netbsd-bugs: bin/2395: amd crash with segmentation fault.

Subject: bin/2395: amd crash with segmentation fault.
To: None <gnats-bugs@NetBSD.ORG>
From: None <bouyer@ensta.fr>
List: netbsd-bugs
Date: 05/12/1996 16:04:52
>Number:         2395
>Category:       bin
>Synopsis:       amd crash with segmentation fault.
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    bin-bug-people (Utility Bug People)
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun May 12 10:20:01 1996
>Last-Modified:
>Originator:     Manuel Bouyer
>Organization:

Ecole Nationale Superieure de Techniques Avancees, Paris

>Release:        NetBSD-current sup of 1996/04/18
>Environment:
	
System: NetBSD chassiron.ensta.fr 1.1B NetBSD 1.1B (CHASSIRON) #0: Thu May 9 21:16:38 MET DST 1996 bouyer@chassiron.ensta.fr:/usr/src/src_current/sys/arch/i386/compile/CHASSIRON i386

nfs servers: Suns running SunOS 4.1.3 or Solaris 2.4, i386 Running NetBSD 1.0A
The suns are mounted via amd, the i386 is mounted from /etc/fstab.


>Description:

	Amd crashes winth segmentation fault during /etc/daily. 
	It crashes in:
got_nfs_fh (pkt=0x0, len=0, sa=0x0, ia=0x422dc, idv=0x6, done=0) at nfs_ops.c:166
line: fp->fh_handle.fhs_vers = MOUNTVERS;
because fp is NULL.

>How-To-Repeat:

	Run the /etc/daily script. This may be related to the solaris 2.4 servers,
	as i have a sparc/netbsd running the same sources which don't have this
	problem, but it has only sunos4.1.4 nfs servers.

>Fix:
	I think the 'fp->fh_handle.fhs_vers = MOUNTVERS;' is 
	misplaced. Here is the diff, wich solved the problem for me.

RCS file: /usr/cvs/cvsroot/sources/src_current/usr.sbin/amd/amd/nfs_ops.c,v
retrieving revision 1.5
diff -c -r1.5 nfs_ops.c
*** nfs_ops.c   1996/04/18 15:09:15     1.5
--- nfs_ops.c   1996/05/12 13:17:56
***************
*** 162,171 ****
  int done;
  {
        fh_cache *fp = find_nfs_fhandle_cache(idv, done);
  #if NFS_PROTOCOL_VERSION >= 3
!       fp->fh_handle.fhs_vers = MOUNTVERS;
  #endif
-       if (fp) {
                fp->fh_error = pickup_rpc_reply(pkt, len, (voidp) &fp->fh_handle, xdr_fhstatus);
                if (!fp->fh_error) {
  #ifdef DEBUG
--- 162,171 ----
  int done;
  {
        fh_cache *fp = find_nfs_fhandle_cache(idv, done);
+       if (fp) {
  #if NFS_PROTOCOL_VERSION >= 3
!               fp->fh_handle.fhs_vers = MOUNTVERS;
  #endif
                fp->fh_error = pickup_rpc_reply(pkt, len, (voidp) &fp->fh_handle, xdr_fhstatus);
                if (!fp->fh_error) {
  #ifdef DEBUG

>Audit-Trail:
>Unformatted: