Project

General

Profile

Bug #47626

process will crash by invalidate pointer

Added by Yi Li about 1 month ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
-
Target version:
% Done:

0%

Source:
Community (user)
Tags:
Backport:
Regression:
No
Severity:
1 - critical
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(RADOS):
Pull request ID:
Crash signature:

Description

1:Version´╝Ü mimic 13.2.9-0.el7.aarch64.rpm

2: coredump gbd info
(gdb) bt
#0 now (this=0x30) at /usr/src/debug/ceph-13.2.9/src/log/LogClock.h:95
#1 ceph::logging::Log::create_entry (this=0x0, level=level@entry=11, subsys=subsys@entry=20,
expected_size=expected_size@entry=0xffff683f39e0 <ObjectCacher::flusher_entry()::_log_exp_length>)
at /usr/src/debug/ceph-13.2.9/src/log/Log.cc:264
#2 0x0000ffff682d2e5c in ObjectCacher::flusher_entry (this=0xfffd840024a0)
at /usr/src/debug/ceph-13.2.9/src/osdc/ObjectCacher.cc:1920
#3 0x0000ffff682e4b70 in ObjectCacher::FlusherThread::entry (this=<optimized out>)
at /usr/src/debug/ceph-13.2.9/src/osdc/ObjectCacher.h:433
#4 0x0000ffffb1701c48 in start_thread () from /lib64/libpthread.so.0
#5 0x0000ffffb160c680 in thread_start () from /lib64/libc.so.6
(gdb) frame 1
#1 ceph::logging::Log::create_entry (this=0x0, level=level@entry=11, subsys=subsys@entry=20,
expected_size=expected_size@entry=0xffff683f39e0 <ObjectCacher::flusher_entry()::_log_exp_length>)
at /usr/src/debug/ceph-13.2.9/src/log/Log.cc:264
264 return new(ptr) Entry(clock.now(),
(gdb) list
259 if (true) {
260 ANNOTATE_BENIGN_RACE_SIZED(expected_size, sizeof(expected_size),
261 "Log hint");
262 size_t size = __atomic_load_n(expected_size, __ATOMIC_RELAXED);
263 void *ptr = ::operator new(sizeof(Entry) + size);
264 return new(ptr) Entry(clock.now(),
265 pthread_self(), level, subsys,
266 reinterpret_cast<char
>(ptr) + sizeof(Entry), size, expected_size);
267 } else {
268 // kludge for perf testing
(gdb) p clock
Cannot access memory at address 0x30
(gdb)

Also available in: Atom PDF