Bug 789960 - guestfsd crash when try to mount non-exist disk
Summary: guestfsd crash when try to mount non-exist disk
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: libguestfs
Version: 6.2
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: rc
: ---
Assignee: Richard W.M. Jones
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-02-13 11:07 UTC by Qixiang Wan
Modified: 2012-06-20 07:00 UTC (History)
4 users (show)

Fixed In Version: libguestfs-1.16.5-1.el6
Doc Type: Bug Fix
Doc Text:
Cause: The libguestfs daemon would crash when asked to mount a non-existent disk. Consequence: Programs that accidentally tried to mount a non-existent disk would get an unexpected error from libguestfs, and all further operations on the handle would fail. Fix: This crash has been fixed. Result:
Clone Of:
Environment:
Last Closed: 2012-06-20 07:00:31 UTC
Target Upstream Version:


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2012:0774 normal SHIPPED_LIVE Low: libguestfs security, bug fix, and enhancement update 2012-06-19 19:29:50 UTC

Description Qixiang Wan 2012-02-13 11:07:42 UTC
Description of problem:
When user try to mount a non-exist disk, the daemon will crash and everything can't work any more.

Version-Release number of selected component (if applicable):
Can reproduce with RHEL6.2 release version and libguestfs-1.16.4-1.el6.x86_64.

How reproducible:
100%

Steps to Reproduce:
1. # guestfish -N disk -- mount /dev/vdb / : ping-daemon
libguestfs: error: mount: mount_stub: /dev/vdb: device not found
libguestfs: error: unexpected procedure number (1/282)
  
Actual results:
guestfs daemon crashed.

Expected results:
just report error message and libguestfs should keep working after that. 

Additional info:


# guestfish -a /dev/null -x -v
[...]
><fs> mount /dev/vdb /
libguestfs: trace: mount "/dev/vdb" "/"
libguestfs: send_to_daemon: 64 bytes: 00 00 00 3c | 20 00 f5 f5 | 00 00 00 04 | 00 00 00 01 | 00 00 00 00 | ...
guestfsd: main_loop: new request, len 0x3c
guestfsd: error: mount_stub: /dev/vdb: device not found
mount -o  /dev/vdb /sysroot/
libguestfs: recv_from_daemon: 88 bytes: 20 00 f5 f5 | 00 00 00 04 | 00 00 00 01 | 00 00 00 01 | 00 12 34 00 | ...
libguestfs: trace: mount = -1 (error)
libguestfs: error: mount: mount_stub: /dev/vdb: device not found
><fs> ping-daemon 
libguestfs: trace: ping_daemon
libguestfs: send_to_daemon: 44 bytes: 00 00 00 28 | 20 00 f5 f5 | 00 00 00 04 | 00 00 00 5c | 00 00 00 00 | ...
guestfsd: main_loop: proc 1 (mount) took 0.00 seconds
libguestfs: check_for_daemon_cancellation_or_eof: 00 00 00 28 | 
libguestfs: error: check_for_daemon_cancellation_or_eof: read 0x28 from daemon, expected 0xffffeeee

libguestfs: trace: ping_daemon = -1 (error)
><fs>

Comment 1 Richard W.M. Jones 2012-02-13 11:43:33 UTC
Confirmed on 1.17.5.  A simple reproducer is:

guestfish -a /dev/null -v run : mount /dev/vdb /

Comment 3 Richard W.M. Jones 2012-02-13 17:51:57 UTC
The fix is included in upstream stable branch version
1.16.5, and in RHEL 6.3 build (same version).

Comment 7 Richard W.M. Jones 2012-04-26 13:38:26 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause:
The libguestfs daemon would crash when asked to mount a non-existent disk.

Consequence:
Programs that accidentally tried to mount a non-existent disk would get an unexpected error from libguestfs, and all further operations on the handle would fail.

Fix:
This crash has been fixed.

Result:

Comment 9 errata-xmlrpc 2012-06-20 07:00:31 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHSA-2012-0774.html


Note You need to log in before you can comment on or make changes to this bug.