Mailinglist Archive: opensuse-bugs (4250 mails)

< Previous Next >
[Bug 1018267] btrfs-image segv
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Thu, 05 Jan 2017 09:34:39 +0000
  • Message-id: <bug-1018267-21960-0HgS37lb7Y@http.bugzilla.suse.com/>
http://bugzilla.suse.com/show_bug.cgi?id=1018267
http://bugzilla.suse.com/show_bug.cgi?id=1018267#c1

--- Comment #1 from Libor Pechacek <lpechacek@xxxxxxxx> ---
Same with latest btrfsprogs devel version. I can provide access to the btrfs
volume if needed.

lpechacek@fm:/tmp/btrfs-progs> ./btrfsck -p /dev/sda10
Checking filesystem on /dev/sda10
UUID: d8c4713c-36dc-4727-a9cb-a2aa743aadb9
checking extents [o]
checking free space cache [o]
checking fs roots [o]
checking csums
checking root refs
found 136076910592 bytes used err is 0
total csum bytes: 129455176
total tree bytes: 1170313216
total fs tree bytes: 949972992
total extent tree bytes: 73220096
btree space waste bytes: 277716336
file data blocks allocated: 599466016768
referenced 131809349632
lpechacek@fm:/tmp/btrfs-progs> ./btrfs-image -c 9 /dev/sda10 /dev/shm/image
Segmentation fault (core dumped)
lpechacek@fm:/tmp/btrfs-progs> git describe
v4.9-6-gb74d9a3c02b7
lpechacek@fm:/tmp/btrfs-progs> valgrind ./btrfs-image -c 9 /dev/sda10
/dev/shm/image
==25198== Memcheck, a memory error detector
==25198== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
==25198== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
==25198== Command: ./btrfs-image -c 9 /dev/sda10 /dev/shm/image
==25198==
==25198== Invalid read of size 4
==25198== at 0x457EB1: btrfs_header_nritems (ctree.h:1986)
==25198== by 0x45AD82: copy_from_extent_tree (main.c:1240)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Address 0x5f89c40 is 224 bytes inside a block of size 4,224 free'd
==25198== at 0x4C2A3CC: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x4301AC: free_extent_buffer (extent_io.c:591)
==25198== by 0x411B07: btrfs_next_leaf (ctree.c:2865)
==25198== by 0x45A6C2: is_tree_block (main.c:1050)
==25198== by 0x45AF48: copy_from_extent_tree (main.c:1290)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Block was alloc'd at
==25198== at 0x4C2B250: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x42FF49: __alloc_extent_buffer (extent_io.c:542)
==25198== by 0x43039A: alloc_extent_buffer (extent_io.c:646)
==25198== by 0x413126: btrfs_find_create_tree_block (disk-io.c:193)
==25198== by 0x413692: read_tree_block_fs_info (disk-io.c:340)
==25198== by 0x40A627: read_tree_block (disk-io.h:118)
==25198== by 0x40C017: read_node_slot (ctree.c:651)
==25198== by 0x411AA7: btrfs_next_leaf (ctree.c:2856)
==25198== by 0x45AD99: copy_from_extent_tree (main.c:1241)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198==
==25198== Invalid read of size 1
==25198== at 0x4C2DF30: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x430C78: read_extent_buffer (extent_io.c:867)
==25198== by 0x457D26: btrfs_item_key (ctree.h:1864)
==25198== by 0x457E47: btrfs_item_key_to_cpu (ctree.h:1968)
==25198== by 0x45ADF4: copy_from_extent_tree (main.c:1253)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Address 0x5f89f65 is 1,029 bytes inside a block of size 4,224 free'd
==25198== at 0x4C2A3CC: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x4301AC: free_extent_buffer (extent_io.c:591)
==25198== by 0x411B07: btrfs_next_leaf (ctree.c:2865)
==25198== by 0x45A6C2: is_tree_block (main.c:1050)
==25198== by 0x45AF48: copy_from_extent_tree (main.c:1290)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Block was alloc'd at
==25198== at 0x4C2B250: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x42FF49: __alloc_extent_buffer (extent_io.c:542)
==25198== by 0x43039A: alloc_extent_buffer (extent_io.c:646)
==25198== by 0x413126: btrfs_find_create_tree_block (disk-io.c:193)
==25198== by 0x413692: read_tree_block_fs_info (disk-io.c:340)
==25198== by 0x40A627: read_tree_block (disk-io.h:118)
==25198== by 0x40C017: read_node_slot (ctree.c:651)
==25198== by 0x411AA7: btrfs_next_leaf (ctree.c:2856)
==25198== by 0x45AD99: copy_from_extent_tree (main.c:1241)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198==
==25198== Invalid read of size 1
==25198== at 0x4C2DF3E: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x430C78: read_extent_buffer (extent_io.c:867)
==25198== by 0x457D26: btrfs_item_key (ctree.h:1864)
==25198== by 0x457E47: btrfs_item_key_to_cpu (ctree.h:1968)
==25198== by 0x45ADF4: copy_from_extent_tree (main.c:1253)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Address 0x5f89f67 is 1,031 bytes inside a block of size 4,224 free'd
==25198== at 0x4C2A3CC: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x4301AC: free_extent_buffer (extent_io.c:591)
==25198== by 0x411B07: btrfs_next_leaf (ctree.c:2865)
==25198== by 0x45A6C2: is_tree_block (main.c:1050)
==25198== by 0x45AF48: copy_from_extent_tree (main.c:1290)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Block was alloc'd at
==25198== at 0x4C2B250: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x42FF49: __alloc_extent_buffer (extent_io.c:542)
==25198== by 0x43039A: alloc_extent_buffer (extent_io.c:646)
==25198== by 0x413126: btrfs_find_create_tree_block (disk-io.c:193)
==25198== by 0x413692: read_tree_block_fs_info (disk-io.c:340)
==25198== by 0x40A627: read_tree_block (disk-io.h:118)
==25198== by 0x40C017: read_node_slot (ctree.c:651)
==25198== by 0x411AA7: btrfs_next_leaf (ctree.c:2856)
==25198== by 0x45AD99: copy_from_extent_tree (main.c:1241)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198==
==25198== Invalid read of size 2
==25198== at 0x4C2DDC0: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x430C78: read_extent_buffer (extent_io.c:867)
==25198== by 0x457D26: btrfs_item_key (ctree.h:1864)
==25198== by 0x457E47: btrfs_item_key_to_cpu (ctree.h:1968)
==25198== by 0x45ADF4: copy_from_extent_tree (main.c:1253)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Address 0x5f89f7e is 1,054 bytes inside a block of size 4,224 free'd
==25198== at 0x4C2A3CC: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x4301AC: free_extent_buffer (extent_io.c:591)
==25198== by 0x411B07: btrfs_next_leaf (ctree.c:2865)
==25198== by 0x45A6C2: is_tree_block (main.c:1050)
==25198== by 0x45AF48: copy_from_extent_tree (main.c:1290)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Block was alloc'd at
==25198== at 0x4C2B250: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x42FF49: __alloc_extent_buffer (extent_io.c:542)
==25198== by 0x43039A: alloc_extent_buffer (extent_io.c:646)
==25198== by 0x413126: btrfs_find_create_tree_block (disk-io.c:193)
==25198== by 0x413692: read_tree_block_fs_info (disk-io.c:340)
==25198== by 0x40A627: read_tree_block (disk-io.h:118)
==25198== by 0x40C017: read_node_slot (ctree.c:651)
==25198== by 0x411AA7: btrfs_next_leaf (ctree.c:2856)
==25198== by 0x45AD99: copy_from_extent_tree (main.c:1241)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198==
==25198== Invalid read of size 2
==25198== at 0x4C2DDCF: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x430C78: read_extent_buffer (extent_io.c:867)
==25198== by 0x457D26: btrfs_item_key (ctree.h:1864)
==25198== by 0x457E47: btrfs_item_key_to_cpu (ctree.h:1968)
==25198== by 0x45ADF4: copy_from_extent_tree (main.c:1253)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Address 0x5f89f82 is 1,058 bytes inside a block of size 4,224 free'd
==25198== at 0x4C2A3CC: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x4301AC: free_extent_buffer (extent_io.c:591)
==25198== by 0x411B07: btrfs_next_leaf (ctree.c:2865)
==25198== by 0x45A6C2: is_tree_block (main.c:1050)
==25198== by 0x45AF48: copy_from_extent_tree (main.c:1290)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Block was alloc'd at
==25198== at 0x4C2B250: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x42FF49: __alloc_extent_buffer (extent_io.c:542)
==25198== by 0x43039A: alloc_extent_buffer (extent_io.c:646)
==25198== by 0x413126: btrfs_find_create_tree_block (disk-io.c:193)
==25198== by 0x413692: read_tree_block_fs_info (disk-io.c:340)
==25198== by 0x40A627: read_tree_block (disk-io.h:118)
==25198== by 0x40C017: read_node_slot (ctree.c:651)
==25198== by 0x411AA7: btrfs_next_leaf (ctree.c:2856)
==25198== by 0x45AD99: copy_from_extent_tree (main.c:1241)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198==
==25198== Invalid read of size 8
==25198== at 0x4C2DD70: memcpy@@GLIBC_2.14 (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x430C78: read_extent_buffer (extent_io.c:867)
==25198== by 0x457D26: btrfs_item_key (ctree.h:1864)
==25198== by 0x457E47: btrfs_item_key_to_cpu (ctree.h:1968)
==25198== by 0x45ADF4: copy_from_extent_tree (main.c:1253)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Address 0x5f89fb0 is 1,104 bytes inside a block of size 4,224 free'd
==25198== at 0x4C2A3CC: free (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x4301AC: free_extent_buffer (extent_io.c:591)
==25198== by 0x411B07: btrfs_next_leaf (ctree.c:2865)
==25198== by 0x45A6C2: is_tree_block (main.c:1050)
==25198== by 0x45AF48: copy_from_extent_tree (main.c:1290)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198== Block was alloc'd at
==25198== at 0x4C2B250: calloc (in
/usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==25198== by 0x42FF49: __alloc_extent_buffer (extent_io.c:542)
==25198== by 0x43039A: alloc_extent_buffer (extent_io.c:646)
==25198== by 0x413126: btrfs_find_create_tree_block (disk-io.c:193)
==25198== by 0x413692: read_tree_block_fs_info (disk-io.c:340)
==25198== by 0x40A627: read_tree_block (disk-io.h:118)
==25198== by 0x40C017: read_node_slot (ctree.c:651)
==25198== by 0x411AA7: btrfs_next_leaf (ctree.c:2856)
==25198== by 0x45AD99: copy_from_extent_tree (main.c:1241)
==25198== by 0x45B1A8: create_metadump (main.c:1370)
==25198== by 0x45EAB5: main (main.c:2855)
==25198==
^C==25198==
==25198== Process terminating with default action of signal 2 (SIGINT)
==25198== at 0x56C10AF: pthread_cond_wait@@GLIBC_2.3.2 (in
/lib64/libpthread-2.22.so)
==25198== by 0x4597AE: dump_worker (main.c:667)
==25198== by 0x56BC733: start_thread (in /lib64/libpthread-2.22.so)
==25198== by 0x59BAD3C: clone (in /lib64/libc-2.22.so)
==25198==
==25198== HEAP SUMMARY:
==25198== in use at exit: 3,672,219 bytes in 539 blocks
==25198== total heap usage: 26,742 allocs, 26,203 frees, 72,440,939 bytes
allocated
==25198==
==25198== LEAK SUMMARY:
==25198== definitely lost: 0 bytes in 0 blocks
==25198== indirectly lost: 0 bytes in 0 blocks
==25198== possibly lost: 2,729,930 bytes in 98 blocks
==25198== still reachable: 942,289 bytes in 441 blocks
==25198== suppressed: 0 bytes in 0 blocks
==25198== Rerun with --leak-check=full to see details of leaked memory
==25198==
==25198== For counts of detected and suppressed errors, rerun with: -v
==25198== ERROR SUMMARY: 310 errors from 6 contexts (suppressed: 0 from 0)
Killed
lpechacek@fm:/tmp/btrfs-progs>

--
You are receiving this mail because:
You are on the CC list for the bug.
< Previous Next >
References