netbsd-bugs: bin/22592: RQUOTA V2 request causes rpc.rquotad to segfault

Subject: bin/22592: RQUOTA V2 request causes rpc.rquotad to segfault
To: None <gnats-bugs@gnats.netbsd.org>
From: Mark Davies <mark@mcs.vuw.ac.nz>
List: netbsd-bugs
Date: 08/25/2003 14:53:49

>Number:         22592
>Category:       bin
>Synopsis:       RQUOTA V2 request causes rpc.rquotad to segfault
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Mon Aug 25 02:54:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Mark Davies
>Release:        NetBSD 1.6W
>Organization:
Dept. of Comp. Sci., Victoria Uni. of Wellington, New Zealand.
>Environment:
	
	
System: NetBSD turakirae.mcs.vuw.ac.nz 1.6W NetBSD 1.6W (MCS_WORKSTATION) #1: Wed Aug 20 17:33:27 NZST 2003 mark@dellc64h2.mcs.vuw.ac.nz:/mnt/SAVE/build.obj/mnt/src/src/sys/arch/i386/compile/MCS_WORKSTATION i386
Architecture: i386
Machine: i386
>Description:
	A V2 RPC GETQUOTA request (generated by the current version of the
	quota command) causes rpc.rquotad, on the NFS server, to segfault
	whereas a V1 GETQUOTA (using a pre Feb version of quota) works.
	Relevant chunk of ktrace output is:

 20626 rpc.rquotad CALL  recvfrom(0,0x804f000,0x2260,0,0xbfbff59c,0xbfbff598)
 20626 rpc.rquotad GIO   fd 0 read 140 bytes
       "@N8\M^A\0\0\0\0\0\0\0\^B\0\^A\M^F\M-+\0\0\0\^B\0\0\0\^A\0\0\0\^A\0\0\0H?Iq(\
        \0\0\0\^Yone-red-dog.mcs.vuw.ac.nz\0\0\0\0\0\0\0\0\0\0\^X\0\0\0\^F\0\0\0\^X\
        \0\0\0\0\0\0\0\^B\0\0\0\^C\0\0\0\^D\0\0\0\^E\0\0\0\0\0\0\0\0\0\0\0\r/am/lid\
        o/home\0\0\0\0\0\0\0\0\0\^C\M-j"
 20626 rpc.rquotad RET   recvfrom 140/0x8c
 20626 rpc.rquotad PSIG  SIGSEGV SIG_DFL
 20626 rpc.rquotad NAMI  "rpc.rquotad.core"

	
>How-To-Repeat:
	NFS Server running -current exporting a filesystem with user quotas
	enabled.
	NFS Client machine running -current performs a "quota username"
	Note the approx 1 minute it takes to respond and see that rpc.rquotad
	 has segfaulted on the server.
	Try a pre revision 1.25 of quota.c version of quota on the NFS Client
	 machine and note that it works correctly.
	
>Fix:
	Don't know, presumably one or other end is not packing/unpacking the
	V2 arguments properly but I couldn't spot it on (brief) inspection.
	

cheers
mark
>Release-Note:
>Audit-Trail:
>Unformatted: