mesos-reviews mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Mann <g...@mesosphere.io>
Subject Re: Review Request 51509: Fixed potential FD double close in the libevent socket.
Date Fri, 09 Sep 2016 16:55:45 GMT

-----------------------------------------------------------
This is an automatically generated e-mail. To reply, visit:
https://reviews.apache.org/r/51509/#review148345
-----------------------------------------------------------


Ship it!




LGTM! I confirmed that this patch fixes the segfault in the given scenario, and also checked
with `lsof` that FDs are being closed as expected.

- Greg Mann


On Aug. 30, 2016, 12:51 a.m., Joseph Wu wrote:
> 
> -----------------------------------------------------------
> This is an automatically generated e-mail. To reply, visit:
> https://reviews.apache.org/r/51509/
> -----------------------------------------------------------
> 
> (Updated Aug. 30, 2016, 12:51 a.m.)
> 
> 
> Review request for mesos, Benjamin Mahler, Artem Harutyunyan, and Joris Van Remoortere.
> 
> 
> Bugs: MESOS-6104
>     https://issues.apache.org/jira/browse/MESOS-6104
> 
> 
> Repository: mesos
> 
> 
> Description
> -------
> 
> `evbuffer_add_file` will take ownership of the file descriptor passed
> into it.  Normally, this file descriptor is owned by the `FileEncoder`
> in the libprocess's `SocketManager`.  Since there are two owners, one
> of the owners may close the file descriptor when it has been re-used.
> 
> In this case, when multiple threads access the master's web UI at once
> with SSL enabled, the master may CHECK-fail due to a bad (closed)
> file descriptor.
> 
> 
> Diffs
> -----
> 
>   3rdparty/libprocess/src/libevent_ssl_socket.cpp 99a12b81eea9c37278b6db0bfedf4b151ff8ed50

> 
> Diff: https://reviews.apache.org/r/51509/diff/
> 
> 
> Testing
> -------
> 
> The master will CHECK fail under the following:
> 
> 1) Paste lots of text (16KB or more) of text into `src/webui/master/static/home.html`.
 The more text, the more reliable the repro.
> 
> 2) Start the master with SSL enabled:
> ```
> LIBPROCESS_SSL_ENABLED=true LIBPROCESS_SSL_KEY_FILE=key.pem LIBPROCESS_SSL_CERT_FILE=cert.pem
bin/mesos-master.sh --work_dir=/tmp/master
> ```
> 
> 3) Run two instances of this python script repeatedly:
> ```
> import socket
> import ssl
> 
> s = ssl.wrap_socket(socket.socket())
> s.connect(("localhost", 5050))
> 
> s.sendall("""GET /static/home.html HTTP/1.1
> User-Agent: foobar
> Host: localhost:5050
> Accept: */*
> Connection: Keep-Alive
> 
> """)
> 
> # The HTTP part of the response
> print s.recv(1000)
> ```
> 
> i.e. 
> ```
> while python test.py; do :; done & while python test.py; do :; done
> ```
> 
> 
> Thanks,
> 
> Joseph Wu
> 
>


Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message