In lockres_seq_start() of dlmdebug.c, when you looking at following
piece of codes:
list_for_each_entry(res, track_list, tracking) {
if (&res->tracking == &dlm->tracking_list)
res = NULL;
else
dlm_lockres_get(res);
break;
}
...
if (res) {
spin_lock(&res->spinlock);
dump_lockres(res, dl->dl_buf, dl->dl_len - 1);
spin_unlock(&res->spinlock);
} else
dl = NULL;
One thought can come to you that, in the case of 'an-empty-list', cursor 'res'
here is not an INVALID pointer for real dlm_lock_resource object, it is nothing
than a fake address figured out by arbitary 'container_of()' way, the patch
tries
to check track_list, and avoid accessing an invalid pointer if the list is
empty,
it fixes following oops:
http://oss.oracle.com/bugzilla/show_bug.cgi?id=1287
Signed-off-by: Tristan Ye <[email protected]>
---
fs/ocfs2/dlm/dlmdebug.c | 7 +++++++
1 files changed, 7 insertions(+), 0 deletions(-)
diff --git a/fs/ocfs2/dlm/dlmdebug.c b/fs/ocfs2/dlm/dlmdebug.c
index 5efdd37..06d668a 100644
--- a/fs/ocfs2/dlm/dlmdebug.c
+++ b/fs/ocfs2/dlm/dlmdebug.c
@@ -639,6 +639,12 @@ static void *lockres_seq_start(struct seq_file *m, loff_t
*pos)
else
track_list = &dlm->tracking_list;
+ if (list_empty(track_list)) {
+ dl = NULL;
+ spin_unlock(&dlm->track_lock);
+ goto bail;
+ }
+
list_for_each_entry(res, track_list, tracking) {
if (&res->tracking == &dlm->tracking_list)
res = NULL;
@@ -660,6 +666,7 @@ static void *lockres_seq_start(struct seq_file *m, loff_t
*pos)
} else
dl = NULL;
+bail:
/* passed to seq_show */
return dl;
}
--
1.5.5
_______________________________________________
Ocfs2-devel mailing list
[email protected]
http://oss.oracle.com/mailman/listinfo/ocfs2-devel
