>From Malahal <mala...@gmail.com>:
Malahal has uploaded a new change for review. (
https://review.gerrithub.io/343980
Change subject: Fix multiple threads handling the same drc with zero ref count
......................................................................
Fix multiple threads handling the same drc with zero ref count
nfs_dupreq_put_drc() drops the locks after decrementing the ref count to
zero. Imagine this thread not getting scheduled for a good amount of
time. The nfs_dupreq_get_drc() may bump up the ref count and recycle the
drc. The drc may eventually end up with zero ref count in another thread. At
this point we have two threads that are handling the same drc with zero
ref count. One thread may put it in the recycle list and the drc could
be freed before the other thread tries to access the drc! This may lead to
use after freed memory.
The fix here is to wait in the nfs_dupreq_get_drc until the first thread puts
the drc in the recycle queue.
Change-Id: I4d88bd401a5f266b4f7d75bfbeda9b91a329629b
Signed-off-by: Malahal Naineni <mala...@us.ibm.com>
---
M src/RPCAL/nfs_dupreq.c
1 file changed, 46 insertions(+), 9 deletions(-)
git pull ssh://review.gerrithub.io:29419/ffilz/nfs-ganesha
refs/changes/80/343980/1
--
To view, visit https://review.gerrithub.io/343980
To unsubscribe, visit https://review.gerrithub.io/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I4d88bd401a5f266b4f7d75bfbeda9b91a329629b
Gerrit-Change-Number: 343980
Gerrit-PatchSet: 1
Gerrit-Project: ffilz/nfs-ganesha
Gerrit-Branch: next
Gerrit-Owner: Malahal <mala...@gmail.com>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Nfs-ganesha-devel mailing list
Nfs-ganesha-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
