Bug 1404168

Summary: Upcall: Possible use after free when log level set to TRACE
Product: [Community] GlusterFS Reporter: Soumya Koduri <skoduri>
Component: upcallAssignee: Soumya Koduri <skoduri>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: unspecified    
Version: mainlineCC: bugs, ndevos
Target Milestone: ---Keywords: Triaged
Target Release: ---   
Hardware: All   
OS: All   
Whiteboard:
Fixed In Version: glusterfs-3.10.0 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1404581 1404583 1404586 (view as bug list) Environment:
Last Closed: 2017-03-06 17:39:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1404581, 1404583, 1404586    

Description Soumya Koduri 2016-12-13 09:15:42 UTC 
Description of problem:

While running few tests on NFS-Ganesa/Gluster cluster, Ravishankar(/itisravi) found that there is possible chance of use after free in upcall xlator when log level is set to TRACE. This happens when there are expired client entries to be cleaned up.

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 1 Worker Ant 2016-12-13 09:30:36 UTC 
REVIEW: http://review.gluster.org/16117 (upcall: Fix 'use after free' in a log message) posted (#1) for review on master by soumya k (skoduri)
Comment 2 Worker Ant 2016-12-13 14:26:33 UTC 
REVIEW: http://review.gluster.org/16117 (upcall: Fix 'use after free' in a log message) posted (#2) for review on master by soumya k (skoduri)
Comment 3 Worker Ant 2016-12-13 14:48:45 UTC 
COMMIT: http://review.gluster.org/16117 committed in master by Niels de Vos (ndevos) 
------
commit 212c7600d2070a4414bc89fd7d2c186b5994cd54
Author: Soumya Koduri <skoduri>
Date:   Tue Dec 13 14:38:18 2016 +0530

    upcall: Fix 'use after free' in a log message
    
    There is chance of accessing freed pointer in a log message at TRACE
    level while cleaning up expired client entries.
    
    Change-Id: I06b4dad755df63978ab04ca52442bfd4600d139a
    BUG: 1404168
    Reported-by: Ravishankar N <ravishankar>
    Signed-off-by: Soumya Koduri <skoduri>
    Reviewed-on: http://review.gluster.org/16117
    NetBSD-regression: NetBSD Build System <jenkins.org>
    CentOS-regression: Gluster Build System <jenkins.org>
    Reviewed-by: Niels de Vos <ndevos>
    Smoke: Gluster Build System <jenkins.org>
Comment 4 Shyamsundar 2017-03-06 17:39:10 UTC 
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.10.0, please open a new bug report.

glusterfs-3.10.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://lists.gluster.org/pipermail/gluster-users/2017-February/030119.html
[2] https://www.gluster.org/pipermail/gluster-users/