dht: fix asan use-after-free bug #4247
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
The client is throwing below stacktrace while asan is enabled. The client is facing an
issue while application is trying to call removexattr in 2x1 subvol and non-mds subvol
is down. As we can see in below stacktrace dht_setxattr_mds_cbk is calling
dht_setxattr_non_mds_cbk and dht_setxattr_non_mds_cbk is trying to wipe local because
call_cnt is 0 but dht_setxattr_mds_cbk is trying to access frame->local that;s
why it is crashed.
x621000051c34 is located 1844 bytes inside of 4164-byte region [0x621000051500,0x621000052544) freed by thread T7 here:
Solution: Use switch instead of using if statement to wind a operation, in case of switch
the code will not try to access local after wind a operation for last dht subvol.
> Fixes: gluster#3732
> Change-Id: I031bc814d6df98058430ef4de7040e3370d1c677
> (Reviewed on upstream link gluster#4242)
Fixex: gluster#3732
Change-Id: I031bc814d6df98058430ef4de7040e3370d1c677
Fixes: gluster#3732
Signed-off-by: Mohit Agrawal <[email protected]>
|
/run regression |
|
1 test(s) failed 0 test(s) generated core 2 test(s) needed retry |
|
/run regression |
xhernandez
approved these changes
Oct 24, 2023
Shwetha-Acharya
approved these changes
Oct 25, 2023
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
The client is throwing below stacktrace while asan is enabled. The client is facing an issue while application is trying to call removexattr in 2x1 subvol and non-mds subvol is down. As we can see in below stacktrace dht_setxattr_mds_cbk is calling dht_setxattr_non_mds_cbk and dht_setxattr_non_mds_cbk is trying to wipe local because call_cnt is 0 but dht_setxattr_mds_cbk is trying to access frame->local that;s why it is crashed.
x621000051c34 is located 1844 bytes inside of 4164-byte region [0x621000051500,0x621000052544) freed by thread T7 here:
Solution: Use switch instead of using if statement to wind a operation, in case of switch
the code will not try to access local after wind a operation for last dht subvol.
Fixex: #3732
Change-Id: I031bc814d6df98058430ef4de7040e3370d1c677
Signed-off-by: Mohit Agrawal [email protected]