[Bugs] [Bug 1195120] DHT + epoll : client crashed
bugzilla at redhat.com
bugzilla at redhat.com
Tue Feb 24 05:10:19 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1195120
Raghavendra G <rgowdapp at redhat.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |POST
--- Comment #2 from Raghavendra G <rgowdapp at redhat.com> ---
In the current code, dht_discover_complete can be invoked because of:
1. attempt_unwind is true
2. we are processing reply from the last subvolume
In scenario 1, following race is possible:
T1: calls dht_frame_return.
T2: calls dht_frame_return. This happens to be last call and hence it
invokes dht_discover_complete, goes ahead and destroys frame
T1: since attempt_unwind is true, calls
dht_discover_complete. However, since frame is already freed, call
to dht_discover_complete can result in a crash.
The fix is to make sure that destruction of the frame is done only by
the thread executing dht_discover_complete.
--
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.
More information about the Bugs
mailing list