| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <16608EA06321C225+af69d39b-61e7-4e9a-b382-ecf1e7f2d519@chenxiaosong.com>
Date: Thu, 19 Jun 2025 15:10:33 +0800
From: ChenXiaoSong <chenxiaosong@...nxiaosong.com>
To: Jeff Layton <jlayton@...nel.org>, chuck.lever@...cle.com, neilb@...e.de,
okorniev@...hat.com, Dai.Ngo@...cle.com, tom@...pey.com
Cc: linux-nfs@...r.kernel.org, linux-kernel@...r.kernel.org,
huhai@...inos.cn, ChenXiaoSong <chenxiaosong@...inos.cn>
Subject: Re: [RFC PATCH] nfsd: convert the nfsd_users to atomic_t
Yes, nfsd_users is protected by the nfsd_mutex. But the following log
confuse me, why were they printed in a very short period when crash?
[24225.575708] nfsd: last server has exited, flushing export cache
[24225.580242] NFSD: starting 90-second grace period (net f0000030)
...
[24225.807458] NFSD: starting 90-second grace period (net f0000030)
Why was callback_wq queued that it had already been freed? And a new
callback_wq was created. I’ve added some new vmcore analysis to the link:
https://chenxiaosong.com/en/nfs/en-null-ptr-deref-in-nfsd4_probe_callback.html
在 2025/6/18 19:50, Jeff Layton 写道:
> Isn't nfsd_users protected by the nfsd_mutex? It looks like it's held
> in all of the places this counter is accessed.
>
Powered by blists - more mailing lists