Async functions yield while traversing the gossiper endpoint state map #13899
Assignees
Milestone
Comments
|
I think that we didn't hit this so far (that we know of) due to fortunate timing and the scarcity of node operations. |
bhalevy
added a commit
to bhalevy/scylla
that referenced
this issue
May 16, 2023
The map iterators might be invalidated while yielding on insert if the map is rehashed. See https://en.cppreference.com/w/cpp/container/unordered_map/insert Refs scylladb#13899 Signed-off-by: Benny Halevy <bhalevy@scylladb.com>
bhalevy
added a commit
to bhalevy/scylla
that referenced
this issue
May 16, 2023
The map iterators might be invalidated while yielding on insert if the map is rehashed. See https://en.cppreference.com/w/cpp/container/unordered_map/insert Refs scylladb#13899 Signed-off-by: Benny Halevy <bhalevy@scylladb.com>
bhalevy
added a commit
to bhalevy/scylla
that referenced
this issue
May 16, 2023
The map iterators might be invalidated while yielding on insert if the map is rehashed. See https://en.cppreference.com/w/cpp/container/unordered_map/insert Refs scylladb#13899 Signed-off-by: Benny Halevy <bhalevy@scylladb.com>
bhalevy
added a commit
to bhalevy/scylla
that referenced
this issue
May 16, 2023
The map iterators might be invalidated while yielding on insert if the map is rehashed. See https://en.cppreference.com/w/cpp/container/unordered_map/insert Refs scylladb#13899 Signed-off-by: Benny Halevy <bhalevy@scylladb.com>
avikivity
added a commit
that referenced
this issue
May 16, 2023
… from Benny Halevy This series introduces a new gossiper method: get_endpoints that returns a vector of endpoints (by value) based on the endpoint state map. get_endpoints is used here by gossiper and storage_service for iterations that may preempt instead of iterating direction over the endpoint state map (`_endpoint_state_map` in gossiper or via `get_endpoint_states()`) so to prevent use-after-free that may potentially happen if the map is rehashed while the function yields causing invalidation of the loop iterators. Fixes #13899 Closes #13900 * github.com:scylladb/scylladb: storage_service: do not preempt while traversing endpoint_state_map gossiper: do not preempt while traversing endpoint_state_map
avikivity
added a commit
that referenced
this issue
May 16, 2023
… from Benny Halevy This series introduces a new gossiper method: get_endpoints that returns a vector of endpoints (by value) based on the endpoint state map. get_endpoints is used here by gossiper and storage_service for iterations that may preempt instead of iterating direction over the endpoint state map (`_endpoint_state_map` in gossiper or via `get_endpoint_states()`) so to prevent use-after-free that may potentially happen if the map is rehashed while the function yields causing invalidation of the loop iterators. Fixes #13899 Closes #13900 * github.com:scylladb/scylladb: storage_service: do not preempt while traversing endpoint_state_map gossiper: do not preempt while traversing endpoint_state_map
|
Doesn't apply to 5.2 cleanly, @bhalevy please provide a backport PR. |
bhalevy
pushed a commit
to bhalevy/scylla
that referenced
this issue
Dec 17, 2023
… from Benny Halevy This series introduces a new gossiper method: get_endpoints that returns a vector of endpoints (by value) based on the endpoint state map. get_endpoints is used here by gossiper and storage_service for iterations that may preempt instead of iterating direction over the endpoint state map (`_endpoint_state_map` in gossiper or via `get_endpoint_states()`) so to prevent use-after-free that may potentially happen if the map is rehashed while the function yields causing invalidation of the loop iterators. \Fixes scylladb#13899 \Closes scylladb#13900 * github.com:scylladb/scylladb: storage_service: do not preempt while traversing endpoint_state_map gossiper: do not preempt while traversing endpoint_state_map (cherry picked from commit d2d53fc)
denesb
pushed a commit
that referenced
this issue
Dec 18, 2023
… from Benny Halevy This series introduces a new gossiper method: get_endpoints that returns a vector of endpoints (by value) based on the endpoint state map. get_endpoints is used here by gossiper and storage_service for iterations that may preempt instead of iterating direction over the endpoint state map (`_endpoint_state_map` in gossiper or via `get_endpoint_states()`) so to prevent use-after-free that may potentially happen if the map is rehashed while the function yields causing invalidation of the loop iterators. \Fixes #13899 \Closes #13900 * github.com:scylladb/scylladb: storage_service: do not preempt while traversing endpoint_state_map gossiper: do not preempt while traversing endpoint_state_map (cherry picked from commit d2d53fc) Closes #16431
|
Backport to 5.2 queued. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Currently, there are several places where async functions access the gossiper endpoint state map using
get_endpoint_states(or internally in gossiper via_endpoint_state_mapand they might preempt while traversing the map.This is dangerous since rehashing the map keys while yielding may invalidate outstanding iterators.
See https://en.cppreference.com/w/cpp/container/unordered_map/insert
The places that need to be fixed according to my examination are:
scylladb/gms/gossiper.cc
Line 721 in b112a3b
since a01c900 (5.0)
scylladb/service/storage_service.cc
Line 1821 in b112a3b
Since 84a78f4 (4.6)
scylladb/service/storage_service.cc
Line 2834 in b112a3b
Since forever pretty much
The text was updated successfully, but these errors were encountered: