[Libreoffice-bugs] [Bug 127648] LO on Linux crashes when accessing opend/locked File on SAMBA network share

bugzilla-daemon at bugs.documentfoundation.org bugzilla-daemon at bugs.documentfoundation.org
Sat Nov 2 10:22:18 UTC 2019 

https://bugs.documentfoundation.org/show_bug.cgi?id=127648

Stephan Bergmann <sbergman at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|UNCONFIRMED                 |RESOLVED
         Resolution|---                         |NOTOURBUG

--- Comment #18 from Stephan Bergmann <sbergman at redhat.com> ---
(In reply to Jan from comment #17)
> Created attachment 155456 [details]
> strace with debug build

So that's a kernel bug:

[...]
> 2085  20:13:46.936734 openat(AT_FDCWD, "/mnt/locktest.odt", O_RDONLY) = 22
> 2085  20:13:46.938557 fstat(22, {st_mode=S_IFREG|0600, st_size=8305, ...}) = 0
[...]
> 2085  20:13:46.942594 pread64(22, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 4096, 0) = 4294967283
[...]

So /mnt/locktest.odt is reported to have a size of 8305 bytes, and when we want
to read 4096 bytes from the start, pread64 claims it read 4294967283 bytes. 
Whatever filesystem is used by that mount point appears to have a bug (smells
like an EACESS = 13 is internally reported as -13 as a 32 bit value (i.e.,
4294967283 = 0xFFFFFFF3) and then erroneously interpreted as a positive 64-bit
value, and propagated out from the kernel as that).

-- 
You are receiving this mail because:
You are the assignee for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/libreoffice-bugs/attachments/20191102/050ffcd6/attachment.html>

More information about the Libreoffice-bugs mailing list