[Bugs] [Bug 1245565] New: Crash in dht_getxattr_cbk
bugzilla at redhat.com
bugzilla at redhat.com
Wed Jul 22 10:12:20 UTC 2015
https://bugzilla.redhat.com/show_bug.cgi?id=1245565
Bug ID: 1245565
Summary: Crash in dht_getxattr_cbk
Product: Red Hat Gluster Storage
Version: 3.0
Component: gluster-dht
Assignee: rhs-bugs at redhat.com
Reporter: nbalacha at redhat.com
QA Contact: storage-qa-internal at redhat.com
CC: bugs at gluster.org, gluster-bugs at redhat.com,
nbalacha at redhat.com, spalai at redhat.com
Depends On: 1215592
Blocks: 1217386
+++ This bug was initially created as a clone of Bug #1215592 +++
Description of problem:
1. When two threads execute in parallel in dht_getxattr_cbk
it may so happen that, both may find local->xattr to be NULL. As
a result dht_aggregate_xattr may not get executed.
2. In dht_getxattr_cbk,
thread1 thread2
T1 this_call_cnt = 2 -1
T2 this_call_cnt = 1 - 1
T3 fills local_xattr
T4 DHT_STACK_UNWIND -> local_wipe
T5 tries to dereference local
which is already freed,
leading to crash.
Version-Release number of selected component (if applicable):
How reproducible:
Got the crash from gerrit:
http://build.gluster.org/job/rackspace-regression-2GB-triggered/7345/consoleFull
Steps to Reproduce:
1.
2.
3.
Actual results:
client process crashes
Expected results:
Additional info:
--- Additional comment from Anand Avati on 2015-04-27 04:56:56 EDT ---
REVIEW: http://review.gluster.org/10389 (dht: tackle thread race in
dht_getxattr_cbk) posted (#3) for review on master by Susant Palai
(spalai at redhat.com)
--- Additional comment from Anand Avati on 2015-04-29 10:02:03 EDT ---
COMMIT: http://review.gluster.org/10389 committed in master by Shyamsundar
Ranganathan (srangana at redhat.com)
------
commit 6bde16f7dc4a43d85e488f25ad679abfd24e72d1
Author: Susant Palai <spalai at redhat.com>
Date: Sun Apr 26 23:49:56 2015 +0530
dht: tackle thread race in dht_getxattr_cbk
problem:
1. When two threads execute in parallel in dht_getxattr_cbk
it may so happen that, both may find local->xattr to be NULL. As
a result dht_aggregate_xattr may not get executed.
2. In dht_getxattr_cbk,
thread1 thread2
T1 this_call_cnt = 2 -1
T2 this_call_cnt = 1 - 1
T3 fills local_xattr
T4 DHT_STACK_UNWIND -> local_wipe
T5 tries to dereference local
which is already freed,
leading to crash.
Solution:
for problem1: Execute critical section inside frame lock
to resolve race.
for problem2: Calculate this_call_count just before out section.
Change-Id: I9827ac8fafebb0c733a4e4f3c710b752f1cd45fa
BUG: 1215592
Signed-off-by: Susant Palai <spalai at redhat.com>
Reviewed-on: http://review.gluster.org/10389
Reviewed-by: Anuradha Talur <atalur at redhat.com>
Reviewed-by: N Balachandran <nbalacha at redhat.com>
Reviewed-by: Kotresh HR <khiremat at redhat.com>
Tested-by: NetBSD Build System
Tested-by: Gluster Build System <jenkins at build.gluster.com>
Reviewed-by: Shyamsundar Ranganathan <srangana at redhat.com>
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1215592
[Bug 1215592] Crash in dht_getxattr_cbk
https://bugzilla.redhat.com/show_bug.cgi?id=1217386
[Bug 1217386] Crash in dht_getxattr_cbk
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=5BnKj2JswD&a=cc_unsubscribe
More information about the Bugs
mailing list