Bug 1399138

Summary: NFS-ganesha: NULL pointer dereference in COMMIT operation
Product: [Red Hat Storage] Red Hat Gluster Storage Reporter: Soumya Koduri <skoduri>
Component: nfs-ganeshaAssignee: Soumya Koduri <skoduri>
Status: CLOSED ERRATA QA Contact: Ambarish <asoman>
Severity: high Docs Contact:
Priority: unspecified    
Version: rhgs-3.2CC: amukherj, jthottan, rcyriac, rhs-bugs, sbhaloth, storage-qa-internal
Target Milestone: ---   
Target Release: RHGS 3.2.0   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: nfs-ganesha-2.4.1-2 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2017-03-23 06:25:43 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1351528, 1394717    

Description Soumya Koduri 2016-11-28 11:34:57 UTC 
Description of problem:

This issue was originally reported as part of bug1394717. There are chances of NULL pointer dereference in COMMIT operation via NFS-Ganesha.

Below was the bt of the core -

*******
NODE 1
*******

(gdb) bt
#0  glusterfs_open_my_fd (objhandle=objhandle@entry=0x7fe3ac078f00, openflags=openflags@entry=2, posix_flags=1, 
    my_fd=my_fd@entry=0x0) at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/FSAL_GLUSTER/handle.c:1029
#1  0x00007fe5c4548017 in glusterfs_open_func (obj_hdl=0x7fe3ac078f38, openflags=2, fd=0x0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/FSAL_GLUSTER/handle.c:1126
#2  0x00007fe650c9c517 in fsal_reopen_obj (obj_hdl=obj_hdl@entry=0x7fe3ac078f38, 
    check_share=check_share@entry=false, bypass=bypass@entry=false, openflags=openflags@entry=2, 
    my_fd=my_fd@entry=0x7fe3ac078f28, share=share@entry=0x7fe3ac0791a8, 
    open_func=open_func@entry=0x7fe5c4547fd0 <glusterfs_open_func>, 
    close_func=close_func@entry=0x7fe5c4548100 <glusterfs_close_func>, out_fd=out_fd@entry=0x7fe64104bdc0, 
    has_lock=has_lock@entry=0x7fe64104bdbe, closefd=closefd@entry=0x7fe64104bdbf)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/commonlib.c:2513
#3  0x00007fe5c45483dd in glusterfs_commit2 (obj_hdl=0x7fe3ac078f38, offset=<optimized out>, len=<optimized out>)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/FSAL_GLUSTER/handle.c:1952
#4  0x00007fe650d72956 in mdcache_commit2 (obj_hdl=0x7fe3ac071528, offset=<optimized out>, len=<optimized out>)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_file.c:963
#5  0x00007fe650ca819f in fsal_commit (obj=obj@entry=0x7fe3ac071528, offset=0, len=0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/fsal_helper.c:1951
#6  0x00007fe650cf783b in nfs3_commit (arg=0x7fe580278648, req=<optimized out>, res=0x7fe538002420)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/Protocols/NFS/nfs3_commit.c:95
#7  0x00007fe650cbf12c in nfs_rpc_execute (reqdata=reqdata@entry=0x7fe580278460)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/MainNFSD/nfs_worker_thread.c:1281
#8  0x00007fe650cc078a in worker_run (ctx=0x7fe652022ce0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/MainNFSD/nfs_worker_thread.c:1548
#9  0x00007fe650d4a189 in fridgethr_start_routine (arg=0x7fe652022ce0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/support/fridgethr.c:550
#10 0x00007fe64f22adc5 in start_thread () from /lib64/libpthread.so.0
#11 0x00007fe64e8f973d in clone () from /lib64/libc.so.6
(gdb) 


Version-Release number of selected component (if applicable):
nfs-ganesha-2.4.1-1

How reproducible:
Seen once

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 6 Ambarish 2017-01-30 06:50:25 UTC 
https://bugzilla.redhat.com/show_bug.cgi?id=1394717 is moved to Verified.

The reported issue was not reproducible on Ganesha 2.4.1-6,Gluster 3.8.4-12 on two tries.

Will reopen if hit again during regressions.
Comment 8 errata-xmlrpc 2017-03-23 06:25:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2017-0493.html