NetBSD Problem Report #4597
Received: (qmail 4048 invoked from network); 28 Nov 1997 21:38:26 -0000
Message-Id: <199711282137.QAA00378@rn-re122a05.uwaterloo.ca>
Date: Fri, 28 Nov 1997 16:37:34 -0500 (EST)
From: rickb@iaw.on.ca
To: gnats-bugs@gnats.netbsd.org
Subject: cyclic union mount causes kernel panic
X-Send-Pr-Version: 3.95
>Number: 4597
>Category: kern
>Synopsis: A Cyclic union mount causes a kernel panic
>Confidential: no
>Severity: serious
>Priority: high
>Responsible: kern-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Fri Nov 28 13:50:03 +0000 1997
>Closed-Date:
>Last-Modified:
>Originator: Rick Byers
>Release: Nov 25, 97
>Organization:
=========================================================================
Rick Byers Internet Access Worldwide
rickb@iaw.on.ca System Admin
University of Waterloo, Computer Science (905)714-1400
http://www.iaw.on.ca/rickb/ http://www.iaw.on.ca/
>Environment:
System: NetBSD rickb 1.3_ALPHA NetBSD 1.3_ALPHA (RICKB) #21: Wed Nov 26 00:35:24 EST 1997 root@rickb:/usr/src/sys/arch/i386/compile/RICKB i386
>Description:
If A is union mounted onto B, then union mounting B back onto A
causes a kernel panic. Obviously, this should never happen, unless
someone is deliberatly crashing you system (happened to us).
I wouldn't be surprised if there are some similar problems with
mount_null also.
panic: locking against myself
#0 0xf0963c00 in ?? ()
#1 0x2a10000 in ?? ()
#2 0xf01fe577 in cpu_reboot ()
#3 0xf0125032 in panic ()
#4 0xf01ee91a in ufs_lock ()
#5 0xf01499ee in union_root ()
#6 0xf0139798 in lookup ()
#7 0xf0139186 in namei ()
#8 0xf0149614 in union_mount ()
#9 0xf013c07f in sys_mount ()
#10 0xf0202e34 in syscall ()
>How-To-Repeat:
mkdir a b
mount -t union a b
mount -t union b a
>Fix:
If you're concerned about people crashing your system, you should take
UNIONFS out of your kernel for the time being. However, I don't understand
the filesystem code well enough to come up with a fix that "does the right
thing".
>Release-Note:
>Audit-Trail:
From: Rick Byers <rickb@iaw.on.ca>
To: gnats-bugs@netbsd.org
Cc: Subject: kern/4597
Date: Sun, 23 May 1999 17:58:02 -0400
This is still a problem in NetBSD-1.4.
IMHO, the UNION file system should be removed from the GENERIC kernel
(possibly along with null and umap) with a comment indicating that any
machine with the UNION filesystem in the kernel can be crashed by any
user. Experienced administrators know not to trust unionfs, but
newbies do not (I was bitten by this 2 years ago).
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.