[Gluster-devel] NetBSD regressions, memory corruption

Niels de Vos ndevos at redhat.com
Thu Mar 26 16:24:03 UTC 2015


On Thu, Mar 26, 2015 at 03:08:36PM +0000, Emmanuel Dreyfus wrote:
> On Thu, Mar 26, 2015 at 02:00:19PM +0000, Emmanuel Dreyfus wrote:
> > changelog_rpc_poller() contains a call to event_dispatch(). Here we have
> > our difference between NetBSD and Linux: the former uses poll, while the
> > later uses epoll. 
> 
> In event_dispatch_poll() I think there is a race condition:
> event_pool->destroy can be set after the test, and we can
> enter event_dispatch_poll_resize with the flag set:
> 
>                 pthread_mutex_lock (&event_pool->mutex);
>                 {
>                         if (event_pool->destroy == 1) {
>                                 event_pool->activethreadcount = 0;
>                                 pthread_cond_broadcast (&event_pool->cond);
>                                 pthread_mutex_unlock (&event_pool->mutex);
>                                 return 0;
>                         }
>                 }
>                 pthread_mutex_unlock (&event_pool->mutex);
>          
>                 size = event_dispatch_poll_resize (event_pool, ufds, size);
> 
> event_dispatch_poll_resize() performs allocations on pointers that may
> be dandling. One solution could be to move it inside event_pool->mutex
> critical section.
> 
> I will try this on nbslave70.

That looks like a possible issue indeed. Maybe we can reproduce this on
Linux too with ./configure --disable-epoll.

On top of that, I just posted a patch that writes some memory markers at
the location passed to GF_FREE(). Please see if
http://review.gluster.org/10019 could be helpful in this or similar
cases.

Niels


More information about the Gluster-devel mailing list