On Thu, Jan 13, 2011 at 10:47:42AM -0500, Chuck Lever wrote:
>
> On Jan 12, 2011, at 11:04 AM, J. Bruce Fields wrote:
>
> > On Wed, Jan 12, 2011 at 02:51:20PM +0100, sdrb wrote:
> >> I've investigated a little the sources and I noticed that probably
> >> there should be some pointer NULL-ed in mountlist_list() procedure
> >> like in patch I've attached.
> >>
> >> Anyone can confirm that such a fix is ok?
> >
> > Thanks for the report.
> >
> > I haven't tried to verify that it could cause the backtrace you saw, but
> > clearly mlist is used after that mountlist_freeall(mlist), so your patch
> > is necessary.
> >
> > Looks like this was introduced with a8348c2c4 "mountd: Add
> > mountlist_freeall()".
>
> Is your theory that the introduction of a function call ( mountlist_freeall() ) hides the side-effects of that while loop, leaving the mlist variable in the mountlist_list() scope pointing at freed memory?
Yup.--b.
>
> > --b.
> >
> >> diff -rNup nfs-utils-1.2.3_orig/utils/mountd/rmtab.c nfs-utils-1.2.3/utils/mountd/rmtab.c
> >> --- nfs-utils-1.2.3/utils/mountd/rmtab.c 2010-09-28 14:24:16.000000000 +0200
> >> +++ nfs-utils-1.2.3/utils/mountd/rmtab.c 2011-01-12 14:44:22.320000000 +0100
> >> @@ -205,6 +205,7 @@ mountlist_list(void)
> >> }
> >> if (stb.st_mtime != last_mtime) {
> >> mountlist_freeall(mlist);
> >> + mlist=NULL;
>
> Nit: Please use white space conventions which match the rest of the file (single blanks around "=").
>
> >> last_mtime = stb.st_mtime;
> >>
> >> setrmtabent("r");
> >
>
> --
> Chuck Lever
> chuck[dot]lever[at]oracle[dot]com
>
>
>
>
--
To unsubscribe from this list: send the line "unsubscribe linux-nfs" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
