Hammer boot cannot load modules anymore

Matthew Dillon dillon at apollo.backplane.com
Sat Jan 10 14:11:54 PST 2009


:Michael Neumann wrote:
:> hammerread /dev/ad0s1a /boot/modules
:>=20
:> It hits the right boundary ("hit right boundary (52), resetting search =
:
:> to"), and goes into an infinite loop.
:
:ah, good.  could you send me the log so that i can trace what is going wr=
:ong?
:
:thanks
:   simon

    I see some possible issues in hammerread.c.  In the B-Tree search
    code, e.g. starting at around line 439, 'n' and 'e' can get out of
    sync.  For example, if node->count is 0 e can wind up bogus. 

    the while loop here is also bogus. If n == node->count then 'e'
    is invalid at a leaf.  The right hand boundary element AT 
    elm[node->count] only exists for internal nodes, not for leaf
    nodes.

	    // Skip deleted elements
	    while (n <= node->count && e->base.delete_tid != 0) {

    What I recommend is to properly track 'n' through that entire
    bit of code.  So for example, instead of:

	    // unless we stopped right on the left side, we need to back off a bit
	    if (n > 0)
		    e = &node->elms[n - 1];

    You would have:

	    if (n > 0)
		    e = &node->elms[--n];

    Then the if (r > 1) check lower down makes more sense, as the worst
    that can happen is n becomes equal to node->count (and 'e' becomes
    invalid at that point but presumably the rest of the checks would
    take care of it.
    
    Then this bit of code:

        // Skip deleted elements
        while (n <= node->count && e->base.delete_tid != 0) {
                e++;
                n++;
        }

    Should be '<', not '<='.  e being invalid when n == node->count.

        // Skip deleted elements
        while (n < node->count && e->base.delete_tid != 0) {
                e++;
                n++;
        }

    And this bit of code:

	if (n > node->count) {
	    ...
	    hit right boundary 
	}

    should be:

	KKASSERT(n <= node->count);
	if (n == node->count) {
	    ...
	    hit right boundary 
	}

    There may also be an issue on the right boundary code.  What you have
    to do is recurse up the tree, returning to the parent element and then
    moving on to the next parent index.  This recursion can go all the
    way to root if the 'next' index in the parent also hits the right 
    hand boundary.  You exhaust the space in the search when you loop up
    to get the next element in the parent and the parent is root and
    it is already on the right hand boundary, meaning there is no next
    element.

						-Matt







More information about the Bugs mailing list