|
From: Szakacsits S. <sz...@si...> - 2002-12-12 15:50:29
|
On Thu, 12 Dec 2002, Anton Altaparmakov wrote: > applied, thanks. well spotted again. I had actually fixed this exactly > same bug ages ago in the NTFS kernel driver but I obviously had forgotten > to port the fix to the library. A very annoying oversight on my part! BTW, I wanted to ask for long but actually how much code is shared between the user and kernel "drivers"? I'm afraid zero. I know it's not trivial but there are codes (filesystems) that has this very nice feature. > > 3. ntfs_extent_inode_open: extents are copied to a newly > > allocated memory. Before using just the pointer equality the > > memory was freed by the extent and the base inode happily used > > the unfreed memory => severe memory corruptions. > > I don't understand this description and I don't understand why you are > doing the copying. You allocate an ntfs_inode for an extent then attach it *also* to the extents of it's base inode, after you free ntfs_inode => the attached extents live in the freed memory and the next time malloc gives it away and will be nicely overwritten it. > corruptions? - Your fix 2. from above should cure everything. The memory No, just use a memory debugger or printf the pointer. > allocations and copying are already done in the if clause fixed by point > 2 so I don't see why you repeat them again here. What am I missing? The if clause copies the extent pointers. Afterwards the ntfs_inode are copied to a newly allocated area (because the ntfs_inode in question will be freed by ntfs_inode_close but the base inode still needs it later on). > seems the patch gets me past the overlapping runlists problem but, I get > 11298 messages saying Couldn't read MFT record %n (where %n is the record > number, of course). On an MFT with 20+ extents I get one -------------------------------------------------------> Entering for inode 0, attribute type 0x80. Opening extent inode 15 (base mft record 0x0). Found stale extent mft reference! Corrupt file system. Run chkdsk. Failed to map extent inode: Input/output error Inode is corrupt. Couldn't read MFT Record 28. <-------------------------------------------------------- Probably the above bugs hid more - so far Leonards case (attribute list handling) discovered 4 bugs. Szaka |
