URL: <http://savannah.gnu.org/bugs/?48863>
Summary: rpctrace crashes (failed assert) when SEND ONCE right is extracted and then sent Project: The GNU Hurd Submitted by: baccala Submitted on: Tue 23 Aug 2016 08:21:13 AM GMT Category: Hurd Severity: 3 - Normal Priority: 5 - Normal Item Group: None Status: None Privacy: Public Assigned to: None Originator Name: Originator Email: Open/Closed: Open Discussion Lock: Any Reproducibility: Every Time Size (loc): None Planned Release: None Effort: 0.00 Wiki-like text discussion box: _______________________________________________________ Details: Normal RPC operation is to supply a receive port to mach_msg() with MACH_MSG_TYPE_MAKE_SEND_ONCE. In that case, rpctrace sees the send once port for the first time when the RPC message is sent. This code first extracts a send once right from the receive port, then uses it during the upcoming RPC call. This causes rpctrace to see the port an extra time when it comes back in the reply to mach_port_extract_right(), and it gets wrapped. rpctrace then sees it again during the actual RPC call, and double wraps it, which ultimately triggers a failed assert when it tries to match a request to the second reply. gcc -g -Wall -D_GNU_SOURCE -o looper looper.c touch node settrans -a node /bin/rpctrace ./looper / ls _______________________________________________________ File Attachments: ------------------------------------------------------- Date: Tue 23 Aug 2016 08:21:13 AM GMT Name: looper.c Size: 6kB By: baccala <http://savannah.gnu.org/bugs/download.php?file_id=38326> _______________________________________________________ Reply to this item at: <http://savannah.gnu.org/bugs/?48863> _______________________________________________ Message sent via/by Savannah http://savannah.gnu.org/