523860 – PATCH: fix mdmon segfault

Bug 523860 - PATCH: fix mdmon segfault

Summary: PATCH: fix mdmon segfault

Keywords:
Status:	CLOSED RAWHIDE
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	mdadm
Sub Component:
Version:	rawhide
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Doug Ledford
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2009-09-16 21:36 UTC by Hans de Goede
Modified:	2009-09-17 11:52 UTC (History)
CC List:	2 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2009-09-17 11:52:34 UTC
Type:	---
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
PATCH: fix mdmon segfault (437 bytes, patch) 2009-09-16 21:36 UTC, Hans de Goede	no flags	Details \| Diff
View All

Description Hans de Goede 2009-09-16 21:36:47 UTC

Created attachment 361382 [details]
PATCH: fix mdmon segfault

mdmon was creating a supertype struct with malloc, and thus not necessarily
getting zero-d memory.

This was causing it to segfault when called like this from the initrd:
/sbin/mdmon /proc/mdstat /sysroot

The problem was that  load_super_imsm would get called on the non-zero'd
super struct, whcih in turn calls free_super_imsm, which checks st->sb, which
should be zero but isn't and then starts freeing bogus memory.

The attached patch fixes this by using calloc instead of malloc.

This is a rather big problem as mdmon crashing can cause tasks writing to the
disk to hang forever, see bug 523422.

Note You need to log in before you can comment on or make changes to this bug.