Subject: bin/32194: makefs -t cd9660 segfaults creating specfic filesystem
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: None <riz@tastylime.net>
List: netbsd-bugs
Date: 11/30/2005 00:03:00
>Number: 32194
>Category: bin
>Synopsis: makefs -t cd9660 segfaults creating specfic filesystem
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: bin-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Wed Nov 30 00:03:00 +0000 2005
>Originator: Jeff Rizzo
>Release: 3.99.11
>Organization:
TASTY LIME
>Environment:
NetBSD grendel 3.99.11 NetBSD 3.99.11 (GRENDEL) #6: Sat Nov 26 15:12:56 PST 2005 riz@grendel:/usr/src/sys/arch/macppc/compile/GRENDEL macppc
>Description:
Using makefs to create a filesystem of two files ("example.1" and "example.10") causes makefs to segfault.
gdb on a debugging binary yields this:
GNU gdb 5.3nb1
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "powerpc--netbsd"...
Core was generated by `makefs'.
Program terminated with signal 11, Segmentation fault.
Reading symbols from /usr/libexec/ld.elf_so...done.
Loaded symbols for /usr/libexec/ld.elf_so
Reading symbols from /usr/lib/libc.so.12...done.
Loaded symbols for /usr/lib/libc.so.12
#0 0x01804b10 in cd9660_sort_nodes (node=0x1863000) at cd9660.c:1200
1200 TAILQ_INSERT_BEFORE(node, next, cn_next_child);
(gdb) l
1195 return;
1196 else if (strcmp(next->isoDirRecord->name,
1197 cn->isoDirRecord->name) >= 0)
1198 continue;
1199 TAILQ_REMOVE(&node->cn_children, next, cn_next_child);
1200 TAILQ_INSERT_BEFORE(node, next, cn_next_child);
1201 break;
1202 }
1203 } while (cn != NULL);
1204 }
(gdb) bt
#0 0x01804b10 in cd9660_sort_nodes (node=0x1863000) at cd9660.c:1200
#1 0x018049fc in cd9660_sorting_nodes (node=0x1863000) at cd9660.c:1183
#2 0x018052cc in cd9660_convert_structure (root=0x1862080,
parent_node=0x1863000, level=1, numDirectories=0xffffd57c,
error=0xffffd58c) at cd9660.c:1459
#3 0x018031d4 in cd9660_makefs (image=0xffffd846 "garbage.iso",
dir=0xffffd852 "TEST3", root=0x1862040, fsopts=0xffffd5e0) at cd9660.c:491
#4 0x0181a240 in main (argc=2, argv=0xffffd710) at makefs.c:273
(gdb)
>How-To-Repeat:
mkdir TEMP; touch TEMP/example.1 TEMP/example.10
makefs -t cd9660 foo.iso TEMP
<segfault>
>Fix:
None known yet; I managed to find the heart of the problem out of a 300M filesystem, but have not yet had time to learn the actual cause yet. (TAILQ stuff is not my forte). I will probably look into this eventually unless someone beats me to it.