[Bugs] [Bug 1753592] Segmentation fault occurs while truncate file

bugzilla at redhat.com bugzilla at redhat.com
Wed Sep 25 13:50:34 UTC 2019


https://bugzilla.redhat.com/show_bug.cgi?id=1753592



--- Comment #5 from Nithya Balachandran <nbalacha at redhat.com> ---
Hi,


Thank you for an excellent test. Would you mind if I added it to the regression
framework?

I'm afraid the patch provided will not fix the issue here. In most xlators, the
local structure is allocated from a mempool which is why the mem_put will
usually work. 

However, the wb xlator does not have a defined local struct of its own.
Instead, for the truncate and ftruncate fops, it saved the wb_inode (which is
allocated using GF_CALLOC) in frame->local. In the normal code path, this is
cleared in the wb_truncate_cbk and wb_ftruncate_cbk functions and frame->local
is set to NULL before unwinding the fop. 


The test code, however, does a write followed by a conflicting truncate. As the
write fails with ENOSPC, __wb_pick_winds determines that there is a conflict,
updates the request op_ret and op_errno for the ftruncate request. The
wb_ftruncate_cbk is not called and the req is instead unwound in wb_do_winds ->
call_unwind_error_keep_stub code path. This does not clear frame->local which
causes the mem_put to crash.

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.


More information about the Bugs mailing list