Investigate SIGSEGV in CI - do not merge (dqlite 1.16.5)

.github/workflows/tests.yml

@@ -35,6 +35,7 @@ jobs:
       LD_LIBRARY_PATH: "/home/runner/go/bin/dqlite/libs/"
       LD_RUN_PATH: "/home/runner/go/bin/dqlite/libs/"
       CGO_LDFLAGS_ALLOW: "(-Wl,-wrap,pthread_create)|(-Wl,-z,now)"
+      GOTRACEBACK: "crash"
     name: Code
     runs-on: ubuntu-22.04
     steps:
@@ -211,6 +212,7 @@ jobs:
       LXD_VERBOSE: "1"
       LXD_OFFLINE: "1"
       LXD_TMPFS: "1"
+      GOTRACEBACK: "crash"
     name: System
     runs-on: ubuntu-22.04
     needs: code-tests
@@ -318,7 +320,7 @@ jobs:
           chmod +x ~
           echo "root:1000000:1000000000" | sudo tee /etc/subuid /etc/subgid
           cd test
-          sudo --preserve-env=PATH,GOPATH,GOCOVERDIR,GITHUB_ACTIONS,LXD_VERBOSE,LXD_BACKEND,LXD_CEPH_CLUSTER,LXD_CEPH_CEPHFS,LXD_CEPH_CEPHOBJECT_RADOSGW,LXD_OFFLINE,LXD_SKIP_TESTS,LXD_REQUIRED_TESTS, LXD_BACKEND=${{ matrix.backend }} ./main.sh ${{ matrix.suite }}
+          sudo --preserve-env=PATH,GOPATH,GOCOVERDIR,GITHUB_ACTIONS,LXD_VERBOSE,LXD_BACKEND,LXD_CEPH_CLUSTER,LXD_CEPH_CEPHFS,LXD_CEPH_CEPHOBJECT_RADOSGW,LXD_OFFLINE,LXD_SKIP_TESTS,LXD_REQUIRED_TESTS,GOTRACEBACK, LXD_BACKEND=${{ matrix.backend }} ./main.sh ${{ matrix.suite }}
 
       - name: Upload coverage data
         uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3

Makefile

@@ -13,7 +13,7 @@ SPHINXENV=doc/.sphinx/venv/bin/activate
 SPHINXPIPPATH=doc/.sphinx/venv/bin/pip
 GOMIN=1.22.7
 GOCOVERDIR ?= $(shell go env GOCOVERDIR)
-DQLITE_BRANCH=master
+DQLITE_BRANCH=v1.16.5
 
 ifneq "$(wildcard vendor)" ""
 	DQLITE_PATH=$(CURDIR)/vendor/dqlite
@@ -37,7 +37,7 @@ ifeq "$(TAG_SQLITE3)" ""
 endif
 
 ifeq "$(GOCOVERDIR)" ""
-	CC="$(CC)" CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" go install -v -tags "$(TAG_SQLITE3)" -trimpath $(DEBUG) ./lxd ./lxc-to-lxd
+	CC="$(CC)" CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" go install -v -tags "$(TAG_SQLITE3)" -trimpath $(DEBUG) -gcflags="all=-N -l" ./lxd ./lxc-to-lxd
 	CGO_ENABLED=0 go install -v -tags netgo -trimpath $(DEBUG) ./lxd-user ./lxd-benchmark
 else
 	CC="$(CC)" CGO_LDFLAGS_ALLOW="$(CGO_LDFLAGS_ALLOW)" go install -v -tags "$(TAG_SQLITE3)" -trimpath -cover $(DEBUG) ./lxd ./lxc-to-lxd
@@ -91,12 +91,13 @@ deps:
 	# dqlite (+raft)
 	@if [ ! -e "$(DQLITE_PATH)" ]; then \
 		echo "Retrieving dqlite from ${DQLITE_BRANCH} branch"; \
-		git clone --depth=1 --branch "${DQLITE_BRANCH}" "https://github.com/canonical/dqlite" "$(DQLITE_PATH)"; \
+		git clone --branch "${DQLITE_BRANCH}" "https://github.com/canonical/dqlite" "$(DQLITE_PATH)"; \
 	elif [ -e "$(DQLITE_PATH)/.git" ]; then \
 		echo "Updating existing dqlite branch"; \
 		cd "$(DQLITE_PATH)"; git pull; \
 	fi
 
+
 	cd "$(DQLITE_PATH)" && \
 		autoreconf -i && \
 		./configure --enable-build-raft && \

doc/metadata.txt

@@ -5999,7 +5999,7 @@ container or containers that use it. This allows using the `zfs` command in the
 : Grants permission to delete the instance.
 
 `can_view`
-: Grants permission to view the instance.
+: Grants permission to view the instance and any snapshots or backups it might have.
 
 `can_update_state`
 : Grants permission to change the instance state.
@@ -6365,7 +6365,7 @@ container or containers that use it. This allows using the `zfs` command in the
 : Grants permission to delete the storage volume.
 
 `can_view`
-: Grants permission to view the storage volume.
+: Grants permission to view the storage volume and any snapshots or backups it might have.
 
 `can_manage_snapshots`
 : Grants permission to create and delete snapshots of the storage volume.

go.mod

@@ -6,7 +6,7 @@ require (
 	github.com/NVIDIA/nvidia-container-toolkit v1.17.0
 	github.com/Rican7/retry v0.3.1
 	github.com/armon/go-proxyproto v0.1.0
-	github.com/canonical/go-dqlite/v3 v3.0.0
+	github.com/canonical/go-dqlite v1.22.0
 	github.com/checkpoint-restore/go-criu/v6 v6.3.0
 	github.com/dell/goscaleio v1.16.0
 	github.com/digitalocean/go-qemu v0.0.0-20230711162256-2e3d0186973e

lxd/auth/drivers/openfga.go

@@ -134,11 +134,6 @@ func (e *embeddedOpenFGA) CheckPermission(ctx context.Context, entityURL *api.UR
 		return fmt.Errorf("Failed to parse entity URL: %w", err)
 	}
 
-	err = auth.ValidateEntitlement(entityType, entitlement)
-	if err != nil {
-		return fmt.Errorf("Cannot check permissions for entity type %q and entitlement %q: %w", entityType, entitlement, err)
-	}
-
 	logCtx := logger.Ctx{"entity_url": entityURL.String(), "entitlement": entitlement}
 	ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
 	defer cancel()
@@ -324,11 +319,6 @@ func (e *embeddedOpenFGA) CheckPermission(ctx context.Context, entityURL *api.UR
 // this function is called. The returned auth.PermissionChecker will expect entity URLs to contain the request URL. These
 // will be re-written to contain the effective project if set, so that they correspond to the list returned by OpenFGA.
 func (e *embeddedOpenFGA) GetPermissionChecker(ctx context.Context, entitlement auth.Entitlement, entityType entity.Type) (auth.PermissionChecker, error) {
-	err := auth.ValidateEntitlement(entityType, entitlement)
-	if err != nil {
-		return nil, fmt.Errorf("Cannot get a permission checker for entity type %q and entitlement %q: %w", entityType, entitlement, err)
-	}
-
 	logCtx := logger.Ctx{"entity_type": entityType, "entitlement": entitlement}
 	ctx, cancel := context.WithTimeout(ctx, 5*time.Second)
 	defer cancel()

lxd/auth/drivers/openfga_model.openfga

@@ -366,7 +366,7 @@ type instance
     # Grants permission to delete the instance.
     define can_delete: [identity, service_account, group#member] or can_delete_instances from project
 
-    # Grants permission to view the instance.
+    # Grants permission to view the instance and any snapshots or backups it might have.
     define can_view: [identity, service_account, group#member] or user or operator or can_edit or can_delete or can_view_instances from project
 
     # Grants permission to change the instance state.
@@ -389,6 +389,21 @@ type instance
 
     # Grants permission to start a terminal session.
     define can_exec: [identity, service_account, group#member] or user or operator or can_operate_instances from project
+
+type instance_snapshot
+  relations
+    define instance: [instance]
+    define can_view: can_view from instance
+    define can_edit: can_manage_snapshots from instance
+    define can_delete: can_manage_snapshots from instance
+
+type instance_backup
+  relations
+    define instance: [instance]
+    define can_view: can_view from instance
+    define can_edit: can_manage_backups from instance
+    define can_delete: can_manage_backups from instance
+
 type network
   relations
     define project: [project]
@@ -447,14 +462,29 @@ type storage_volume
     # Grants permission to delete the storage volume.
     define can_delete: [identity, service_account, group#member] or can_delete_storage_volumes from project
 
-    # Grants permission to view the storage volume.
+    # Grants permission to view the storage volume and any snapshots or backups it might have.
     define can_view: [identity, service_account, group#member] or can_edit or can_delete or can_view_storage_volumes from project
 
     # Grants permission to create and delete snapshots of the storage volume.
     define can_manage_snapshots: [identity, service_account, group#member] or can_edit_storage_volumes from project
 
     # Grants permission to create and delete backups of the storage volume.
     define can_manage_backups: [identity, service_account, group#member] or can_edit_storage_volumes from project
+
+type storage_volume_snapshot
+  relations
+    define storage_volume: [storage_volume]
+    define can_view: can_view from storage_volume
+    define can_edit: can_manage_snapshots from storage_volume
+    define can_delete: can_manage_snapshots from storage_volume
+
+type storage_volume_backup
+  relations
+    define storage_volume: [storage_volume]
+    define can_view: can_view from storage_volume
+    define can_edit: can_manage_backups from storage_volume
+    define can_delete: can_manage_backups from storage_volume
+
 type storage_bucket
   relations
     define project: [project]

lxd/cluster/gateway.go

@@ -16,8 +16,8 @@ import (
 	"sync"
 	"time"
 
-	"github.com/canonical/go-dqlite/v3"
-	"github.com/canonical/go-dqlite/v3/client"
+	"github.com/canonical/go-dqlite"
+	"github.com/canonical/go-dqlite/client"
 
 	"github.com/canonical/lxd/lxd/db"
 	"github.com/canonical/lxd/lxd/identity"
@@ -517,7 +517,7 @@ func (g *Gateway) DemoteOfflineNode(raftID uint64) error {
 
 // Shutdown this gateway, stopping the gRPC server and possibly the raft factory.
 func (g *Gateway) Shutdown() error {
-	logger.Info("Stop database gateway")
+	logger.Infof("Stop database gateway")
 
 	var err error
 	if g.server != nil {
@@ -533,18 +533,6 @@ func (g *Gateway) Shutdown() error {
 		g.lock.Lock()
 		g.memoryDial = nil
 		g.lock.Unlock()
-
-		// Record the raft term and index in the logs on every shutdown. This
-		// allows an administrator to determine the furthest-ahead cluster member
-		// in case recovery is needed.
-		lastEntryInfo, err := dqlite.ReadLastEntryInfo(g.db.Dir())
-		if err != nil {
-			return err
-		}
-
-		// This isn't really a warning, but it's important that this break through
-		// the snap's default log level of 'Warn'.
-		logger.Warn("Dqlite last entry", logger.Ctx{"term": lastEntryInfo.Term, "index": lastEntryInfo.Index})
 	}
 
 	return err

lxd/cluster/gateway_test.go

@@ -10,7 +10,7 @@ import (
 	"os"
 	"testing"
 
-	"github.com/canonical/go-dqlite/v3/driver"
+	"github.com/canonical/go-dqlite/driver"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 

lxd/cluster/heartbeat_test.go

@@ -7,7 +7,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/canonical/go-dqlite/v3/driver"
+	"github.com/canonical/go-dqlite/driver"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 

lxd/cluster/membership.go

@@ -12,8 +12,8 @@ import (
 	"sync"
 	"time"
 
-	"github.com/canonical/go-dqlite/v3/app"
-	"github.com/canonical/go-dqlite/v3/client"
+	"github.com/canonical/go-dqlite/app"
+	"github.com/canonical/go-dqlite/client"
 
 	"github.com/canonical/lxd/lxd/certificate"
 	"github.com/canonical/lxd/lxd/db"

lxd/cluster/membership_test.go

@@ -10,7 +10,7 @@ import (
 	"testing"
 	"time"
 
-	"github.com/canonical/go-dqlite/v3/driver"
+	"github.com/canonical/go-dqlite/driver"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"
 

lxd/cluster/raft_test.go

@@ -6,7 +6,7 @@ import (
 	"net/http/httptest"
 	"testing"
 
-	"github.com/canonical/go-dqlite/v3/client"
+	"github.com/canonical/go-dqlite/client"
 	"github.com/stretchr/testify/require"
 
 	"github.com/canonical/lxd/lxd/db"

lxd/cluster/recover.go

@@ -14,8 +14,8 @@ import (
 	"strings"
 	"time"
 
-	dqlite "github.com/canonical/go-dqlite/v3"
-	"github.com/canonical/go-dqlite/v3/client"
+	dqlite "github.com/canonical/go-dqlite"
+	"github.com/canonical/go-dqlite/client"
 	"gopkg.in/yaml.v2"
 
 	"github.com/canonical/lxd/lxd/db"

lxd/cluster/upgrade.go

@@ -8,7 +8,7 @@ import (
 	"os"
 	"time"
 
-	"github.com/canonical/go-dqlite/v3/client"
+	"github.com/canonical/go-dqlite/client"
 
 	"github.com/canonical/lxd/client"
 	"github.com/canonical/lxd/lxd/db"

lxd/cluster/upgrade_test.go

@@ -10,8 +10,8 @@ import (
 	"testing"
 	"time"
 
-	"github.com/canonical/go-dqlite/v3/client"
-	"github.com/canonical/go-dqlite/v3/driver"
+	"github.com/canonical/go-dqlite/client"
+	"github.com/canonical/go-dqlite/driver"
 	"github.com/stretchr/testify/assert"
 	"github.com/stretchr/testify/require"