Bug #46293
closedkclient: delayed work will be potential crash with mdsc used-after-free
0%
Description
Hit for twice that when doing the mount and umount testing before without any logs catched. And both time the OS is under pressure, almost run out of the disk/memories, etc.
Checked the related code, the cancel_delayed_work_sync() should be a potential problem:
Because the cancel_delayed_work_sync() will only guarantee that the work finishes executing if it is already on the ->worklist. But in case the work will re-arm itself, that means after the cancel_delayed_work_sync() returns it will leave the work requeued. And if we release the resources before the delayed work to run again we will hit the use-after-free bug.
Use the flush_delayed_work() to wait the work to be executed and to exit directly by checking the mdsc->stoppping without re-arming itself.
Updated by Xiubo Li almost 4 years ago
- Status changed from New to In Progress
- ceph-qa-suite kcephfs added
- ceph-qa-suite deleted (
fs)
Updated by Xiubo Li almost 4 years ago
- Status changed from In Progress to Fix Under Review
Updated by Xiubo Li almost 4 years ago
- Status changed from Fix Under Review to Resolved