From 5f26bfb979af9051e07f35a01d749ba4977f4b1e Mon Sep 17 00:00:00 2001 From: mohit84 Date: Thu, 2 Mar 2023 02:58:57 +0530 Subject: [PATCH] fuse: Resolve asan bug in during receive event notification (#4019) The fuse xlator notify function tries to assign data object to graph object without checking an event. In case of upcall event data object represents upcall object so during access of graph object the process is crashed for asan build. Solution: Access the graph->id only while event is associated specific to fuse xlator Fixes: #3954 Change-Id: I6b2869256b26d22163879737dcf163510d1cd8bf Signed-off-by: Mohit Agrawal --- xlators/mount/fuse/src/fuse-bridge.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/xlators/mount/fuse/src/fuse-bridge.c b/xlators/mount/fuse/src/fuse-bridge.c index bd61421263..2dc9b4f429 100644 --- a/xlators/mount/fuse/src/fuse-bridge.c +++ b/xlators/mount/fuse/src/fuse-bridge.c @@ -6502,6 +6502,7 @@ notify(xlator_t *this, int32_t event, void *data, ...) int32_t ret = 0; fuse_private_t *private = NULL; gf_boolean_t start_thread = _gf_false; + gf_boolean_t event_graph = _gf_true; glusterfs_graph_t *graph = NULL; struct pollfd pfd = {0}; @@ -6509,9 +6510,6 @@ notify(xlator_t *this, int32_t event, void *data, ...) graph = data; - gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event, - ((graph) ? graph->id : 0)); - switch (event) { case GF_EVENT_GRAPH_NEW: break; @@ -6597,9 +6595,18 @@ notify(xlator_t *this, int32_t event, void *data, ...) } default: + /* Set the event_graph to false so that event + debug msg would not try to access invalid graph->id + while data object is not matched to graph object + for ex in case of upcall event data object represents + gf_upcall object + */ + event_graph = _gf_false; break; } + gf_log("fuse", GF_LOG_DEBUG, "got event %d on graph %d", event, + ((graph && event_graph) ? graph->id : -1)); return ret; } -- 2.33.0