Bug 1247765 - Glusterfsd crashes because of thread-unsafe code in gf_authenticate
Summary: Glusterfsd crashes because of thread-unsafe code in gf_authenticate
Alias: None
Product: GlusterFS
Classification: Community
Component: rpc
Version: mainline
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
Assignee: Jeff Darcy
QA Contact:
Depends On:
Blocks: 1247850
TreeView+ depends on / blocked
Reported: 2015-07-28 19:59 UTC by Jeff Darcy
Modified: 2016-06-16 13:27 UTC (History)
2 users (show)

Fixed In Version: glusterfs-3.8rc2
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 1247850 1247851 (view as bug list)
Last Closed: 2016-06-16 13:27:16 UTC
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:

Attachments (Terms of Use)

Description Jeff Darcy 2015-07-28 19:59:35 UTC
This caused a failure on a regression test for an unrelated patch.


The relevant part of the stack trace looks like this.

#2  0x00007f3f84194d18 in dict_get (this=0x7f3f680023ec
#3  0x00007f3f744a4a45 in gf_auth (input_params=0x7f3f680023ec
#4  0x00007f3f748d9894 in map (this=0x7f3f70031dec
#5  0x00007f3f84196885 in dict_foreach_match (dict=0x7f3f70031dec
#6  0x00007f3f8419675d in dict_foreach (dict=0x7f3f70031dec
#7  0x00007f3f748d99d5 in gf_authenticate

In frame 2, "this" looks like a valid pointer, but the structure it points to seems to contain garbage.  The problem becomes evident when we look at frame 7.

(gdb) p input_params
$3 = (dict_t *) 0x7f3f700665ac
(gdb) p __input_params
$4 = (dict_t *) 0x7f3f680023ec

So the value we're using is from the global __input_params.  This should match the parameter input_params (which looks OK) but that's not the case.  Apparently some other thread came in and stomped the unprotected global variable while we were still using it.  This concurrency issue was actually reported - and fixed! - on September 13, 2013.


Unfortunately, since most people weren't running multiple network threads, they never saw the problem, didn't take it seriously, and bikeshedded the patch to death.  Now that we have multi-threaded epoll, it's going to keep biting everyone until it's fixed.

Comment 1 Anand Avati 2015-07-28 20:27:49 UTC
REVIEW: http://review.gluster.org/11780 (rpc: fix concurrency bug in gf_authenticate) posted (#1) for review on master by Jeff Darcy (jdarcy@redhat.com)

Comment 2 Mike McCune 2016-03-28 22:45:31 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 3 Niels de Vos 2016-06-16 13:27:16 UTC
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.8.0, please open a new bug report.

glusterfs-3.8.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://blog.gluster.org/2016/06/glusterfs-3-8-released/
[2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user

Note You need to log in before you can comment on or make changes to this bug.