Message ID | 1359802508-28622-1-git-send-email-jlayton@redhat.com (mailing list archive) |
---|---|
State | New, archived |
Headers | show |
Thanks, applying.--b. On Sat, Feb 02, 2013 at 05:55:08AM -0500, Jeff Layton wrote: > commit 885c91f7466 in Bruce's tree was causing oopses for me: > > general protection fault: 0000 [#1] SMP > Modules linked in: nfsd(OF) nfs_acl(OF) auth_rpcgss(OF) lockd(OF) sunrpc(OF) kvm_amd kvm microcode i2c_piix4 virtio_net virtio_balloon cirrus drm_kms_helper ttm drm virtio_blk i2c_core > CPU 0 > Pid: 564, comm: exportfs Tainted: GF O 3.8.0-0.rc5.git2.1.fc19.x86_64 #1 Bochs Bochs > RIP: 0010:[<ffffffff811b1509>] [<ffffffff811b1509>] kfree+0x49/0x280 > RSP: 0018:ffff88007a3d7c50 EFLAGS: 00010203 > RAX: 01adaf8dadadad80 RBX: 6b6b6b6b6b6b6b6b RCX: 0000000000000001 > RDX: ffffffff7fffffff RSI: 0000000000000000 RDI: 6b6b6b6b6b6b6b6b > RBP: ffff88007a3d7c80 R08: 6b6b6b6b6b6b6b6b R09: 0000000000000000 > R10: 0000000000000018 R11: 0000000000000000 R12: ffff88006a117b50 > R13: ffffffffa01a589c R14: ffff8800631b0f50 R15: 01ad998dadadad80 > FS: 00007fcaa3616740(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000 > CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b > CR2: 00007f5d84b6fdd8 CR3: 0000000064db4000 CR4: 00000000000006f0 > DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 > DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 > Process exportfs (pid: 564, threadinfo ffff88007a3d6000, task ffff88006af28000) > Stack: > ffff88007a3d7c80 ffff88006a117b68 ffff88006a117b50 0000000000000000 > ffff8800631b0f50 ffff88006a117b50 ffff88007a3d7ca0 ffffffffa01a589c > ffff880036be1148 ffff88007a3d7cf8 ffff88007a3d7e28 ffffffffa01a6a98 > Call Trace: > [<ffffffffa01a589c>] svc_export_put+0x5c/0x70 [nfsd] > [<ffffffffa01a6a98>] svc_export_parse+0x328/0x7e0 [nfsd] > [<ffffffffa016f1c7>] cache_do_downcall+0x57/0x70 [sunrpc] > [<ffffffffa016f25e>] cache_downcall+0x7e/0x100 [sunrpc] > [<ffffffffa016f338>] cache_write_procfs+0x58/0x90 [sunrpc] > [<ffffffffa016f2e0>] ? cache_downcall+0x100/0x100 [sunrpc] > [<ffffffff8123b0e5>] proc_reg_write+0x75/0xb0 > [<ffffffff811ccecf>] vfs_write+0x9f/0x170 > [<ffffffff811cd089>] sys_write+0x49/0xa0 > [<ffffffff816e0919>] system_call_fastpath+0x16/0x1b > Code: 66 66 66 90 48 83 fb 10 0f 86 c3 00 00 00 48 89 df 49 bf 00 00 00 00 00 ea ff ff e8 f2 12 ea ff 48 c1 e8 0c 48 c1 e0 06 49 01 c7 <49> 8b 07 f6 c4 80 0f 85 1d 02 00 00 49 8b 07 a8 80 0f 84 ee 01 > RIP [<ffffffff811b1509>] kfree+0x49/0x280 > RSP <ffff88007a3d7c50> > > I think Majianpeng's patch is correct, but incomplete. In order for it > to be safe to free the ex_uuid unconditionally in svc_export_put, we > need to make sure it's initialized to NULL in the init routine. > > Cc: majianpeng <majianpeng@gmail.com> > Signed-off-by: Jeff Layton <jlayton@redhat.com> > --- > fs/nfsd/export.c | 1 + > 1 file changed, 1 insertion(+) > > diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c > index 30a572d..15ebf91 100644 > --- a/fs/nfsd/export.c > +++ b/fs/nfsd/export.c > @@ -661,6 +661,7 @@ static void svc_export_init(struct cache_head *cnew, struct cache_head *citem) > new->ex_fslocs.locations = NULL; > new->ex_fslocs.locations_count = 0; > new->ex_fslocs.migrated = 0; > + new->ex_uuid = NULL; > new->cd = item->cd; > } > > -- > 1.7.11.7 > -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
diff --git a/fs/nfsd/export.c b/fs/nfsd/export.c index 30a572d..15ebf91 100644 --- a/fs/nfsd/export.c +++ b/fs/nfsd/export.c @@ -661,6 +661,7 @@ static void svc_export_init(struct cache_head *cnew, struct cache_head *citem) new->ex_fslocs.locations = NULL; new->ex_fslocs.locations_count = 0; new->ex_fslocs.migrated = 0; + new->ex_uuid = NULL; new->cd = item->cd; }
commit 885c91f7466 in Bruce's tree was causing oopses for me: general protection fault: 0000 [#1] SMP Modules linked in: nfsd(OF) nfs_acl(OF) auth_rpcgss(OF) lockd(OF) sunrpc(OF) kvm_amd kvm microcode i2c_piix4 virtio_net virtio_balloon cirrus drm_kms_helper ttm drm virtio_blk i2c_core CPU 0 Pid: 564, comm: exportfs Tainted: GF O 3.8.0-0.rc5.git2.1.fc19.x86_64 #1 Bochs Bochs RIP: 0010:[<ffffffff811b1509>] [<ffffffff811b1509>] kfree+0x49/0x280 RSP: 0018:ffff88007a3d7c50 EFLAGS: 00010203 RAX: 01adaf8dadadad80 RBX: 6b6b6b6b6b6b6b6b RCX: 0000000000000001 RDX: ffffffff7fffffff RSI: 0000000000000000 RDI: 6b6b6b6b6b6b6b6b RBP: ffff88007a3d7c80 R08: 6b6b6b6b6b6b6b6b R09: 0000000000000000 R10: 0000000000000018 R11: 0000000000000000 R12: ffff88006a117b50 R13: ffffffffa01a589c R14: ffff8800631b0f50 R15: 01ad998dadadad80 FS: 00007fcaa3616740(0000) GS:ffff88007fc00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 000000008005003b CR2: 00007f5d84b6fdd8 CR3: 0000000064db4000 CR4: 00000000000006f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000ffff0ff0 DR7: 0000000000000400 Process exportfs (pid: 564, threadinfo ffff88007a3d6000, task ffff88006af28000) Stack: ffff88007a3d7c80 ffff88006a117b68 ffff88006a117b50 0000000000000000 ffff8800631b0f50 ffff88006a117b50 ffff88007a3d7ca0 ffffffffa01a589c ffff880036be1148 ffff88007a3d7cf8 ffff88007a3d7e28 ffffffffa01a6a98 Call Trace: [<ffffffffa01a589c>] svc_export_put+0x5c/0x70 [nfsd] [<ffffffffa01a6a98>] svc_export_parse+0x328/0x7e0 [nfsd] [<ffffffffa016f1c7>] cache_do_downcall+0x57/0x70 [sunrpc] [<ffffffffa016f25e>] cache_downcall+0x7e/0x100 [sunrpc] [<ffffffffa016f338>] cache_write_procfs+0x58/0x90 [sunrpc] [<ffffffffa016f2e0>] ? cache_downcall+0x100/0x100 [sunrpc] [<ffffffff8123b0e5>] proc_reg_write+0x75/0xb0 [<ffffffff811ccecf>] vfs_write+0x9f/0x170 [<ffffffff811cd089>] sys_write+0x49/0xa0 [<ffffffff816e0919>] system_call_fastpath+0x16/0x1b Code: 66 66 66 90 48 83 fb 10 0f 86 c3 00 00 00 48 89 df 49 bf 00 00 00 00 00 ea ff ff e8 f2 12 ea ff 48 c1 e8 0c 48 c1 e0 06 49 01 c7 <49> 8b 07 f6 c4 80 0f 85 1d 02 00 00 49 8b 07 a8 80 0f 84 ee 01 RIP [<ffffffff811b1509>] kfree+0x49/0x280 RSP <ffff88007a3d7c50> I think Majianpeng's patch is correct, but incomplete. In order for it to be safe to free the ex_uuid unconditionally in svc_export_put, we need to make sure it's initialized to NULL in the init routine. Cc: majianpeng <majianpeng@gmail.com> Signed-off-by: Jeff Layton <jlayton@redhat.com> --- fs/nfsd/export.c | 1 + 1 file changed, 1 insertion(+)