The bug is pretty straightforward to reproduce. It looks like an
integer overflow which will be triggered by files longer than 2GB:
Reading symbols from /sbin/sreadahead...Reading symbols from
/usr/lib/debug/sbin/sreadahead...done.
(no debugging symbols found)...done.
(gdb) r -t1 -d --no-fork
Starting program: /sbin/sreadahead -t1 -d --no-fork
[Thread debugging using libthread_db enabled]
Trace contained 33438 records
/etc/ld.so.cache: 1 fragment(s), 120kb, 100.0%
[...]
/etc/libvirt/storage/default.xml: 1 fragment(s), 1kb, 100.0%
Program received signal SIGSEGV, Segmentation fault.
0x0000000000401f3b in get_blocks (signal=<value optimized out>)
at sreadahead.c:315
warning: Source file is more recent than executable.
315 if (mincorebuf[i / 4096])
(gdb) print mincorebuf
$1 = <value optimized out>
(gdb) print i
$2 = -2147483648
[...]
(gdb) print statbuf.st_size
$6 = 4294967296
(gdb) print r->filename
$7 = "/var/lib/libvirt/images/uec-cc.img", '\000' <repeats 93 times>
--
sreadahead crashed with SIGSEGV in __pause_nocancel()
https://bugs.launchpad.net/bugs/414597
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
