netbsd-bugs: kern/28621: 1.6.x "vp != NULL" crash in ffs_sfotdep.c:4653 while unmounting a softdep (+quota) filesystem

Subject: kern/28621: 1.6.x "vp != NULL" crash in ffs_sfotdep.c:4653 while unmounting a softdep (+quota) filesystem
To: None <kern-bug-people@netbsd.org, gnats-admin@netbsd.org,>
From: Greg A. Woods <woods@weird.com>
List: netbsd-bugs
Date: 12/12/2004 03:33:00

>Number:         28621
>Category:       kern
>Synopsis:       1.6.x "vp != NULL" crash in ffs_sfotdep.c:4653 while unmounting a softdep (+quota) filesystem
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Dec 12 03:33:00 +0000 2004
>Originator:     Greg A. Woods
>Release:        NetBSD 1.6.2_STABLE
>Organization:
Planix, Inc.; Toronto, Ontario; Canada
>Environment:
System: NetBSD 1.6.2_STABLE
Architecture: i386
Machine: i386
>Description:

	I was unmounting a filesystem after playing with quotas.  It
	was mounted with softdeps, but I had just run "quotaoff -v -a",
	so quotas should have been disabled by then.

	there hadn't been any file I/O, other than by the kernel to the
	quota file, on that filesystem for quite some time....

>How-To-Repeat:

panic: kernel diagnostic assertion "vp != NULL" failed: file "/building/work/woods/m-NetBSD-1.6/sys/ufs/ffs/ffs_softdep.c", line 4653

Stopped in pid 27332 (umount) at        cpu_Debugger+0x4:       movl    %ebp,%esp
db> where
No such command  (someday I'm going to make that an alias! :-)
db> trace
cpu_Debugger(c04ca5ed,ffffffff,e412a1d4,c025789d,e4122b64) at cpu_Debugger+0x4
panic(c062b1e0,c04ca5ed,c04cbee7,c04cbe80,122d) at panic+0xb0
__main(c04ca5ed,c04cbe80,122d,c04cbee7,e554699c) at __main
flush_inodedep_deps(c1e14000,454401,e4122c20,c029584f,e412a1f8) at flush_inodedep_deps+0x3c
softdep_sync_metadata(e4122dac,0,e4122c90,c029c9f2) at softdep_sync_metadata+0x2fb
ffs_full_fsync(e4122dac,0,e4122d10,c0251fa9,e4122dac) at ffs_full_fsync+0x260
ffs_fsync(e4122dac,20002,0,10,0) at ffs_fsync+0x3f
ffs_flushfiles(c225f400,0,e4244cac,c02c2bb1,0) at ffs_flushfiles+0xfd
softdep_flushfiles(c225f400,0,e4244cac,c02c824d,0) at softdep_flushfiles+0x56
ffs_unmount(c225f400,0,e4244cac,e4244cac,0) at ffs_unmount+0x3d
dounmount(c225f400,0,e4244cac,0,e4122f80) at dounmount+0xea
sys_unmount(e4244cac,e4122f80,e4122f78,c033dde0) at sys_unmount+0xf5
syscall_plain(1f,1f,1f,1f,bfbfcfb4) at syscall_plain+0xa7
db> 

>Fix:

	unknown