Subject: Re: extra PNBUF_PUT() in nfsrv_create()
To: Manuel Bouyer <>
From: Frank van der Linden <>
List: tech-kern
Date: 09/26/2002 20:32:30
On Thu, Sep 26, 2002 at 07:35:51PM +0200, Manuel Bouyer wrote:
> I think I've found the cause of kern/18013 (NFS kernel crash):
> an extra PNBUF_PUT() call, on a objet which has already been returned to
> the pool.
> In the MKNOD case of nfsrv_create(), there is a call PNBUF_PUT() on something
> that has already been freed by VOP_MKNOD() as SAVESTART is not set.
> I think this PNBUF_PUT() should have been removed in nfs_serv.c 1.60,
> before 1.60 is was there to free the pathname buf allocated by the
> lookup() call after VOP_MKNOD.
> Can someone confirm ?

Yes, that seems to be a correct analysis, and it would explain a few
reports of corrupted name lookups on the server after certain sequences
of NFS operations.

Go ahead and remove that line.

- Frank