Date: Fri, 29 Mar 2002 20:26:00 +0900 (JST) From: Naoya Nishimura <nishinao@m3.kcn.ne.jp> To: FreeBSD-gnats-submit@FreeBSD.org Subject: kern/36532: ar_buf because it is too short, it makes "Trap 12" by cases. Message-ID: <20020329.202600.74758594.nishinao@m3.kcn.ne.jp>
next in thread | raw e-mail | index | archive | help
>Number: 36532
>Category: kern
>Synopsis: ar_buf because it is too short, it makes "Trap 12" by cases.
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Mar 30 05:20:01 PST 2002
>Closed-Date:
>Last-Modified:
>Originator: Naoya Nishimura
>Release: FreeBSD 5.0-CURRENT i386
>Organization:
>Environment:
System: FreeBSD 5.0-CURRENT #0: Mon Mar 18 19:36:16 JST 2002 i386
>Description:
arstrategy allocates memory for "struct ar_buf", and calls adstrategy
with its pointer as "struct bio *". adstrategy calls bioqdisksort.
bioqdisksort casts that pointer to "struct buf *" if the condition is
equal it is.
if (td && td->td_ksegrp->kg_nice > 0) {
TAILQ_FOREACH(bn, &bioq->queue, bio_queue)
if (BIOTOBUF(bp)->b_vp != BIOTOBUF(bn)->b_vp)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
It makes Trap12 because "struct buf" is larger than "struct ar_buf".
Please change ar_buf's fisrt member to "struct buf bp".
>How-To-Repeat:
None.
>Fix:
----Next_Part(Fri_Mar_29_20:26:00_2002_364)--
Content-Type: Application/Octet-Stream
Content-Transfer-Encoding: base64
Content-Disposition: attachment; filename="ar_diff.gz"
H4sICLFBpDwCA2FyX2RpZmYA1Vjrb9pIEP9s/oqpTopwjBMwj/AIUUghFVITKsJdLz2dLINNsOJg
ZJtUvQv3t9/srm3W9ppH++GukYIfOzuP387+ZtaqqoIRGKrhOGezM9ezn6Rbz4Y7w4NKHcqNdrXe
rtdBK5e1gqIoW1lpsraYWAsqzXa90q40mNj1NajVZqkBCv5ewPV1AX6xlzNnbVpw6X/zz19cc+1Y
Z4ur9MB07Yve2i55q6Rl5wLZF/TNnQkGTOvVnll+YASCQfyfBQ4ZUEM4TNt/jvC4c5cs0CaUa+2K
1q43k3gw4Swg1QsOkDoFpC4E5NnylpZzTDjHYCJGdeYuRcI0Fg4Iz7DNg4Fgwikgaq12tcwB0aBA
NIRArDxhtP8dDNRj7aKEe0Gpak1yJV5LmwLgLxqqQBeYe0Xf/sty50U/8NazAAxPx2G5BHd6b0x+
70efe8MJvOHtl8F4JHcKKlWgXk1XZxiIvpo6z0sX9TlTo1NQuEEdw8xKgGTPoVhkYqZnv1o4Ynqv
MlxBWUbtgH8iC0oXPHOlXrnzuW8FGT9mGI7lkcCKr65twqmM0hmp6cxdLwMUmi3Wy2c4hf7gN/3m
YfhlkBE1MTeIa3jJGnsxcWiK3oRPGYm5Yzz5nAx9ztpwlyR8RJ3cEfiS0acgTEMgQjsHB5HoLjBE
8glEhLazsIjEcrARmkwBBKGM6z1RBR2a0f5XO5gtoEjBYdpPoNgb67f6uDfslzF944dK9PDwqXcv
y/B3SHQV3NrIdFq4wyUJzRObxelKJnYlzwrW3pLckjXaiDIV6Rq96vX1h9Ht5D1zh+xJ/w8u3f+U
8cZ6zV/s47QwdzCih8m4Nxl8eCxGexl14eqTOXIkNvUs45lgxqpdo9Qi5e4CLyzmdIzsSjYst6jQ
7cLNcKSPB70+wU+V+C2d3LSXGGV6NJXUl8QwMQN5oZ45hh/oyB6gkkA/jUe/D++Gk0cZ3t6Idcij
jCtiHXZuqasjrCtZ69Hkd7mzo3TEqf1bfXT/cXg/wLQ7OdlnWKGvv9pmsMjTwpax1SxpZB1bLXJl
C0kh/169XGDF5J5iu2hw8+vwY394/+EHw8AdOB5QHbsW8ZJxHtaqZx07IS+gm3bvwoqnhc7ugGc3
JtJhgEhwoPYEBNJx8UvfETyhT+3I4s/oT8JqsfpGt3GJGNZKIJwdSVPXXmzPcz3C1DghHtCSAxV+
IOoI+P5AgW0OdShQTJZnXQrI9nWCS9mKEJYUc6qW5VRJ2smoWhhljp4tZXTZurJE1TItDau8Hbaa
CaF05Y8kwwTeRDeW41sc4PvhQ9nNT1rDmLd7aborbh+3WB+tJX8xEkUVJNOaG2snaFNirtGDpFKr
tsKegvz9WKtCVcwM39q+b6dfUjVtBIuW7fU81ZKe0No9GI9HY8YjCbFki5aSBQFyaV7rwj88b0YY
ITmQM4v9pM8WxvLJMgkAJeA6E6IKuzquI4S37tZ+h0Faa1BIaxdRm0bnRp1aqIMqJUlONgdtULIW
PMvH5ljtAo8Qa4i5rN45IdlGd/hmSTATmyY83vB9ZdJbGl69VtJqGF+9Tq4kQNHqVsRrnkidny4B
iBei0trrP3JNJh+OoBVVJHE0AlGuE9hGERVOypVyxKsJWs1l1TQbC2ep6VIWJ9oh9JvmTcH8+GyV
3U9CeSusw+VO1FJlwDvKpTwlO/3Km8Q5FwK8s0bIsdj2HCNt9qTO5/FwMjgwd2LZdPLEOXuDOdsf
3Q/ClJWOIp394lnK4ZzOI5x8jgy7AEo9eBisVJF68DSI15hbCY1uIM2lh+GZkdwDaSwbdocnJ3iu
ysFXjheBmxEJYuGIJeM4ozIt7H/+z5Uh8VFzccxHzUX2o2aZ+7rbJB87lGb0yWNDe5hEN08WnHYt
8U5DL1cdSTo/hZe1j28smNse3liO9WItg3dwel5Q+Cnr+SFTIG3lFOPvJF4zj6RTttThmL0MMMEp
BXUK/wJicKlZFhgAAA==
----Next_Part(Fri_Mar_29_20:26:00_2002_364)----
>Release-Note:
>Audit-Trail:
>Unformatted:
----Next_Part(Fri_Mar_29_20:26:00_2002_364)--
Content-Type: Text/Plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020329.202600.74758594.nishinao>