diff options
| author | kuriyama <kuriyama@FreeBSD.org> | 2004-09-10 14:45:00 +0000 |
|---|---|---|
| committer | kuriyama <kuriyama@FreeBSD.org> | 2004-09-10 14:45:00 +0000 |
| commit | 46e872d3e6662da8954b172e31315d29d61c2314 (patch) | |
| tree | 275a61e6e3712fca6d4c240d812e0c013d351dce /lib | |
| parent | 262a2524e09c8e8466b2749467e0e25171461115 (diff) | |
| download | FreeBSD-src-46e872d3e6662da8954b172e31315d29d61c2314.zip FreeBSD-src-46e872d3e6662da8954b172e31315d29d61c2314.tar.gz | |
I found "portsdb -u" dumps core with recent INDEX file, and this is
caused by refering broken (uninitialized?) pointer which is retrieved
from __bt_new() (and from mpool_new()).
I don't know why this linp[0] is read before stored because this
should be controlled by .lower and .upper member of PAGE structure
which are correctly initialized.
But this workaround fixes the problem on my environment and this
module has #ifdef PURIFY option which initializes new and reused
memory from mpool by memset(p, 0xff, size) like as I did.
Please feel free to fix the real bug instead of my workaround.
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/libc/db/btree/bt_split.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/lib/libc/db/btree/bt_split.c b/lib/libc/db/btree/bt_split.c index 9112ec8..0e478de 100644 --- a/lib/libc/db/btree/bt_split.c +++ b/lib/libc/db/btree/bt_split.c @@ -361,6 +361,8 @@ bt_page(t, h, lp, rp, skip, ilen) r->nextpg = h->nextpg; r->prevpg = h->pgno; r->flags = h->flags & P_TYPE; + /* XXX: Workaround for broken page data access. */ + r->linp[0] = 0xffff; /* * If we're splitting the last page on a level because we're appending |
