diff options
author | Trond Myklebust <Trond.Myklebust@netapp.com> | 2006-03-20 13:44:41 -0500 |
---|---|---|
committer | Trond Myklebust <Trond.Myklebust@netapp.com> | 2006-03-20 13:44:41 -0500 |
commit | 4c060b531006e0711db32a132d6ac7661594b280 (patch) | |
tree | 899f281dfec3da7e29ede2e76019b3861116714f /fs | |
parent | 26bcbf965f857c710adafd16cf424f043006b5dd (diff) |
lockd: Fix Oopses due to list manipulation errors.
The patch "stop abusing file_lock_list introduces a couple of bugs since
the locks may be copied and need to be removed from the lists when they are
destroyed.
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/lockd/clntlock.c | 7 | ||||
-rw-r--r-- | fs/lockd/clntproc.c | 15 | ||||
-rw-r--r-- | fs/lockd/host.c | 7 |
3 files changed, 15 insertions, 14 deletions
diff --git a/fs/lockd/clntlock.c b/fs/lockd/clntlock.c index 0fc0ee267b04..7cf41c1e1a88 100644 --- a/fs/lockd/clntlock.c +++ b/fs/lockd/clntlock.c | |||
@@ -213,11 +213,12 @@ reclaimer(void *ptr) | |||
213 | /* First, reclaim all locks that have been marked. */ | 213 | /* First, reclaim all locks that have been marked. */ |
214 | restart: | 214 | restart: |
215 | list_for_each_entry_safe(fl, next, &host->h_reclaim, fl_u.nfs_fl.list) { | 215 | list_for_each_entry_safe(fl, next, &host->h_reclaim, fl_u.nfs_fl.list) { |
216 | list_del(&fl->fl_u.nfs_fl.list); | 216 | list_del_init(&fl->fl_u.nfs_fl.list); |
217 | 217 | ||
218 | nlmclnt_reclaim(host, fl); | ||
219 | if (signalled()) | 218 | if (signalled()) |
220 | break; | 219 | continue; |
220 | if (nlmclnt_reclaim(host, fl) == 0) | ||
221 | list_add_tail(&fl->fl_u.nfs_fl.list, &host->h_granted); | ||
221 | goto restart; | 222 | goto restart; |
222 | } | 223 | } |
223 | 224 | ||
diff --git a/fs/lockd/clntproc.c b/fs/lockd/clntproc.c index cb469431bd1d..3e90356b4882 100644 --- a/fs/lockd/clntproc.c +++ b/fs/lockd/clntproc.c | |||
@@ -446,12 +446,14 @@ nlmclnt_test(struct nlm_rqst *req, struct file_lock *fl) | |||
446 | 446 | ||
447 | static void nlmclnt_locks_copy_lock(struct file_lock *new, struct file_lock *fl) | 447 | static void nlmclnt_locks_copy_lock(struct file_lock *new, struct file_lock *fl) |
448 | { | 448 | { |
449 | memcpy(&new->fl_u.nfs_fl, &fl->fl_u.nfs_fl, sizeof(new->fl_u.nfs_fl)); | 449 | new->fl_u.nfs_fl.state = fl->fl_u.nfs_fl.state; |
450 | nlm_get_lockowner(new->fl_u.nfs_fl.owner); | 450 | new->fl_u.nfs_fl.owner = nlm_get_lockowner(fl->fl_u.nfs_fl.owner); |
451 | list_add_tail(&new->fl_u.nfs_fl.list, &fl->fl_u.nfs_fl.owner->host->h_granted); | ||
451 | } | 452 | } |
452 | 453 | ||
453 | static void nlmclnt_locks_release_private(struct file_lock *fl) | 454 | static void nlmclnt_locks_release_private(struct file_lock *fl) |
454 | { | 455 | { |
456 | list_del(&fl->fl_u.nfs_fl.list); | ||
455 | nlm_put_lockowner(fl->fl_u.nfs_fl.owner); | 457 | nlm_put_lockowner(fl->fl_u.nfs_fl.owner); |
456 | fl->fl_ops = NULL; | 458 | fl->fl_ops = NULL; |
457 | } | 459 | } |
@@ -466,6 +468,7 @@ static void nlmclnt_locks_init_private(struct file_lock *fl, struct nlm_host *ho | |||
466 | BUG_ON(fl->fl_ops != NULL); | 468 | BUG_ON(fl->fl_ops != NULL); |
467 | fl->fl_u.nfs_fl.state = 0; | 469 | fl->fl_u.nfs_fl.state = 0; |
468 | fl->fl_u.nfs_fl.owner = nlm_find_lockowner(host, fl->fl_owner); | 470 | fl->fl_u.nfs_fl.owner = nlm_find_lockowner(host, fl->fl_owner); |
471 | INIT_LIST_HEAD(&fl->fl_u.nfs_fl.list); | ||
469 | fl->fl_ops = &nlmclnt_lock_ops; | 472 | fl->fl_ops = &nlmclnt_lock_ops; |
470 | } | 473 | } |
471 | 474 | ||
@@ -552,7 +555,7 @@ nlmclnt_lock(struct nlm_rqst *req, struct file_lock *fl) | |||
552 | if (resp->status == NLM_LCK_GRANTED) { | 555 | if (resp->status == NLM_LCK_GRANTED) { |
553 | fl->fl_u.nfs_fl.state = host->h_state; | 556 | fl->fl_u.nfs_fl.state = host->h_state; |
554 | fl->fl_flags |= FL_SLEEP; | 557 | fl->fl_flags |= FL_SLEEP; |
555 | list_add_tail(&fl->fl_u.nfs_fl.list, &host->h_granted); | 558 | /* Ensure the resulting lock will get added to granted list */ |
556 | do_vfs_lock(fl); | 559 | do_vfs_lock(fl); |
557 | } | 560 | } |
558 | status = nlm_stat_to_errno(resp->status); | 561 | status = nlm_stat_to_errno(resp->status); |
@@ -619,12 +622,6 @@ nlmclnt_unlock(struct nlm_rqst *req, struct file_lock *fl) | |||
619 | int status; | 622 | int status; |
620 | 623 | ||
621 | /* | 624 | /* |
622 | * Remove from the granted list now so the lock doesn't get | ||
623 | * reclaimed while we're stuck in the unlock call. | ||
624 | */ | ||
625 | list_del(&fl->fl_u.nfs_fl.list); | ||
626 | |||
627 | /* | ||
628 | * Note: the server is supposed to either grant us the unlock | 625 | * Note: the server is supposed to either grant us the unlock |
629 | * request, or to deny it with NLM_LCK_DENIED_GRACE_PERIOD. In either | 626 | * request, or to deny it with NLM_LCK_DENIED_GRACE_PERIOD. In either |
630 | * case, we want to unlock. | 627 | * case, we want to unlock. |
diff --git a/fs/lockd/host.c b/fs/lockd/host.c index f456f8ed9acd..112ebf8b8dfe 100644 --- a/fs/lockd/host.c +++ b/fs/lockd/host.c | |||
@@ -245,8 +245,12 @@ void nlm_release_host(struct nlm_host *host) | |||
245 | { | 245 | { |
246 | if (host != NULL) { | 246 | if (host != NULL) { |
247 | dprintk("lockd: release host %s\n", host->h_name); | 247 | dprintk("lockd: release host %s\n", host->h_name); |
248 | atomic_dec(&host->h_count); | ||
249 | BUG_ON(atomic_read(&host->h_count) < 0); | 248 | BUG_ON(atomic_read(&host->h_count) < 0); |
249 | if (atomic_dec_and_test(&host->h_count)) { | ||
250 | BUG_ON(!list_empty(&host->h_lockowners)); | ||
251 | BUG_ON(!list_empty(&host->h_granted)); | ||
252 | BUG_ON(!list_empty(&host->h_reclaim)); | ||
253 | } | ||
250 | } | 254 | } |
251 | } | 255 | } |
252 | 256 | ||
@@ -334,7 +338,6 @@ nlm_gc_hosts(void) | |||
334 | rpc_destroy_client(host->h_rpcclnt); | 338 | rpc_destroy_client(host->h_rpcclnt); |
335 | } | 339 | } |
336 | } | 340 | } |
337 | BUG_ON(!list_empty(&host->h_lockowners)); | ||
338 | kfree(host); | 341 | kfree(host); |
339 | nrhosts--; | 342 | nrhosts--; |
340 | } | 343 | } |