diff options
| author | Kaleb S. KEITHLEY <kkeithle@redhat.com> | 2012-09-13 16:21:07 -0400 | 
|---|---|---|
| committer | Anand Avati <avati@redhat.com> | 2012-09-17 14:49:59 -0700 | 
| commit | 517a9d2450c4de6229d2b699a2ffd9102c3488c9 (patch) | |
| tree | a16bae4a28166b90f7e098ad5cd52d89c7ca2e62 | |
| parent | 314dd4da976cd329417b43c3ad281fd9990fdcd7 (diff) | |
glusterfs SEGV on Fedora 17 from UFO fallocate(2) callv3.3.1qa3
An upload of a file will cause the volume's glusterfs to SEGV
when it fields a FUSE_FALLOCATE op. Swift inspects libc to determine
if there is a symbol for fallocate(2) and if so will use it. And
while the libc in RHEL 6 does have fallocate(2), the version of
fuse in RHEL 6 does not support fallocate, and things are handled
gracefully elsewhere (the kernel perhaps?)
N.B. fallocate was added to version 7.19 of fuse. Fedora 17 and
later (and maybe earlier too) has 7.19. RHEL 6 still has 7.13.
Glusterfs uses the 7.13 version <linux/fuse.h>
(in contrib/fuse-include/fuse_kernel.h)
Thus on Fedora 17, with both fallocate(2) in libc and fallocate
support in fuse, the fallocate invocation is dispatched to glusterfs,
but the dispatch table (fuse_std_ops in
xlators/mount/fuse/src/fuse-bridge.c) is too short for one thing;
the fallocate opcode (43) indexes beyond the end of the table, and
even when that doesn't directly cause a SEGV, the NULL pointer at
that location does cause a SEGV when attempting to call the function
through the pointer.
BUG: 856704
Change-Id: Iffe3994dde6ca29444d07d27eb04d6f86773fa03
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/3941
Tested-by: Gluster Build System <jenkins@build.gluster.com>
Reviewed-by: Mohammed Junaid <junaid@redhat.com>
Reviewed-by: Anand Avati <avati@redhat.com>
| -rw-r--r-- | xlators/mount/fuse/src/fuse-bridge.c | 33 | 
1 files changed, 19 insertions, 14 deletions
| diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c index fa728604d..51e644269 100644 --- a/xlators/mount/fuse/src/fuse-bridge.c +++ b/xlators/mount/fuse/src/fuse-bridge.c @@ -4063,13 +4063,11 @@ fuse_thread_proc (void *data)                      finh->uid == priv->uid_map_root)                          finh->uid = 0; -#ifdef GF_DARWIN_HOST_OS                  if (finh->opcode >= FUSE_OP_HIGH)                          /* turn down MacFUSE specific messages */                          fuse_enosys (this, finh, msg);                  else -#endif -                fuse_ops[finh->opcode] (this, finh, msg); +                        fuse_ops[finh->opcode] (this, finh, msg);                  iobuf_unref (iobuf);                  continue; @@ -4288,40 +4286,47 @@ mem_acct_init (xlator_t *this)  static fuse_handler_t *fuse_std_ops[FUSE_OP_HIGH] = { -        [FUSE_INIT]        = fuse_init, -        [FUSE_DESTROY]     = fuse_destroy,          [FUSE_LOOKUP]      = fuse_lookup,          [FUSE_FORGET]      = fuse_forget,          [FUSE_GETATTR]     = fuse_getattr,          [FUSE_SETATTR]     = fuse_setattr, -        [FUSE_OPENDIR]     = fuse_opendir, -        [FUSE_READDIR]     = fuse_readdir, -        [FUSE_RELEASEDIR]  = fuse_releasedir, -        [FUSE_ACCESS]      = fuse_access,          [FUSE_READLINK]    = fuse_readlink, +        [FUSE_SYMLINK]     = fuse_symlink,          [FUSE_MKNOD]       = fuse_mknod,          [FUSE_MKDIR]       = fuse_mkdir,          [FUSE_UNLINK]      = fuse_unlink,          [FUSE_RMDIR]       = fuse_rmdir, -        [FUSE_SYMLINK]     = fuse_symlink,          [FUSE_RENAME]      = fuse_rename,          [FUSE_LINK]        = fuse_link, -        [FUSE_CREATE]      = fuse_create,          [FUSE_OPEN]        = fuse_open,          [FUSE_READ]        = fuse_readv,          [FUSE_WRITE]       = fuse_write, -        [FUSE_FLUSH]       = fuse_flush, +        [FUSE_STATFS]      = fuse_statfs,          [FUSE_RELEASE]     = fuse_release,          [FUSE_FSYNC]       = fuse_fsync, -        [FUSE_FSYNCDIR]    = fuse_fsyncdir, -        [FUSE_STATFS]      = fuse_statfs,          [FUSE_SETXATTR]    = fuse_setxattr,          [FUSE_GETXATTR]    = fuse_getxattr,          [FUSE_LISTXATTR]   = fuse_listxattr,          [FUSE_REMOVEXATTR] = fuse_removexattr, +        [FUSE_FLUSH]       = fuse_flush, +        [FUSE_INIT]        = fuse_init, +        [FUSE_OPENDIR]     = fuse_opendir, +        [FUSE_READDIR]     = fuse_readdir, +        [FUSE_RELEASEDIR]  = fuse_releasedir, +        [FUSE_FSYNCDIR]    = fuse_fsyncdir,          [FUSE_GETLK]       = fuse_getlk,          [FUSE_SETLK]       = fuse_setlk,          [FUSE_SETLKW]      = fuse_setlk, +        [FUSE_ACCESS]      = fuse_access, +        [FUSE_CREATE]      = fuse_create, +     /* [FUSE_INTERRUPT] */ +     /* [FUSE_BMAP] */ +        [FUSE_DESTROY]     = fuse_destroy, +     /* [FUSE_IOCTL] */ +     /* [FUSE_POLL] */ +     /* [FUSE_NOTIFY_REPLY] */ +     /* [FUSE_BATCH_FORGET] */ +     /* [FUSE_FALLOCATE] */   }; | 
