Bug 1399138 - NFS-ganesha: NULL pointer dereference in COMMIT operation
Summary: NFS-ganesha: NULL pointer dereference in COMMIT operation
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Gluster Storage
Classification: Red Hat Storage
Component: nfs-ganesha
Version: rhgs-3.2
Hardware: All
OS: All
unspecified
high
Target Milestone: ---
: RHGS 3.2.0
Assignee: Soumya Koduri
QA Contact: Ambarish
URL:
Whiteboard:
Depends On:
Blocks: 1351528 1394717
TreeView+ depends on / blocked
 
Reported: 2016-11-28 11:34 UTC by Soumya Koduri
Modified: 2017-03-23 06:25 UTC (History)
6 users (show)

Fixed In Version: nfs-ganesha-2.4.1-2
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2017-03-23 06:25:43 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2017:0493 0 normal SHIPPED_LIVE Red Hat Gluster Storage 3.2.0 nfs-ganesha bug fix and enhancement update 2017-03-23 09:19:13 UTC

Description Soumya Koduri 2016-11-28 11:34:57 UTC 
Description of problem:

This issue was originally reported as part of bug1394717. There are chances of NULL pointer dereference in COMMIT operation via NFS-Ganesha.

Below was the bt of the core -

*******
NODE 1
*******

(gdb) bt
#0  glusterfs_open_my_fd (objhandle=objhandle@entry=0x7fe3ac078f00, openflags=openflags@entry=2, posix_flags=1, 
    my_fd=my_fd@entry=0x0) at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/FSAL_GLUSTER/handle.c:1029
#1  0x00007fe5c4548017 in glusterfs_open_func (obj_hdl=0x7fe3ac078f38, openflags=2, fd=0x0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/FSAL_GLUSTER/handle.c:1126
#2  0x00007fe650c9c517 in fsal_reopen_obj (obj_hdl=obj_hdl@entry=0x7fe3ac078f38, 
    check_share=check_share@entry=false, bypass=bypass@entry=false, openflags=openflags@entry=2, 
    my_fd=my_fd@entry=0x7fe3ac078f28, share=share@entry=0x7fe3ac0791a8, 
    open_func=open_func@entry=0x7fe5c4547fd0 <glusterfs_open_func>, 
    close_func=close_func@entry=0x7fe5c4548100 <glusterfs_close_func>, out_fd=out_fd@entry=0x7fe64104bdc0, 
    has_lock=has_lock@entry=0x7fe64104bdbe, closefd=closefd@entry=0x7fe64104bdbf)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/commonlib.c:2513
#3  0x00007fe5c45483dd in glusterfs_commit2 (obj_hdl=0x7fe3ac078f38, offset=<optimized out>, len=<optimized out>)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/FSAL_GLUSTER/handle.c:1952
#4  0x00007fe650d72956 in mdcache_commit2 (obj_hdl=0x7fe3ac071528, offset=<optimized out>, len=<optimized out>)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/Stackable_FSALs/FSAL_MDCACHE/mdcache_file.c:963
#5  0x00007fe650ca819f in fsal_commit (obj=obj@entry=0x7fe3ac071528, offset=0, len=0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/FSAL/fsal_helper.c:1951
#6  0x00007fe650cf783b in nfs3_commit (arg=0x7fe580278648, req=<optimized out>, res=0x7fe538002420)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/Protocols/NFS/nfs3_commit.c:95
#7  0x00007fe650cbf12c in nfs_rpc_execute (reqdata=reqdata@entry=0x7fe580278460)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/MainNFSD/nfs_worker_thread.c:1281
#8  0x00007fe650cc078a in worker_run (ctx=0x7fe652022ce0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/MainNFSD/nfs_worker_thread.c:1548
#9  0x00007fe650d4a189 in fridgethr_start_routine (arg=0x7fe652022ce0)
    at /usr/src/debug/nfs-ganesha-2.4.1/src/support/fridgethr.c:550
#10 0x00007fe64f22adc5 in start_thread () from /lib64/libpthread.so.0
#11 0x00007fe64e8f973d in clone () from /lib64/libc.so.6
(gdb) 


Version-Release number of selected component (if applicable):
nfs-ganesha-2.4.1-1

How reproducible:
Seen once

Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:
Comment 6 Ambarish 2017-01-30 06:50:25 UTC 
https://bugzilla.redhat.com/show_bug.cgi?id=1394717 is moved to Verified.

The reported issue was not reproducible on Ganesha 2.4.1-6,Gluster 3.8.4-12 on two tries.

Will reopen if hit again during regressions.
Comment 8 errata-xmlrpc 2017-03-23 06:25:43 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://rhn.redhat.com/errata/RHEA-2017-0493.html
Note You need to log in before you can comment on or make changes to this bug.