Actions
Bug #50807
closedmds: MDSLog::journaler pointer maybe crash with use-after-free
% Done:
0%
Source:
Development
Tags:
Backport:
pacific,octopus
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
fs
Component(FS):
MDS
Labels (FS):
crash
Pull request ID:
Crash signature (v1):
Crash signature (v2):
Description
When the _recovery_thread is trying to reformat the journal, it will delete the old journal pointer and assign with a new one, during this the mds_lock is unlocked. That means in other thread who are using the MDSLog::journaler pointer will potentially hit use-after-free bug.
Actions