Subject: kern/1124: more union FS bugs (kernel traps on null VP references)
To: None <gnats-admin@sun-lamp.cs.berkeley.edu>
From: Gordon W. Ross <gwr@mc.com>
List: netbsd-bugs
Date: 06/22/1995 22:59:35
I've tried out John Kohl's latest-and-greatest fix for this and
it works nicely for me. Shall I check this in?
Gordon
diff -rc union.orig/union_subr.c union/union_subr.c
*** union.orig/union_subr.c Fri Jun 2 06:07:31 1995
--- union/union_subr.c Tue Jun 20 14:14:32 1995
***************
*** 946,952 ****
struct union_node *un;
{
! union_newupper(un, NULLVP);
union_diruncache(un);
if (un->un_flags & UN_CACHED) {
--- 946,960 ----
struct union_node *un;
{
! /*
! * We do not set the uppervp to NULLVP here, because lowervp
! * may also be NULLVP, so this routine would end up creating
! * a bogus union node with no upper or lower VP (that causes
! * pain in many places that assume at least one VP exists).
! * Since we've removed this node from the cache hash chains,
! * it won't be found again. When all current holders
! * release it, union_inactive() will vgone() it.
! */
union_diruncache(un);
if (un->un_flags & UN_CACHED) {
diff -rc union.orig/union_vnops.c union/union_vnops.c
*** union.orig/union_vnops.c Thu Jun 1 06:14:47 1995
--- union/union_vnops.c Tue Jun 20 14:04:06 1995
***************
*** 538,543 ****
--- 538,554 ----
vp = un->un_lowervp;
}
+ #ifdef DIAGNOSTIC
+ /*
+ * We should never encounter a vnode with both upper and
+ * lower vnodes NULL.
+ */
+ if (vp == NULLVP) {
+ vprint("empty union vnode", vp);
+ panic("union_close empty vnode");
+ }
+ #endif
+
ap->a_vp = vp;
return (VCALL(vp, VOFFSET(vop_close), ap));
}