* prep divide by zero and kernel panic in devfs
@ 2014-03-21 6:50 Nick Owens
2014-03-21 17:37 ` [9front] " cinap_lenrek
0 siblings, 1 reply; 2+ messages in thread
From: Nick Owens @ 2014-03-21 6:50 UTC (permalink / raw)
To: 9front
[-- Attachment #1: Type: text/plain, Size: 2705 bytes --]
at the recommendation of folks in #cat-v, i started trying to install
9front into a sparse disk image.
this is how far i got, until i encountered a divide by zero in disk/prep
and subsequently a kernel panic in devfs. the following is on 386.
similar behavior appears on amd64.
; ramfs
; cd /tmp
; disk=`{pwd}^/9front.img
;
; # 5gb sparse disk
; dd -if /dev/zero -of $disk -bs 1048576 -oseek 5120 -count 1
1+0 records in
1+0 records out
;
; # mbr
; disk/mbr -m /386/mbr $disk
;
; # partdisk
; disk/fdisk -baw $disk
adding part failed: plan9: fd out of range or not open
?warning: partitions could not be updated in devsd
;
; # prepdisk
; bind -b '#k' /dev
; {
echo disk 9front 512 $disk
disk/fdisk -p $disk
echo disk 9front 512 /dev/9front/plan9
disk/prep -bw -a^(9fat nvram fs) /dev/9front/plan9
} > /dev/fs/ctl
prep 622: suicide: sys: trap: divide error pc=0x000053db
; ls -l /dev/9front/plan9
--rw-rw-r-- k 0 mischief mischief 5362850304 Mar 20 23:18 /dev/9front/plan9
; sprunge /dev/text
now, if you repeat the commands in { } above:
; ktrace /386/9pccpuf f0108643 f4febb48 <<EOF
estackx f4febe70
f4febae8=f01083d8 f4febb08=f0100600 f4febb30=f0108643 f4febb38=f016621b
f4febb44=f0108643 f4febb48=f01083dc f4febb50=f01667a8 f4febb6c=f0225d0a
f4febb8c=f0189b37 f4febb98=f01886e1 f4febbb8=f0174d8d f4febbd4=f02357c5
f4febc40=f02256fa f4febc44=f0225710 f4febc4c=f0225854 f4febc60=f0225d0a
f4febc68=f02191c3 f4febc78=f020ec88 f4febc80=f017544b f4febc88=f017505d
f4febc90=f017544b f4febc94=f017544b f4febcac=f0108825 f4febccc=f021a9f1
f4febcd8=f0189aed f4febce0=f0189b37 f4febd1c=f0177350 f4febd28=f0225710
f4febd30=f0225854 f4febd38=f020de1e f4febd44=f0225d0a f4febd4c=f021fe3b
f4febd5c=f0221420 f4febd64=f02214a7 f4febd7c=f02140c6 f4febd98=f02215a4
f4febdb0=f0107b32 f4febdcc=f0108ae7 f4febddc=f0225d0a f4febde0=f0216f02
f4febde4=f0218701 f4febdec=f0218721 f4febdf4=f0217142 f4febe1c=f0100600
f4febe54=00000040 f4febe58=f01007b0 f4febe5c=0000e19e f4febe60=00000023
f4febe64=00000282 f4febe68=dfffeca0 f4febe6c=0000001b
EOF
src(0xf0108643); // dumpstack+0x10
src(0xf01667a8); // panic+0xd2
src(0xf020ec88); // cclose+0x3f
src(0xf017544b); // mconfig+0x6a3
src(0xf0177350); // mwrite+0x74
src(0xf02214a7); // write+0x18c
src(0xf02215a4); // syspwrite+0x52
src(0xf0108ae7); // syscall+0x1dc
src(0xf0100600); // forkret
//passing interrupt frame; last pc found at sp=0xf4febe1c
;
obviously prep and the kernel should not do this, but am i using the
commands right to create a sparse disk image? i didnt test it, but maybe
the fact that the disk image is sparse is what breaks prep and devfs.
[-- Attachment #2: Type: application/pgp-signature, Size: 834 bytes --]
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [9front] prep divide by zero and kernel panic in devfs
2014-03-21 6:50 prep divide by zero and kernel panic in devfs Nick Owens
@ 2014-03-21 17:37 ` cinap_lenrek
0 siblings, 0 replies; 2+ messages in thread
From: cinap_lenrek @ 2014-03-21 17:37 UTC (permalink / raw)
To: 9front
the kernel crash is a off by one bug in error handling codepath
when it tries to clean up state before erroring out:
--- a/sys/src/9/port/devfs.c Fri Mar 21 16:55:16 2014 +0100
+++ b/sys/src/9/port/devfs.c Fri Mar 21 18:10:55 2014 +0100
@@ -646,7 +646,7 @@
Fail:
for(i = 1; i < cb->nf; i++)
if(idev != nil && idev[i-1] != nil)
- cclose(idev[i]);
+ cclose(idev[i-1]);
if(mp != nil)
mdeldev(mp);
free(idev);
this has nothing todo with sparsefiles. a sparsefile is a
optimization of the filesystem. it just avoids allocating blocks
containing all zeros, thats all.
you want to use partfs. see the test.disk target in /sys/src/boot/pc/mkfile
devfs is bad because then you need to be hostowner on the machine
and you are manipulating global state to solve a local problem.
--
cinap
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-03-21 17:37 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-03-21 6:50 prep divide by zero and kernel panic in devfs Nick Owens
2014-03-21 17:37 ` [9front] " cinap_lenrek
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).