Patchwork [BUG:757] nfs3: Use nfs3state in call_state to avoid getting from rpc request

login
register
Submitter Shehjar Tikoo
Date 2010-04-13 03:27:35
Message ID <1271129255-25449-1-git-send-email-shehjart@gluster.com>
Download mbox | patch
Permalink /patch/3136/
State Accepted
Headers show

Comments

Shehjar Tikoo - 2010-04-13 03:27:35
From: Shehjar Tikoo <shehjart@gluster.com>

This change avoids having the nfs translator depend on the sanity
of the rpcsvc_request_t type after NFS reply has been sent. This
was a problem because the request structure is guaranteed to be
invalid after the reply for the request has been submitted by the
RPC program. NFS3 handler was ignoring this behaviour and accessing
the private in request after reply submission resulting in access to
corrupted data.

Signed-off-by: Shehjar Tikoo <shehjart@gluster.com>
---
 xlators/nfs/server/src/nfs3.c |    3 ++-
 xlators/nfs/server/src/nfs3.h |    1 +
 2 files changed, 3 insertions(+), 1 deletions(-)
Shehjar Tikoo - 2010-04-13 03:36:25
FYI, highly critical patch. Most probably fixes bugs 726,731,732,738 and 
817, definitely fixes 757.

Anush, can you please verify that these do not occur anymore. I know you 
have NFS beta test work also to do but just hang in there for a few more 
weeks mate. Request as many instances as you need, if you want to run 
these in parallel. You can test it using nfs-beta-rc1.

Thanks
-Shehjar

Patch

diff --git a/xlators/nfs/server/src/nfs3.c b/xlators/nfs/server/src/nfs3.c
index 712bbca..57d9f57 100644
--- a/xlators/nfs/server/src/nfs3.c
+++ b/xlators/nfs/server/src/nfs3.c
@@ -181,6 +181,7 @@  nfs3_call_state_init (struct nfs3_state *s, rpcsvc_request_t *req, xlator_t *v)
         cs->req = req;
         cs->vol = v;
         cs->nfsx = s->nfsx;
+        cs->nfs3state = s;
 
         return cs;
 }
@@ -192,7 +193,7 @@  nfs3_call_state_wipe (nfs3_call_state_t *cs)
         if (!cs)
                 return;
 
-        nfs3 = rpcsvc_request_program_private (cs->req);
+        nfs3 = cs->nfs3state;
         if (cs->fd) {
                 gf_log (GF_NFS3, GF_LOG_TRACE, "fd ref: %d", cs->fd->refcount);
                 fd_unref (cs->fd);
diff --git a/xlators/nfs/server/src/nfs3.h b/xlators/nfs/server/src/nfs3.h
index 1ec5a20..bb5fbb7 100644
--- a/xlators/nfs/server/src/nfs3.h
+++ b/xlators/nfs/server/src/nfs3.h
@@ -148,6 +148,7 @@  struct nfs3_local {
         xlator_t                *vol;
         nfs3_resume_fn_t        resume_fn;
         xlator_t                *nfsx;
+        struct nfs3_state       *nfs3state;
 
         /* The list hook to attach this call state to the inode's queue till
          * the opening of the fd on the inode completes.