Description: MDS may oops in groups_free()
Details : in rare race conditions a newly allocated group_info struct is
freed again, and this can be NULL. The 2.4 compatibility code
for groups_free() checked for a NULL pointer, but 2.6 did not.
b=7273
Details : allow multiple exports with the same NID to be evicted at one
time without re-searching the exports list.
+Severity : major
+Frequency : rare, only with supplementary groups enabled on SMP 2.6 kernels
+Bugzilla : 7273
+Description: MDS may oops in groups_free()
+Details : in rare race conditions a newly allocated group_info struct is
+ freed again, and this can be NULL. The 2.4 compatibility code
+ for groups_free() checked for a NULL pointer, but 2.6 did not.
+
------------------------------------------------------------------------------
08-26-2005 Cluster File Systems, Inc. <info@clusterfs.com>
void groups_free(struct group_info *ginfo)
{
- if (!ginfo)
- return;
-
LASSERT(ginfo->ngroups <= NGROUPS_SMALL);
LASSERT(ginfo->nblocks == 1);
LASSERT(ginfo->blocks[0] == ginfo->small_block);
/* protected by hash lock */
static void free_entry(struct upcall_cache_entry *entry)
{
- groups_free(entry->ue_group_info);
+ if (entry->ue_group_info)
+ groups_free(entry->ue_group_info);
list_del(&entry->ue_hash);
CDEBUG(D_OTHER, "destroy cache entry %p for key "LPU64"\n",
entry, entry->ue_key);
git://git.whamcloud.com / fs / lustre-release.git / commitdiff