21ab4e
From dd47e1bbd89e4aa84c9dcf4e007de5a0457730ea Mon Sep 17 00:00:00 2001
21ab4e
From: Jiffin Tony Thottan <jthottan@redhat.com>
21ab4e
Date: Mon, 7 Aug 2017 23:47:00 +0530
21ab4e
Subject: [PATCH 597/601] nfs: add NULL check for call state in
21ab4e
 nfs3_call_state_wipe
21ab4e
21ab4e
Refcounting added for nfs call state in https://review.gluster.org/17696.
21ab4e
This is based on assumption that call state won't NULL when it is freed.
21ab4e
But currently gluster nfs server is crashing in different scenarios at
21ab4e
nfs3_getattr() with following bt
21ab4e
21ab4e
#0  0x00007ff1cfea9205 in _gf_ref_put (ref=ref@entry=0x0) at refcount.c:36
21ab4e
#1  0x00007ff1c1997455 in nfs3_call_state_wipe (cs=cs@entry=0x0) at nfs3.c:559
21ab4e
#2  0x00007ff1c1998931 in nfs3_getattr (req=req@entry=0x7ff1bc0b26d0, fh=fh@entry=0x7ff1c2f76ae0) at nfs3.c:962
21ab4e
#3  0x00007ff1c1998c8a in nfs3svc_getattr (req=0x7ff1bc0b26d0) at nfs3.c:987
21ab4e
#4  0x00007ff1cfbfd8c5 in rpcsvc_handle_rpc_call (svc=0x7ff1bc03e500, trans=trans@entry=0x7ff1bc0c8020, msg=<optimized out>) at rpcsvc.c:695
21ab4e
#5  0x00007ff1cfbfdaab in rpcsvc_notify (trans=0x7ff1bc0c8020, mydata=<optimized out>, event=<optimized out>, data=<optimized out>) at rpcsvc.c:789
21ab4e
#6  0x00007ff1cfbff9e3 in rpc_transport_notify (this=this@entry=0x7ff1bc0c8020, event=event@entry=RPC_TRANSPORT_MSG_RECEIVED, data=data@entry=0x7ff1bc0038d0)
21ab4e
    at rpc-transport.c:538
21ab4e
#7  0x00007ff1c4a2e3d6 in socket_event_poll_in (this=this@entry=0x7ff1bc0c8020, notify_handled=<optimized out>) at socket.c:2306
21ab4e
#8  0x00007ff1c4a3097c in socket_event_handler (fd=21, idx=9, gen=19, data=0x7ff1bc0c8020, poll_in=1, poll_out=0, poll_err=0) at socket.c:2458
21ab4e
#9  0x00007ff1cfe950f6 in event_dispatch_epoll_handler (event=0x7ff1c2f76e80, event_pool=0x5618154d5ee0) at event-epoll.c:572
21ab4e
#10 event_dispatch_epoll_worker (data=0x56181551cbd0) at event-epoll.c:648
21ab4e
#11 0x00007ff1cec99e25 in start_thread () from /lib64/libpthread.so.0
21ab4e
#12 0x00007ff1ce56634d in clone () from /lib64/libc.so.6
21ab4e
21ab4e
This patch add previous NULL check move from __nfs3_call_state_wipe() to
21ab4e
nfs3_call_state_wipe()
21ab4e
21ab4e
Cherry picked from commit 111d6bda9259126b0429113c9b8ba479958a4398:
21ab4e
> Change-Id: I2d73632f4be23f14d8467be3d908b09b3a2d87ea
21ab4e
> BUG: 1479030
21ab4e
> Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
21ab4e
> Reviewed-on: https://review.gluster.org/17989
21ab4e
> Smoke: Gluster Build System <jenkins@build.gluster.org>
21ab4e
> CentOS-regression: Gluster Build System <jenkins@build.gluster.org>
21ab4e
> Reviewed-by: Niels de Vos <ndevos@redhat.com>
21ab4e
21ab4e
Change-Id: I2d73632f4be23f14d8467be3d908b09b3a2d87ea
21ab4e
BUG: 1476871
21ab4e
Signed-off-by: Jiffin Tony Thottan <jthottan@redhat.com>
21ab4e
Reviewed-on: https://code.engineering.redhat.com/gerrit/114663
21ab4e
Reviewed-by: Niels de Vos <ndevos@redhat.com>
21ab4e
Reviewed-by: Atin Mukherjee <amukherj@redhat.com>
21ab4e
---
21ab4e
 xlators/nfs/server/src/nfs3.c | 7 ++++---
21ab4e
 1 file changed, 4 insertions(+), 3 deletions(-)
21ab4e
21ab4e
diff --git a/xlators/nfs/server/src/nfs3.c b/xlators/nfs/server/src/nfs3.c
21ab4e
index 52b948e..6339b3f 100644
21ab4e
--- a/xlators/nfs/server/src/nfs3.c
21ab4e
+++ b/xlators/nfs/server/src/nfs3.c
21ab4e
@@ -495,9 +495,6 @@ typedef ssize_t (*nfs3_serializer) (struct iovec outmsg, void *args);
21ab4e
 static void
21ab4e
 __nfs3_call_state_wipe (nfs3_call_state_t *cs)
21ab4e
 {
21ab4e
-        if (!cs)
21ab4e
-                return;
21ab4e
-
21ab4e
         if (cs->fd) {
21ab4e
                 gf_msg_trace (GF_NFS3, 0, "fd 0x%lx ref: %d",
21ab4e
                         (long)cs->fd, cs->fd->refcount);
21ab4e
@@ -556,6 +553,10 @@ err:
21ab4e
 void
21ab4e
 nfs3_call_state_wipe (nfs3_call_state_t *cs)
21ab4e
 {
21ab4e
+        if (!cs) {
21ab4e
+                gf_log_callingfn ("nfs", GF_LOG_WARNING, "nfs calling state NULL");
21ab4e
+                return;
21ab4e
+        }
21ab4e
         GF_REF_PUT (cs);
21ab4e
 }
21ab4e
 
21ab4e
-- 
21ab4e
1.8.3.1
21ab4e