Package: hurd
Version: N/A
Severity: normal
Hi,
touch [ALT+256] x
crashes the filesystem. Further debugging showed that the crash happens
immediately after diskfs_S_dir_lookup is called, in the destructor.
The destuctor for dir_lookup is in libdiskfs/priv.h, it is:
extern inline void
end_using_protid_port (struct protid *cred)
{
if (cred)
ports_port_deref (cred);
}
The crash happens in ports_port_deref, when trying to derefence pi, which is
just cred but interpreted as a pointer to a struct port_info.
Now, that's weird. It crashes with E_BAD_ACCESS in ports_port_deref, because
it can't access the memory at cred. I verified that in _Xdir_lookup
start_dir = begin_using_protid_port(In0P->Head.msgh_request_port);
OutP->RetCode = diskfs_S_dir_lookup(start_dir, In0P->file_name, In0P->flags,
In0P->mode, &OutP->do_retry, OutP->retry_name, &OutP->result, &resultPoly);
end_using_protid_port(start_dir);
the value of start_dir isn't mangled (wouldn't make sense anyway).
It is the same for diskfs_S_dir_lookup as for end_using_protid_port.
Maybe the memory at this location is accidently freed? How could this
happen? I single stepped through diskfs_S_dir_lookup and diskfs_lookup,
without seeing anything special.
Any hints appreciated,
Marcus
-- System Information
Debian Release: 2.2
Kernel Version: Linux ulysses 2.4.0-test9 #1 Mon Okt 30 20:36:05 CET 2000 i686 unknown
_______________________________________________
Bug-hurd mailing list
[EMAIL PROTECTED]
http://mail.gnu.org/mailman/listinfo/bug-hurd
