Project

General

Profile

Bug #9636

segfault in CInode::get_caps_allowed_for_client

Added by John Spray over 9 years ago. Updated over 9 years ago.

Status:
Duplicate
Priority:
Normal
Assignee:
Category:
-
Target version:
-
% Done:

0%

Source:
other
Tags:
Backport:
Regression:
No
Severity:
3 - minor
Reviewed:
Affected Versions:
ceph-qa-suite:
Component(FS):
Labels (FS):
Pull request ID:
Crash signature (v1):
Crash signature (v2):

Description

While doing ad-hoc killing of clients stuck on full cluster: unchecked dereference of session connection.

37683 2014-10-01 18:38:29.390864 7ff38a5f9700 20 mds.0.server set_trace_dist snapid head
37684 2014-10-01 18:38:29.390868 7ff38a5f9700 10 mds.0.server set_trace_dist snaprealm snaprealm(1 seq 1 lc 0 cr 0 cps 1 snaps={} 0x4d806c0) len=48
37685 2014-10-01 18:38:29.390874 7ff38a5f9700 20 mds.0.cache.ino(1)  pfile 0 pauth 0 plink 0 pxattr 0 plocal 0 ctime 2014-10-01 17:53:20.469083 valid=1
37686 2014-10-01 18:38:29.390884 7ff38a5f9700 10 mds.0.cache.ino(1) add_client_cap first cap, joining realm snaprealm(1 seq 1 lc 0 cr 0 cps 1 snaps={} 0x4d806c0)
37687 2014-10-01 18:38:29.397914 7ff387cf3700 10 check_message_signature: seq # = 14 front_crc_ = 3501454100 middle_crc = 0 data_crc = 0
37688 2014-10-01 18:38:29.398010 7ff38cdfe700  1 -- 192.168.1.12:6813/26498 <== osd.2 192.168.1.12:6808/24169 14 ==== osd_op_reply(72 200.00000000 [writefull 0~90] v24'18       uv18 ondisk = 0) v6 ==== 179+0+0 (3501454100 0 0) 0x52a8580 con 0x4f8ee00
37689 2014-10-01 18:38:29.403761 7ff38a5f9700 -1 *** Caught signal (Segmentation fault) **
37690  in thread 7ff38a5f9700
37691
37692  ceph version 0.85-1086-g55b1a8e (55b1a8e73bec9070d2d1cfdba478a8ed188485a8)
37693  1: (ceph::BackTrace::BackTrace(int)+0x2d) [0x12e89ed]
37694  2: ./ceph-mds() [0x12e813f]
37695  3: (()+0xf720) [0x7ff39135f720]
37696  4: (boost::intrusive_ptr<Connection>::operator->() const+0x10) [0xf5d69c]
37697  5: (CInode::get_caps_allowed_for_client(client_t)+0xce) [0x11f05ba]
37698  6: (CInode::encode_inodestat(ceph::buffer::list&, Session*, SnapRealm*, snapid_t, unsigned int, int)+0x1b06) [0x11f26f2]
37699  7: (Server::set_trace_dist(Session*, MClientReply*, CInode*, CDentry*, snapid_t, int, std::tr1::shared_ptr<MDRequestImpl>&)+0x5ba) [0xf9dddc]
37700  8: (Server::reply_request(std::tr1::shared_ptr<MDRequestImpl>&, MClientReply*, CInode*, CDentry*)+0x7a8) [0xf9d298]
37701  9: (C_MDS_openc_finish::finish(int)+0x20c) [0xfe951e]
37702  10: (Context::complete(int)+0x27) [0xf53667]
37703  11: (MDSInternalContextBase::complete(int)+0x1a1) [0x12328e5]
37704  12: (C_MarkEvent::finish(int)+0x5d) [0xfe9053]
37705  13: (Context::complete(int)+0x27) [0xf53667]
37706  14: (MDSInternalContextBase::complete(int)+0x1a1) [0x12328e5]
37707  15: (C_IO_Wrapper::finish(int)+0x33) [0xf58961]
37708  16: (Context::complete(int)+0x27) [0xf53667]
37709  17: (MDSIOContextBase::complete(int)+0x270) [0x1232b90]
37710  18: (Finisher::finisher_thread_entry()+0x323) [0x130b42d]
37711  19: (Finisher::FinisherThread::entry()+0x1c) [0xf54d20]
37712  20: (Thread::entry_wrapper()+0x79) [0x1414fed]
37713  21: (Thread::_entry_func(void*)+0x18) [0x1414f6a]
37714  22: (()+0x7f35) [0x7ff391357f35]
37715  23: (clone()+0x6d) [0x7ff38fb1ac3d]
37716  NOTE: a copy of the executable, or `objdump -rdS <executable>` is needed to interpret this.

History

#1 Updated by Zheng Yan over 9 years ago

looks like it's the same as #9628

#2 Updated by Greg Farnum over 9 years ago

  • Status changed from In Progress to Duplicate

Also available in: Atom PDF