autofs-5.1.1 - fix rwlock unlock crash

From: Ian Kent <raven@themaw.net>

It should be the case that the only way that automount can exit

the kernel communication read loop is after reading a packet and

performing shutdown operations.

However there are reports of pthread_rwlock_unlock() being called

from the exit cleanup function when the lock it is trying to unlock

is not held.

But the call to the cleanup function is outside the communication

loop so call it from each of the loop break points instead so that

the expected locks must be held.

Signed-off-by: Ian Kent <raven@themaw.net>

---

 CHANGELOG          |    1 +

 daemon/automount.c |    7 ++++---

 2 files changed, 5 insertions(+), 3 deletions(-)

--- autofs-5.0.7.orig/CHANGELOG

+++ autofs-5.0.7/CHANGELOG

@@ -188,6 +188,7 @@

 - fix typo in autofs.conf.

 - always set direct mounts catatonic at exit.

 - log pipe read errors.

+- fix rwlock unlock crash.

 25/07/2012 autofs-5.0.7

 =======================

--- autofs-5.0.7.orig/daemon/automount.c

+++ autofs-5.0.7/daemon/automount.c

@@ -1773,6 +1773,7 @@ void *handle_mounts(void *arg)

 			 */

 			if (ap->type == LKP_DIRECT) {

 				umount_autofs(ap, NULL, 1);

+				handle_mounts_cleanup(ap);

 				break;

 			}

@@ -1783,8 +1784,10 @@ void *handle_mounts(void *arg)

 			 * occurs while we're trying to umount.

 			 */

 			ret = umount_autofs(ap, NULL, 1);

-			if (!ret)

+			if (!ret) {

+				handle_mounts_cleanup(ap);

 				break;

+			}

 			/* Failed shutdown returns to ready */

 			warn(ap->logopt,

@@ -1805,8 +1808,6 @@ void *handle_mounts(void *arg)

 		}

 	}

-	handle_mounts_cleanup(ap);

-

 	return NULL;

 }