Bug 6692 - mount.cifs segfault
mount.cifs segfault
Status: RESOLVED FIXED
Product: Samba 3.3
Classification: Unclassified
Component: Client tools
unspecified
Other Linux
: P3 normal
: ---
Assigned To: Karolin Seeger
Samba QA Contact
https://bugs.launchpad.net/ubuntu/+so...
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2009-09-04 11:28 UTC by Chuck Short
Modified: 2009-10-09 01:28 UTC (History)
2 users (show)

See Also:
sfrench: review+


Attachments
patch 1 -- revert broken patch (987 bytes, patch)
2009-10-08 09:48 UTC, Jeff Layton
jlayton: review? (sfrench)
Details
patch 2 -- cherry-pick correct patch from master (1.82 KB, patch)
2009-10-08 09:48 UTC, Jeff Layton
jlayton: review? (sfrench)
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Chuck Short 2009-09-04 11:28:27 UTC
Hi,

This was recently reported in launchpad bug #416445:

.
Thread 1 (process 6014):
#0  0x00007f23d7f40e1f in main (argc=1, argv=0x7fffdff43778)
    at client/mount.cifs.c:1084
	c = <value optimized out>
	flags = 64
	orgoptions = 0x0
	share_name = <value optimized out>
	ipaddr = <value optimized out>
	mountpoint = <value optimized out>
	options = <value optimized out>
	optionstail = <value optimized out>
	resolved_path = <value optimized out>
	temp = <value optimized out>
	dev_name = <value optimized out>
	rc = <value optimized out>
	nomtab = <value optimized out>
	optlen = <value optimized out>
	current_len = <value optimized out>
	retry = <value optimized out>
	addrhead = <value optimized out>
	addr = <value optimized out>
	statbuf = {st_dev = 139791916190848, st_ino = 139791923660072, 
  st_nlink = 139791921433088, st_mode = 3620887612, st_uid = 32547, 
  st_gid = 3757323568, __pad0 = 32767, st_rdev = 139791923652024, 
  st_size = 0, st_blksize = 1, st_blocks = 1910330751, st_atim = {
    tv_sec = 139791921471562, tv_nsec = 139791921431472}, st_mtim = {
    tv_sec = 140733193388095, tv_nsec = 29848917}, st_ctim = {
    tv_sec = 139791921470524, tv_nsec = 140736950711864}, __unused = {
    139791923650216, 2, 4}}
	sysinfo = {sysname = "Linux", '\0' <repeats 59 times>, 
  nodename = "ubuntu", '\0' <repeats 58 times>, 
  release = "2.6.28-11-generic", '\0' <repeats 47 times>, 
  version = "#42-Ubuntu SMP Fri Apr 17 01:58:03 UTC 2009", '\0' <repeats 21 times>, machine = "x86_64", '\0' <repeats 58 times>, 
  domainname = "(none)", '\0' <repeats 58 times>}
	mountent = {
  mnt_fsname = 0xf63d4e2e <Address 0xf63d4e2e out of bounds>, 
  mnt_dir = 0x7f23d7d260f0 <Address 0x7f23d7d260f0 out of bounds>, 
  mnt_type = 0x7f23d77a3974 "/N=??\030L\017??-???\217?\204\"\233|\205\"\233|???=?\"\225?8?\031u?\001?\022?BY\020?????w\035\rG??%?V1??r1\035\a;?L\214\t)\020\t~\222\0348??0j??{\004\\H???\034?\002??\0179??0X?\227|\030\034s?T\200?s?\202c\002;H\205\0336\rf?2v????K??\234#\217?\036h\233?\230??\234\002Y1\n?\006???e\235J\032\223?P??\020\205)%~\016|\030??8\a\221\222?\206??:V??I?$\202?7?Qho???\017l"..., mnt_opts = 0x7fff0000002e <Address 0x7fff0000002e out of bounds>, 
  mnt_freq = 64550200, mnt_passno = 0}
	pmntfile = <value optimized out>

Regards
chuck
Comment 1 Kai Blin 2009-10-08 06:59:09 UTC
Can you provide some information on what arguments were passed to mount.cifs, or at least a backtrace with debugging symbols?
Comment 2 Jeff Layton 2009-10-08 07:07:54 UTC
This bug report pretty well lacks any info that would help me debug this. How about a pointer to the mount.cifs.c file that you're reporting this against? Even better would be a tag or commit id in git that identifies it.

It doesn't do me much good to know that it crashed at line 1084 unless I know what's at line 1084 in the code that you shipped.
Comment 3 Jeff Layton 2009-10-08 09:07:44 UTC
Nevermind...I see the bug.

This is already fixed in v3.4 and up with commit d7ca4997017e86b6f23ced64f1f1672bfb15716b

v3.0-3.3 stable branches have the bug. I suppose this should be a stable branch candidate so I'll see what should be done to fix it there.
Comment 4 Jeff Layton 2009-10-08 09:48:02 UTC
Created attachment 4818 [details]
patch 1 -- revert broken patch
Comment 5 Jeff Layton 2009-10-08 09:48:37 UTC
Created attachment 4819 [details]
patch 2 -- cherry-pick correct patch from master
Comment 6 Jeff Layton 2009-10-08 09:49:46 UTC
Steve, can you review and ack these two patches for inclusion in 3.3-stable?
Comment 7 Steve French 2009-10-08 14:49:02 UTC
reviewed
Comment 8 Jeff Layton 2009-10-08 15:13:48 UTC
Can't close this yet, has to be assigned to Karolin...
Comment 9 Jeff Layton 2009-10-08 15:15:13 UTC
Reassigning to Karolin so she can incorporate patches.
Comment 10 Karolin Seeger 2009-10-09 01:28:35 UTC
Pushed, closing out bug report.
Will be included in 3.3.9.

Thanks!