[Bug 1611360] Re: Xenial 32-bit: multipath exits with SIGSEGV

Jon Grimm jon.grimm at canonical.com
Sat Oct 15 01:12:10 UTC 2016 

OK, I've verified I can reproduce the segfault with a 32-bit i386 xenial kvm guest.   Much futzing around to get the scsi multipathing working, I'll doc that when I get a chance so I can reproduce, but wanted to document the test results and make my fix available via PPA for others.  
 


Before fix: 

ubuntu at x32multipath:~$ sudo multipathd -k
multipathd> show paths
ubuntu at x32multipath:~$

But, dmesg shows the segfault:

[  142.603813] scsi 2:0:0:0: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[  142.605344] sd 2:0:0:0: Attached scsi generic sg0 type 0
[  142.605744] sd 2:0:0:0: [sda] 40960 512-byte logical blocks: (21.0 MB/20.0 MiB)
[  142.606901] sd 2:0:0:0: [sda] Write Protect is off
[  142.606908] sd 2:0:0:0: [sda] Mode Sense: 63 00 00 08
[  142.607054] sd 2:0:0:0: [sda] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[  142.610992]  sda: sda1
[  142.611780] sd 2:0:0:0: [sda] Attached SCSI disk
[  151.914198] scsi 2:0:0:1: Direct-Access     QEMU     QEMU HARDDISK    2.5+ PQ: 0 ANSI: 5
[  151.917004] sd 2:0:0:1: Attached scsi generic sg1 type 0
[  151.917385] sd 2:0:0:1: [sdb] 40960 512-byte logical blocks: (21.0 MB/20.0 MiB)
[  151.917755] sd 2:0:0:1: [sdb] Write Protect is off
[  151.917764] sd 2:0:0:1: [sdb] Mode Sense: 63 00 00 08
[  151.917864] sd 2:0:0:1: [sdb] Write cache: enabled, read cache: enabled, doesn't support DPO or FUA
[  151.920866]  sdb: sdb1
[  151.921576] sd 2:0:0:1: [sdb] Attached SCSI disk
[  151.975052] device-mapper: multipath round-robin: version 1.0.0 loaded
[  213.768916] show_signal_msg: 12 callbacks suppressed
[  213.768929] multipathd[670]: segfault at 0 ip b761b7cd sp b71c6040 error 4 in libmultipath.so.0[b75f9000+45000]

^^^^ blows up as per submitter ^^^


After update with fix: 

ubuntu at x32multipath:~$ sudo multipathd -k
multipathd> show paths
hcil    dev dev_t pri dm_st  chk_st dev_st  next_check     
2:0:0:0 sda 8:0   1   active ready  running XXXX...... 4/10
2:0:0:1 sdb 8:16  1   active ready  running XXXXX..... 5/10
multipathd> 

So, looking good.   Will get back to this next week.


If anyone else seeing this problem is interested in testing the fix: 

Available via PPA (has yakkety and xenial, but I've only tested xenial):

sudo add-apt-repository ppa:jgrimm/multipath-1611360
sudo apt-get update
sudo apt-get upgrade

cheers,

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to multipath-tools in Ubuntu.
https://bugs.launchpad.net/bugs/1611360

Title:
  Xenial 32-bit: multipath exits with SIGSEGV

Status in multipath-tools package in Ubuntu:
  Triaged

Bug description:
  Ubuntu release:
  Description:	Ubuntu 16.04 LTS
  Release:	16.04

  Package version: 0.5.0+git1.656f8865-5ubuntu2.1

  The current version of multipath-tools for Xenial (0.5.0+git1.656f8865-5ubuntu2.1) causes segmentation fault when trying to run, for example, "show paths" from the daemon.
  When further investigating the issue, it seems that since Ubuntu 14.04, the enum describing the keyword type in cli.h is now of size 35. This leads to overflows as later on values are left-shifted by the values in these enum, and some of those exceed 31 (the maximum legal shift amount in 32-bit int).
  This leads to wrong choice of the handler in the command parsing stage (cli.c - find_handler). Specifically in "show paths" it leads to choosing cli_list_paths_fmt instead of cli_list_paths, and later to null dereferencing and segmentation fault.

  GDB Backtrace:
  #0  snprint_path_header (line=0xb78010e0 "", len=1200, format=0x0) at print.c:795
  #1  0x08052a6e in show_paths (r=0xb7b52210, len=0xb7b52208, vecs=0x809f650, style=0x0, pretty=1) at cli_handlers.c:47
  #2  0x080532af in cli_list_paths_fmt (v=0xb7800678, reply=0xb7b52210, len=0xb7b52208, data=0x809f650) at cli_handlers.c:235
  #3  0x08052369 in parse_cmd (cmd=0xb7800f68 "show paths", reply=0xb7b52210, len=0xb7b52208, data=0x809f650) at cli.c:438
  #4  0x0804cf49 in uxsock_trigger (str=0xb7800f68 "show paths", reply=0xb7b52210, len=0xb7b52208, trigger_data=0x809f650) at main.c:780
  #5  0x08050e5a in uxsock_listen (uxsock_trigger=0x804cf00 <uxsock_trigger>, trigger_data=0x809f650) at uxlsnr.c:252
  #6  0x0804da3b in uxlsnrloop (ap=0x809f650) at main.c:946
  #7  0xb7fb82b5 in start_thread (arg=0xb7b52b40) at pthread_create.c:333
  #8  0xb7da216e in clone () at ../sysdeps/unix/sysv/linux/i386/clone.S:114

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/multipath-tools/+bug/1611360/+subscriptions

More information about the foundations-bugs mailing list