Bug 246945 - sysutils/fusefs-ntfs: ntfs-3g crashes when/after loading bitcoin-qt blockchain (> 200 GiB)
Summary: sysutils/fusefs-ntfs: ntfs-3g crashes when/after loading bitcoin-qt blockchai...
Status: Open
Alias: None
Product: Ports & Packages
Classification: Unclassified
Component: Individual Port(s) (show other bugs)
Version: Latest
Hardware: amd64 Any
: --- Affects Some People
Assignee: freebsd-ports-bugs (Nobody)
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-06-02 21:14 UTC by Alexei
Modified: 2020-06-16 06:14 UTC (History)
2 users (show)

See Also:
linimon: maintainer-feedback? (freebsd)

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexei 2020-06-02 21:14:44 UTC 
1) I've got an external USB HDD at /dev/da1 with NTFS partition on /dev/da1p2
Mount it:
# ntfs-3g /dev/da1p2 /mnt/seagate

2) Let one of its directories be accessible from jail myjail:

# mount -t nullfs /mnt/seagate/Blockchain/Bitcoin 
/usr/local/jails/myjail/blockchain

3) In jail: execute: bitcoin-qt --datadir=/blockchain - OK.
Close bitcoin-qt. Execute again - ntfs-3g crashed on host.

It's a null pointer dereference. I've attached the core file.
gdb says:

Core was generated by `ntfs-3g /dev/da1p2 /mnt/seagate/'.

Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00000008002727f5 in get_dirhandle (llfi=0x7fffffffe6a0, fi=0x7fffffffe630) at fuse.c:3374
3374            fi->fh = dh->fh;
Comment 1 Alexei 2020-06-02 21:18:18 UTC 
I can't upload core dump here (413 Request Entity Too Large) so I've used
sendspace.com

ntfs-3g.core.tgz -> https://www.sendspace.com/file/6ry071
Comment 2 Alexei 2020-06-02 21:19:22 UTC 
gdb says:

Core was generated by `ntfs-3g /dev/da1p2 /mnt/seagate/'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  0x00000008002727f5 in get_dirhandle (llfi=0x7fffffffe6a0, fi=0x7fffffffe630) at fuse.c:3374
3374            fi->fh = dh->fh;
(gdb) where
#0  0x00000008002727f5 in get_dirhandle (llfi=0x7fffffffe6a0, fi=0x7fffffffe630) at fuse.c:3374
#1  0x000000080026df02 in fuse_lib_fsyncdir (req=0x80073d440, ino=11, datasync=0, 
    llfi=0x7fffffffe6a0) at fuse.c:3615
#2  0x000000080027a53d in do_fsyncdir (req=0x80073d440, nodeid=11, inarg=0x801f01668)
    at fuse_lowlevel.c:1421
#3  0x0000000800277e66 in fuse_ll_process_buf (data=0x801e80380, buf=0x7fffffffe908, 
    ch=0x800744040) at fuse_lowlevel.c:2443
#4  0x000000080027cf8d in fuse_session_process_buf (se=0x8007e0050, buf=0x7fffffffe908, 
    ch=0x800744040) at fuse_session.c:87
#5  0x0000000800273f84 in fuse_session_loop (se=0x8007e0050) at fuse_loop.c:40
#6  0x00000008002694d2 in fuse_loop (f=0x801e87140) at fuse.c:4386
#7  0x0000000000205db5 in main (argc=3, argv=0x7fffffffebc0) at ntfs-3g.c:4306
Comment 3 Mark Linimon freebsd_committer freebsd_triage 2020-06-02 21:36:54 UTC 
Take a guess at which port this PR is about and Cc: accordingly.
Comment 4 Alexei 2020-06-02 21:54:34 UTC 
Just found out, nullfs is not required for this bug. Mounted this way (from host):

# ntfs-3g /dev/da1p2 /usr/local/jails/myjail/mnt/sea
# ln -s /usr/local/jails/myjail/mnt/sea/Blockchains/Bitcoin /usr/local/jails/myjail/blockchain

Executed bitcoin-qt several times and got the same crash.

Blockchains/Bitcoin is a full synchronized blockchain (> 200 GiB)

Thank you for your help
Comment 5 Li-Wen Hsu freebsd_committer freebsd_triage 2020-06-16 06:14:41 UTC 
Which version of FreeBSD and sysutils/fusefs-ntfs are you using? I checked fuse.c at libfuse-lite/fuse.c of this port but it has only 3248 lines.