Bugzilla (bugzilla.redhat.com) will be under maintenance for infrastructure upgrades and will not be unavailable on July 31st between 12:30 AM - 05:30 AM UTC. We appreciate your understanding and patience. You can follow status.redhat.com for details.
Bug 1342620 - libglusterfs: race conditions and illegal mem access in timer
Summary: libglusterfs: race conditions and illegal mem access in timer
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: GlusterFS
Classification: Community
Component: core
Version: 3.8.0
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Kaleb KEITHLEY
QA Contact:
URL:
Whiteboard:
Depends On: 1333925
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-06-03 17:06 UTC by Kaleb KEITHLEY
Modified: 2016-06-16 12:33 UTC (History)
1 user (show)

Fixed In Version: glusterfs-3.8.0
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1333925
Environment:
Last Closed: 2016-06-16 12:33:36 UTC
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:


Attachments (Terms of Use)

Description Kaleb KEITHLEY 2016-06-03 17:06:36 UTC
+++ This bug was initially created as a clone of Bug #1333925 +++

Description of problem:

While investigating gfapi memory consumption with valgrind found several issues with memory access

Version-Release number of selected component (if applicable):

mainline, 3.8.x, 3.7.x.

How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

--- Additional comment from Vijay Bellur on 2016-05-06 13:54:05 EDT ---

REVIEW: http://review.gluster.org/14247 (libglusterfs (timer): race conditions and illegal mem access) posted (#1) for review on master by Kaleb KEITHLEY (kkeithle@redhat.com)

--- Additional comment from Vijay Bellur on 2016-05-18 10:24:56 EDT ---

REVIEW: http://review.gluster.org/14247 (libglusterfs (timer): race conditions and illegal mem access) posted (#2) for review on master by Kaleb KEITHLEY (kkeithle@redhat.com)

--- Additional comment from Vijay Bellur on 2016-05-28 21:35:51 EDT ---

REVIEW: http://review.gluster.org/14247 (libglusterfs (timer): race conditions, illegal mem access, mem leak) posted (#3) for review on master by Kaleb KEITHLEY (kkeithle@redhat.com)

--- Additional comment from Vijay Bellur on 2016-05-29 06:54:31 EDT ---

REVIEW: http://review.gluster.org/14247 (libglusterfs (timer): race conditions, illegal mem access, mem leak) posted (#4) for review on master by Kaleb KEITHLEY (kkeithle@redhat.com)

--- Additional comment from Vijay Bellur on 2016-05-29 07:34:15 EDT ---

REVIEW: http://review.gluster.org/14247 (libglusterfs (timer): race conditions, illegal mem access, mem leak) posted (#5) for review on master by Kaleb KEITHLEY (kkeithle@redhat.com)

--- Additional comment from Vijay Bellur on 2016-05-29 09:06:16 EDT ---

REVIEW: http://review.gluster.org/14247 (libglusterfs (timer): race conditions, illegal mem access, mem leak) posted (#6) for review on master by Kaleb KEITHLEY (kkeithle@redhat.com)

--- Additional comment from Vijay Bellur on 2016-06-01 09:50:17 EDT ---

COMMIT: http://review.gluster.org/14247 committed in master by Jeff Darcy (jdarcy@redhat.com) 
------
commit 24dd33929bbbc9a72360793048f17bf4e6cec8a3
Author: Kaleb S KEITHLEY <kkeithle@redhat.com>
Date:   Fri May 6 13:04:38 2016 -0400

    libglusterfs (timer): race conditions, illegal mem access, mem leak
    
    While investigating gfapi memory consumption with valgrind, valgrind
    reported several memory access issues.
    
    Also see the timer 'registry' being recreated (shortly) after being
    freed during teardown due to the way it's currently written.
    
    Passing ctx as data to gf_timer_proc() is prone to memory access
    issues if ctx is freed before gf_timer_proc() terminates. (And in
    fact this does happen, at least in valgrind.) gf_timer_proc() doesn't
    need ctx for anything, it only needs ctx->timer, so just pass that.
    
    Nothing ever calls gf_timer_registry_init(). Nothing outside of
    timer.c that is. Making it and gf_timer_proc() static.
    
    Change-Id: Ia28454dda0cf0de2fec94d76441d98c3927a906a
    BUG: 1333925
    Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com>
    Reviewed-on: http://review.gluster.org/14247
    NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
    Smoke: Gluster Build System <jenkins@build.gluster.com>
    CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
    Reviewed-by: Poornima G <pgurusid@redhat.com>
    Reviewed-by: Niels de Vos <ndevos@redhat.com>
    Reviewed-by: Jeff Darcy <jdarcy@redhat.com>

Comment 1 Vijay Bellur 2016-06-03 17:31:24 UTC
REVIEW: http://review.gluster.org/14644 (libglusterfs (timer): race conditions, illegal mem access, mem leak) posted (#1) for review on release-3.8 by Kaleb KEITHLEY (kkeithle@redhat.com)

Comment 2 Vijay Bellur 2016-06-08 12:15:25 UTC
COMMIT: http://review.gluster.org/14644 committed in release-3.8 by Kaleb KEITHLEY (kkeithle@redhat.com) 
------
commit 8d99b1860dbaa62da3edb1ec9fd626f51f9d2c95
Author: Kaleb S KEITHLEY <kkeithle@redhat.com>
Date:   Fri Jun 3 13:29:00 2016 -0400

    libglusterfs (timer): race conditions, illegal mem access, mem leak
    
    While investigating gfapi memory consumption with valgrind, valgrind
    reported several memory access issues.
    
    Also see the timer 'registry' being recreated (shortly) after being
    freed during teardown due to the way it's currently written.
    
    Passing ctx as data to gf_timer_proc() is prone to memory access
    issues if ctx is freed before gf_timer_proc() terminates. (And in
    fact this does happen, at least in valgrind.) gf_timer_proc() doesn't
    need ctx for anything, it only needs ctx->timer, so just pass that.
    
    Nothing ever calls gf_timer_registry_init(). Nothing outside of
    timer.c that is. Making it and gf_timer_proc() static.
    
    backport mainline:
    > http://review.gluster.org/14247
    > BUG: 1333925
    
    Change-Id: Ia28454dda0cf0de2fec94d76441d98c3927a906a
    BUG: 1342620
    Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com>
    Reviewed-on: http://review.gluster.org/14644
    Smoke: Gluster Build System <jenkins@build.gluster.com>
    NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
    CentOS-regression: Gluster Build System <jenkins@build.gluster.com>

Comment 3 Niels de Vos 2016-06-16 12:33:36 UTC
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.8.0, please open a new bug report.

glusterfs-3.8.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution.

[1] http://blog.gluster.org/2016/06/glusterfs-3-8-released/
[2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user


Note You need to log in before you can comment on or make changes to this bug.