* [PATCH] libmultipath: set mpp->hwe NULL when free_path
@ 2020-09-21 11:04 lixiaokeng
2020-09-21 13:13 ` Martin Wilck
0 siblings, 1 reply; 2+ messages in thread
From: lixiaokeng @ 2020-09-21 11:04 UTC (permalink / raw)
To: Martin Wilck, Benjamin Marzinski, Christophe Varoqui,
dm-devel mailing list
Cc: linfeilong, liuzhiqiang (I), lutianxiong
Here the segfault causes in select_pgfailback again. As show:
Core was generated by `/sbin/multipathd -d -s'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x0000ffffa2eb4a20 in select_pgfailback (conf=conf@entry=0xaaaaf89d0dd0, mp=mp@entry=0xffff88006be0) at propsel.c:199
199 mp_set_hwe(pgfailback);
0 0x0000ffffa2eb4a20 in select_pgfailback (conf=conf@entry=0xaaaaf89d0dd0, mp=mp@entry=0xffff88006be0) at propsel.c:199
1 0x0000ffffa2ec97bc in setup_map (mpp=0xaaaae4ff5000, params=0x1 <error: Cannot access memory at address 0x1>, params_size=65535, vecs=0xaaaae4fdc0a8) at configure.c:294
2 0x0000aaaae4fd0830 in ev_add_path (pp=0xffff880190b0, vecs=0xaaaaf89d0630, need_do_map=1) at main.c:1017
3 0x0000aaaae4fd0d04 in uev_add_path (uev=0xffffa24adf40, vecs=0xffffa24ad000, need_do_map=-278187383) at main.c:916
4 0x0000aaaae4fd1790 in uev_trigger (uev=0xffffa24adf40, trigger_data=0xffffa24ad410) at main.c:1490
5 0x0000ffffa2ec00cc in service_uevq (tmpq=tmpq@entry=0xffffa24ad618) at uevent.c:390
6 0x0000ffffa2ec01d4 in uevent_dispatch (uev_trigger=<optimized out>, trigger_data=<optimized out>) at uevent.c:446
7 0x0000aaaae4fce56c in uevqloop (ap=0xffffe42a5d50) at main.c:1523
8 0x0000ffffa2d9e7ac in start_thread (arg=0xffffa2595380) at pthread_create.c:486
9 0x0000ffffa2b577dc in thread_start () at ../sysdeps/unix/sysv/linux/aarch64/clone.S:78
(gdb) bt
(gdb) p *mp->hwe
$2 = {allocated = 1937339183, slot = 0x616c702f73656369}
Here we set mpp->hwe NULL in free_path if mpp->hwe == pp->hwe.
Reported-by: Tianxiong Lu <lutianxiong@huawei.com>
Signed-off-by:lixiaokeng <lixiaokeng@huawei.com>
---
libmultipath/structs.c | 5 +++++
1 file changed, 5 insertions(+)
diff --git a/libmultipath/structs.c b/libmultipath/structs.c
index 464596fc..35dbaac1 100644
--- a/libmultipath/structs.c
+++ b/libmultipath/structs.c
@@ -150,6 +150,11 @@ free_path (struct path * pp)
if (pp->vpd_data)
free(pp->vpd_data);
+ if (pp->mpp && (pp->hwe == pp->mpp->hwe)) {
+ condlog(0, "BUG: free path %s that holds hwe of %s",
+ pp->dev, pp->mpp->alias);
+ pp->mpp->hwe = NULL;
+ }
vector_free(pp->hwe);
FREE(pp);
--
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH] libmultipath: set mpp->hwe NULL when free_path
2020-09-21 11:04 [PATCH] libmultipath: set mpp->hwe NULL when free_path lixiaokeng
@ 2020-09-21 13:13 ` Martin Wilck
0 siblings, 0 replies; 2+ messages in thread
From: Martin Wilck @ 2020-09-21 13:13 UTC (permalink / raw)
To: lixiaokeng, Benjamin Marzinski, Christophe Varoqui,
dm-devel mailing list
Cc: linfeilong, liuzhiqiang (I), lutianxiong
On Mon, 2020-09-21 at 19:04 +0800, lixiaokeng wrote:
> Here the segfault causes in select_pgfailback again. As show:
>
> Core was generated by `/sbin/multipathd -d -s'.
> Program terminated with signal SIGSEGV, Segmentation fault.
> #0 0x0000ffffa2eb4a20 in select_pgfailback (conf=conf@entry=0xaaaaf89
> d0dd0, mp=mp@entry=0xffff88006be0) at propsel.c:199
> 199 mp_set_hwe(pgfailback);
>
> 0 0x0000ffffa2eb4a20 in select_pgfailback (conf=conf@entry=0xaaaaf89d
> 0dd0, mp=mp@entry=0xffff88006be0) at propsel.c:199
> 1 0x0000ffffa2ec97bc in setup_map (mpp=0xaaaae4ff5000, params=0x1
> <error: Cannot access memory at address 0x1>, params_size=65535,
> vecs=0xaaaae4fdc0a8) at configure.c:294
> 2 0x0000aaaae4fd0830 in ev_add_path (pp=0xffff880190b0,
> vecs=0xaaaaf89d0630, need_do_map=1) at main.c:1017
> 3 0x0000aaaae4fd0d04 in uev_add_path (uev=0xffffa24adf40,
> vecs=0xffffa24ad000, need_do_map=-278187383) at main.c:916
> 4 0x0000aaaae4fd1790 in uev_trigger (uev=0xffffa24adf40,
> trigger_data=0xffffa24ad410) at main.c:1490
> 5 0x0000ffffa2ec00cc in service_uevq (tmpq=tmpq@entry=0xffffa24ad618)
> at uevent.c:390
> 6 0x0000ffffa2ec01d4 in uevent_dispatch (uev_trigger=<optimized out>,
> trigger_data=<optimized out>) at uevent.c:446
> 7 0x0000aaaae4fce56c in uevqloop (ap=0xffffe42a5d50) at main.c:1523
> 8 0x0000ffffa2d9e7ac in start_thread (arg=0xffffa2595380) at
> pthread_create.c:486
> 9 0x0000ffffa2b577dc in thread_start () at
> ../sysdeps/unix/sysv/linux/aarch64/clone.S:78
>
> (gdb) bt
> (gdb) p *mp->hwe
> $2 = {allocated = 1937339183, slot = 0x616c702f73656369}
>
> Here we set mpp->hwe NULL in free_path if mpp->hwe == pp->hwe.
>
> Reported-by: Tianxiong Lu <lutianxiong@huawei.com>
> Signed-off-by:lixiaokeng <lixiaokeng@huawei.com>
Thanks for the report and patch.
We need to fix this for good, which means: no more sharing of pointers
between pp->hwe and mpp-hwe. Please test with my recent patch
"libmultipath: copy mpp->hwe from pp->hwe".
Martin
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2020-09-21 13:13 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-09-21 11:04 [PATCH] libmultipath: set mpp->hwe NULL when free_path lixiaokeng
2020-09-21 13:13 ` Martin Wilck
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).