On Thu, 15 Apr 1999, Jaromir Dolecek wrote:

> I can confirm this happens with program:
> 
> #include <unistd.h>
> void main() { rmdir("/home/dolecek/junk/";}
> 
> where /home/dolecek/junk is link to pub. i.e.
> /home/dolecek/junk -> pub
> 
> I can try to track this down a bit. I'm looking forward for happy
> vfs code lesson :))
> 
> Neil A. Carson wrote:
> > Brian Chevrier wrote:
> > 
> > _Debugger(f7fe2408, 0, f80b2de4, f0168557, f01681e8) at _Debugger + 0x4
> > _panic(f01681e8, 20002, f7fe557c, 30002, 2de6) at _panic + 0x55
> > _lockmgr(f7fe2408, 30002, f7fe5608, f80b2e1c, f0190a13) at _lockmgr +
> > 0x2a7
> > _ufs_lock(f80b2e10) at _ufs_lock + 0x22
> > _vn_lock(f7fe557c, 20002, f7fe557c, f80b2f1c, f80b2ef8) at _vn_lock
> > + 0x3f
> > _lookup(f80b2ef8, f80b2f88, f80ac3f0, f80b2f80, f067ac00) at _lookup +
> > 0x6f
> > _namei(f80b2ef8, f80b2f88, f80ac3f0, f80b2f80, ffffffff) at _namei +
> > 0x317
> > _sys_rmdir(f80ac3f0, f80b2f88, f80b2f80, 0, efbfdcf4) at _sys_rmdir
> > + 0x35
> > _syscall() at _syscall + 0x1c2
> > --- syscall (number 137) ---
> > 0x4005eb7f:
> > 
> > 
> > I was running a program that I'm working on.  My program did a rmdir on
> > a symbolic link and crashed the kernal with the above stack. I need to
> > fix my program so it doesn't try and do that, but I don't the kernal
> > should crash. If I try this from the shell it gives an error but doesn't
> > crash. I also noticed that it only happens when I end the name with a
> > slash. For example, /home/bchevrie/junk/ where junk is the symbolic
> > link. I hope this is useful, give me a call if you have any questions.

What version are y'all using? rmdir is another system call which uses
namei with LOCKPARENT - you're hitting the vfs_lookup bug which was the
subject of security advisory 1999-008.

Update to recent -current, or get recent 1.4_ALPHA.

Take care,

Bill