Bug 431840 - fhpd message injection during a buffer flush can cause corrupt or incomplete message buffer
fhpd message injection during a buffer flush can cause corrupt or incomplete ...
Status: CLOSED WONTFIX
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: frysk (Show other bugs)
5.2
All Linux
low Severity low
: rc
: ---
Assigned To: Eric Bachalo
Len DiMaggio
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2008-02-07 04:35 EST by Phil Muldoon
Modified: 2011-02-15 04:36 EST (History)
6 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-02-15 04:36:56 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)
Synchronize buffer access patch (2.11 KB, patch)
2008-02-07 04:37 EST, Phil Muldoon
no flags Details | Diff

  None (edit)
Description Phil Muldoon 2008-02-07 04:35:25 EST
Description of problem:

Upstream bug: 

http://sourceware.org/bugzilla/show_bug.cgi?id=5735

While investigating another bug, I came across a message buffer corruption bug
that could either:

1) produce incomplete message data to the user;
2) not produce message data at all;
3) present corrupted message data to the user.

The summary of the bug is as follows:

1) During a flushBuffer() call, the CLI interface in fhpd creates a fail-fast
iterator to loop over the message queue.

2) If during a flush, another thread adds a message to the message queue, or the
message queue is altered in any way, the fail-fast iterator will generate a
Concurrent Modification Exception. This happens in this bug's case when the
SteppingEngine notices a thread terminated event, and injects a message into the
message queue. But it can happen in any event where two threads are either
flushing or adding to the queue.

3) The CLI will recover from this exception, but will not continue to process
the buffer for output to the user. The rest of the contents of the message
buffer will not be processed for output, causing incomplete message data.


The bug has been fixed upstream. The solution was to synchronize access around
the message buffer list.
Comment 1 Phil Muldoon 2008-02-07 04:37:06 EST
Created attachment 294195 [details]
Synchronize buffer access patch

Upstream patch

Note You need to log in before you can comment on or make changes to this bug.