Bug 13329

Summary: cifs_close: NULL pointer dereference
Product: File System Reporter: Rafael J. Wysocki (rjw)
Component: CIFSAssignee: fs_cifs (fs_cifs)
Status: CLOSED CODE_FIX    
Severity: normal CC: jlayton, sfrench
Priority: P1    
Hardware: All   
OS: Linux   
Kernel Version: 2.6.30-rc6 Subsystem:
Regression: Yes Bisected commit-id:
Bug Depends on:    
Bug Blocks: 13070    
Attachments: patch -- revert lookup open intent patches

Description Rafael J. Wysocki 2009-05-16 21:37:57 UTC 
Subject    : [2.6.30-rc6] cifs_close: NULL pointer dereference
Submitter  : Luca Tettamanti <kronos.it@gmail.com>
Date       : 2009-05-16 16:28
References : http://marc.info/?l=linux-kernel&m=124249133701702&w=4

This entry is being used for tracking a regression from 2.6.29.  Please don't
close it until the problem is fixed in the mainline.
Comment 1 Jeff Layton 2009-05-17 02:33:01 UTC 
I've been able to reproduce this too.

The problem seems to be with the open lookup intent patches that went in not too long ago. Reverting those fixes the problem for me.
Comment 2 Jeff Layton 2009-05-17 02:35:41 UTC 
Created attachment 21378 [details]
patch -- revert lookup open intent patches

This patch fixes the problem for me. At this point, I think it would probably be best to pull those patches until they can be better tested.
Comment 3 Steve French 2009-05-17 03:20:16 UTC 
Note that reverting the posix open code would mean that we no longer will use the preferred open call (when it is available, e.g. when the server is Samba) in a key path - and thus not get full posix semantics (to Samba) on byte range locks and write.

Since I haven't heard from the patch author (Shirish) today, I will take a look and see if it is simple to fix.
Comment 4 Jeff Layton 2009-05-17 10:07:07 UTC 
I'm not suggesting that we pull the posix open code, just the newer code that makes opens happen during lookup.
Comment 5 Rafael J. Wysocki 2009-05-23 00:01:04 UTC 
Fixed by commit 703a3b8e5c01cf6fb33c6d8dc99905f889a4e992 .