Avoid dereferencing nil on bad fid. Return partial Rwalks instead of Rerrors. Post service ORCLOSE so it goes away when ramfs dies. [sys] --rwxrwxr-x M 259529 glenda sys 89789 Sep 6 23:11 386/bin/ramfs /sys/src/cmd/ramfs.c:io /sys/src/cmd/ramfs.c:main /sys/src/cmd/ramfs.c:rwalk [rsc] --rw-rw-r-- M 259529 glenda sys 15927 Sep 6 07:24 sys/src/cmd/ramfs.c /n/sourcesdump/2005/0906/plan9/sys/src/cmd/ramfs.c:88,93 - /n/sourcesdump/2005/0907/plan9/sys/src/cmd/ramfs.c:88,109 *rread(Fid*), *rwrite(Fid*), *rclunk(Fid*), *rremove(Fid*), *rstat(Fid*), *rwstat(Fid*); + int needfid[] = { + [Tversion] 0, + [Tflush] 0, + [Tauth] 0, + [Tattach] 0, + [Twalk] 1, + [Topen] 1, + [Tcreate] 1, + [Tread] 1, + [Twrite] 1, + [Tclunk] 1, + [Tremove] 1, + [Tstat] 1, + [Twstat] 1, + }; + char *(*fcalls[])(Fid*) = { [Tversion] rversion, [Tflush] rflush, /n/sourcesdump/2005/0906/plan9/sys/src/cmd/ramfs.c:177,183 - /n/sourcesdump/2005/0907/plan9/sys/src/cmd/ramfs.c:193,199 if(defmnt == 0){ char buf[64]; snprint(buf, sizeof buf, "#s/%s", service); - fd = create(buf, OWRITE, 0666); + fd = create(buf, OWRITE|ORCLOSE, 0666); if(fd < 0) error("create failed"); sprint(buf, "%d", p[1]); /n/sourcesdump/2005/0906/plan9/sys/src/cmd/ramfs.c:351,356 - /n/sourcesdump/2005/0907/plan9/sys/src/cmd/ramfs.c:367,374 f->busy = 0; f->ram = nil; } + if(rhdr.nwqid > 0) + err = nil; /* didn't get everything in 9P2000 right! */ if(rhdr.nwqid == thdr.nwname) /* update the fid after a successful walk */ f->ram = fram; return err; /n/sourcesdump/2005/0906/plan9/sys/src/cmd/ramfs.c:747,752 - /n/sourcesdump/2005/0907/plan9/sys/src/cmd/ramfs.c:765,771 { char *err, buf[40]; int n, pid, ctl; + Fid *fid; pid = getpid(); if(private){ /n/sourcesdump/2005/0906/plan9/sys/src/cmd/ramfs.c:787,796 - /n/sourcesdump/2005/0907/plan9/sys/src/cmd/ramfs.c:806,817 if(debug) fprint(2, "ramfs %d:<-%F\n", pid, &thdr); - if(!fcalls[thdr.type]) + if(thdr.type<0 || thdr.type>=nelem(fcalls) || !fcalls[thdr.type]) err = "bad fcall type"; + else if(((fid=newfid(thdr.fid))==nil || !fid->ram) && needfid[thdr.type]) + err = "fid not in use"; else - err = (*fcalls[thdr.type])(newfid(thdr.fid)); + err = (*fcalls[thdr.type])(fid); if(err){ rhdr.type = Rerror; rhdr.ename = err; [sys] --rwxrwxr-x M 259529 glenda sys 89789 Sep 6 23:11 386/bin/ramfs /sys/src/cmd/ramfs.c:emalloc /sys/src/cmd/ramfs.c:erealloc /sys/src/cmd/ramfs.c:error /sys/src/cmd/ramfs.c:estrdup /sys/src/cmd/ramfs.c:io /sys/src/cmd/ramfs.c:main /sys/src/cmd/ramfs.c:rwalk /sys/src/cmd/ramfs.c:usage /sys/src/libc/port/rune.c:chartorune