From: Christoph Hellwig <hch@infradead.org>
To: Jeff Layton <jlayton@redhat.com>
Cc: Christoph Hellwig <hch@infradead.org>,
akpm@linux-foundation.org, neilb@suse.de,
linux-nfs@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 3/6] NLM: Initialize completion variable in lockd_up
Date: Sun, 13 Jan 2008 18:17:43 +0000 [thread overview]
Message-ID: <20080113181743.GA20219@infradead.org> (raw)
In-Reply-To: <20080113082718.396890f7@tleilax.poochiereds.net>
On Sun, Jan 13, 2008 at 08:27:18AM -0500, Jeff Layton wrote:
> I've been hitting an intermittent null pointer dereference ever
> since I've made this change:
The first thing lockd does is to call lock_kernel(). This may either
block (or spin) when it is contended and thus delay updating
nlmsvc_serv. Now lockd_up checks for nlmsvc_task which already is
non-NULL and happily dereference nlmsvc_serv. The patch below
updates nlmsvc_serv in lockd_up where it is protected by nlmsvc_mutex
and also checks for nlmsvc_serv beeing set instead of nlmsvc_task to
fix this problem.
The patch hasn't actually been tested but I'm sure it will fix this
issue.
Btw, lockd() takes BKL just after starting up and only implicitly drops
it when blocking. This seems very dangerous to me and badly wants
updating to some real locking scheme..
Signed-off-by: Christoph Hellwig <hch@lst.de>
Index: linux-2.6/fs/lockd/svc.c
===================================================================
--- linux-2.6.orig/fs/lockd/svc.c 2008-01-13 19:07:17.000000000 +0100
+++ linux-2.6/fs/lockd/svc.c 2008-01-13 19:13:23.000000000 +0100
@@ -118,7 +118,6 @@ lockd(void *vrqstp)
/* set up kernel thread */
lock_kernel();
- nlmsvc_serv = rqstp->rq_server;
set_freezable();
/* Allow SIGKILL to tell lockd to drop all of its locks */
@@ -253,7 +252,7 @@ lockd_up(int proto) /* Maybe add a 'fami
/*
* Check whether we're already up and running.
*/
- if (nlmsvc_task) {
+ if (nlmsvc_serv) {
if (proto)
error = make_socks(nlmsvc_serv, proto);
goto out;
@@ -290,6 +289,9 @@ lockd_up(int proto) /* Maybe add a 'fami
}
svc_sock_update_bufs(serv);
+
+ nlmsvc_serv = rqstp->rq_server;
+
nlmsvc_task = kthread_run(lockd, rqstp, serv->sv_name);
if (IS_ERR(nlmsvc_task)) {
error = PTR_ERR(nlmsvc_task);
next prev parent reply other threads:[~2008-01-13 18:18 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-01-08 19:33 [PATCH 0/6] Intro: convert lockd to kthread and fix use-after-free (try #6) Jeff Layton
2008-01-08 19:33 ` [PATCH 1/6] SUNRPC: spin svc_rqst initialization to its own function Jeff Layton
2008-01-08 19:33 ` [PATCH 2/6] SUNRPC: export svc_sock_update_bufs Jeff Layton
2008-01-08 19:33 ` [PATCH 3/6] NLM: Initialize completion variable in lockd_up Jeff Layton
2008-01-08 19:33 ` [PATCH 4/6] NLM: Have lockd call try_to_freeze Jeff Layton
2008-01-08 19:33 ` [PATCH 5/6] NLM: Convert lockd to use kthreads Jeff Layton
2008-01-08 19:33 ` [PATCH 6/6] NLM: Add reference counting to lockd Jeff Layton
2008-01-09 17:47 ` Christoph Hellwig
2008-01-09 18:36 ` Jeff Layton
2008-01-09 18:48 ` Christoph Hellwig
2008-01-09 18:59 ` Jeff Layton
2008-01-10 3:29 ` Neil Brown
2008-01-10 11:58 ` Jeff Layton
2008-01-09 17:45 ` [PATCH 5/6] NLM: Convert lockd to use kthreads Christoph Hellwig
2008-01-09 18:08 ` Jeff Layton
2008-01-09 17:35 ` [PATCH 3/6] NLM: Initialize completion variable in lockd_up Christoph Hellwig
2008-01-09 18:05 ` Jeff Layton
2008-01-09 18:14 ` Christoph Hellwig
2008-01-13 13:27 ` Jeff Layton
2008-01-13 18:17 ` Christoph Hellwig [this message]
2008-01-13 19:12 ` J. Bruce Fields
2008-01-14 14:24 ` Jeff Layton
2008-01-14 14:25 ` Christoph Hellwig
2008-03-15 3:44 ` Mike Snitzer
2008-03-15 6:34 ` Christoph Hellwig
-- strict thread matches above, loose matches on Subject: below --
2008-01-05 12:02 [PATCH 0/6] Intro: convert lockd to kthread and fix use-after-free (try #5) Jeff Layton
2008-01-05 12:02 ` [PATCH 1/6] SUNRPC: spin svc_rqst initialization to its own function Jeff Layton
2008-01-05 12:02 ` [PATCH 2/6] SUNRPC: export svc_sock_update_bufs Jeff Layton
2008-01-05 12:02 ` [PATCH 3/6] NLM: Initialize completion variable in lockd_up Jeff Layton
2007-12-13 20:40 [PATCH 0/6] Intro: convert lockd to kthread and fix use-after-free Jeff Layton
2007-12-13 20:40 ` [PATCH 1/6] SUNRPC: Allow svc_pool_map_set_cpumask to work with any task Jeff Layton
2007-12-13 20:40 ` [PATCH 2/6] SUNRPC: Break up __svc_create_thread and make svc_create_kthread Jeff Layton
2007-12-13 20:40 ` [PATCH 3/6] NLM: Initialize completion variable in lockd_up Jeff Layton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20080113181743.GA20219@infradead.org \
--to=hch@infradead.org \
--cc=akpm@linux-foundation.org \
--cc=jlayton@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-nfs@vger.kernel.org \
--cc=neilb@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox