[Stgt-devel] disk kicked out of RAID -> tgtd segmentation fault

Tomasz Chmielewski mangoo
Fri Jun 27 11:46:30 CEST 2008 

Tomasz Chmielewski schrieb:

> If there was some traffic (i.e., "dd if=/dev/disk of=/dev/null" before 
> using iptables), after a while, we can see on the target that only one 
> tgtd process is running, where the second instance segfaulted:
> 
> tgtd[8966]: segfault at 8 rip 40e72d rsp 7fffd9188c40 error 6
> 
> 
> I can reproduce it with tgtd running on a 32 bit system and 64 bit 
> system (kernel + userspace).
> 
> 
> Something very fishy here - initiator shouldn't be able to kill the target.

Does this strace output tell anything?


(...)
epoll_wait(3, {{EPOLLOUT, {u32=141013616, u64=2305843348657123952}}}, 
1024, 2000) = 1
setsockopt(7, SOL_TCP, TCP_CORK, [1], 4) = 0
write(7, "\240\201\333K\302\202\0\0\343\257-F\33m\316G]/uE\0\0\0"..., 
8192) = 8192
setsockopt(7, SOL_TCP, TCP_CORK, [0], 4) = 0
epoll_wait(3, {{EPOLLOUT, {u32=141013616, u64=2305843348657123952}}}, 
1024, 2000) = 1
setsockopt(7, SOL_TCP, TCP_CORK, [1], 4) = 0
write(7, "%\0\0\0\0\0 \0\0\0\0\0\0\0\0\0P\0\0 \377\377\377\377\0"..., 
48) = 48
epoll_wait(3, {{EPOLLOUT, {u32=141013616, u64=2305843348657123952}}}, 
1024, 2000) = 1
setsockopt(7, SOL_TCP, TCP_CORK, [1], 4) = 0
write(7, "\302\201\21\5\f\0\1\2.\0\0\0GD\21\5\f\0\2\2..\0\0xD{\1"..., 
8192) = 8192
setsockopt(7, SOL_TCP, TCP_CORK, [0], 4) = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {{EPOLLIN, {u32=141013616, u64=2305843348657123952}}}, 
1024, 2000) = 1
read(7, "@\200\0\0\0\0\0\0\0\0\0\0\0\0\0\0\r\n\0 \377\377\377\377"..., 
48) = 48
epoll_ctl(3, EPOLL_CTL_MOD, 7, {EPOLLIN|EPOLLOUT, {u32=141013616, 
u64=8630408130555523696}}) = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {}, 1024, 2000)           = 0
epoll_wait(3, {{EPOLLIN, {u32=141013616, u64=8630408130555523696}}}, 
1024, 2000) = 1
read(7, "", 48)                         = 0
epoll_ctl(3, EPOLL_CTL_DEL, 7, NULL)    = 0
close(7)                                = 0
munmap(0x6843c000, 270336)              = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---



-- 
Tomasz Chmielewski
http://wpkg.org

More information about the stgt mailing list