856704 – UFO (swift) causes glusterfs SEGV on Fedora 17 when it invokes fallocate for an uploaded file

Bug 856704 - UFO (swift) causes glusterfs SEGV on Fedora 17 when it invokes fallocate for an uploaded file

Summary: UFO (swift) causes glusterfs SEGV on Fedora 17 when it invokes fallocate for ...

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	GlusterFS
Classification:	Community
Component:	core
Sub Component:
Version:	mainline
Hardware:	All
OS:	Linux
Priority:	high
Severity:	high
Target Milestone:	---
Assignee:	Kaleb KEITHLEY
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	949242
Blocks:	852221
TreeView+	depends on / blocked

Reported:	2012-09-12 15:39 UTC by Kaleb KEITHLEY
Modified:	2015-12-01 16:45 UTC (History)
CC List:	2 users (show)
Fixed In Version:	glusterfs-3.4.0
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2013-07-24 17:34:41 UTC
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Embargoed:
Dependent Products:

Attachments	(Terms of Use)
proposed fix (4.34 KB, application/octet-stream) 2012-09-12 15:39 UTC, Kaleb KEITHLEY	no flags	Details
View All

Description Kaleb KEITHLEY 2012-09-12 15:39:58 UTC

Created attachment 612159 [details]
proposed fix

Description of problem:

An upload of a file will cause the volume's glusterfs to SEGV when it fields a FUSE_FALLOCATE op. Swift inspects libc to see if there is a symbol for fallocate(2) and if so will use it. And while the libc in RHEL 6 does have fallocate(2), the version of fuse in RHEL 6 does not support fallocate, and things are handled gracefully elsewhere (the kernel perhaps?)

N.B. fallocate was added to version 7.19 of fuse. Fedora 17 and later (and maybe earlier too) has 7.19. RHEL 6 still has 7.13. Glusterfs uses the 7.13 version <linux/fuse.h> (in contrib/fuse-include/fuse_kernel.h) 

Thus on Fedora 17, with both fallocate(2) in libc and fallocate support in fuse, the fallocate invocation is dispatched to glusterfs, but the dispatch table (fuse_std_ops in xlators/mount/fuse/src/fuse-bridge.c) is too short for one thing; the fallocate opcode (43) indexes beyond the end of the table, and even when that doesn't directly cause a SEGV, the NULL pointer at that location does cause a SEGV when attempting to call the function through the pointer.


Version-Release number of selected component (if applicable):

glusterfs, glusterfs-swift, etc. (Fedora koji build) 3.3.0-[56]

How reproducible:

Run UFO (glusterfs-swift) in F17 using the RPMs from  http://repos.fedorapeople.org/repos/kkeithle/glusterfs/

Use swift to upload a file. Watch the volume's glusterfs SEGV and drop a core file.

Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

The attached patch contains a fix that 
 a) abandons the "carried" contrib/fuse-include/fuse_kernel.h in favor of using the system's <linux/fuse.h>
 b) extends the dispatch table as necessary (fuse_std_ops) to include a handler for fallocate. This handler merely returns ENOSYS, which Swift appears to handle ENOSYS from the handler the same way it would on systems where fuse and/or the file system doesn't support fallocate.

Another option would be to implement fallocate in the Gluster protocol stack and have the handler dispatch the op to gluster.

Note You need to log in before you can comment on or make changes to this bug.