[-mm PATCH] v9fs: fix timeout segfault corner case

From: ericvh
Date: Fri Jun 24 2005 - 16:14:52 EST

Next message: Martin J. Bligh: "Re: 2.6.12-mm1 boot failure on NUMA box."
Previous message: Christian Hesse: "Re: [PATCH] Kernel .patches support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Fix for problem reported by DEac- in which a recursive traversal through
a single threaded server times out and then crashes the system when the
single threaded server unblocks and sends the packet that was timed out.

Problem was caused by a pointer which needed to be initialized every time
through the event loop in recv proc, but was previously only intialized prior
to entering the loop.

Signed-off-by: Eric Van Hensbergen <ericvh@xxxxxxxxx>

---
commit f341153ff8705bbe54f8bb652e856f75712b0c52
tree c0c749a66b02dcc43ec6a4c3a299feb815789e49
parent 3a232d10ca42ca692f4fa6c07ce1508ad1cca933
author Eric Van Hensbergen <ericvh@xxxxxxxxx> Fri, 24 Jun 2005 12:33:49 -0500
committer Eric Van Hensbergen <ericvh@xxxxxxxxx> Fri, 24 Jun 2005 12:33:49 -0500

fs/9p/mux.c | 8 ++++----
1 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/fs/9p/mux.c b/fs/9p/mux.c
--- a/fs/9p/mux.c
+++ b/fs/9p/mux.c
@@ -175,7 +175,7 @@ static int v9fs_recv(struct v9fs_session
spin_unlock(&v9ses->muxlock);
}
if (ret == 0) { /* timeout */
- dprintk(DEBUG_MUX, "Connection timeout after %u (%u)\n",
+ dprintk(DEBUG_ERROR, "Connection timeout after %u (%u)\n",
v9ses->timeout,
(unsigned int)msecs_to_jiffies(v9ses->timeout));
v9ses->session_hung = 1;
@@ -344,26 +344,26 @@ static int v9fs_recvproc(void *data)
struct v9fs_fcall *rcall = NULL;
struct list_head *rptr;
struct list_head *rrptr;
- struct v9fs_rpcreq *req = NULL;
+ struct v9fs_rpcreq *req;
int err = 0;

allow_signal(SIGKILL);
set_current_state(TASK_INTERRUPTIBLE);
complete(&v9ses->proccmpl);
while (!kthread_should_stop() && err >= 0) {
+ req = NULL;
+
rcall = kmalloc(v9ses->maxdata + V9FS_IOHDRSZ, GFP_KERNEL);
if(!rcall) {
eprintk(KERN_ERR, "no memory for buffers\n");
break;
}

- dprintk(DEBUG_MUX, "waiting for message\n");
err = read_message(v9ses, rcall, v9ses->maxdata + V9FS_IOHDRSZ);
if (err < 0) {
kfree(rcall);
break;
}
-
spin_lock(&v9ses->muxlock);
list_for_each_safe(rptr, rrptr, &v9ses->mux_fcalls) {
struct v9fs_rpcreq *rreq =
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Martin J. Bligh: "Re: 2.6.12-mm1 boot failure on NUMA box."
Previous message: Christian Hesse: "Re: [PATCH] Kernel .patches support"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]