Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.

Bug 856704

Summary: UFO (swift) causes glusterfs SEGV on Fedora 17 when it invokes fallocate for an uploaded file
Product: [Community] GlusterFS Reporter: Kaleb KEITHLEY <kkeithle>
Component: coreAssignee: Kaleb KEITHLEY <kkeithle>
Status: CLOSED CURRENTRELEASE QA Contact:
Severity: high Docs Contact:
Priority: high    
Version: mainlineCC: gluster-bugs, rabhat
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: glusterfs-3.4.0 Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-07-24 17:34:41 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 949242    
Bug Blocks: 852221    
Attachments:
Description Flags
proposed fix none

Description Kaleb KEITHLEY 2012-09-12 15:39:58 UTC 
Created attachment 612159 [details]
proposed fix

Description of problem:

An upload of a file will cause the volume's glusterfs to SEGV when it fields a FUSE_FALLOCATE op. Swift inspects libc to see if there is a symbol for fallocate(2) and if so will use it. And while the libc in RHEL 6 does have fallocate(2), the version of fuse in RHEL 6 does not support fallocate, and things are handled gracefully elsewhere (the kernel perhaps?)

N.B. fallocate was added to version 7.19 of fuse. Fedora 17 and later (and maybe earlier too) has 7.19. RHEL 6 still has 7.13. Glusterfs uses the 7.13 version <linux/fuse.h> (in contrib/fuse-include/fuse_kernel.h) 

Thus on Fedora 17, with both fallocate(2) in libc and fallocate support in fuse, the fallocate invocation is dispatched to glusterfs, but the dispatch table (fuse_std_ops in xlators/mount/fuse/src/fuse-bridge.c) is too short for one thing; the fallocate opcode (43) indexes beyond the end of the table, and even when that doesn't directly cause a SEGV, the NULL pointer at that location does cause a SEGV when attempting to call the function through the pointer.


Version-Release number of selected component (if applicable):

glusterfs, glusterfs-swift, etc. (Fedora koji build) 3.3.0-[56]

How reproducible:

Run UFO (glusterfs-swift) in F17 using the RPMs from  http://repos.fedorapeople.org/repos/kkeithle/glusterfs/

Use swift to upload a file. Watch the volume's glusterfs SEGV and drop a core file.

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

The attached patch contains a fix that 
 a) abandons the "carried" contrib/fuse-include/fuse_kernel.h in favor of using the system's <linux/fuse.h>
 b) extends the dispatch table as necessary (fuse_std_ops) to include a handler for fallocate. This handler merely returns ENOSYS, which Swift appears to handle ENOSYS from the handler the same way it would on systems where fuse and/or the file system doesn't support fallocate.

Another option would be to implement fallocate in the Gluster protocol stack and have the handler dispatch the op to gluster.