Red Hat Bugzilla – Bug 431840
fhpd message injection during a buffer flush can cause corrupt or incomplete message buffer
Last modified: 2011-02-15 04:36:56 EST
Description of problem:
While investigating another bug, I came across a message buffer corruption bug
that could either:
1) produce incomplete message data to the user;
2) not produce message data at all;
3) present corrupted message data to the user.
The summary of the bug is as follows:
1) During a flushBuffer() call, the CLI interface in fhpd creates a fail-fast
iterator to loop over the message queue.
2) If during a flush, another thread adds a message to the message queue, or the
message queue is altered in any way, the fail-fast iterator will generate a
Concurrent Modification Exception. This happens in this bug's case when the
SteppingEngine notices a thread terminated event, and injects a message into the
message queue. But it can happen in any event where two threads are either
flushing or adding to the queue.
3) The CLI will recover from this exception, but will not continue to process
the buffer for output to the user. The rest of the contents of the message
buffer will not be processed for output, causing incomplete message data.
The bug has been fixed upstream. The solution was to synchronize access around
the message buffer list.
Created attachment 294195 [details]
Synchronize buffer access patch