Bug 437137 - Calling dlm_ls_lockx() wth LKF_VALBLK set and NULL sb_lvbptr seg faults libdlm.
Summary: Calling dlm_ls_lockx() wth LKF_VALBLK set and NULL sb_lvbptr seg faults libdlm.
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: cman
Version: 5.2
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: Christine Caulfield
QA Contact: GFS Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-12 16:05 UTC by Dean Jansa
Modified: 2009-04-16 22:51 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2009-01-20 21:52:21 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2009:0189 0 normal SHIPPED_LIVE cman bug-fix and enhancement update 2009-01-20 16:05:55 UTC

Description Dean Jansa 2008-03-12 16:05:30 UTC 
Description of problem:

I called dlm_ls_lock() with a the LKF_VALBLK flag and had initialized the lksb.sb_lvbptr to NULL.
This resulted in a SIGSEGV from libdlm:
Program received signal SIGSEGV, Segmentation fault.
[Switching to Thread 46912496179680 (LWP 16933)]
0x000000343ca0317b in unlock_resource () from /usr/lib64/libdlm.so.2
(gdb) bt
#0  0x000000343ca0317b in unlock_resource () from /usr/lib64/libdlm.so.2

(gdb) up
#1  0x00002aaaae09d854 in lockObjCmd (cdata=0x1cb5cd40, interp=0x1cb22100, 
    objc=7, objv=0x1cb37a58) at tcl_dlm.c:568
568		if (dlm_ls_lockx(dlmPtr->lsPtr->lsh, mode, lkPtr->lksb, flags, resourceStr,

(gdb) p lkPtr->lksb
$1 = (struct dlm_lksb *) 0x1cb925b0

(gdb) p (*lkPtr->lksb)
$2 = {sb_status = 0, sb_lkid = 0, sb_flags = 0 '\0', sb_lvbptr = 0x0}

Version-Release number of selected component (if applicable):
cman-devel-2.0.80-1.el5
cman-2.0.80-1.el5

How reproducible:

Every time

Steps to Reproduce:

Make a call to dlm_ls_lockx() with LKF_VALBLK flag and a NULL sb_lvbptr.

Expected results:

Error from libdlm.
Comment 1 Dean Jansa 2008-03-12 16:07:52 UTC 
Forgot to include the flags in the gdb output:

(gdb) up
#1  0x00002aaaae09d854 in lockObjCmd (cdata=0x1cb5cd40, interp=0x1cb22100, 
    objc=7, objv=0x1cb37a58) at tcl_dlm.c:568
568		if (dlm_ls_lockx(dlmPtr->lsPtr->lsh, mode, lkPtr->lksb, flags, resourceStr,
(gdb) p flags
$3 = 8
Comment 2 Christine Caulfield 2008-03-13 16:45:50 UTC 
The branch, master has been updated
       via  5c00e231b21d2b8e0be1b4dd028122313e603597 (commit)
      from  674aec455c8f4506c390532276d1392aa017f1b6 (commit)

The branch, STABLE2 has been updated
       via  31b6d55cadb4aa87a76d907dc2fa7696fda89379 (commit)
      from  088cad7ce9f46b501fcfd8475c71e0909a86d895 (commit)
Comment 3 David Teigland 2008-03-25 16:19:39 UTC 
commit in RHEL5 branch 0484ef93e8d09313f8f110d23c2a6a6b4aca2f60
Comment 7 errata-xmlrpc 2009-01-20 21:52:21 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2009-0189.html
Note You need to log in before you can comment on or make changes to this bug.