From eeb92518843ae67bfa76889db0cee7cfbd03cd82 Mon Sep 17 00:00:00 2001
From: Robert Watson <rwatson@FreeBSD.org>
Date: Wed, 24 Jul 2002 15:42:22 +0000
Subject: [PATCH] Under #ifdef DIAGNOSTIC, NULL out componentname pointers if
 we free the pnbuf to increase the chances of detecting use of a free'd name
 buffer if SAVENAME or SAVESTART wasn't passed in.  Curiously, running with
 these changes doesn't panic the kernel, and should.

---
 sys/kern/vfs_lookup.c | 20 ++++++++++++++++++--
 1 file changed, 18 insertions(+), 2 deletions(-)

diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c
index 8e4af42338fb..9c24f5247cfe 100644
--- a/sys/kern/vfs_lookup.c
+++ b/sys/kern/vfs_lookup.c
@@ -134,6 +134,10 @@ namei(ndp)
 
 	if (error) {
 		uma_zfree(namei_zone, cnp->cn_pnbuf);
+#ifdef DIAGNOSTIC
+		cnp->cn_pnbuf = NULL;
+		cnp->cn_nameptr = NULL;
+#endif
 		ndp->ni_vp = NULL;
 		return (error);
 	}
@@ -175,15 +179,23 @@ namei(ndp)
 		error = lookup(ndp);
 		if (error) {
 			uma_zfree(namei_zone, cnp->cn_pnbuf);
+#ifdef DIAGNOSTIC
+			cnp->cn_pnbuf = NULL;
+			cnp->cn_nameptr = NULL;
+#endif
 			return (error);
 		}
 		/*
 		 * Check for symbolic link
 		 */
 		if ((cnp->cn_flags & ISSYMLINK) == 0) {
-			if ((cnp->cn_flags & (SAVENAME | SAVESTART)) == 0)
+			if ((cnp->cn_flags & (SAVENAME | SAVESTART)) == 0) {
 				uma_zfree(namei_zone, cnp->cn_pnbuf);
-			else
+#ifdef DIAGNOSTIC
+				cnp->cn_pnbuf = NULL;
+				cnp->cn_nameptr = NULL;
+#endif
+			} else
 				cnp->cn_flags |= HASBUF;
 
 			if (vn_canvmio(ndp->ni_vp) == TRUE &&
@@ -244,6 +256,10 @@ namei(ndp)
 		dp = ndp->ni_dvp;
 	}
 	uma_zfree(namei_zone, cnp->cn_pnbuf);
+#ifdef DIAGNOSTIC
+	cnp->cn_pnbuf = NULL;
+	cnp->cn_nameptr = NULL;
+#endif
 	vrele(ndp->ni_dvp);
 	vput(ndp->ni_vp);
 	ndp->ni_vp = NULL;