fs::create_directories causes crashes in multiple places when lacking write permission #24953

issue mruddy openend this issue on April 23, 2022
  1. mruddy commented at 10:36 am on April 23, 2022: contributor

    Expected behavior

    I expected for the program to keep executing, or to shutdown gracefully, after having displayed and/or logged messages/warnings telling me that write permissions are lacking on the involved filesystem resources. This can affect attempting to write to directories outside of the normal bitcoin data directory and/or blocks directory, as seen in my second example below. The nastier crashes are like the ones in the GUI settings that could happen concurrent to data modification. Those could lead to data corruption when files are not flushed, and/or data gets out of synch.

    Actual behavior

    The program logged a runaway exception and immediately aborted.

    To reproduce

    This can be reproduced in multiple ways since there are many references to fs::create_directories. Also, crashes can result from restrictive umask settings too since some calls attempt to create directories multiple levels deep.

    Here are two easy ways:

    1. bitcoind “-blocksdir not writable”
      1. start with the command line: mkdir /tmp/blocks && chmod 0500 /tmp/blocks && ./src/bitcoind -blocksdir=/tmp/blocks
      2. the program will immediately crash with this logged in the console:
    0************************
1EXCEPTION: NSt10filesystem7__cxx1116filesystem_errorE       
2filesystem error: cannot create directories: Permission denied [/tmp/blocks/blocks]       
3bitcoin in AppInit()
    1. bitcoin-qt “Start Bitcoin Core on system login
      1. start with the command line: mkdir -p /tmp/btc && mkdir -p /tmp/crash && chmod 0500 /tmp/crash && XDG_CONFIG_HOME=/tmp/crash ./src/qt/bitcoin-qt -debug -datadir=/tmp/btc -connect=0
      2. in the GUI go to the Settings menu and select Options...
      3. check Start Bitcoin Core on system login settings
      4. click OK. you will be presented with the exception as: exception
      5. the console will show:
    0************************
1EXCEPTION: NSt10filesystem7__cxx1116filesystem_errorE       
2filesystem error: cannot create directories: Permission denied [/tmp/crash/autostart]       
3bitcoin in Runaway exception       
4
5bitcoin-qt: ./checkqueue.h:204: CCheckQueue<T>::~CCheckQueue() [with T = CScriptCheck]: Assertion `m_worker_threads.empty()' failed.
6Aborted (core dumped)

    System information

    This affects current master branch as of at least be7a5f2fc400e7a3ef72dedbdcf49dd6c96d4f9e. Tested on Ubuntu 21.10.

  2. mruddy added the label Bug on Apr 23, 2022
  3. laanwj commented at 1:05 pm on April 23, 2022: member

    I wouldn’t consider these as bugs. The error, and even the cause of the error “permission denied” is logged or printed, right? Sure, messages could always be nicer, but there’s an infinite amount of things that can be wrong with the file system, or underlying assumptions that could be broken, it’s not possible to special-case all of them.

    Edit: though I have to admit this unrelated assertion error is a bit strange:

    0bitcoin-qt: ./checkqueue.h:204: CCheckQueue<T>::~CCheckQueue() [with T = CScriptCheck]: Assertion `m_worker_threads.empty()' failed.
1Aborted (core dumped)
  4. laanwj removed the label Bug on Apr 23, 2022
  5. laanwj added the label Utils/log/libs on Apr 23, 2022
  6. laanwj added the label Data corruption on Apr 23, 2022
  7. laanwj removed the label Data corruption on Apr 23, 2022
  8. mruddy commented at 2:12 pm on April 23, 2022: contributor
    I think the 2nd example (the one in the GUI) is a good example that this is a bug because: 1) the crash can cause data loss, 2) it goes beyond the scope of thinking that everything in the data directory has to be writable by the node because it deals with a directory outside of the bitcoin node’s data directory. For that one, if you don’t set the env var XDG_CONFIG_HOME, like I did to make the test easily reproducible and lightweight, then the default will try to create $HOME/.config/autostart, if it does not exist. If this ends up not being considered a bug, then we should definitely document that having write permissions available on $HOME/.config is a prereq for bitcoin-qt to not crash suddenly.
  9. mruddy referenced this in commit 0d9e61a8d9 on Apr 27, 2022
  10. luke-jr referenced this in commit de8357419d on May 21, 2022
  11. luke-jr referenced this in commit 4d5beb2912 on May 22, 2022
  12. mruddy closed this on Jun 9, 2022
  13. DrahtBot locked this on Jun 9, 2023


mruddy laanwj

Labels
Utils/log/libs

github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2024-11-17 12:12 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me