Date: Sun, 11 Mar 2012 18:36:57 +0100 From: =?ISO-8859-1?Q?Carsten_Gn=F6rlich?= <cg@drimsel.org> To: "C. P. Ghost" <cpghost@cordula.ws> Cc: chalpin@cs.wisc.edu, freebsd-ports@freebsd.org, carsten@dvdisaster.org Subject: Re: sysutils/dvdisaster coredumps on FreeBSD/amd64 RELENG_9 Message-ID: <4F5CE2B9.7050002@drimsel.org> In-Reply-To: <CADGWnjVFwSgBvYddU33EAPZW0B5to35UJcrW=uvUv8UXEWFawQ@mail.gmail.com> References: <CADGWnjWFkxQaSbsg=OmTGu-02hDaTU0rs9Oy5tafppFdsynADg@mail.gmail.com> <CADGWnjVFwSgBvYddU33EAPZW0B5to35UJcrW=uvUv8UXEWFawQ@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
This is a multi-part message in MIME format. --------------070909000806020608020009 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit Hi C. P. and all, > @Carsten: I hope you can pinpoint the problem. I suspect > a change in FreeBSD's CAM layer API/ABI that causes some > sort of buffer overrun on RELENG_9. The patch points to the > exact line of code that causes dvdisaster 0.72.3 to crash. Thanks for the report. You're right about the memory corruption occurring in the line you commented out; it's a data size mismatch triggered by a size change in struct scsi_sense_data. The attached patch corrects the problem. A new upstream release will be made after some more testing. Cheers, Carsten -- Carsten Gnörlich * Project homepage http://www.dvdisaster.org dvdisaster: Additional error correction for CD and DVD media. GnuPG FP: 12B3 1535 AF90 3ADE 9E73 BA7E 5A59 0EFE F5F6 C46C --------------070909000806020608020009 Content-Type: text/x-patch; name="freebsd.patch" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="freebsd.patch" --- /dev/shm/dvdisaster-0.72.3/scsi-freebsd.c 2011-10-02 20:32:04.000000000 +0200 +++ scsi-freebsd.c 2012-03-11 18:19:09.000000000 +0100 @@ -177,7 +177,6 @@ Stop("illegal data_mode: %d", data_mode); } - cam_fill_csio(&ccb->csio, 1, NULL, flags, CAM_TAG_ACTION_NONE,//MSG_SIMPLE_Q_TAG, buf, size, sizeof(struct scsi_sense_data), cdb_size, 120*1000); /* 120 secs timeout */ @@ -194,7 +193,7 @@ /* Extract sense data */ - memcpy(sense, &(ccb->csio.sense_data), sizeof(struct scsi_sense_data)); + memcpy(sense, &(ccb->csio.sense_data), sizeof(Sense)); if((ccb->ccb_h.status & CAM_STATUS_MASK) == CAM_REQ_CMP) return 0; @@ -204,8 +203,6 @@ status = ccb->csio.scsi_status; return -1; - - } #endif /* SYS_FREEBSD */ --------------070909000806020608020009--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4F5CE2B9.7050002>