[prev in list] [next in list] [prev in thread] [next in thread]
List: mandrake-cooker
Subject: [Cooker] bug in dietlibc sprintf function affetting mkinitrd
From: Luca Berra <bluca () comedia ! it>
Date: 2004-03-31 22:22:08
Message-ID: 20040331222207.GB13227 () percy ! comedia ! it
[Download RAW message or body]
hello,
it seems that the sprintf function in dietlibc-devel-0.24-1mdk is broken
and corrupts arguments.
Unfortunately Nicholas rebuit mkinitrd with this version of dietlibc,
resulting in an initrd that segfaults when not using devfs.
I don't know what other software has been rebuilt with the broken lib.
gdb trace showing the problem is attached.
I discovered this bug while installing on an older Compaq server with
the cpqarray disk driver. There is a bug in the kernel wrt. cpqarray and
devfs, the devfs directory name '/dev/ida/cXtY' is the same as the
non-devfs name for the whole disk device (which goes to /proc/partition)
effectively breaking lilo on that hardware, and mandrake impossible to
use there.
kernel patch is trivial and attached as well.
pity i found this shortly after cds went to press :(
regards,
L.
--
Luca Berra -- bluca@comedia.it
Communication Media & Services S.r.l.
/"\
\ / ASCII RIBBON CAMPAIGN
X AGAINST HTML MAIL
/ \
["gdb.txt" (text/plain)]
bluca@Moskow BUILD/mkinitrd-3.5.18/nash $ gdb ./nash
GNU gdb 6.0-2mdk (Mandrake Linux)
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB. Type "show warranty" for details.
This GDB was configured as "i586-mandrake-linux-gnu"...Reading symbols from ./nash...done.
Using host libthread_db library "/lib/tls/libthread_db.so.1".
> l 963,988
963
964 int mkdevicesCommand(char * cmd, char * end) {
965 int fd;
966 char buf[32768];
967 int i;
968 char * start, * chptr;
969 int major, minor;
970 char old;
971 char devName[128];
972 char * prefix;
973
974 if (!(cmd = getArg(cmd, end, &prefix))) {
975 printf("mkdevices: path expected\n");
976 return 1;
977 }
978
979 if (cmd < end) {
980 printf("mkdevices: unexpected arguments\n");
981 return 1;
982 }
983
984 sprintf(devName, "%s/.devfsd", prefix);
985 if (!access(devName, F_OK)) {
986 return 0;
987 }
988
> b 984
Reading in symbols for nash.c...done.
Breakpoint 1 at 0x804a370: file nash.c, line 984.
> r
Starting program: /usr/src/RPM/BUILD/mkinitrd-3.5.18/nash/nash
Couldn't mount proc filesystem
(running in test mode).
Red Hat nash version 3.5.18-mdk starting
mkdevices /tmp/testdev
Breakpoint 1, mkdevicesCommand (cmd=0xbfff62e7 "", end=0xbfff62e6 "") at nash.c:984
984 sprintf(devName, "%s/.devfsd", prefix);
> p &devName
$1 = (char (*)[128]) 0xbffee190
> p devName
$2 = '\0' <repeats 127 times>
> p &prefix
$3 = (char **) 0xbffee18c
> p prefix
$4 = 0xbfff62da "/tmp/testdev"
> n
985 if (!access(devName, F_OK)) {
> p &devName
$5 = (char (*)[128]) 0xbffee190
> p devName
$6 = "/tmp/testdev/.devfsd", '\0' <repeats 107 times>
> p &prefix
$7 = (char **) 0xbffee18c
> p prefix
$8 = 0xff62da <Address 0xff62da out of bounds>
["cpqarray-devfs.patch" (text/plain)]
--- cpqarray.c.devfs 2004-02-04 04:43:12.000000000 +0100
+++ cpqarray.c 2004-04-01 00:18:13.000000000 +0200
@@ -310,9 +310,10 @@
for (j = 0; j < NWD; j++) {
if (ida_gendisk[i][j]->flags & GENHD_FL_UP)
del_gendisk(ida_gendisk[i][j]);
- devfs_remove("ida/c%dd%d",i,j);
+ devfs_remove("ida/host%d/target%d",i,j);
put_disk(ida_gendisk[i][j]);
}
+ devfs_remove("ida/host%d",i);
}
devfs_remove("ida");
remove_proc_entry("cpqarray", proc_root_driver);
@@ -1699,7 +1700,7 @@
}
- sprintf(disk->devfs_name, "ida/c%dd%d", ctlr, log_unit);
+ sprintf(disk->devfs_name, "ida/host%d/target%d", ctlr, log_unit);
info_p->phys_drives =
sense_config_buf->ctlr_phys_drv;
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic