Re: parted 2.1 crash with 'Apple Boot' partition

[Jim Meyering]

Chris Murphy wrote:
> was: parted 2.1 crash with (encrypted) Apple Core Storage partition
>
>
> On Feb 9, 2012, at 1:45 AM, Chris Murphy wrote:
>
>>
>> On Feb 9, 2012, at 1:39 AM, Jim Meyering wrote:
>>>>>
>>>>
>>>> 565M is the final size here. I'm uploading to dropbox and will post a
>>>> public URL once it's done.
>>>
>>> Useful in any case.
>>
>>
>> http://dl.dropbox.com/u/3253801/AppleBoot-sparse.img.tar.xz
>
>
> Has anyone been able to reproduce or determine what's causing the crash?

Hi Chris,

I reproduced it on RHEL6.2's parted-2.1-18.el6.x86_64.
BTW, have you files a bug report (in bugzilla.redhat.com) for this already?


The problem is in hfs/probe.c:

(gdb) bt
#0  0x0000003e35632885 in raise (sig=6)
    at ../nptl/sysdeps/unix/sysv/linux/raise.c:64
#1  0x0000003e35634065 in abort () at abort.c:92
#2  0x0000003e93c12154 in ped_assert (cond_text=0x3e93c5f2d9 "offset >= 0",
    file=0x3e93c5f2a7 "cs/geom.c", line=295,
    function=0x3e93c5f460 "ped_geometry_read") at debug.c:111
#3  0x0000003e93c19ac0 in ped_geometry_read (geom=<value optimized out>,
    buffer=<value optimized out>, offset=<value optimized out>,
    count=<value optimized out>) at cs/geom.c:295
#4  0x0000003e93c351b9 in hfsplus_probe (geom=<value optimized out>)
    at probe.c:161
#5  0x0000003e93c1366c in ped_file_system_probe_specific (fs_type=0x3e93e79aa0,
    geom=<value optimized out>) at filesys.c:208
#6  0x0000003e93c13c15 in ped_file_system_probe (geom=0x81ec70) at filesys.c:338
#7  0x0000003e93c4315f in loop_probe (dev=<value optimized out>) at loop.c:64
#8  0x0000003e93c19185 in ped_disk_probe (dev=0x81e8d0) at disk.c:157
#9  0x0000003e93c19230 in ped_disk_new (dev=0x81e8d0) at disk.c:190
#10 0x000000000040692c in do_print (dev=0x7fffffffe378) at parted.c:1409
#11 0x000000000040c73c in non_interactive_mode (dev=0x7fffffffe378,
    cmd_list=<value optimized out>, argc=<value optimized out>,
    argv=<value optimized out>) at ui.c:1606
#12 0x000000000040aaa3 in main (argc=3, argv=0x7fffffffe480) at parted.c:2734

Here's the offending code:

 156                     search = ((PedSector) PED_BE32_TO_CPU (vh->total_blocks
 157                           * ( PED_BE32_TO_CPU (vh->block_size) / PED_SEC...
 158                           - 1;
 159                     if (!ped_geometry_set (geom_ret, geom_ret->start,
 160                                                    search + 2)
>161                         || !ped_geometry_read (geom_ret, buf, search, 1)

Both vh->total_blocks and vh->block_size are zero (as well as every
other byte of *vh), so search = -1, and ped_geometry_read aborts
when its third parameter, offset is negative.

It's trivial to avoid the failed assertion in this particular case,
[here's one way:]

--- ../libparted/fs/hfs/probe.c.~1~     2012-02-26 13:46:33.357842027 -0500
+++ ../libparted/fs/hfs/probe.c 2012-02-26 13:47:30.069592361 -0500
@@ -156,8 +156,9 @@
                search = ((PedSector) PED_BE32_TO_CPU (vh->total_blocks) - 1)
                      * ( PED_BE32_TO_CPU (vh->block_size) / 
PED_SECTOR_SIZE_DEFAULT )
                      - 1;
-               if (!ped_geometry_set (geom_ret, geom_ret->start,
-                                              search + 2)
+               if (search < 0
+                   || !ped_geometry_set (geom_ret, geom_ret->start,
+                                         search + 2)
                    || !ped_geometry_read (geom_ret, buf, search, 1)
                    || vh->signature != PED_CPU_TO_BE16 (HFSP_SIGNATURE)) {
                        ped_geometry_destroy (geom_ret);

but getting useful information about your partition tables will take
more work.  Note that while hfs/probe.c is still in the latest upstream
version control, it is no longer used, so I'm about to remove it.

With the above patch, parted-2.1 prints this:
(which is what the latest from git prints, too)

    $ ./parted -s AppleBoot-sparse.img u s p                            :
    Error: /tmp/AppleBoot-sparse.img: unrecognised disk label