From owner-cvs-all@FreeBSD.ORG Mon Dec 6 06:30:13 2004 Return-Path: Delivered-To: cvs-all@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 223B416A4DB; Mon, 6 Dec 2004 06:30:13 +0000 (GMT) Received: from critter.freebsd.dk (critter.freebsd.dk [212.242.86.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6FDEA43D5F; Mon, 6 Dec 2004 06:30:12 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id iB66U9s3075733; Mon, 6 Dec 2004 07:30:10 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Marcel Moolenaar From: "Poul-Henning Kamp" In-Reply-To: Your message of "Sun, 05 Dec 2004 15:14:08 PST." <5DA9481A-4713-11D9-A4F2-000D93C47836@xcllnt.net> Date: Mon, 06 Dec 2004 07:30:09 +0100 Message-ID: <75732.1102314609@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: cvs-src@FreeBSD.org cc: src-committers@FreeBSD.org cc: cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/sys vnode.h src/sys/gnu/ext2fs ext2_vnops.c src/sys/nfsclient nfs_vnops.c src/sys/ufs/ufs ufs_vnops.c X-BeenThere: cvs-all@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: CVS commit messages for the entire tree List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 06 Dec 2004 06:30:13 -0000 In message <5DA9481A-4713-11D9-A4F2-000D93C47836@xcllnt.net>, Marcel Moolenaar writes: > >On Dec 5, 2004, at 2:37 PM, Poul-Henning Kamp wrote: > >> In message <200412052230.iB5MUTZs021927@repoman.freebsd.org>, Marcel >> Moolenaar >> writes: >>> marcel 2004-12-05 22:30:29 UTC >>> >>> FreeBSD src repository >>> >>> Modified files: >>> sys/sys vnode.h >>> sys/gnu/ext2fs ext2_vnops.c >>> sys/nfsclient nfs_vnops.c >>> sys/ufs/ufs ufs_vnops.c >>> Log: >>> Fix null-pointer indirect function calls introduced in the previous >>> commit. In the new world order, the transitive closure on the vector >>> operations is not precomputed. As such, it's unsafe to actually use >>> any of the function pointers in an indirect function call. >> >> Uhm not really. >> >> You'll notice that these three cases vector through a fifo_*specop*. >> >> The "specop" as opposed to "vnodeop", means that you're supposed to >> know what you're doing. >> >> Did you actually get a zero pointer deref on this ? > >Yes, on vop_write(). See my posting to current@ > >http://docs.freebsd.org/cgi/getmsg.cgi?fetch=895498+0+archive/2004/ >freebsd-current/20041205.freebsd-current Hmm... Your commit doesn't actually fix this problem, it only prevents the panic. The real problem is that with the fifofs vnode bypass you can't call VOP_WRITE() on a fifo any longer. If you back your commit out I'll fix it the right way. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence.