markfasheh / duperemove

Tools for deduping file systems
GNU General Public License v2.0
816 stars 81 forks source link

double free in tcache 2 with lookup-extents=no and nofiemap #219

Closed fezie closed 5 years ago

fezie commented 5 years ago

I just tried out the new git version eda1437e37552 and the checksum stage aborted with: [00001/39987] (00.00%) csum: [...] free(): double free detected in tcache 2

This happens if I run duperemove with these args: -r -d -h --lookup-extents=no --dedupe-options=nofiemap --hashfile=hashfile

without the --lookup-extents=no --dedupe-options=nofiemap it runs fine.

Here's the gdb backtrace of one crashing thread. Compiled with -O0 -g-gdb

free(): double free detected in tcache 2

Thread 2 "pool" received signal SIGABRT, Aborted. [Switching to Thread 0x7ffff7986700 (LWP 3952)] 0x00007ffff7be07bb in raise () from /lib/x86_64-linux-gnu/libc.so.6 (gdb) thread 2 [Switching to thread 2 (Thread 0x7ffff7986700 (LWP 3952))]

0 0x00007ffff7be07bb in raise () from /lib/x86_64-linux-gnu/libc.so.6

(gdb) bt full

0 0x00007ffff7be07bb in raise () from /lib/x86_64-linux-gnu/libc.so.6

No symbol table info available.

1 0x00007ffff7bcb535 in abort () from /lib/x86_64-linux-gnu/libc.so.6

No symbol table info available.

2 0x00007ffff7c22508 in ?? () from /lib/x86_64-linux-gnu/libc.so.6

No symbol table info available.

3 0x00007ffff7c28c1a in ?? () from /lib/x86_64-linux-gnu/libc.so.6

No symbol table info available.

4 0x00007ffff7c2a6fd in ?? () from /lib/x86_64-linux-gnu/libc.so.6

No symbol table info available.

5 0x0000555555563b4a in csum_whole_file (file=0x55555562e180, params=0x7fffffffdfe0) at file_scan.c:1064

    ret = 12
    nb_hash = 0
    fc = 0x0
    csum_ctxt = {blocks_recorded = 0, buf = 0x7ffff7faf010 <error: Cannot access memory at address 0x7ffff7faf010>, file = 0x55555562e180, digest = '\000' <repeats 31 times>, 
      block_hashes = 0x7ffff0001380, nr_block_hashes = 0, block_digest = '\000' <repeats 31 times>}
    db = 0x555555580708
    extent_hashes = 0x0
    block_hashes = 0x0
    mutex = 0x7fffffffdff0
    __PRETTY_FUNCTION__ = "csum_whole_file"

6 0x00007ffff7f02dc3 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0

No symbol table info available.

7 0x00007ffff7f02425 in ?? () from /usr/lib/x86_64-linux-gnu/libglib-2.0.so.0

No symbol table info available.

8 0x00007ffff7b1bfa3 in start_thread () from /lib/x86_64-linux-gnu/libpthread.so.0

No symbol table info available.

9 0x00007ffff7ca24cf in clone () from /lib/x86_64-linux-gnu/libc.so.6

No symbol table info available.

markfasheh commented 5 years ago

Thanks for the report, this looks like an oversight on my end. I'll update with a fix.

markfasheh commented 5 years ago

Ok, can you try the #issue219 branch? It should fix what you're seeing (and a couple other bugs I uncovered).

fezie commented 5 years ago

Thanks for the fast fix Mark. Now the dedup run completed without problems with lookup-extents=no and nofiemap