Bug 169197 - NFS client oops when debugging is on
Summary: NFS client oops when debugging is on
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: kernel
Version: 4.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
: ---
Assignee: Steve Dickson
QA Contact: Brian Brock
URL:
Whiteboard:
Depends On:
Blocks: 168429
TreeView+ depends on / blocked
 
Reported: 2005-09-24 13:55 UTC by Steve Dickson
Modified: 2007-11-30 22:07 UTC (History)
1 user (show)

Fixed In Version: RHSA-2006-0132
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2006-03-07 20:14:05 UTC


Attachments (Terms of Use)
Proposed patch (589 bytes, patch)
2005-09-24 14:00 UTC, Steve Dickson
no flags Details | Diff


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2005:808 normal SHIPPED_LIVE Important: kernel security update 2005-10-27 04:00:00 UTC
Red Hat Product Errata RHSA-2006:0132 qe-ready SHIPPED_LIVE Moderate: Updated kernel packages available for Red Hat Enterprise Linux 4 Update 3 2006-03-09 16:31:00 UTC

Description Steve Dickson 2005-09-24 13:55:49 UTC
From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050909 Fedora/1.7.10-1.3.2

Description of problem:
nfs_readpage_release() causes an oops while accessing a file with NFS
debugging turned on (echo 32767 > /proc/sys/sunrpc/nfs_debug) and a kernel
built with CONFIG_DEBUG_SLAB.


Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. echo 32767 > /proc/sys/sunrpc/nfs_debug
2. read a file from an NFS filesystem
3.
  

Actual Results:  the system oops

Expected Results:  The read shold work

Additional info:

The upstream patch:
This patch moves the debugging statement above nfs_release_request() to
avoid accessing freed memory.

Signed-off-by: Nick Wilson <njw@osdl.org>
Cc: Trond Myklebust <trond.myklebust@fys.uio.no>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

 fs/nfs/read.c |    5 ++---
 1 files changed, 2 insertions(+), 3 deletions(-)

diff --git a/fs/nfs/read.c b/fs/nfs/read.c
--- a/fs/nfs/read.c
+++ b/fs/nfs/read.c
@@ -184,14 +184,13 @@ static void nfs_readpage_release(struct
 {
     unlock_page(req->wb_page);

-    nfs_clear_request(req);
-    nfs_release_request(req);
-
     dprintk("NFS: read done (%s/%Ld %d@%Ld)\n",
             req->wb_context->dentry->d_inode->i_sb->s_id,
             (long long)NFS_FILEID(req->wb_context->dentry->d_inode),
             req->wb_bytes,
             (long long)req_offset(req));
+    nfs_clear_request(req);
+    nfs_release_request(req);
 }

 /*

Comment 1 Steve Dickson 2005-09-24 14:00:22 UTC
Created attachment 119226 [details]
Proposed patch

Comment 4 Steve Dickson 2005-11-11 14:23:09 UTC

*** This bug has been marked as a duplicate of 171112 ***

Comment 6 Red Hat Bugzilla 2006-03-07 20:14:05 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHSA-2006-0132.html



Note You need to log in before you can comment on or make changes to this bug.