Bug 1452701 - Data corruption in LXC loop mounts on libvirt restart
Summary: Data corruption in LXC loop mounts on libvirt restart
Keywords:
Status: CLOSED INSUFFICIENT_DATA
Alias: None
Product: Virtualization Tools
Classification: Community
Component: libvirt
Version: unspecified
Hardware: x86_64
OS: Linux
unspecified
unspecified
Target Milestone: ---
Assignee: Libvirt Maintainers
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-05-19 13:43 UTC by Eugen Rieck
Modified: 2017-08-07 22:36 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2017-08-07 22:36:13 UTC
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Launchpad 1680997 0 None None None 2017-05-19 13:44:51 UTC

Description Eugen Rieck 2017-05-19 13:43:09 UTC 
Description of problem:
On libvirtd restart, the status of LXC containers with loop mounts is wrongly detected, leading to a possible double-mount of an image file with resulting fs corruption.

The bug occurred in Ubuntu (https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1680997) and I was referred here after initial analysis.

Version-Release number of selected component (if applicable):
virsh -c lxc:// version
Compiled against library: libvirt 2.2.0
Using library: libvirt 2.2.0
Using API: LXC 2.2.0
Running hypervisor: LXC 4.4.0


Steps to Reproduce:
1. create an LXC container, that has a loop-mounted image file and start it
2. systemctl stop libvirtd ; sleep 2 ; sync ; systemctl start libvirtd
   the container shows as shut off in virt-manager, no longer responds to network requests, has no attachable console
   The loop mount does no longer show up on host-side "mount" output
      BUT: losetup -a reveals, that a loop device is still attached to the image file
      BUT: In reality this loop device is still mounted, processes in the container still access the file system
      BUT: There is no way to unmount or free it - losetup -d ends without an error but does nothing
3. restart the container (virsh -c lxc:// start name-of-container or via virt-manager)
      THIS SHOULD NOT BE ALLOWED

Actual results:
The image file is now twice mounted and corruption starts creeping in

Expected results:
The loop mount of the image file should either be released on libvirtd stop, or a second mount should be prohibited.

Additional info:
Complete domain XML:
<domain type='lxc'>
  <name>AnyName</name>
  <memory unit='KiB'>2097152</memory>
  <currentMemory unit='KiB'>2097152</currentMemory>
  <vcpu placement='static'>4</vcpu>
  <resource>
    <partition>/machine</partition>
  </resource>
  <os>
    <type arch='x86_64'>exe</type>
    <init>/sbin/init</init>
  </os>
  <features>
    <privnet/>
  </features>
  <clock offset='utc'/>
  <on_poweroff>destroy</on_poweroff>
  <on_reboot>restart</on_reboot>
  <on_crash>restart</on_crash>
  <devices>
    <filesystem type='file' accessmode='passthrough'>
      <driver type='loop' format='raw'/>
      <source file='/path/to/image.raw'/>
      <target dir='/'/>
    </filesystem>
    <interface type='bridge'>
      <mac address='00:16:3e:34:ea:4b'/>
      <source bridge='br1'/>
      <target dev='vnet2'/>
      <guest dev='eth0'/>
    </interface>
    <console type='pty' tty='/dev/pts/3'>
      <source path='/dev/pts/3'/>
      <target type='lxc' port='0'/>
      <alias name='console0'/>
    </console>
    <hostdev mode='capabilities' type='misc'>
      <source>
        <char>/dev/net/tun</char>
      </source>
    </hostdev>
  </devices>
</domain>
Comment 1 Cole Robinson 2017-05-30 21:54:45 UTC 
This is the tracker for upstream libvirt, but your version is a bit old. Can you try the latest libvirt release? version 3.3.0
Comment 2 Cole Robinson 2017-08-07 22:36:13 UTC 
No response, so closing. Someone needs to see if this reproduces with newer libvirt to track it here
Note You need to log in before you can comment on or make changes to this bug.