+++ This bug was initially created as a clone of Bug #1344340 +++ Description of problem: Access to inode->fd_list should be done while being protected with inode->lock. All fd got from the list should be referenced before releasing the lock if they are used later. Version-Release number of selected component (if applicable): mainline How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: --- Additional comment from Vijay Bellur on 2016-06-09 17:13:09 CEST --- REVIEW: http://review.gluster.org/14682 (cluster/dht: Fix unsafe iteration on inode->fd_list) posted (#1) for review on master by Xavier Hernandez (xhernandez) --- Additional comment from Vijay Bellur on 2016-06-09 17:38:46 CEST --- REVIEW: http://review.gluster.org/14682 (cluster/dht: Fix unsafe iteration on inode->fd_list) posted (#2) for review on master by Xavier Hernandez (xhernandez) --- Additional comment from Vijay Bellur on 2016-06-15 11:04:35 CEST --- COMMIT: http://review.gluster.org/14682 committed in master by Raghavendra G (rgowdapp) ------ commit 4c08d36e7c6f189499f2340eb529b7f4ceff57f6 Author: Xavier Hernandez <xhernandez> Date: Thu Jun 9 16:53:19 2016 +0200 cluster/dht: Fix unsafe iteration on inode->fd_list When DHT traverses the inode->fd_list, it does that in an unsafe way that can generate races with fd_unref() called from other threads. This patch fixes this problem taking the inode->lock and adding a reference to the fd while it's being used outside of the mutex protected region. A minor change in storage/posix has been done to also access the inode->fd_list in a safe way. Change-Id: I10d469ca6a8f76e950a8c9779ae9c8b70f88ef93 BUG: 1344340 Signed-off-by: Xavier Hernandez <xhernandez> Reviewed-on: http://review.gluster.org/14682 CentOS-regression: Gluster Build System <jenkins.org> Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> Reviewed-by: Raghavendra G <rgowdapp>
REVIEW: http://review.gluster.org/14734 (cluster/dht: Fix unsafe iteration on inode->fd_list) posted (#1) for review on release-3.7 by Xavier Hernandez (xhernandez)
COMMIT: http://review.gluster.org/14734 committed in release-3.7 by Kaushal M (kaushal) ------ commit ed16cfb0455e41ee39addf6b3cdacdbe0d98308a Author: Xavier Hernandez <xhernandez> Date: Thu Jun 9 16:53:19 2016 +0200 cluster/dht: Fix unsafe iteration on inode->fd_list When DHT traverses the inode->fd_list, it does that in an unsafe way that can generate races with fd_unref() called from other threads. This patch fixes this problem taking the inode->lock and adding a reference to the fd while it's being used outside of the mutex protected region. A minor change in storage/posix has been done to also access the inode->fd_list in a safe way. Backport of: > Change-Id: I10d469ca6a8f76e950a8c9779ae9c8b70f88ef93 > BUG: 1344340 > Signed-off-by: Xavier Hernandez <xhernandez> > Reviewed-on: http://review.gluster.org/14682 > CentOS-regression: Gluster Build System <jenkins.org> > Smoke: Gluster Build System <jenkins.org> > NetBSD-regression: NetBSD Build System <jenkins.org> > Reviewed-by: Raghavendra G <rgowdapp> Change-Id: I10d469ca6a8f76e950a8c9779ae9c8b70f88ef93 BUG: 1346751 Signed-off-by: Xavier Hernandez <xhernandez> Reviewed-on: http://review.gluster.org/14734 Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> Reviewed-by: Raghavendra G <rgowdapp>
This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.7.12, please open a new bug report. glusterfs-3.7.12 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] https://www.gluster.org/pipermail/gluster-devel/2016-June/049918.html [2] http://thread.gmane.org/gmane.comp.file-systems.gluster.user