NetBSD Problem Report #51461

From old4@o2.pl  Sun Sep  4 09:39:44 2016
Return-Path: <old4@o2.pl>
Received: from mail.netbsd.org (mail.netbsd.org [199.233.217.200])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client CN "mail.netbsd.org", Issuer "Postmaster NetBSD.org" (verified OK))
	by mollari.NetBSD.org (Postfix) with ESMTPS id 4BC477A279
	for <gnats-bugs@gnats.NetBSD.org>; Sun,  4 Sep 2016 09:39:44 +0000 (UTC)
Message-Id: <20160904093934.GB1681@Bell>
Date: Sun, 4 Sep 2016 11:39:34 +0200
From: Mateusz Poszwa <old4@o2.pl>
To: gnats-bugs@NetBSD.org
Subject: Processes hang when attempting to read from an empty file on psshfs
 mount

>Number:         51461
>Category:       bin
>Synopsis:       Processes hang when attempting to read from an empty file on psshfs mount
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Sep 04 09:40:00 +0000 2016
>Closed-Date:    Sat Oct 08 15:04:37 +0000 2016
>Last-Modified:  Sat Oct 08 15:04:37 +0000 2016
>Originator:     Mateusz Poszwa
>Release:        NetBSD 7.99.36
>Organization:
>Environment:
System: NetBSD Bell 7.99.36 NetBSD 7.99.36 (GENERIC) #0: Sat Sep 3 13:07:03 CEST 2016 beb@Bell:/home/beb/sysbuild/amd64/obj/home/beb/sysbuild/src/sys/arch/amd64/compile/GENERIC amd64
Architecture: x86_64
Machine: amd64
>Description:
	When a process attempts to read from an empty file originating
	from psshfs mount, it waits indefinitely. Until the hanged
	process is interrupted, the mounted filesystem appears to
	work as expected, except for the directory containing the
	empty file. Processes trying to list that directory also
	hang, and cause misbehaviour of the containing directory.
	It is possible to create a chain of hanged processes trying
	to read directories up to the mount point. At the same
	time, psshfs generates some network traffic (around 5KB/s,
	in my case). Interrupting the first hanged process causes
	emission of ‘Device not configured’ error message by all
	other hanged processes, and psshfs ceases to generate
	network traffic. Subsequent trials to list any affected
	directory or – if one of the affected directories is the mount
	point – to umount the filesystem, fail with the same error.
>How-To-Repeat:
	A patch for an ATF test follows:
Index: t_psshfs.sh
===================================================================
RCS file: /cvsroot/src/tests/fs/psshfs/t_psshfs.sh,v
retrieving revision 1.7
diff -u -r1.7 t_psshfs.sh
--- t_psshfs.sh	16 Mar 2013 07:54:04 -0000	1.7
+++ t_psshfs.sh	3 Sep 2016 20:39:14 -0000
@@ -262,6 +262,26 @@
 	stop_ssh
 }

+atf_test_case read_empty_file cleanup
+read_empty_file_head() {
+	atf_set "descr" "Checks whether an empty file can be read"
+	# This test is supposed to make sure psshfs does not hang
+	# when reading from an empty file, hence the timeout.
+	atf_set "timeout" 8
+}
+read_empty_file_body() {
+	require_puffs
+	start_ssh
+	atf_check mkdir root mnt
+	atf_check -x ': > root/empty'
+	mount_psshfs root mnt
+	atf_check cat mnt/empty
+}
+read_empty_file_cleanup() {
+	umount mnt
+	stop_ssh
+}
+
 # -------------------------------------------------------------------------
 # Initialization.
 # -------------------------------------------------------------------------
@@ -271,4 +291,5 @@
 	atf_add_test_case pwd
 	atf_add_test_case ls
 	#atf_add_test_case setattr_cache
+	atf_add_test_case read_empty_file
 }
>Fix:
	To avoid this problem one must not read from empty files through
	psshfs. Determining whether a file is empty by means other than
	trying to read it does not cause problems described above.

-- 
Mateusz Poszwa

>Release-Note:

>Audit-Trail:
From: Mateusz Poszwa <old4@o2.pl>
To: gnats-bugs@NetBSD.org
Cc: 
Subject: Re: bin/51461: Processes hang when attempting to read from an empty
 file on psshfs mount
Date: Sun, 4 Sep 2016 18:38:34 +0200

 Backtrace from mount_psshfs.core follows:

 Program terminated with signal SIGSEGV, Segmentation fault.
 #0  0x00007a1ac4f19f0f in memcpy () from /usr/lib/libc.so.12
 (gdb) bt
 #0  0x00007a1ac4f19f0f in memcpy () from /usr/lib/libc.so.12
 #1  0x00007a1ac560a406 in puffs_framebuf_putdata () from /usr/lib/libpuffs.so.2
 #2  0x00000000e100b195 in psbuf_put_data (pb=0x7a1ac5506070, data=0x0, dlen=4)
     at psbuf.c:248
 #3  0x00000000e100baf0 in psbuf_req_data (pb=0x7a1ac5506070, type=5, reqid=1027, 
     data=0x0, dlen=4) at psbuf.c:581
 #4  0x00000000e1009a66 in psshfs_node_read (pu=0x7a1ac550e800, opc=0x7a1ac550a900, 
     buf=0x7a1ac55790a4 "", offset=0, resid=0x7a1ac5579098, pcr=0x7a1ac5579038, 
     ioflag=0) at node.c:530
 #5  0x00007a1ac5608700 in ?? () from /usr/lib/libpuffs.so.2
 #6  0x00007a1ac560934d in puffs.ml_dispatch () from /usr/lib/libpuffs.so.2
 #7  0x00007a1ac560b366 in puffs.framev_input () from /usr/lib/libpuffs.so.2
 #8  0x00007a1ac560d001 in puffs.theloop () from /usr/lib/libpuffs.so.2
 #9  0x00007a1ac4e61fa0 in ?? () from /usr/lib/libc.so.12
 Backtrace stopped: Cannot access memory at address 0x7a1ac5940000


 -- 
 Mateusz Poszwa

From: "Christos Zoulas" <christos@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc: 
Subject: PR/51461 CVS commit: src/tests/fs/psshfs
Date: Mon, 5 Sep 2016 04:53:57 -0400

 Module Name:	src
 Committed By:	christos
 Date:		Mon Sep  5 08:53:57 UTC 2016

 Modified Files:
 	src/tests/fs/psshfs: t_psshfs.sh

 Log Message:
 PR/51461: Mateusz Poszwa: Processes hang when attempting to read from an empty file on psshfs mount, add unit test:

 When a process attempts to read from an empty file originating from
 psshfs mount, it waits indefinitely. Until the hanged process is
 interrupted, the mounted filesystem appears to work as expected,
 except for the directory containing the empty file. Processes trying
 to list that directory also hang, and cause misbehaviour of the
 containing directory.  It is possible to create a chain of hanged
 processes trying to read directories up to the mount point. At the
 same time, psshfs generates some network traffic (around 5KB/s, in
 my case). Interrupting the first hanged process causes emission of
 an error message by all other hanged processes, and psshfs ceases
 to generate network traffic. Subsequent trials to list any affected
 directory or if one of the affected directories is the mount point
 to unmount the filesystem, fail with the same error.


 To generate a diff of this commit:
 cvs rdiff -u -r1.7 -r1.8 src/tests/fs/psshfs/t_psshfs.sh

 Please note that diffs are not public domain; they are subject to the
 copyright notices on the relevant files.

State-Changed-From-To: open->closed
State-Changed-By: christos@NetBSD.org
State-Changed-When: Sat, 08 Oct 2016 11:04:37 -0400
State-Changed-Why:
fixed.


>Unformatted:

Home	PR Database Search