On Jan 14, 11:45pm, pcah8322@artax.karlin.mff.cuni.cz (Pavel Cahyna) wrote:
-- Subject: bugs introduced by ktrace-lwp merge

| Hello,
| 
| I noticed that the ktrace-lwp merge changed semantics in a probably
| unexpected way at least for files:
| 
| arch/x86/x86/bus_dma.c
| fs/msdosfs/msdosfs_vnops.c
| ufs/ext2fs/ext2fs_readwrite.c
| 
| Before, the code carefully validated uio->uio_procp it it is not NULL
| before dereferencing it. Now, the code does p = uio->uio_lwp->l_proc
| instead, which can dereference a NULL uio->uio_lwp without checking. (I
| assume that the semnantics of NULL uio_lwp is the same as for NULL
| uio_procp before.)
| 
| See also the thread "ext2fs_write crashing" for actual bug reports against
| ext2fs and msdosfs.
| 
| I don't know yet how the change in arch/x86/x86/bus_dma.c would be triggered.
| 
| I propose following (untested - I don't use -current much) patch.
| 

Yamt is working on fixing the mess we created with uio_lwp in a branch.
Can you reproduce the NULL pointer deref?

christos