Actions
Bug #38296
closedsegv in fgets() in collect_sys_info reading /proc/cpuinfo
Status:
Resolved
Priority:
High
Assignee:
-
Category:
-
Target version:
-
% Done:
0%
Source:
Tags:
Backport:
nautilus, mimic, luminous
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(RADOS):
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
#0 raise (sig=sig@entry=11) at ../sysdeps/unix/sysv/linux/raise.c:51 #1 0x00005645a29f47a3 in reraise_fatal (signum=11) at ./src/global/signal_handler.cc:81 #2 handle_fatal_signal (signum=11) at ./src/global/signal_handler.cc:298 #3 <signal handler called> #4 __memchr_avx2 () at ../sysdeps/x86_64/multiarch/memchr-avx2.S:92 #5 0x00007fe8616a6e25 in __GI__IO_getline_info (eof=0x0, extract_delim=<optimized out>, delim=10, n=99, buf=0x7fe855e9f2d0 "DirectMap1G: 31457280 kB\n", fp=0x5645a3c7dcc0, fp@entry=0x1) at iogetline.c:85 #6 __GI__IO_getline (fp=fp@entry=0x5645a3c7dcc0, buf=buf@entry=0x7fe855e9f2d0 "DirectMap1G: 31457280 kB\n", n=n@entry=99, delim=delim@entry=10, extract_delim=extract_delim@entry=1) at iogetline.c:34 #7 0x00007fe8616a5bcd in _IO_fgets (buf=buf@entry=0x7fe855e9f2d0 "DirectMap1G: 31457280 kB\n", n=n@entry=100, fp=fp@entry=0x5645a3c7dcc0) at iofgets.c:53 #8 0x00007fe863b3a930 in fgets (__stream=0x5645a3c7dcc0, __n=100, __s=0x7fe855e9f2d0 "DirectMap1G: 31457280 kB\n") at /usr/include/x86_64-linux-gnu/bits/stdio2.h:262 #9 collect_sys_info (m=m@entry=0x5645c3c86348, cct=<optimized out>) at ./src/common/util.cc:232 #10 0x00005645a278465b in Monitor::collect_metadata (this=this@entry=0x5645a505b400, m=0x5645c3c86348) at ./src/mon/Monitor.cc:2220 #11 0x00005645a2827227 in Elector::start (this=this@entry=0x5645a505c0f0) at ./src/mon/Elector.cc:99 #12 0x00005645a2796221 in Elector::call_election (this=0x5645a505c0f0) at ./src/mon/Elector.h:387 #13 Monitor::start_election (this=0x5645a505b400) at ./src/mon/Monitor.cc:2042 #14 0x00005645a2826b17 in Elector::handle_propose (this=this@entry=0x5645a505c0f0, op=...) at ./src/mon/Elector.cc:287 #15 0x00005645a28286e9 in Elector::dispatch (this=0x5645a505c0f0, op=...) at ./src/mon/Elector.cc:509 #16 0x00005645a27afba8 in Monitor::dispatch_op (this=this@entry=0x5645a505b400, op=...) at ./src/mon/Monitor.cc:4468 #17 0x00005645a27b05c2 in Monitor::_ms_dispatch (this=this@entry=0x5645a505b400, m=m@entry=0x5645ccfcad00) at ./src/mon/Monitor.cc:4261 #18 0x00005645a27dd703 in Monitor::ms_dispatch (this=0x5645a505b400, m=0x5645ccfcad00) at ./src/mon/Monitor.h:888 #19 0x00005645a27d9e26 in Dispatcher::ms_dispatch2 (this=0x5645a505b400, m=...) at ./src/msg/Dispatcher.h:126 #20 0x00007fe863b42d09 in Messenger::ms_deliver_dispatch (m=..., this=0x5645a4b4f800) at ./src/msg/Messenger.h:647 #21 DispatchQueue::entry (this=0x5645a4b4fa10) at ./src/msg/DispatchQueue.cc:196
/a/sage-2019-02-13_03:14:34-upgrade:luminous-x-wip-v2-upgrade-distro-basic-smithi/3582464
the line in question is
char *line = fgets(buf, sizeof(buf), f);
of
f = fopen(PROCPREFIX "/proc/cpuinfo", "r");
if (f) {
char buf[1024];
while (!feof(f)) {
char *line = fgets(buf, sizeof(buf), f);
if (!line)
break;
if (strncmp(line, "model name", 10) == 0) {
char *c = strchr(buf, ':');
c++;
while (*c == ' ')
++c;
char *nl = c;
while (*nl != '\n')
++nl;
*nl = '\0';
(*m)["cpu"] = c;
break;
}
}
fclose(f);
}
Updated by Sage Weil almost 5 years ago
- Priority changed from Normal to High
saw this again:
2019-04-17T23:51:44.681 INFO:tasks.ceph.mon.a.smithi002.stderr:*** Caught signal (Segmentation fault) ** 2019-04-17T23:51:44.681 INFO:tasks.ceph.mon.a.smithi002.stderr: in thread 7febbe0ee700 thread_name:ms_dispatch 2019-04-17T23:51:44.683 INFO:tasks.ceph.mon.a.smithi002.stderr: ceph version 14.2.0-323-gd947e80 (d947e804dd316c89c28d25948947927fa290e227) nautilus (stable) 2019-04-17T23:51:44.683 INFO:tasks.ceph.mon.a.smithi002.stderr: 1: (()+0x12890) [0x7febc9ca1890] 2019-04-17T23:51:44.683 INFO:tasks.ceph.mon.a.smithi002.stderr: 2: (()+0x18a487) [0x7febc8ee0487] 2019-04-17T23:51:44.683 INFO:tasks.ceph.mon.a.smithi002.stderr: 3: (_IO_getline()+0x55) [0x7febc8dd5e25] 2019-04-17T23:51:44.683 INFO:tasks.ceph.mon.a.smithi002.stderr: 4: (fgets()+0xad) [0x7febc8dd4bcd] 2019-04-17T23:51:44.684 INFO:tasks.ceph.mon.a.smithi002.stderr: 5: (collect_sys_info(std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::less<std::__cxx11::basic_string<char, std::char_traits< char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > >*, CephContext*)+0x1228) [0x7febcb067998] 2019-04-17T23:51:44.684 INFO:tasks.ceph.mon.a.smithi002.stderr: 6: (Monitor::collect_metadata(std::map<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >, std::less<std::__cxx11::basic_string<char, std::cha r_traits<char>, std::allocator<char> > >, std::allocator<std::pair<std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > > > >*)+0x43) [0x55dee4f01753] 2019-04-17T23:51:44.684 INFO:tasks.ceph.mon.a.smithi002.stderr: 7: (Elector::start()+0x2c2) [0x55dee4fa23a2] 2019-04-17T23:51:44.684 INFO:tasks.ceph.mon.a.smithi002.stderr: 8: (Monitor::start_election()+0x18e) [0x55dee4f11b8e] 2019-04-17T23:51:44.684 INFO:tasks.ceph.mon.a.smithi002.stderr: 9: (Elector::handle_propose(boost::intrusive_ptr<MonOpRequest>)+0x9b9) [0x55dee4fa1e09] 2019-04-17T23:51:44.684 INFO:tasks.ceph.mon.a.smithi002.stderr: 10: (Elector::dispatch(boost::intrusive_ptr<MonOpRequest>)+0x1158) [0x55dee4fa4368] 2019-04-17T23:51:44.685 INFO:tasks.ceph.mon.a.smithi002.stderr: 11: (Monitor::dispatch_op(boost::intrusive_ptr<MonOpRequest>)+0x11ef) [0x55dee4f2c8df] 2019-04-17T23:51:44.685 INFO:tasks.ceph.mon.a.smithi002.stderr: 12: (Monitor::_ms_dispatch(Message*)+0xdbb) [0x55dee4f2d90b]
/a/yuriw-2019-04-17_22:57:15-upgrade:luminous-x-nautilus-distro-basic-smithi/3859475
Updated by Sage Weil almost 5 years ago
- Status changed from 12 to Fix Under Review
https://github.com/ceph/ceph/pull/27707
(looks like the buffer is only 100 chars, and /proc/cpuinfo frequently exceeds that)
Updated by Sage Weil almost 5 years ago
- Backport set to nautilus, mimic, luminous
https://github.com/ceph/ceph/pull/27707
(looks like the buffer is only 100 chars, and /proc/cpuinfo frequently exceeds that)
Updated by Brad Hubbard almost 5 years ago
- Status changed from Fix Under Review to In Progress
Updated by Sage Weil almost 5 years ago
- Status changed from In Progress to Pending Backport
Updated by Nathan Cutler almost 5 years ago
- Copied to Backport #39474: luminous: segv in fgets() in collect_sys_info reading /proc/cpuinfo added
Updated by Nathan Cutler almost 5 years ago
- Copied to Backport #39475: mimic: segv in fgets() in collect_sys_info reading /proc/cpuinfo added
Updated by Nathan Cutler almost 5 years ago
- Copied to Backport #39476: nautilus: segv in fgets() in collect_sys_info reading /proc/cpuinfo added
Updated by Sage Weil over 4 years ago
- Related to Bug #43306: segv in collect_sys_info added
Updated by Nathan Cutler about 4 years ago
- Status changed from Pending Backport to Resolved
While running with --resolve-parent, the script "backport-create-issue" noticed that all backports of this issue are in status "Resolved" or "Rejected".
Actions