summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorKaleb S. KEITHLEY <kkeithle@redhat.com>2012-09-13 16:21:07 -0400
committerAnand Avati <avati@redhat.com>2012-09-17 14:49:59 -0700
commit517a9d2450c4de6229d2b699a2ffd9102c3488c9 (patch)
treea16bae4a28166b90f7e098ad5cd52d89c7ca2e62
parent314dd4da976cd329417b43c3ad281fd9990fdcd7 (diff)
glusterfs SEGV on Fedora 17 from UFO fallocate(2) callv3.3.1qa3
An upload of a file will cause the volume's glusterfs to SEGV when it fields a FUSE_FALLOCATE op. Swift inspects libc to determine if there is a symbol for fallocate(2) and if so will use it. And while the libc in RHEL 6 does have fallocate(2), the version of fuse in RHEL 6 does not support fallocate, and things are handled gracefully elsewhere (the kernel perhaps?) N.B. fallocate was added to version 7.19 of fuse. Fedora 17 and later (and maybe earlier too) has 7.19. RHEL 6 still has 7.13. Glusterfs uses the 7.13 version <linux/fuse.h> (in contrib/fuse-include/fuse_kernel.h) Thus on Fedora 17, with both fallocate(2) in libc and fallocate support in fuse, the fallocate invocation is dispatched to glusterfs, but the dispatch table (fuse_std_ops in xlators/mount/fuse/src/fuse-bridge.c) is too short for one thing; the fallocate opcode (43) indexes beyond the end of the table, and even when that doesn't directly cause a SEGV, the NULL pointer at that location does cause a SEGV when attempting to call the function through the pointer. BUG: 856704 Change-Id: Iffe3994dde6ca29444d07d27eb04d6f86773fa03 Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com> Reviewed-on: http://review.gluster.org/3941 Tested-by: Gluster Build System <jenkins@build.gluster.com> Reviewed-by: Mohammed Junaid <junaid@redhat.com> Reviewed-by: Anand Avati <avati@redhat.com>
-rw-r--r--xlators/mount/fuse/src/fuse-bridge.c33
1 files changed, 19 insertions, 14 deletions
diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c
index fa728604daf..51e644269c5 100644
--- a/xlators/mount/fuse/src/fuse-bridge.c
+++ b/xlators/mount/fuse/src/fuse-bridge.c
@@ -4063,13 +4063,11 @@ fuse_thread_proc (void *data)
finh->uid == priv->uid_map_root)
finh->uid = 0;
-#ifdef GF_DARWIN_HOST_OS
if (finh->opcode >= FUSE_OP_HIGH)
/* turn down MacFUSE specific messages */
fuse_enosys (this, finh, msg);
else
-#endif
- fuse_ops[finh->opcode] (this, finh, msg);
+ fuse_ops[finh->opcode] (this, finh, msg);
iobuf_unref (iobuf);
continue;
@@ -4288,40 +4286,47 @@ mem_acct_init (xlator_t *this)
static fuse_handler_t *fuse_std_ops[FUSE_OP_HIGH] = {
- [FUSE_INIT] = fuse_init,
- [FUSE_DESTROY] = fuse_destroy,
[FUSE_LOOKUP] = fuse_lookup,
[FUSE_FORGET] = fuse_forget,
[FUSE_GETATTR] = fuse_getattr,
[FUSE_SETATTR] = fuse_setattr,
- [FUSE_OPENDIR] = fuse_opendir,
- [FUSE_READDIR] = fuse_readdir,
- [FUSE_RELEASEDIR] = fuse_releasedir,
- [FUSE_ACCESS] = fuse_access,
[FUSE_READLINK] = fuse_readlink,
+ [FUSE_SYMLINK] = fuse_symlink,
[FUSE_MKNOD] = fuse_mknod,
[FUSE_MKDIR] = fuse_mkdir,
[FUSE_UNLINK] = fuse_unlink,
[FUSE_RMDIR] = fuse_rmdir,
- [FUSE_SYMLINK] = fuse_symlink,
[FUSE_RENAME] = fuse_rename,
[FUSE_LINK] = fuse_link,
- [FUSE_CREATE] = fuse_create,
[FUSE_OPEN] = fuse_open,
[FUSE_READ] = fuse_readv,
[FUSE_WRITE] = fuse_write,
- [FUSE_FLUSH] = fuse_flush,
+ [FUSE_STATFS] = fuse_statfs,
[FUSE_RELEASE] = fuse_release,
[FUSE_FSYNC] = fuse_fsync,
- [FUSE_FSYNCDIR] = fuse_fsyncdir,
- [FUSE_STATFS] = fuse_statfs,
[FUSE_SETXATTR] = fuse_setxattr,
[FUSE_GETXATTR] = fuse_getxattr,
[FUSE_LISTXATTR] = fuse_listxattr,
[FUSE_REMOVEXATTR] = fuse_removexattr,
+ [FUSE_FLUSH] = fuse_flush,
+ [FUSE_INIT] = fuse_init,
+ [FUSE_OPENDIR] = fuse_opendir,
+ [FUSE_READDIR] = fuse_readdir,
+ [FUSE_RELEASEDIR] = fuse_releasedir,
+ [FUSE_FSYNCDIR] = fuse_fsyncdir,
[FUSE_GETLK] = fuse_getlk,
[FUSE_SETLK] = fuse_setlk,
[FUSE_SETLKW] = fuse_setlk,
+ [FUSE_ACCESS] = fuse_access,
+ [FUSE_CREATE] = fuse_create,
+ /* [FUSE_INTERRUPT] */
+ /* [FUSE_BMAP] */
+ [FUSE_DESTROY] = fuse_destroy,
+ /* [FUSE_IOCTL] */
+ /* [FUSE_POLL] */
+ /* [FUSE_NOTIFY_REPLY] */
+ /* [FUSE_BATCH_FORGET] */
+ /* [FUSE_FALLOCATE] */
};