cache_purge > cache_zap segmentation fault
Ali Bahar
alih at internetDog.org
Sat May 17 07:40:44 PDT 2003
Yup, _I_ was doing the scribbling! There was no bug in the filesystem
code.
There was another box running similar code, but going thru different
tests. It rarely experienced this crash. So comparing the tests, it
became obvious which area of our module to focus on. From there,
visual inspection was enough to find the culprit.
A combination of insufficient malloc size and excessive offsets,
caused writes into the next heap segment.
To confirm that this segment belonged to the namecache, the write address
was printed while the test was carried out. ... Eventually, the seg
fault occured, and the namecache node involved, was one of the write
addresses.
QED!
The fix was tested by running the test repeatedly in batch, while
running 'ls -lR /' -- which ought have exercised the namecache code
mightily! ;-)
Thanks much for everyone's help.
regards,
ali
On Fri, May 09, 2003 at 10:43:13AM -0400, Ali wrote:
> On Fri, May 09, 2003 at 07:40:25AM +0100, David Malone wrote:
> > Is it possible that one of your modules is somehow stomping on
> > memory that doesn't belong to it?
> The possibility of memory overwrite by an in-development module is
> about 3 orders of magnitude higher than the possibility of a name
> cache bug. I can't yet see how it is happening, but I've seen weirder
> coincidences in scribblers.
--
Right of Return
for all Palestinian refugees.
Universal Declaration of Human Rights. Article 13.
More information about the freebsd-hackers
mailing list