Bug 1378949

Summary: removal of file from nfs mount crashs ganesha server
Product: [Community] GlusterFS Reporter: Niels de Vos <ndevos>
Component: upcallAssignee: Niels de Vos <ndevos>
Status: CLOSED DUPLICATE QA Contact:
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 3.8CC: bugs
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 1344714 Environment:
Last Closed: 2016-09-23 15:29:15 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1344714    
Bug Blocks:    

Description Niels de Vos 2016-09-23 15:24:43 UTC 
+++ This bug was initially created as a clone of Bug #1344714 +++

Description of problem:

The struct callback_inode_arg is a variable used by upcall infra for populating upcall entries. This variable is allocated using GF_CALLOC in glfs_h_poll_cache_invalidation(), but it also freedin FSAL_GLUSTER using free.
This will result in a crash when we try to remove a file from mount

Version-Release number of selected component (if applicable):
mainline

How reproducible:


Steps to Reproduce:
1. enable nfs-ganesha and export a volume 
2. mount the volume
3. create a file and delete it from the mount

Actual results:
ganesha server crashes

Expected results:
should not crash

Additional info:

--- Additional comment from Vijay Bellur on 2016-06-10 23:09:37 CEST ---

COMMIT: http://review.gluster.org/14702 committed in master by Jeff Darcy (jdarcy) 
------
commit 2775dc64101ed37c8d9809bf9852dbf0746ee2b6
Author: Jiffin Tony Thottan <jthottan>
Date:   Fri Jun 10 18:23:43 2016 +0530

    libgfapi/upcall : prepend "glfs_" to callback_arg, callback_inode_arg
    
    Change-Id: I371525775db4f6a4d69beb94baaa53d17b16fb41
    BUG: 1344714
    Signed-off-by: Jiffin Tony Thottan <jthottan>
    Reviewed-on: http://review.gluster.org/14702
    CentOS-regression: Gluster Build System <jenkins.com>
    NetBSD-regression: NetBSD Build System <jenkins.org>
    Reviewed-by: Jeff Darcy <jdarcy>
    Tested-by: Jeff Darcy <jdarcy>
    Smoke: Gluster Build System <jenkins.com>

--- Additional comment from Vijay Bellur on 2016-08-15 09:56:58 CEST ---

COMMIT: http://review.gluster.org/15108 committed in master by Niels de Vos (ndevos) 
------
commit db4e26ed71a01e5f760fbc3c7051962426f102c9
Author: Niels de Vos <ndevos>
Date:   Sat Aug 6 16:04:29 2016 +0200

    libglusterfs: add gf_get_mem_type()
    
    gfapi needs to provide a function towards applications to free memory
    that it allocated. Depending on how the application is compiled/linked,
    it could use a different memory allocator than Gluster itself. Therefore
    it is not safe for gfapi to request applications to free memory with
    'standard' free().
    
    Examples for this are Gluster allocated structures with GF_CALLOC() when
    memory accounting is enabled (the default). Some gfapi functions use
    malloc() to allocate memory as a workaround, but the free() from the
    jemalloc implementation should not be combined with the malloc() from
    glibc.
    
    Change-Id: I626cd1a60abf8965f9263290f4045d1f69fc2093
    BUG: 1344714
    Signed-off-by: Niels de Vos <ndevos>
    Reviewed-on: http://review.gluster.org/15108
    Smoke: Gluster Build System <jenkins.org>
    Reviewed-by: soumya k <skoduri>
    Reviewed-by: jiffin tony Thottan <jthottan>
    NetBSD-regression: NetBSD Build System <jenkins.org>
    CentOS-regression: Gluster Build System <jenkins.org>
    Reviewed-by: Shyamsundar Ranganathan <srangana>

--- Additional comment from Worker Ant on 2016-09-18 10:16:09 CEST ---

REVIEW: http://review.gluster.org/14701 (gfapi: redesign the public interface for upcall consumers) posted (#15) for review on master by Niels de Vos (ndevos)
Comment 1 Niels de Vos 2016-09-23 15:29:15 UTC 

*** This bug has been marked as a duplicate of bug 1347717 ***