Bug 116950

Summary: Creating a JFS is not possible - "mkfs.jfs" crashes
Product: [openSUSE] SUSE LINUX 10.0 Reporter: Steffen Moser <mail>
Component: BasesystemAssignee: Hendrik Vogelsang <hvogel>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Critical    
Priority: P5 - None CC: meissner, righiandr, ro
Version: RC 1   
Target Milestone: ---   
Hardware: i686   
OS: All   
Whiteboard:
Found By: Beta-Customer Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---
Attachments: "strace" of failing "mkfs.jfs"
Contents of "/proc/mounts"
Fix: buffer overflow in the Root_FS_Type string

Description Steffen Moser 2005-09-14 12:34:19 UTC 
I tried to create a "JFS" within a VMware testing environment of SuSE-10.0-RC1,
but "mkfs.jfs" just terminates:

 | vm06:~ # mkfs.jfs /dev/hdb1
 | mkfs.jfs version 1.1.8, 03-May-2005
 | *** buffer overflow detected ***: mkfs.jfs terminated
 | Aborted

As an attachment you'll find the "strace" of the above given command. Perhaps
"mkfs.jfs" has a problem with the length of the contents of "/proc/mounts"?
Therefore I've attached my "/proc/mounts", too.

Creating other file systems (XFS, REISERFS, EXT3, EXT2, VFAT) on the same
partition seems to be no problem.

I've seen bug #104870. But it would IMHO make more sense to remove "mkfs.jfs"
from 10.0-RC1 if it isn't even possible to create a JFS manually.
Comment 1 Steffen Moser 2005-09-14 12:36:59 UTC 
Created attachment 49895 [details]
"strace" of failing "mkfs.jfs"
Comment 2 Steffen Moser 2005-09-14 12:37:28 UTC 
Created attachment 49897 [details]
Contents of "/proc/mounts"
Comment 3 Hendrik Vogelsang 2005-09-14 14:10:33 UTC 
works for me on RC3 with a 20GB partition. Are you sure this isnt vmware related?
Comment 4 Mads Martin Joergensen 2005-09-14 14:11:23 UTC 
Please reproduce out of vmware, and reopen if it still persists.
Comment 5 Steffen Moser 2005-09-22 12:59:34 UTC 
I've tried to reproduce it out of VMware (on x86, various partition sizes), and
indeed: The bug did not occur then. So it seems to be VMware related. 

By the way: If I compile "jfsutils-1.1.8.tar.gz" manually (only doing
"configure" and "make") on 10.0-RC1, "mkfs.jfs" runs without any error also
within the VMware based host.
Comment 6 Marcus Meissner 2005-09-28 06:40:52 UTC 
try reproducing the crash with:  
gdb mkfs.jfs  
r /dev/hdb1
Comment 7 Steffen Moser 2005-11-02 23:46:31 UTC 
I've tried to reproduce it, but I just haven't got the error to occur again. 

The problem is: I deleted the VMware virtual host that showed the bug after this bug had been closed.

Now, I installed both, SuSE-Linux-10.0 and SuSE-Linux-10.0-RC1 (which I redownloaded), within VMware again using the same settings as I used during the installation when the bug occured. But I can only say now: I am sorry, but at the moment I just cannot reproduce the bug. "mkfs.jfs" creates file systems without any problems on various VMware virtual disks (IDE and SCSI emulations, various sizes, and so on).

Perhaps something went wrong during that installation at that time. At least I didn't check the integrity of libs and binaries using rpm of the 10.0-RC1 installation that had shown the error.

So I think I can't help you any further regarding this bug at the moment.
Comment 8 Andrea Righi 2006-05-14 14:55:01 UTC 
I was able to reproduce this problem also out of vmware, using in this case a regular file to be mounted as a loopback device:

righiandr@linux:~> rpm -q jfsutils
jfsutils-1.1.8-3
righiandr@linux:~> dd if=/dev/zero of=/tmp/initrd bs=1024 count=72861
72861+0 records in
72861+0 records out
74609664 bytes (75 MB) copied, 0.61649 seconds, 121 MB/s
righiandr@linux:~> /sbin/jfs_mkfs /tmp/initrd
/sbin/jfs_mkfs version 1.1.8, 03-May-2005
*** buffer overflow detected ***: /sbin/jfs_mkfs terminated
Aborted (core dumped)
righiandr@linux:~> gdb /sbin/jfs_mkfs
GNU gdb 6.3
Copyright 2004 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i586-suse-linux"...(no debugging symbols found)
Using host libthread_db library "/lib/tls/libthread_db.so.1".

(gdb) r /tmp/initrd
Starting program: /sbin/jfs_mkfs /tmp/initrd
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
(no debugging symbols found)
/sbin/jfs_mkfs version 1.1.8, 03-May-2005
*** buffer overflow detected ***: /sbin/jfs_mkfs terminated

Program received signal SIGABRT, Aborted.
0xffffe410 in __kernel_vsyscall ()
(gdb) backtrace
#0  0xffffe410 in __kernel_vsyscall ()
#1  0x4005c541 in raise () from /lib/tls/libc.so.6
#2  0x4005ddbb in abort () from /lib/tls/libc.so.6
#3  0x400928b5 in __libc_message () from /lib/tls/libc.so.6
#4  0x40105f61 in __chk_fail () from /lib/tls/libc.so.6
#5  0x4010551d in __strcpy_chk () from /lib/tls/libc.so.6
#6  0x0804dc7d in ?? ()
#7  0xbf8c32f4 in ?? ()
#8  0x08056187 in ?? ()
#9  0x00000008 in ?? ()
#10 0x00000000 in ?? ()
#11 0x00000001 in ?? ()
#12 0x400da831 in _getopt_internal_r () from /lib/tls/libc.so.6
#13 0x0804c513 in ?? ()
#14 0xbf8c50bd in ?? ()
#15 0xbf8c50bd in ?? ()
#16 0xbf8c3e10 in ?? ()
#17 0x08051901 in _IO_stdin_used ()
#18 0x080518f5 in _IO_stdin_used ()
#19 0x00000005 in ?? ()
#20 0x00119000 in ?? ()
#21 0x0011d000 in ?? ()
#22 0x0011c094 in ?? ()
#23 0x0011ebfc in ?? ()
#24 0x00119000 in ?? ()
#25 0x00000003 in ?? ()
#26 0x00000000 in ?? ()
#27 0x00000000 in ?? ()
#28 0x00000000 in ?? ()
#29 0x00000000 in ?? ()
#30 0x00000000 in ?? ()
#31 0x4000f8a1 in __libc_memalign () from /lib/ld-linux.so.2
#32 0x40049ea0 in __libc_start_main () from /lib/tls/libc.so.6
#33 0x080492f1 in ?? ()

This behaviour doesn't occur with the "vanilla" jfsutils (rel. 1.1.8), taken from here: http://jfs.sourceforge.net/project/pub/jfsutils-1.1.8.tar.gz

righiandr@linux:~/download/jfs/jfsutils-1.1.8> dd if=/dev/zero of=/tmp/initrd bs=1024 count=72861
72861+0 records in
72861+0 records out
74609664 bytes (75 MB) copied, 0.563186 seconds, 132 MB/s
righiandr@linux:~/download/jfs/jfsutils-1.1.8> ./mkfs/jfs_mkfs /tmp/initrd
./mkfs/jfs_mkfs version 1.1.8, 03-May-2005
Warning!  All data on device initrd will be lost!

Continue? (Y/N) y


Format completed successfully.

72861 kilobytes total disk space.
righiandr@linux:~/download/jfs/jfsutils-1.1.8> ./fsck/jfs_fsck /tmp/initrd
./fsck/jfs_fsck version 1.1.8, 03-May-2005
processing started: 5/14/2006 16.36.24
Using default parameter: -p
The current device is:  /tmp/initrd
Block size in bytes:  4096
Filesystem size in blocks:  18215
**Phase 0 - Replay Journal Log
Filesystem is clean.

Thanks and Best Regards,
-Andrea Righi
Comment 9 Olaf Hering 2006-05-15 07:48:22 UTC 
you probably forgot to compile mainline jfsutils with  -D_FORTIFY_SOURCE=2
Comment 10 Andrea Righi 2006-05-15 08:10:46 UTC 
Created attachment 83407 [details]
Fix: buffer overflow in the Root_FS_Type string

This patch should resolve the problem. It seems there's a buffer overflow in the string Root_FS_Type in libfs/fssubs.c...

Best regards,
-Andrea
Comment 11 Andrea Righi 2006-05-15 08:19:10 UTC 
> you probably forgot to compile mainline jfsutils with  -D_FORTIFY_SOURCE=2 

Absolutely.... with that option the program crashes and, anyway, see the previous patch...

Regards,
-Andrea
Comment 12 Andrea Righi 2006-05-15 12:33:58 UTC 
...and I see now that it has already been fixed in 1.1.9:

http://cvs.sourceforge.net/viewcvs.py/jfs/jfsutils/NEWS?rev=1.26&content-type=text

Regards,
-Andrea

(In reply to comment #10)
> Created an attachment (id=83407) [edit]
> Fix: buffer overflow in the Root_FS_Type string
> 
> This patch should resolve the problem. It seems there's a buffer overflow in
> the string Root_FS_Type in libfs/fssubs.c...
> 
> Best regards,
> -Andrea
>
Comment 13 Hendrik Vogelsang 2006-05-17 09:40:47 UTC 
reassign to new maintainer
Comment 14 Hendrik Vogelsang 2006-05-18 11:00:36 UTC 
AJ do you want this in 10.1 or is FACTORY enough?
Comment 15 Andreas Jaeger 2006-05-19 07:01:03 UTC 
Please also for 10.1. MaintenanceTracker-4354
Comment 16 Hendrik Vogelsang 2006-05-19 12:00:07 UTC 
oergs. this is for 10.0. sorry i missed that. Its already fixed in 10.1. There we have jfsutils-1.1.10. Aj i suppose you can cancel this update. 

This is fixed in a newer version of SUSE Linux (10.1)