[Bugs] [Bug 1479263] New: nfs process crashed in "nfs3_getattr"
bugzilla at redhat.com
bugzilla at redhat.com
Tue Aug 8 08:34:30 UTC 2017
https://bugzilla.redhat.com/show_bug.cgi?id=1479263
Bug ID: 1479263
Summary: nfs process crashed in "nfs3_getattr"
Product: GlusterFS
Version: 3.12
Component: nfs
Keywords: Triaged
Severity: medium
Assignee: ndevos at redhat.com
Reporter: ndevos at redhat.com
CC: bugs at gluster.org, jthottan at redhat.com,
msaini at redhat.com, ndevos at redhat.com,
rallan at redhat.com, skoduri at redhat.com
Blocks: 1479030
+++ This bug was initially created as a clone of Bug #1479030 +++
+++ This bug was initially created as a clone of Bug #1476871 +++
Description:
============
add missing NULL check in nfs3_call_state_wipe()
(gdb) bt
#0 0x00007ff1cfea9205 in _gf_ref_put (ref=ref at entry=0x0) at refcount.c:36
#1 0x00007ff1c1997455 in nfs3_call_state_wipe (cs=cs at entry=0x0) at nfs3.c:559
#2 0x00007ff1c1998931 in nfs3_getattr (req=req at entry=0x7ff1bc0b26d0,
fh=fh at entry=0x7ff1c2f76ae0) at nfs3.c:962
#3 0x00007ff1c1998c8a in nfs3svc_getattr (req=0x7ff1bc0b26d0) at nfs3.c:987
#4 0x00007ff1cfbfd8c5 in rpcsvc_handle_rpc_call (svc=0x7ff1bc03e500,
trans=trans at entry=0x7ff1bc0c8020, msg=<optimized out>) at rpcsvc.c:695
#5 0x00007ff1cfbfdaab in rpcsvc_notify (trans=0x7ff1bc0c8020,
mydata=<optimized out>, event=<optimized out>, data=<optimized out>) at
rpcsvc.c:789
#6 0x00007ff1cfbff9e3 in rpc_transport_notify (this=this at entry=0x7ff1bc0c8020,
event=event at entry=RPC_TRANSPORT_MSG_RECEIVED, data=data at entry=0x7ff1bc0038d0)
at rpc-transport.c:538
#7 0x00007ff1c4a2e3d6 in socket_event_poll_in (this=this at entry=0x7ff1bc0c8020,
notify_handled=<optimized out>) at socket.c:2306
#8 0x00007ff1c4a3097c in socket_event_handler (fd=21, idx=9, gen=19,
data=0x7ff1bc0c8020, poll_in=1, poll_out=0, poll_err=0) at socket.c:2458
#9 0x00007ff1cfe950f6 in event_dispatch_epoll_handler (event=0x7ff1c2f76e80,
event_pool=0x5618154d5ee0) at event-epoll.c:572
#10 event_dispatch_epoll_worker (data=0x56181551cbd0) at event-epoll.c:648
#11 0x00007ff1cec99e25 in start_thread () from /lib64/libpthread.so.0
#12 0x00007ff1ce56634d in clone () from /lib64/libc.so.6
(gdb)
Version:
========
mainline
How to reproduce:
=================
[Unknown] Hit above crash multiple times
--- Additional comment from Worker Ant on 2017-08-07 20:48:38 CEST ---
REVIEW: https://review.gluster.org/17989 (nfs : add NULL check for call state
in nfs3_call_state_wipe) posted (#1) for review on master by jiffin tony
Thottan (jthottan at redhat.com)
--- Additional comment from Worker Ant on 2017-08-07 20:57:32 CEST ---
REVIEW: https://review.gluster.org/17989 (nfs : add NULL check for call state
in nfs3_call_state_wipe) posted (#2) for review on master by jiffin tony
Thottan (jthottan at redhat.com)
--- Additional comment from Worker Ant on 2017-08-08 10:31:02 CEST ---
COMMIT: https://review.gluster.org/17989 committed in master by Niels de Vos
(ndevos at redhat.com)
------
commit 111d6bda9259126b0429113c9b8ba479958a4398
Author: Jiffin Tony Thottan <jthottan at redhat.com>
Date: Mon Aug 7 23:47:00 2017 +0530
nfs : add NULL check for call state in nfs3_call_state_wipe
Refcounting added for nfs call state in https://review.gluster.org/17696.
This is based on assumption that call state won't NULL when it is freed.
But currently gluster nfs server is crashing in different scenarios at
nfs3_getattr() with following bt
#0 0x00007ff1cfea9205 in _gf_ref_put (ref=ref at entry=0x0) at refcount.c:36
#1 0x00007ff1c1997455 in nfs3_call_state_wipe (cs=cs at entry=0x0) at
nfs3.c:559
#2 0x00007ff1c1998931 in nfs3_getattr (req=req at entry=0x7ff1bc0b26d0,
fh=fh at entry=0x7ff1c2f76ae0) at nfs3.c:962
#3 0x00007ff1c1998c8a in nfs3svc_getattr (req=0x7ff1bc0b26d0) at
nfs3.c:987
#4 0x00007ff1cfbfd8c5 in rpcsvc_handle_rpc_call (svc=0x7ff1bc03e500,
trans=trans at entry=0x7ff1bc0c8020, msg=<optimized out>) at rpcsvc.c:695
#5 0x00007ff1cfbfdaab in rpcsvc_notify (trans=0x7ff1bc0c8020,
mydata=<optimized out>, event=<optimized out>, data=<optimized out>) at
rpcsvc.c:789
#6 0x00007ff1cfbff9e3 in rpc_transport_notify
(this=this at entry=0x7ff1bc0c8020, event=event at entry=RPC_TRANSPORT_MSG_RECEIVED,
data=data at entry=0x7ff1bc0038d0)
at rpc-transport.c:538
#7 0x00007ff1c4a2e3d6 in socket_event_poll_in
(this=this at entry=0x7ff1bc0c8020, notify_handled=<optimized out>) at
socket.c:2306
#8 0x00007ff1c4a3097c in socket_event_handler (fd=21, idx=9, gen=19,
data=0x7ff1bc0c8020, poll_in=1, poll_out=0, poll_err=0) at socket.c:2458
#9 0x00007ff1cfe950f6 in event_dispatch_epoll_handler
(event=0x7ff1c2f76e80, event_pool=0x5618154d5ee0) at event-epoll.c:572
#10 event_dispatch_epoll_worker (data=0x56181551cbd0) at event-epoll.c:648
#11 0x00007ff1cec99e25 in start_thread () from /lib64/libpthread.so.0
#12 0x00007ff1ce56634d in clone () from /lib64/libc.so.6
This patch add previous NULL check move from __nfs3_call_state_wipe() to
nfs3_call_state_wipe()
Change-Id: I2d73632f4be23f14d8467be3d908b09b3a2d87ea
BUG: 1479030
Signed-off-by: Jiffin Tony Thottan <jthottan at redhat.com>
Reviewed-on: https://review.gluster.org/17989
Smoke: Gluster Build System <jenkins at build.gluster.org>
CentOS-regression: Gluster Build System <jenkins at build.gluster.org>
Reviewed-by: Niels de Vos <ndevos at redhat.com>
Referenced Bugs:
https://bugzilla.redhat.com/show_bug.cgi?id=1479030
[Bug 1479030] nfs process crashed in "nfs3_getattr"
--
You are receiving this mail because:
You are on the CC list for the bug.
Unsubscribe from this bug https://bugzilla.redhat.com/token.cgi?t=K4rqZ95XK6&a=cc_unsubscribe
More information about the Bugs
mailing list