diff options
author | Xavi Hernandez <xhernandez@redhat.com> | 2018-11-07 18:54:23 +0100 |
---|---|---|
committer | Amar Tumballi <amarts@redhat.com> | 2018-11-26 04:24:23 +0000 |
commit | 31f85a4c7b20d9e594109f933f97127ba43029a8 (patch) | |
tree | b9a9222228f1b032dab46e2c39c7eeb1442702f7 /run-tests-in-vagrant.sh | |
parent | b2776b1ec1ad845ba568c4439bca3b57cc4d2592 (diff) |
libglusterfs: fix memory corruption caused by per-thread mem pools
There was a race in the per-thread memory pool management that could lead
to memory corruption. The race appeared when the following sequence of
events happened:
1. Thread T1 allocated a memory object O1 from its own private pool P1
2. T1 terminates and P1 is marked to be destroyed
3. The mem-sweeper thread is woken up and scans all private pools
4. It detects that P1 needs to be destroyed and starts releasing the
objects from hot and cold lists.
5. Thread T2 releases O1
6. O1 is added to the hot list of P1
The problem happens because steps 4 and 6 are protected by diferent locks,
so they can run concurrently. This means that both T1 and T2 are modifying
the same list at the same time, potentially causing corruption.
This patch fixes the problem using the following approach:
1. When an object is released, it's only returned to the hot list of the
corresponding memory pool if it's not marked to be destroyed. Otherwise
the memory is released to the system.
2. Object release and mem-sweeper thread synchronize access to the deletion
mark of the memory pool to prevent simultaneous access to the list.
Some other minor adjustments are made to reduce the lengths of the locked
regions.
Fixes: bz#1651165
Change-Id: I63be3893f92096e57f54a6150e0461340084ddde
Signed-off-by: Xavi Hernandez <xhernandez@redhat.com>
Diffstat (limited to 'run-tests-in-vagrant.sh')
0 files changed, 0 insertions, 0 deletions