[Bug 969384] Re: mdadm --detail --scan segfaults during update-initramfs
Dmitrijs Ledkovs
launchpad at surgut.co.uk
Mon Jun 25 18:26:58 UTC 2012
** Description changed:
- ubuntu precise, Installed version of mdadm is 3.2.3-2ubuntu1
+ [IMPACT]
- mdadm segfaults on ubuntu precise during update-initramfs step. You can
- reproduce it by running the command separately. Stealing an older mdadm
- binary from an older ubuntu can be used as a workaround.
+ * mdadm --detail --scan segfauls, when used with raw device names
- -------------------------
+ * This may result in update-initramfs call failure, preventing users
+ from updating linux kernel and other parts which are included in the
+ initramfs.
- root at yow-lpgnfs-02:/home/paul# mdadm --detail --scan
- Segmentation fault
- root at yow-lpgnfs-02:/home/paul# dmesg
- [ 577.478657] scsi_verify_blk_ioctl: 6 callbacks suppressed
- [ 577.478661] mdadm: sending ioctl 1261 to a partition!
- [ 577.478664] mdadm: sending ioctl 1261 to a partition!
- [ 577.487510] mdadm: sending ioctl 1261 to a partition!
- [ 577.487514] mdadm: sending ioctl 1261 to a partition!
- [ 577.488595] mdadm: sending ioctl 1261 to a partition!
- [ 577.488598] mdadm: sending ioctl 1261 to a partition!
- [ 577.508385] mdadm: sending ioctl 1261 to a partition!
- [ 577.508389] mdadm: sending ioctl 1261 to a partition!
- [ 577.508680] mdadm: sending ioctl 1261 to a partition!
- [ 577.508683] mdadm: sending ioctl 1261 to a partition!
- [ 577.509875] mdadm[2244]: segfault at 0 ip 00007fc3b44bcb91 sp 00007fffca905c28 error 4 in libc-2.15.so[7fc3b4434000+1b2000]
+ * The bug is fixed in the upstream bug fix point release
- ----------------------------
+ [TESTCASE]
- Using old v3.1.4 is a workaround:
+ * Reproduce a segfault by running mdadm --detail --scan with raw device names
+ * Upgrade the package
+ * Notice that running mdadm --detail --scan no longer segfaults
- root at yow-lpgnfs-02:/home/paul# mdadm --version
- mdadm - v3.2.3 - 23rd December 2011
- root at yow-lpgnfs-02:/home/paul# /sbin/mdadm.old --version
- mdadm - v3.1.4 - 31st August 2010
- root at yow-lpgnfs-02:/home/paul# /sbin/mdadm.old --detail --scan
- ARRAY /dev/md0 metadata=0.90 UUID=48165815:e3a4f8ba:63476e95:1b06b14d
- root at yow-lpgnfs-02:/home/paul#
+ [Regression Potential]
- ----------------------------------
-
- root at yow-lpgnfs-02:/home/paul# gdb --args mdadm --detail --scan
- GNU gdb (Ubuntu/Linaro 7.4-2012.02-0ubuntu2) 7.4-2012.02
- Copyright (C) 2012 Free Software Foundation, Inc.
- License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
- This is free software: you are free to change and redistribute it.
- There is NO WARRANTY, to the extent permitted by law. Type "show copying"
- and "show warranty" for details.
- This GDB was configured as "x86_64-linux-gnu".
- For bug reporting instructions, please see:
- <http://bugs.launchpad.net/gdb-linaro/>...
- Reading symbols from /sbin/mdadm...(no debugging symbols found)...done.
- (gdb) run
- Starting program: /sbin/mdadm --detail --scan
-
- Program received signal SIGSEGV, Segmentation fault.
- 0x00007ffff7aa5b91 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
- (gdb) bt
- #0 0x00007ffff7aa5b91 in ?? () from /lib/x86_64-linux-gnu/libc.so.6
- #1 0x00007ffff7ae39c9 in fnmatch () from /lib/x86_64-linux-gnu/libc.so.6
- #2 0x0000000000409e88 in ?? ()
- #3 0x000000000040a1b3 in ?? ()
- #4 0x000000000044d10b in ?? ()
- #5 0x000000000044d585 in ?? ()
- #6 0x000000000044d67d in ?? ()
- #7 0x0000000000407335 in ?? ()
- #8 0x00007ffff7a3e76d in __libc_start_main () from /lib/x86_64-linux-gnu/libc.so.6
- #9 0x0000000000407ee9 in ?? ()
- #10 0x00007fffffffe668 in ?? ()
- #11 0x000000000000001c in ?? ()
- #12 0x0000000000000003 in ?? ()
- #13 0x00007fffffffe8a8 in ?? ()
- #14 0x00007fffffffe8b4 in ?? ()
- #15 0x00007fffffffe8bd in ?? ()
- #16 0x0000000000000000 in ?? ()
- (gdb)
-
- -------------------------------
-
- Tail end of an strace:
-
- open("/dev/sda1", O_RDONLY|O_DIRECT) = 3
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589fda0) = 0
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 250055622656, SEEK_SET) = 250055622656
- read(3, "\374N+\251\0\0\0\0Z\0\0\0\0\0\0\0\0\0\0\0\25X\26H\332\374NN\0\0\0\0"..., 4096) = 4096
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589fc50) = 0
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 250055680000, SEEK_SET) = 250055680000
- ioctl(3, BLKSSZGET, 0x7fffc589fc4c) = 0
- read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1024) = 1024
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589fc50) = 0
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 0, SEEK_SET) = 0
- ioctl(3, BLKSSZGET, 0x7fffc589fc4c) = 0
- read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1024) = 1024
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589fc50) = 0
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 4096, SEEK_SET) = 4096
- ioctl(3, BLKSSZGET, 0x7fffc589fc4c) = 0
- read(3, "\1\4\0\0\21\4\0\0!\4\0\0\331[\365\37\2\0\4\0\0\0\0\0\0\0\0\0\0\0E,"..., 1024) = 1024
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589fdb0) = 0
- ioctl(3, BLKPG, 0x7fffc589fd10) = -1 EINVAL (Invalid argument)
- ioctl(3, BLKPG, 0x7fffc589fd20) = -1 EINVAL (Invalid argument)
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 0, SEEK_SET) = 0
- read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 0, SEEK_SET) = 0
- read(3, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 512) = 512
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589fda0) = 0
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 250055622656, SEEK_SET) = 250055622656
- read(3, "\374N+\251\0\0\0\0Z\0\0\0\0\0\0\0\0\0\0\0\25X\26H\332\374NN\0\0\0\0"..., 4096) = 4096
- fstat(3, {st_mode=S_IFBLK|0660, st_rdev=makedev(8, 1), ...}) = 0
- ioctl(3, BLKGETSIZE64, 0x7fffc589ff80) = 0
- ioctl(3, BLKFLSBUF, 0) = 0
- lseek(3, 250055622656, SEEK_SET) = 250055622656
- read(3, "\374N+\251\0\0\0\0Z\0\0\0\0\0\0\0\0\0\0\0\25X\26H\332\374NN\0\0\0\0"..., 4096) = 4096
- close(3) = 0
- --- SIGSEGV (Segmentation fault) @ 0 (0) ---
- +++ killed by SIGSEGV +++
-
- -------------------------------------
- root at yow-lpgnfs-02:/home/paul# cat /proc/mdstat
- Personalities : [linear] [multipath] [raid0] [raid1] [raid6] [raid5] [raid4] [raid10]
- md0 : active raid0 sda1[0] sdb1[1]
- 488389888 blocks 64k chunks
-
- unused devices: <none>
- root at yow-lpgnfs-02:/home/paul# cat /proc/partitions
- major minor #blocks name
-
- 8 0 293036184 sda
- 8 1 244195008 sda1
- 8 2 48837600 sda2
- 8 16 244198584 sdb
- 8 17 244195008 sdb1
- 9 0 488389888 md0
- root at yow-lpgnfs-02:/home/paul#
+ * Minimal, worst thing that can happen is that the said call still
+ segfaults or has other new problems.
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to mdadm in Ubuntu.
https://bugs.launchpad.net/bugs/969384
Title:
mdadm --detail --scan segfaults during update-initramfs
Status in “mdadm” package in Ubuntu:
Fix Released
Status in “mdadm” source package in Precise:
Triaged
Status in “mdadm” source package in Quantal:
Fix Released
Bug description:
[IMPACT]
* mdadm --detail --scan segfauls, when used with raw device names
* This may result in update-initramfs call failure, preventing users
from updating linux kernel and other parts which are included in the
initramfs.
* The bug is fixed in the upstream bug fix point release
[TESTCASE]
* Reproduce a segfault by running mdadm --detail --scan with raw device names
* Upgrade the package
* Notice that running mdadm --detail --scan no longer segfaults
[Regression Potential]
* Minimal, worst thing that can happen is that the said call still
segfaults or has other new problems.
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/969384/+subscriptions
More information about the foundations-bugs
mailing list