RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 1457288 - SIGABRT of mulitpathd caused by double free of 'show maps json'
Summary: SIGABRT of mulitpathd caused by double free of 'show maps json'
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: device-mapper-multipath
Version: 7.4
Hardware: x86_64
OS: Linux
medium
medium
Target Milestone: rc
: ---
Assignee: Ben Marzinski
QA Contact: Lin Li
URL:
Whiteboard:
Depends On:
Blocks: 1469559
TreeView+ depends on / blocked
 
Reported: 2017-05-31 13:06 UTC by Gris Ge
Modified: 2021-09-03 12:06 UTC (History)
6 users (show)

Fixed In Version: device-mapper-multipath-0.4.9-112.el7
Doc Type: Bug Fix
Doc Text:
Cause: Mutipathd wasn't allocating any space for a reply if "multipathd show maps json" was called and there were no multipath devices. Consequence: Multipathd was crashing when "multipathd show maps json" was called and there were no multipath devices. Fix: Multipathd now allocates space for a reply when there are no devices Result: Multipathd no longer crashes when "multipathd show maps json" is called and there are no multipath devices.
Clone Of:
Environment:
Last Closed: 2018-04-10 16:10:28 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHEA-2018:0884 0 normal SHIPPED_LIVE device-mapper-multipath bug fix and enhancement update 2018-04-10 13:47:14 UTC

Description Gris Ge 2017-05-31 13:06:33 UTC 
Description of problem:
Got SIGABRT of multipathd when doing `show maps json` with 
`multipath -F; multipath -f`

```
#0  0x00007ffff691c1f7 in raise () from /lib64/libc.so.6
#1  0x00007ffff691d8e8 in abort () from /lib64/libc.so.6
#2  0x00007ffff695bf47 in __libc_message () from /lib64/libc.so.6
#3  0x00007ffff6963619 in _int_free () from /lib64/libc.so.6
#4  0x0000555555560038 in show_maps_json (r=0x7ffff7faad08, len=0x7ffff7faacf8, vecs=0x555555774280) at cli_handlers.c:157
#5  0x000055555555f4a7 in parse_cmd (cmd=cmd@entry=0x7fffe8001f70 "show maps json", reply=reply@entry=0x7ffff7faad08, len=len@entry=0x7ffff7faacf8, data=data@entry=0x555555774280)
    at cli.c:439
#6  0x0000555555559d29 in uxsock_trigger (str=<optimized out>, reply=reply@entry=0x7ffff7faad08, len=len@entry=0x7ffff7faacf8, is_root=is_root@entry=true, 
    trigger_data=trigger_data@entry=0x555555774280) at main.c:888
#7  0x000055555555e145 in uxsock_listen (uxsock_trigger=uxsock_trigger@entry=0x555555559cc0 <uxsock_trigger>, trigger_data=trigger_data@entry=0x555555774280) at uxlsnr.c:200
#8  0x000055555555a8b3 in uxlsnrloop (ap=0x555555774280) at main.c:1057
#9  0x00007ffff7bc6e25 in start_thread () from /lib64/libpthread.so.0
#10 0x00007ffff69df34d in clone () from /lib64/libc.so.6
```

Version-Release number of selected component (if applicable):
device-mapper-multipath-0.4.9-111.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1. In a new terminal run
    for x in `seq 1 1000`; do sudo multipath -F ; sudo multipath -r; done
2. In a new terminal run
    for x in `seq 1 100`; do sudo  multipathd -k'show maps json'; done
3.

Actual results:
multipathd crash

Expected results:
multipathd dont crash

Additional info:
Comment 1 Ben Marzinski 2017-06-01 21:59:54 UTC 
This actually happens if you run

# multipathd show maps json

When there are no multipath devices. I have a fix, but I'm not sure that this is worthy of an exception. The fix is simple, but the workaround is to not do this when there are no multipath devices.
Comment 2 Ben Marzinski 2017-09-20 00:08:52 UTC 
Multipath now correctly handles the case where there are no multipath maps when

# multipathd show maps json

is run
Comment 6 Lin Li 2018-01-29 18:06:57 UTC 
change to verified according to comment 4.
Comment 9 errata-xmlrpc 2018-04-10 16:10:28 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHEA-2018:0884
Note You need to log in before you can comment on or make changes to this bug.