netbsd-bugs: kern/14776: Machine crash when linking a device to a NFS mounted partition

Subject: kern/14776: Machine crash when linking a device to a NFS mounted partition
To: None <gnats-bugs@gnats.netbsd.org>
From: None <manu@netbsd.org>
List: netbsd-bugs
Date: 11/29/2001 12:36:41

>Number:         14776
>Category:       kern
>Synopsis:       Machine crash when linking a device to a NFS mounted partition
>Confidential:   no
>Severity:       critical
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Nov 29 12:37:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Emmanuel Dreyfus
>Release:        NetBSD-current/mips
>Organization:
The NetBSD Project
>Environment:
NetBSD plume 1.5Y NetBSD 1.5Y (IRIX) #23: Wed Nov 28 12:14:05 CET 2001     manu@plume:/cvs/src/sys/arch/sgimips/compile/IRIX sgimips
>Description:
When there is a NFS mounted volume, any user can crash the machine by
hard linking a device to a directory on the NFS mounted volume.
>How-To-Repeat:
$ df
Filesystem          512-blocks     Used     Avail Capacity  Mounted on
/dev/sd0a              1916262  1095676    724772    60%    /
/dev/sd1a              1793796   441190   1262916    25%    /cvs
10.0.12.2:/pub/tftp    3883782  2555610    939794    73%    /kernel
$ cd /kernel
$ ln /dev/zero .
panic: genfs: bad op
Stopped in pid 192 (ln) at      0x880f8464:     jr      ra
                bdslot: nop

>Fix:
The problem seems to be in /sys/miscfs/specfs/specdev.h
All unapplicable operations are defined to be genfs_badop. genfs_badop()
triggers a panic(). I don't understand yet why NFS enable this problem 
yet, but I think that someone with better knowledge will find this one
quickly...

>Release-Note:
>Audit-Trail:
>Unformatted: