[Bugs] [Bug 1434332] crash from write-behind
bugzilla at redhat.com
bugzilla at redhat.com
Fri May 10 14:56:01 UTC 2019
https://bugzilla.redhat.com/show_bug.cgi?id=1434332
--- Comment #3 from Raghavendra G <rgowdapp at redhat.com> ---
looks to be a dup of bz 1528558. Particularly the commit msg of the patch
exactly says how a corrupted/freedup request can end up in todo list:
COMMIT: https://review.gluster.org/19064 committed in master by \"Raghavendra
G\" <rgowdapp at redhat.com> with a commit message- performance/write-behind: fix
bug while handling short writes
The variabled "fulfilled" in wb_fulfill_short_write is not reset to 0
while handling every member of the list.
This has some interesting consequences:
* If we break from the loop while processing last member of the list
head->winds, req is reset to head as the list is a circular
one. However, head is already fulfilled and can potentially be
freed. So, we end up adding a freed request to wb_inode->todo
list. This is the RCA for the crash tracked by the bug associated
with this patch (Note that we saw "holder" which is freed in todo
list).
* If we break from the loop while processing any of the last but one
member of the list head->winds, req is set to next member in the
list, skipping the current request, even though it is not entirely
synced. This can lead to data corruption.
The fix is very simple and we've to change the code to make sure
"fulfilled" reflects whether the current request is fulfilled or not
and it doesn't carry history of previous requests in the list.
Change-Id: Ia3d6988175a51c9e08efdb521a7b7938b01f93c8
BUG: 1528558
Signed-off-by: Raghavendra G <rgowdapp at redhat.com>
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Bugs
mailing list