On Monday 01 August 2005 10:52, Luc Van Oostenryck wrote:
> New tests that I run cause 100% reproductible kernel crashes.
> The problems appears that yaffs_FindObjectByName() can be called with name
> set to NULL.
>
> The code path come from the two calls yaffs_ChangeObjectName() at the end
> of yaffs_UnlinkFile() which set name to NULL and cause a crash when
> strcmp() is called in yaffs_FindObjectByName().
Sorry my bad.
This was part of the change I did for the shadowing stuff.
>
>
> For the moment I use the attached patch (beware there is also some traces
> added) which test early for NULL name in yaffs_FindObjectByName() and
> return NULL in this case. It seems to solve the problem, but it need to be
> checked.
>
> What I find realy hard to understand is why we didn't find this one sooner
> (I run previously a heavy test with lot of file creation and deletion and
> everything went good :-().
I introduced this yesterday.
The problem is the new check for existingTarget near line 1863. See
http://www.aleph1.co.uk/cgi-bin/viewcvs.cgi/yaffs2/yaffs_guts.c?r1=1.11&r2=1.12
(text/plain)