DAOS-19016 test: Stale event pointer dereference in autotest kv_put/kv_get spin loops#18489
Draft
knard38 wants to merge 2 commits into
Draft
DAOS-19016 test: Stale event pointer dereference in autotest kv_put/kv_get spin loops#18489knard38 wants to merge 2 commits into
knard38 wants to merge 2 commits into
Conversation
…et loops The kv_put() and kv_get() functions in src/utils/daos_autotest.c have a latent bug: when daos_eq_poll() returns a negative error code the event pointer evp is not populated, yet the code unconditionally dereferences evp->ev_error on the next line. This causes a SIGSEGV, event state corruption, or double submission. Fix: - Initialize evp = NULL before each spin loop so that the stale-pointer condition is always detectable. - Break out of the loop when rc < 0 so evp is never dereferenced after a poll failure. - Add D_ASSERT(evp != NULL) after each loop to catch future regressions. - In the kv_put() drain loop, capture ev_error for completions that arrive during a concurrent poll failure. To facilitate testing, add fault injection point DAOS_FAULT_EQ_POLL_FAIL (DAOS_FAIL_SYS_TEST_GROUP_LOC | 0x1000, decimal 135168) in daos_eq_poll(). When triggered it returns -DER_HG, simulating a transient Mercury transport error without needing a real network failure. Signed-off-by: Cedric Koch-Hofer <cedric.koch-hofer@hpe.com>
…ndling Add a new pool functional test PoolAutotestEqPollFITest that verifies the fix for the stale event pointer dereference in the kv_put() / kv_get() spin loops of src/utils/daos_autotest.c (DAOS-19016). The test enables fault injection point DAOS_FAULT_EQ_POLL_FAIL (ID 135168) via the YAML fault_list section. This causes daos_eq_poll() to return -DER_HG, exercising the rc < 0 break added by the fix. Verification: - daos pool autotest exits with rc == 1 (clean failure, no crash) - DER_HG(-1020) appears in the stderr output - the pool remains healthy after the expected autotest failure Quick-Functional: true Test-tag: test_pool_autotest_eq_poll_fi,PoolAutotestEqPollFITest Test-repeat: 5 Signed-off-by: Cedric Koch-Hofer <cedric.koch-hofer@hpe.com>
|
Ticket title is 'Stale event pointer dereference in autotest kv_put/kv_get spin loops' |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Description
TODO
Steps for the author:
After all prior steps are complete: