Patchwork [Lucid,SRU] 9p: Fix the kernel crash on a failed mount

login
register
mail settings
Submitter Tim Gardner
Date Oct. 2, 2012, 7:22 p.m.
Message ID <1349205731-78572-1-git-send-email-tim.gardner@canonical.com>
Download mbox | patch
Permalink /patch/188636/
State New
Headers show

Comments

Tim Gardner - Oct. 2, 2012, 7:22 p.m.
From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>

BugLink: http://bugs.launchpad.net/bugs/676823

The patch fix the crash repoted below

[   15.149907] BUG: unable to handle kernel NULL pointer dereference at 00000001
[   15.150806] IP: [<c140b886>] p9_virtio_close+0x18/0x24
.....
....
[   15.150806] Call Trace:
[   15.150806]  [<c1408e78>] ? p9_client_destroy+0x3f/0x163
[   15.150806]  [<c1409342>] ? p9_client_create+0x25f/0x270
[   15.150806]  [<c1063b72>] ? trace_hardirqs_on+0xb/0xd
[   15.150806]  [<c11ed4e8>] ? match_token+0x64/0x164
[   15.150806]  [<c1175e8d>] ? v9fs_session_init+0x2f1/0x3c8
[   15.150806]  [<c109cfc9>] ? kmem_cache_alloc+0x98/0xb8
[   15.150806]  [<c1063b72>] ? trace_hardirqs_on+0xb/0xd
[   15.150806]  [<c1173dd1>] ? v9fs_get_sb+0x47/0x1e8
[   15.150806]  [<c1173dea>] ? v9fs_get_sb+0x60/0x1e8
[   15.150806]  [<c10a2e77>] ? vfs_kern_mount+0x81/0x11a
[   15.150806]  [<c10a2f55>] ? do_kern_mount+0x33/0xbe
[   15.150806]  [<c10b40b9>] ? do_mount+0x654/0x6b3
[   15.150806]  [<c1038949>] ? do_page_fault+0x0/0x284
[   15.150806]  [<c10b28ec>] ? copy_mount_options+0x73/0xd2
[   15.150806]  [<c10b4179>] ? sys_mount+0x61/0x94
[   15.150806]  [<c14284e9>] ? syscall_call+0x7/0xb
....
[   15.203562] ---[ end trace 1dd159357709eb4b ]---
[

Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
(cherry picked from commit fb786100f7c75e154e63d0f5a2982e6d46dfb602)

Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
---
 net/9p/trans_virtio.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)
Brad Figg - Oct. 2, 2012, 7:39 p.m.
On 10/02/2012 12:22 PM, Tim Gardner wrote:
> From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
> 
> BugLink: http://bugs.launchpad.net/bugs/676823
> 
> The patch fix the crash repoted below
> 
> [   15.149907] BUG: unable to handle kernel NULL pointer dereference at 00000001
> [   15.150806] IP: [<c140b886>] p9_virtio_close+0x18/0x24
> .....
> ....
> [   15.150806] Call Trace:
> [   15.150806]  [<c1408e78>] ? p9_client_destroy+0x3f/0x163
> [   15.150806]  [<c1409342>] ? p9_client_create+0x25f/0x270
> [   15.150806]  [<c1063b72>] ? trace_hardirqs_on+0xb/0xd
> [   15.150806]  [<c11ed4e8>] ? match_token+0x64/0x164
> [   15.150806]  [<c1175e8d>] ? v9fs_session_init+0x2f1/0x3c8
> [   15.150806]  [<c109cfc9>] ? kmem_cache_alloc+0x98/0xb8
> [   15.150806]  [<c1063b72>] ? trace_hardirqs_on+0xb/0xd
> [   15.150806]  [<c1173dd1>] ? v9fs_get_sb+0x47/0x1e8
> [   15.150806]  [<c1173dea>] ? v9fs_get_sb+0x60/0x1e8
> [   15.150806]  [<c10a2e77>] ? vfs_kern_mount+0x81/0x11a
> [   15.150806]  [<c10a2f55>] ? do_kern_mount+0x33/0xbe
> [   15.150806]  [<c10b40b9>] ? do_mount+0x654/0x6b3
> [   15.150806]  [<c1038949>] ? do_page_fault+0x0/0x284
> [   15.150806]  [<c10b28ec>] ? copy_mount_options+0x73/0xd2
> [   15.150806]  [<c10b4179>] ? sys_mount+0x61/0x94
> [   15.150806]  [<c14284e9>] ? syscall_call+0x7/0xb
> ....
> [   15.203562] ---[ end trace 1dd159357709eb4b ]---
> [
> 
> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
> (cherry picked from commit fb786100f7c75e154e63d0f5a2982e6d46dfb602)
> 
> Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
> ---
>  net/9p/trans_virtio.c |    3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
> 
> diff --git a/net/9p/trans_virtio.c b/net/9p/trans_virtio.c
> index 67c4bc7..cb50f4a 100644
> --- a/net/9p/trans_virtio.c
> +++ b/net/9p/trans_virtio.c
> @@ -102,7 +102,8 @@ static void p9_virtio_close(struct p9_client *client)
>  	struct virtio_chan *chan = client->trans;
>  
>  	mutex_lock(&virtio_9p_lock);
> -	chan->inuse = false;
> +	if (chan)
> +		chan->inuse = false;
>  	mutex_unlock(&virtio_9p_lock);
>  }
>  
>
Colin King - Oct. 3, 2012, 10:28 a.m.
On 02/10/12 20:22, Tim Gardner wrote:
> From: "Aneesh Kumar K.V" <aneesh.kumar@linux.vnet.ibm.com>
>
> BugLink: http://bugs.launchpad.net/bugs/676823
>
> The patch fix the crash repoted below
>
> [   15.149907] BUG: unable to handle kernel NULL pointer dereference at 00000001
> [   15.150806] IP: [<c140b886>] p9_virtio_close+0x18/0x24
> .....
> ....
> [   15.150806] Call Trace:
> [   15.150806]  [<c1408e78>] ? p9_client_destroy+0x3f/0x163
> [   15.150806]  [<c1409342>] ? p9_client_create+0x25f/0x270
> [   15.150806]  [<c1063b72>] ? trace_hardirqs_on+0xb/0xd
> [   15.150806]  [<c11ed4e8>] ? match_token+0x64/0x164
> [   15.150806]  [<c1175e8d>] ? v9fs_session_init+0x2f1/0x3c8
> [   15.150806]  [<c109cfc9>] ? kmem_cache_alloc+0x98/0xb8
> [   15.150806]  [<c1063b72>] ? trace_hardirqs_on+0xb/0xd
> [   15.150806]  [<c1173dd1>] ? v9fs_get_sb+0x47/0x1e8
> [   15.150806]  [<c1173dea>] ? v9fs_get_sb+0x60/0x1e8
> [   15.150806]  [<c10a2e77>] ? vfs_kern_mount+0x81/0x11a
> [   15.150806]  [<c10a2f55>] ? do_kern_mount+0x33/0xbe
> [   15.150806]  [<c10b40b9>] ? do_mount+0x654/0x6b3
> [   15.150806]  [<c1038949>] ? do_page_fault+0x0/0x284
> [   15.150806]  [<c10b28ec>] ? copy_mount_options+0x73/0xd2
> [   15.150806]  [<c10b4179>] ? sys_mount+0x61/0x94
> [   15.150806]  [<c14284e9>] ? syscall_call+0x7/0xb
> ....
> [   15.203562] ---[ end trace 1dd159357709eb4b ]---
> [
>
> Signed-off-by: Aneesh Kumar K.V <aneesh.kumar@linux.vnet.ibm.com>
> Signed-off-by: Eric Van Hensbergen <ericvh@gmail.com>
> (cherry picked from commit fb786100f7c75e154e63d0f5a2982e6d46dfb602)
>
> Signed-off-by: Tim Gardner <tim.gardner@canonical.com>
> ---
>   net/9p/trans_virtio.c |    3 ++-
>   1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/net/9p/trans_virtio.c b/net/9p/trans_virtio.c
> index 67c4bc7..cb50f4a 100644
> --- a/net/9p/trans_virtio.c
> +++ b/net/9p/trans_virtio.c
> @@ -102,7 +102,8 @@ static void p9_virtio_close(struct p9_client *client)
>   	struct virtio_chan *chan = client->trans;
>
>   	mutex_lock(&virtio_9p_lock);
> -	chan->inuse = false;
> +	if (chan)
> +		chan->inuse = false;
>   	mutex_unlock(&virtio_9p_lock);
>   }
>
>
Acked-by: Colin Ian King <colin.king@canonical.com>
Tim Gardner - Oct. 3, 2012, 12:10 p.m.

Patch

diff --git a/net/9p/trans_virtio.c b/net/9p/trans_virtio.c
index 67c4bc7..cb50f4a 100644
--- a/net/9p/trans_virtio.c
+++ b/net/9p/trans_virtio.c
@@ -102,7 +102,8 @@  static void p9_virtio_close(struct p9_client *client)
 	struct virtio_chan *chan = client->trans;
 
 	mutex_lock(&virtio_9p_lock);
-	chan->inuse = false;
+	if (chan)
+		chan->inuse = false;
 	mutex_unlock(&virtio_9p_lock);
 }