Actions
Bug #163
closedput_osd on umount can use client after free
% Done:
0%
Source:
Tags:
Backport:
Regression:
Severity:
Reviewed:
Affected Versions:
ceph-qa-suite:
Crash signature (v1):
Crash signature (v2):
Description
the connection can be put after ceph_client is freed, at which point this will dereference a bad pointer
static void put_osd(struct ceph_osd *osd)
{
dout("put_osd %p %d -> %d\n", osd, atomic_read(&osd->o_ref),
atomic_read(&osd->o_ref) - 1);
if (atomic_dec_and_test(&osd->o_ref)) {
struct ceph_auth_client *ac = osd->o_osdc->client->monc.auth;
Updated by Sage Weil almost 14 years ago
- Subject changed from put_osd on con shutdown can happen after client is destroyed to put_osd on umount can use client after free
- Target version set to v2.6.35
Updated by Yehuda Sadeh almost 14 years ago
That would explain bug #144:
[12836.065773] Last user: [<ffffffffa01106b9>](put_osd+0x3f/0x82 [ceph])
Updated by Sage Weil almost 14 years ago
- Status changed from New to Resolved
fixed by commit:a922d38fd10d55d5033f10df15baf966e8f5b18c
Actions