netbsd-bugs: kern/23065: fsck_lfs seg faults on null inode

Subject: kern/23065: fsck_lfs seg faults on null inode
To: None <gnats-bugs@gnats.NetBSD.org>
From: None <gary@duzan.org>
List: netbsd-bugs
Date: 10/05/2003 15:15:32
>Number:         23065
>Category:       kern
>Synopsis:       fsck_lfs seg faults on null inode
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Oct 05 15:16:00 UTC 2003
>Closed-Date:
>Last-Modified:
>Originator:     Gary Duzan
>Release:        current (1.6ZC, 4 Oct 2003)
>Organization:
>Environment:
NetBSD capo 1.6ZC NetBSD 1.6ZC (XCAPO) #0: Sat Oct  4 09:29:41 EDT 2003  gary@capo:/usr/tmp/obj/usr/tmp/src/sys/arch/i386/compile/XCAPO i386

>Description:
On a rather abused LFS partition, fsck_lfs produces:

===================================================================
** /dev/rwd1a
** Last Mounted on /usr2
** Phase 0 - Check Segment Summaries and Inode Free List
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
UNALLOCATED  I=143414 
Segmentation fault (core dumped)
===================================================================

>How-To-Repeat:
Somehow get a null inode on an LFS and run fsck_lfs against it.
>Fix:
Check for null before calling VTOI:

Index: dir.c
===================================================================
RCS file: /cvsroot/src/sbin/fsck_lfs/dir.c,v
retrieving revision 1.12
diff -u -r1.12 dir.c
--- dir.c       2003/10/03 12:23:22     1.12
+++ dir.c       2003/10/05 15:03:28
@@ -294,10 +294,10 @@
                return;
        }
        vp = vget(fs, ino);
-       ip = VTOI(vp);
        if (vp == NULL)
                pfatal("INO is NULL\n");
        else {
+               ip = VTOI(vp);
                if (ftypeok(VTOD(vp)))
                        pfatal("%s=%s\n",
                            (ip->i_ffs1_mode & IFMT) == IFDIR ?
===================================================================

Makes it much happier:

===================================================================
** /dev/rwd1a
** Last Mounted on /usr2
** Phase 0 - Check Segment Summaries and Inode Free List
** Phase 1 - Check Blocks and Sizes
** Phase 2 - Check Pathnames
UNALLOCATED  I=143414 
INO is NULL

REMOVE? [yn] y

** Phase 3 - Check Connectivity
** Phase 4 - Check Reference Counts
** Phase 5 - Check Segment Block Accounting
** Phase 6 - Roll Forward

roll forward? [yn] y

** Phase 6b - Recheck Segment Block Accounting
308041 files, 11893243 used, 61952381 free

WRITE CHANGES TO DISK? [yn] y

WRITING CHANGES TO DISK

UPDATE STANDARD SUPERBLOCK? [yn] y


MARK FILE SYSTEM CLEAN? [yn] y


***** FILE SYSTEM MARKED CLEAN *****

***** FILE SYSTEM WAS MODIFIED *****

Program exited normally.
===================================================================

And a subsequent run finds no errors.
>Release-Note:
>Audit-Trail:
>Unformatted: