[Bug 1763086] Re: xfs_logprint can't handle multiply-logged inode fields
Eric Desrochers
eric.desrochers at canonical.com
Wed Apr 18 12:07:53 UTC 2018
xfsprogs has been uploaded into trusty upload queue. It is now waiting
on SRU verification team to approve the upload and for the package to
start building in trusty-proposed for the testing phase.
** Description changed:
[Impact]
* Under certain conditions (such as when selinux is enabled and
probably other ways) xfsprogs on Trusty may report a error "illegal
inode type" and SIGABRT, generating a coredump as follow :
- sing host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
+ Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `xfs_logprint -c /dev/mapper/image-glance'.
Program terminated with signal SIGABRT, Aborted.
- when more than one flag is set on f->ilf_fields.
+ when more than one flag is set on f->ilf_fields. (Example : When
+ data+attr are set)
[Explanation]
As we speak, the switch() statement is doing a Binary AND between
ifl_fields & XFS_ILOG_NONCORE.
switch (f->ilf_fields & XFS_ILOG_NONCORE) {
XFS_ILOG_NONCORE being the sum of a Binary OR for all the Inode changes
to log:
#define XFS_ILOG_NONCORE (XFS_ILOG_DDATA | XFS_ILOG_DEXT | \
XFS_ILOG_DBROOT | XFS_ILOG_DEV | \
XFS_ILOG_UUID | XFS_ILOG_ADATA | \
XFS_ILOG_AEXT | XFS_ILOG_ABROOT)
When more than 1 flag is set in "ifl_fields"
(Example took from the coredump in gdb "ilf_fields = 133")
----------------------------------
#define XFS_ILOG_DDATA 0x002 /* log i_df.if_data */
#define XFS_ILOG_DEXT 0x004 /* log i_df.if_extents */
#define XFS_ILOG_DBROOT 0x008 /* log i_df.i_broot */
#define XFS_ILOG_DEV 0x010 /* log the dev field */
#define XFS_ILOG_UUID 0x020 /* log the uuid field */
#define XFS_ILOG_ADATA 0x040 /* log i_af.if_data */
#define XFS_ILOG_AEXT 0x080 /* log i_af.if_extents */
#define XFS_ILOG_ABROOT 0x100 /* log i_af.i_broot */
ifl_field = 133 & XFS_ILOG_NONCORE= 510 = 132
----------------------------------
and cannot match any case statement based on the inode flags value above
and has no choice but to use default: statement because none of them are
true and call xlog_panic().
[Test Case]
1) Create a XFS device (dev/vdb1)
2) apt-get dist-upgrade
3) Remove apparmor # To avoid potential conflict with selinux.
4) Reboot
5) Installed selinux # so that data+attr is set, and logprinting.
6) Reboot
7) Run xfs_logprint against /dev/vdb1
- sudo xfs_logprint -c /dev/vdb1
- There is probably other ways but that is the one I used based on the git
- commit log:
+ There is for sure other ways to trigger this behavior but that is the
+ one I used base on the git commit log:
"I've tested this by a simple test such as creating one
file on an selinux box, so that data+attr is set, and
logprinting"
[Regression Potential]
* This is a rework of "xlog_print_trans_inode()" to handle more than
one flag on f->ilf_fields if set in order to stop going in error and
abort when facing the situation. The change has been there for a while
now (Jan 2013).
The rework offer a better detection instead of a one size fits all, and
provide various switch() statement context and appropriate actions.
It is also capable to handle multiply-logged inode fields which current
Trusty version can't handle.
[Other Info]
* The patch never land in Trusty because the package was a copy from
it's predecessor release, saucy, and never been SRU since then.
* Upstream commit:
https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/commit/?id=dda4129
* Trusty AFFECTED ONLY.
$ git describe --contains dda4129
v3.1.11~29
$ rmadison xfsprogs
==> xfsprogs | 3.1.9ubuntu2 | trusty <==
xfsprogs | 4.3.0+nmu1ubuntu1 | xenial
xfsprogs | 4.3.0+nmu1ubuntu1.1 | xenial-updates
xfsprogs | 4.9.0+nmu1ubuntu1 | artful
xfsprogs | 4.9.0+nmu1ubuntu1 | bionic
[Orig Description]
It has been brought to my attention that the following :
"
The command 'xfs_logprint -c <DEVICE>' coredump on Trusty and display the error :
xlog_print_trans_inode: illegal inode type
"
--
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to xfsprogs in Ubuntu.
https://bugs.launchpad.net/bugs/1763086
Title:
xfs_logprint can't handle multiply-logged inode fields
Status in xfsprogs package in Ubuntu:
Fix Released
Status in xfsprogs source package in Trusty:
In Progress
Bug description:
[Impact]
* Under certain conditions (such as when selinux is enabled and
probably other ways) xfsprogs on Trusty may report a error "illegal
inode type" and SIGABRT, generating a coredump as follow :
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
Core was generated by `xfs_logprint -c /dev/mapper/image-glance'.
Program terminated with signal SIGABRT, Aborted.
when more than one flag is set on f->ilf_fields. (Example : When
data+attr are set)
[Explanation]
As we speak, the switch() statement is doing a Binary AND between
ifl_fields & XFS_ILOG_NONCORE.
switch (f->ilf_fields & XFS_ILOG_NONCORE) {
XFS_ILOG_NONCORE being the sum of a Binary OR for all the Inode
changes to log:
#define XFS_ILOG_NONCORE (XFS_ILOG_DDATA | XFS_ILOG_DEXT | \
XFS_ILOG_DBROOT | XFS_ILOG_DEV | \
XFS_ILOG_UUID | XFS_ILOG_ADATA | \
XFS_ILOG_AEXT | XFS_ILOG_ABROOT)
When more than 1 flag is set in "ifl_fields"
(Example took from the coredump in gdb "ilf_fields = 133")
----------------------------------
#define XFS_ILOG_DDATA 0x002 /* log i_df.if_data */
#define XFS_ILOG_DEXT 0x004 /* log i_df.if_extents */
#define XFS_ILOG_DBROOT 0x008 /* log i_df.i_broot */
#define XFS_ILOG_DEV 0x010 /* log the dev field */
#define XFS_ILOG_UUID 0x020 /* log the uuid field */
#define XFS_ILOG_ADATA 0x040 /* log i_af.if_data */
#define XFS_ILOG_AEXT 0x080 /* log i_af.if_extents */
#define XFS_ILOG_ABROOT 0x100 /* log i_af.i_broot */
ifl_field = 133 & XFS_ILOG_NONCORE= 510 = 132
----------------------------------
and cannot match any case statement based on the inode flags value
above and has no choice but to use default: statement because none of
them are true and call xlog_panic().
[Test Case]
1) Create a XFS device (dev/vdb1)
2) apt-get dist-upgrade
3) Remove apparmor # To avoid potential conflict with selinux.
4) Reboot
5) Installed selinux # so that data+attr is set, and logprinting.
6) Reboot
7) Run xfs_logprint against /dev/vdb1
- sudo xfs_logprint -c /dev/vdb1
There is for sure other ways to trigger this behavior but that is the
one I used base on the git commit log:
"I've tested this by a simple test such as creating one
file on an selinux box, so that data+attr is set, and
logprinting"
[Regression Potential]
* This is a rework of "xlog_print_trans_inode()" to handle more than
one flag on f->ilf_fields if set in order to stop going in error and
abort when facing the situation. The change has been there for a while
now (Jan 2013).
The rework offer a better detection instead of a one size fits all,
and provide various switch() statement context and appropriate
actions.
It is also capable to handle multiply-logged inode fields which
current Trusty version can't handle.
[Other Info]
* The patch never land in Trusty because the package was a copy from
it's predecessor release, saucy, and never been SRU since then.
* Upstream commit:
https://git.kernel.org/pub/scm/fs/xfs/xfsprogs-dev.git/commit/?id=dda4129
* Trusty AFFECTED ONLY.
$ git describe --contains dda4129
v3.1.11~29
$ rmadison xfsprogs
==> xfsprogs | 3.1.9ubuntu2 | trusty <==
xfsprogs | 4.3.0+nmu1ubuntu1 | xenial
xfsprogs | 4.3.0+nmu1ubuntu1.1 | xenial-updates
xfsprogs | 4.9.0+nmu1ubuntu1 | artful
xfsprogs | 4.9.0+nmu1ubuntu1 | bionic
[Orig Description]
It has been brought to my attention that the following :
"
The command 'xfs_logprint -c <DEVICE>' coredump on Trusty and display the error :
xlog_print_trans_inode: illegal inode type
"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/xfsprogs/+bug/1763086/+subscriptions
More information about the foundations-bugs
mailing list