[Bugs] [Bug 1468291] NFS Sub directory is getting mounted on solaris 10 even when the permission is restricted in nfs.export-dir volume option

bugzilla at redhat.com bugzilla at redhat.com
Wed Jul 19 11:48:54 UTC 2017 

https://bugzilla.redhat.com/show_bug.cgi?id=1468291

Niels de Vos <ndevos at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|MODIFIED                    |ASSIGNED



--- Comment #5 from Niels de Vos <ndevos at redhat.com> ---
A segfault can happen with this change:

(gdb) bt
#0  0x00007f8b43d91205 in _gf_ref_put (ref=ref at entry=0x0) at refcount.c:36
#1  0x00007f8b35820455 in nfs3_call_state_wipe (cs=cs at entry=0x0) at nfs3.c:559
#2  0x00007f8b35823dd2 in nfs3_lookup (req=req at entry=0x7f8b3015f3f0,
fh=fh at entry=0x7f8b37066ad0, fhlen=<optimized out>,
name=name at entry=0x7f8b37066b10 "disperseVol") at nfs3.c:1586
#3  0x00007f8b35824408 in nfs3svc_lookup (req=0x7f8b3015f3f0) at nfs3.c:1615
#4  0x00007f8b43ae58c5 in rpcsvc_handle_rpc_call (svc=0x7f8b3006b9f0,
trans=trans at entry=0x7f8b30167270, msg=<optimized out>) at rpcsvc.c:695
#5  0x00007f8b43ae5aab in rpcsvc_notify (trans=0x7f8b30167270,
mydata=<optimized out>, event=<optimized out>, data=<optimized out>) at
rpcsvc.c:789
#6  0x00007f8b43ae79e3 in rpc_transport_notify (this=this at entry=0x7f8b30167270,
event=event at entry=RPC_TRANSPORT_MSG_RECEIVED, data=data at entry=0x7f8b30160720)
at rpc-transport.c:538
#7  0x00007f8b389163d6 in socket_event_poll_in (this=this at entry=0x7f8b30167270,
notify_handled=<optimized out>) at socket.c:2306
#8  0x00007f8b3891897c in socket_event_handler (fd=34, idx=33, gen=10,
data=0x7f8b30167270, poll_in=1, poll_out=0, poll_err=0) at socket.c:2458
#9  0x00007f8b43d7d0f6 in event_dispatch_epoll_handler (event=0x7f8b37067e80,
event_pool=0x55d3ffe94fd0) at event-epoll.c:572
#10 event_dispatch_epoll_worker (data=0x55d3ffedb5f0) at event-epoll.c:648
#11 0x00007f8b42b81e25 in start_thread () from /lib64/libpthread.so.0
#12 0x00007f8b4244e34d in clone () from /lib64/libc.so.6
(gdb) f 2
#2  0x00007f8b35823dd2 in nfs3_lookup (req=req at entry=0x7f8b3015f3f0,
fh=fh at entry=0x7f8b37066ad0, fhlen=<optimized out>,
name=name at entry=0x7f8b37066b10 "disperseVol") at nfs3.c:1586
1586                    nfs3_call_state_wipe (cs);
(gdb) l
1581                    stat = nfs3_errno_to_nfsstat3 (-ret);
1582                    nfs3_log_common_res (rpcsvc_request_xid (req),
1583                                         NFS3_LOOKUP, stat, -ret,
1584                                         cs ? cs->resolvedloc.path : NULL);
1585                    nfs3_lookup_reply (req, stat, NULL, NULL, NULL);
1586                    nfs3_call_state_wipe (cs);
1587                    /* Ret must be 0 after this so that the caller does not
1588                     * also send an RPC reply.
1589                     */
1590                    ret = 0;


If there is a permission error, 'cs' may not get initialized and hence
nfs3_call_state_wipe() should not be called.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=FbqLGT2fxz&a=cc_unsubscribe

More information about the Bugs mailing list