Hmm.
 
 OK, more info, see dmesg attached.
 
 > I don't see how these patches can help.  The first hunk prevents dumping
 > if the device size (in bytes) is precisely the same as the memory size
 > (according to Maxmem).  But dumping will still occur if the device size is
 > 2 pages larger, and then the second hunk almost ensures that any overrun
 > still occurs (since it adjusts the dump size up by the same amount that
 > the first hunk adjusts the dump start down).  It also has bad side effects:
 > - it causes 2 nonexistent pages to be dumped.  This might cause NMIs or
 >   worse.
 
 Erm, no, it doesn't. Unless I'm missing something, it just causes an extra
 two pages of disk to be required for the dump. Yes, this is wrong, there's
 no logical reason I can see for that number, but I just wanted to give
 some kind of starting point...
 
 > - it causes overflow on machines with 4GB less 2 pages of memory instead
 >   of only on machines with 4GB of memory, if Maxmem can reach 4GB.  Better
 >   original code:
 > 
 > 	*count = (u_long)Maxmem * (PAGE_SIZE / dl->d_secsize);
 > 
 >   This assumes that PAGE_SIZE is a multiple of dl->d_secsize, but all dump
 >   routines already assume this.
 > 
 > The patch might help by avoidng rounding bugs in the dump routines (e.g.,
 > they might round *count up to a multiple of 128, so it's best to have
 > *count a multiple of 128 to begin with), but I couldn't see any bugs like
 > that.
 
 I can probably use this machine for another couple of days if you want
 me to do some more testing/debugging of this problem. (It's due to go
 production real soon.) I couldn't understand why the dump was
 overflowing at all, I just needed it to stop doing so. :-)
 
 Second attachment is a disklabel of the disk containing the dumpdev.
 The critical size for da1s2b is 524298 blocks; at that size the dump
 works, but at 524297 blocks it trashes the label.
 
 --pWyiEgJYm5f9v55/
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename="dmesg.boot"
 
 Copyright (c) 1992-2001 The FreeBSD Project.
 Copyright (c) 1979, 1980, 1983, 1986, 1988, 1989, 1991, 1992, 1993, 1994
 	The Regents of the University of California. All rights reserved.
 FreeBSD 4.3-STABLE #0: Fri Jun 15 15:53:56 EST 2001
     root@dorfl.internal.moreton.com.au:/usr/obj/usr/src/sys/DORFL
 Timecounter "i8254"  frequency 1193182 Hz
 CPU: AMD Athlon(tm) Processor (1299.38-MHz 686-class CPU)
   Origin = "AuthenticAMD"  Id = 0x642  Stepping = 2
   Features=0x183f9ff<FPU,VME,DE,PSE,TSC,MSR,PAE,MCE,CX8,SEP,MTRR,PGE,MCA,CMOV,PAT,PSE36,MMX,FXSR>
   AMD Features=0xc0440000<<b18>,AMIE,DSP,3DNow!>
 real memory  = 268435456 (262144K bytes)
 avail memory = 257634304 (251596K bytes)
 Preloaded elf kernel "kernel" at 0xc038d000.
 Pentium Pro MTRR support enabled
 md0: Malloc disk
 npx0: <math processor> on motherboard
 npx0: INT 16 interface
 pcib0: <Host to PCI bridge> on motherboard
 pci0: <PCI bus> on pcib0
 pcib2: <PCI to PCI bridge (vendor=1106 device=8305)> at device 1.0 on pci0
 pci1: <PCI bus> on pcib2
 pci1: <S3 Trio3D/2X graphics accelerator> at 0.0
 isab0: <VIA 82C686 PCI-ISA bridge> at device 7.0 on pci0
 isa0: <ISA bus> on isab0
 atapci0: <VIA 82C686 ATA100 controller> port 0xc000-0xc00f at device 7.1 on pci0
 ata0: at 0x1f0 irq 14 on atapci0
 ata1: at 0x170 irq 15 on atapci0
 chip2: <VIA 82C686 AC97 Audio> port 0xd400-0xd403,0xd000-0xd003,0xcc00-0xccff irq 12 at device 7.5 on pci0
 ahc0: <Adaptec 29160 Ultra160 SCSI adapter> port 0xdc00-0xdcff mem 0xdd000000-0xdd000fff irq 11 at device 8.0 on pci0
 aic7892: Wide Channel A, SCSI Id=7, 32/255 SCBs
 ed0: <NE2000 PCI Ethernet (KTI)> port 0xe000-0xe01f irq 10 at device 9.0 on pci0
 ed0: address 00:40:f6:0c:35:7a, type NE2000 (16 bit) 
 pcib1: <Host to PCI bridge> on motherboard
 pci2: <PCI bus> on pcib1
 fdc0: <NEC 72065B or clone> at port 0x3f0-0x3f5,0x3f7 irq 6 drq 2 on isa0
 fdc0: FIFO enabled, 8 bytes threshold
 fd0: <1440-KB 3.5" drive> on fdc0 drive 0
 atkbdc0: <Keyboard controller (i8042)> at port 0x60,0x64 on isa0
 vga0: <Generic ISA VGA> at port 0x3c0-0x3df iomem 0xa0000-0xbffff on isa0
 sc0: <System console> at flags 0x100 on isa0
 sc0: VGA <16 virtual consoles, flags=0x100>
 sio0 at port 0x3f8-0x3ff irq 4 flags 0x10 on isa0
 sio0: type 16550A, console
 sio1 at port 0x2f8-0x2ff irq 3 on isa0
 sio1: type 16550A
 ppc0: <Parallel port> at port 0x378-0x37f irq 7 on isa0
 ppc0: Generic chipset (EPP/NIBBLE) in COMPATIBLE mode
 ppi0: <Parallel I/O> on ppbus0
 plip0: <PLIP network interface> on ppbus0
 lpt0: <Printer> on ppbus0
 lpt0: Interrupt-driven port
 acd0: CDROM <SAMSUNG CD-ROM SC-152C> at ata1-master using PIO4
 Waiting 5 seconds for SCSI devices to settle
 Mounting root from ufs:/dev/da0s1a
 da0 at ahc0 bus 0 target 0 lun 0
 da0: <IBM DDYS-T18350N S96H> Fixed Direct Access SCSI-3 device 
 da0: 160.000MB/s transfers (80.000MHz, offset 63, 16bit), Tagged Queueing Enabled
 da0: 17501MB (35843670 512 byte sectors: 255H 63S/T 2231C)
 da1 at ahc0 bus 0 target 1 lun 0
 da1: <IBM DDYS-T18350N S96H> Fixed Direct Access SCSI-3 device 
 da1: 160.000MB/s transfers (80.000MHz, offset 63, 16bit), Tagged Queueing Enabled
 da1: 17501MB (35843670 512 byte sectors: 255H 63S/T 2231C)
 da2 at ahc0 bus 0 target 2 lun 0
 da2: <IBM DDYS-T18350N S96H> Fixed Direct Access SCSI-3 device 
 da2: 160.000MB/s transfers (80.000MHz, offset 63, 16bit), Tagged Queueing Enabled
 da2: 17501MB (35843670 512 byte sectors: 255H 63S/T 2231C)
 
 --pWyiEgJYm5f9v55/
 Content-Type: text/plain; charset=us-ascii
 Content-Disposition: attachment; filename=disklabel-da1s2
 
 # /dev/da1s2c:
 type: SCSI
 disk: da1s2
 label: 
 flags:
 bytes/sector: 512
 sectors/track: 32
 tracks/cylinder: 64
 sectors/cylinder: 2048
 cylinders: 17245
 sectors/unit: 35317760
 rpm: 3600
 interleave: 1
 trackskew: 0
 cylinderskew: 0
 headswitch: 0		# milliseconds
 track-to-track seek: 0	# milliseconds
 drivedata: 0 
 
 8 partitions:
 #        size   offset    fstype   [fsize bsize bps/cpg]
   b:   526336        0      swap                    	# (Cyl.    0 - 256)
   c: 35317760        0    unused        0     0       	# (Cyl.    0 - 17244)
   e: 34791424   526336    4.2BSD     1024  8192    16 	# (Cyl.  257 - 17244)
 
 --pWyiEgJYm5f9v55/--

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message