From 8d99b1860dbaa62da3edb1ec9fd626f51f9d2c95 Mon Sep 17 00:00:00 2001
From: Kaleb S KEITHLEY <kkeithle@redhat.com>
Date: Fri, 3 Jun 2016 13:29:00 -0400
Subject: libglusterfs (timer): race conditions, illegal mem access, mem leak

While investigating gfapi memory consumption with valgrind, valgrind
reported several memory access issues.

Also see the timer 'registry' being recreated (shortly) after being
freed during teardown due to the way it's currently written.

Passing ctx as data to gf_timer_proc() is prone to memory access
issues if ctx is freed before gf_timer_proc() terminates. (And in
fact this does happen, at least in valgrind.) gf_timer_proc() doesn't
need ctx for anything, it only needs ctx->timer, so just pass that.

Nothing ever calls gf_timer_registry_init(). Nothing outside of
timer.c that is. Making it and gf_timer_proc() static.

backport mainline:
> http://review.gluster.org/14247
> BUG: 1333925

Change-Id: Ia28454dda0cf0de2fec94d76441d98c3927a906a
BUG: 1342620
Signed-off-by: Kaleb S KEITHLEY <kkeithle@redhat.com>
Reviewed-on: http://review.gluster.org/14644
Smoke: Gluster Build System <jenkins@build.gluster.com>
NetBSD-regression: NetBSD Build System <jenkins@build.gluster.org>
CentOS-regression: Gluster Build System <jenkins@build.gluster.com>
---
 api/src/glfs.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'api')

diff --git a/api/src/glfs.c b/api/src/glfs.c
index 6c152ae56ed..3f39b682e42 100644
--- a/api/src/glfs.c
+++ b/api/src/glfs.c
@@ -149,7 +149,7 @@ glusterfs_ctx_defaults_init (glusterfs_ctx_t *ctx)
 	LOCK_INIT (&pool->lock);
 	ctx->pool = pool;
 
-	pthread_mutex_init (&(ctx->lock), NULL);
+	LOCK_INIT (&ctx->lock);
 
 	ret = 0;
 err:
@@ -1059,9 +1059,9 @@ glusterfs_ctx_destroy (glusterfs_ctx_t *ctx)
         GF_FREE (ctx->process_uuid);
         GF_FREE (ctx->cmd_args.volfile_id);
 
-        pthread_mutex_destroy (&(ctx->lock));
-        pthread_mutex_destroy (&(ctx->notify_lock));
-        pthread_cond_destroy (&(ctx->notify_cond));
+        LOCK_DESTROY (&ctx->lock);
+        pthread_mutex_destroy (&ctx->notify_lock);
+        pthread_cond_destroy (&ctx->notify_cond);
 
         /* Free all the graph structs and its containing xlator_t structs
          * from this point there should be no reference to GF_FREE/GF_CALLOC
-- 
cgit