Bug #39599: common: segfault while parsing POD_MEMORY_REQUEST - Ceph - Ceph

Actions

Copy link

Bug #39599

closed

common: segfault while parsing POD_MEMORY_REQUEST

Added by Ilya Lyubimov almost 5 years ago. Updated almost 5 years ago.

Status:

Resolved

Priority:

High

Assignee:

Patrick Donnelly

Category:

Target version:

v15.0.0

% Done:

Source:

Community (user)

Tags:

Backport:

nautilus

Regression:

Severity:

3 - minor

Reviewed:

Affected Versions:

v14.2.1

ceph-qa-suite:

Pull request ID:

28159

Crash signature (v1):

Crash signature (v2):

Description

Backtrace:

#0  strict_strtoll (str=..., base=base@entry=10, err=err@entry=0x0) at /usr/src/debug/ceph-14.2.1/src/common/strtol.cc:40
#1  0x0000555556238c6e in strict_iec_cast<unsigned long> (str=..., err=0x0) at /usr/src/debug/ceph-14.2.1/src/common/strtol.cc:189
#2  0x0000555556235c7f in strict_iecstrtoll (str=<optimized out>, err=<optimized out>) at /usr/src/debug/ceph-14.2.1/src/common/strtol.cc:226
#3  0x0000555556208309 in Option::parse_value (this=0x55555f9ca078, raw_val=..., out=<optimized out>, error_message=0x0, 
    normalized_value=<optimized out>) at /usr/src/debug/ceph-14.2.1/src/common/options.cc:192
#4  0x0000555556152c15 in md_config_t::_set_val (this=0x55555fbe4210, values=..., observers=..., raw_val=..., opt=..., level=<optimized out>, 
    error_message=0x0) at /usr/src/debug/ceph-14.2.1/src/common/config.cc:1298
#5  0x0000555556183d0b in md_config_t::parse_env (this=this@entry=0x55555fbe4210, entity_type=<optimized out>, entity_type@entry=4, values=..., 
    tracker=..., args_var=args_var@entry=0x555556879132 "CEPH_ARGS") at /usr/src/debug/ceph-14.2.1/src/common/config.cc:484
#6  0x00005555560c7fb2 in parse_env (env_var=0x555556879132 "CEPH_ARGS", entity_type=4, this=0x55555fbe2008)
    at /usr/src/debug/ceph-14.2.1/src/common/config_proxy.h:310
#7  global_pre_init (defaults=defaults@entry=0x7fffffffc260, args=std::vector of length 5, capacity 11 = {...}, module_type=module_type@entry=4, 
    code_env=code_env@entry=CODE_ENVIRONMENT_DAEMON, flags=flags@entry=0) at /usr/src/debug/ceph-14.2.1/src/global/global_init.cc:140
#8  0x00005555560c88ff in global_init (defaults=defaults@entry=0x7fffffffc260, args=std::vector of length 5, capacity 11 = {...}, 
    module_type=module_type@entry=4, code_env=code_env@entry=CODE_ENVIRONMENT_DAEMON, flags=flags@entry=0, 
    data_dir_option=0x5555567f6f1c "osd_data", run_pre_init=true) at /usr/src/debug/ceph-14.2.1/src/global/global_init.cc:185
#9  0x00005555559c3132 in main (argc=<optimized out>, argv=<optimized out>) at /usr/src/debug/ceph-14.2.1/src/ceph_osd.cc:128

md_config_t::parse_env method passes nullptr as an err pointer, strict_strtoll function unconditionally sets an empty string to the pointed memory, then nullptr dereference occures.

Related issues 1 (0 open — 1 closed)

Actions

Copy link

Updated by Patrick Donnelly almost 5 years ago

Subject changed from Segfault while parsing POD_MEMORY_REQUEST to common: segfault while parsing POD_MEMORY_REQUEST
Assignee set to Patrick Donnelly
Priority changed from Normal to High
Target version set to v15.0.0
Start date deleted (~~05/06/2019~~)
Backport set to nautilus