1393958 – fence_xvm gives error with delay=0

RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.

Bug 1393958 - fence_xvm gives error with delay=0

Summary: fence_xvm gives error with delay=0

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Enterprise Linux 7
Classification:	Red Hat
Component:	fence-virt
Sub Component:
Version:	7.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	rc
Target Release:	---
Assignee:	Ryan McCabe
QA Contact:	cluster-qe@redhat.com
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2016-11-10 17:29 UTC by Ken Gaillot
Modified:	2019-03-06 02:16 UTC (History)
CC List:	5 users (show)
Fixed In Version:	fence-virt-0.3.2-7.el7
Doc Type:	If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed:	2017-08-01 19:26:49 UTC
Target Upstream Version:
Embargoed:

Attachments	(Terms of Use)

Links
System	ID	Private	Priority	Status	Summary	Last Updated
Red Hat Product Errata	RHBA-2017:2089	0	normal	SHIPPED_LIVE	fence-virt bug fix and enhancement update	2017-08-01 18:14:49 UTC

Description Ken Gaillot 2016-11-10 17:29:08 UTC

Description of problem: The fence_xvm fence agent supports a "delay" option that defaults to 0. Previously, it was possible to explicitly specify "delay=0", but under 7.3, the command gives a usage error.


Version-Release number of selected component (if applicable): 0.3.2-5.el7


How reproducible: Reliably


Steps to Reproduce:
Run fence_xvm with delay set to 0 (either "-w 0" on the command line or "delay=0" on standard input).

Actual results: A usage error message with: Invalid delay: '0'


Expected results: Successful operation

Additional info: This will cause a Pacemaker cluster to get failures for any fence action for a configured device, including start, stop, and monitor, rendering fencing ineffective.

Comment 1 Ken Gaillot 2016-11-10 17:30:42 UTC

Workaround for Pacemaker is to delete the delay:

pcs resource update $FENCING_RESOURCE_NAME delay=

Comment 2 Ken Gaillot 2016-11-10 17:32:51 UTC

(In reply to Ken Gaillot from comment #1)
> Workaround for Pacemaker is to delete the delay:
> 
> pcs resource update $FENCING_RESOURCE_NAME delay=

This requires a full cluster stop and start to take effect, but that may be a Pacemaker bug.

Comment 4 Ryan McCabe 2016-11-11 14:55:35 UTC

I pushed a fix for this:

https://github.com/ClusterLabs/fence-virt/commit/d4cd306cb464c12b9d35b062e3de1657c83ef4e0

A fix for a typo (it was checking timeout instead of delay) caused the change in behavior.

Comment 5 Jan Pokorný [poki] 2016-11-14 16:35:04 UTC

Well, this is not correct, either.

My assumption back then with
https://github.com/ClusterLabs/fence-virt/pull/4
(and consequently
https://bugzilla.redhat.com/1204873#fix--delay--parameter-checking)
was "ok, let's keep atoi in place, there's a precedence afterall,
but at least cover all the misguided values with excluding zero
altogether".

Old stack/fenced/libfence seems not to be ever passing values other
than configured, and it's questionable if explicit zero should be
ever accepted (if you want a delay, it's implied it's nonzero[*]).

This questionability is the same for pacemaker, IMHO.

If something good is to be done about the fence-virt codebase,
it should at least move on from very unsuitable "atoi" legacy.
Otherwise it's like changing strings on a neck-broken guitar.


[*] It would be oh-so-nice if the range of declarable data types
followed data types from XML Schema, which would be win also at
derived RelaxNG schemas' level, so one could define this
as positiveInteger
(https://www.w3.org/TR/xmlschema-2/#app-fundamental-facets)

Comment 6 Ken Gaillot 2016-11-15 17:46:08 UTC

(In reply to Jan Pokorný from comment #5)
> Well, this is not correct, either.
> 
> My assumption back then with
> https://github.com/ClusterLabs/fence-virt/pull/4
> (and consequently
> https://bugzilla.redhat.com/1204873#fix--delay--parameter-checking)
> was "ok, let's keep atoi in place, there's a precedence afterall,
> but at least cover all the misguided values with excluding zero
> altogether".
> 
> Old stack/fenced/libfence seems not to be ever passing values other
> than configured, and it's questionable if explicit zero should be
> ever accepted (if you want a delay, it's implied it's nonzero[*]).

I think an explicit 0 should definitely be accepted:
* 0 is semantically valid (delay is logically nonnegative, not positive)
* Users may have custom front-end scripts that take some values and do cluster config (which happens to be how I ran into the bug).
* It is contrary to expectations that a parameter's default value is illegal.

> This questionability is the same for pacemaker, IMHO.
> 
> If something good is to be done about the fence-virt codebase,
> it should at least move on from very unsuitable "atoi" legacy.
> Otherwise it's like changing strings on a neck-broken guitar.
> 
> 
> [*] It would be oh-so-nice if the range of declarable data types
> followed data types from XML Schema, which would be win also at
> derived RelaxNG schemas' level, so one could define this
> as positiveInteger
> (https://www.w3.org/TR/xmlschema-2/#app-fundamental-facets)

Comment 7 Ryan McCabe 2016-11-23 15:31:42 UTC

Yes, I agree 0 should be accepted, but it should use strtol or similar instead. I only kept the atoi to make the smallest change possible to restore the old behavior. I can go through the codebase to make these checks more robust throughout the codebase.

Comment 10 errata-xmlrpc 2017-08-01 19:26:49 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:2089

Note You need to log in before you can comment on or make changes to this bug.