Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 587230 - app-emulation/qemu - sys-apps/install-xattr segfaults in qemu-arm-user
Summary: app-emulation/qemu - sys-apps/install-xattr segfaults in qemu-arm-user
Status: CONFIRMED
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Current packages (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: John Helmert III
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2016-06-27 11:02 UTC by Sergey 'L29Ah' Alirzaev
Modified: 2022-04-21 23:46 UTC (History)
8 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments
test.c (test.c,501 bytes, text/x-csrc)
2020-08-08 19:39 UTC, Andrew Aladjev
Details
incomplete patch (linux_user_syscall_proc.patch,10.53 KB, patch)
2020-08-13 20:49 UTC, Andrew Aladjev
Details | Diff
patch for qemu v5.0.0 (linux_user_syscall_proc.patch,13.52 KB, patch)
2020-08-16 16:58 UTC, Andrew Aladjev
Details | Diff
final patch for qemu 5.1.0 (execfd.patch,9.20 KB, patch)
2020-09-07 18:06 UTC, Andrew Aladjev
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Sergey 'L29Ah' Alirzaev 2016-06-27 11:02:49 UTC
Okay, i'm in the http://distfiles.gentoo.org/experimental/arm/musl/stage3-armv7a_hardfp-musl-vanilla-20160606.tar.bz2 chroot, using qemu-2.6.0 on a hardened amd64 glibc gentoo linux host.

# /usr/bin/install-xattr
Segmentation fault

BUT

# qemu-arm /usr/bin/install-xattr
/usr/bin/install: missing file operand
Try '/usr/bin/install --help' for more information.
Comment 1 Mike Gilbert gentoo-dev 2016-07-13 00:35:13 UTC
Your description of the problem is not sufficent. Please provide more detail on how to reproduce the problem.
Comment 2 Sergey 'L29Ah' Alirzaev 2016-07-13 11:27:32 UTC
emerge qemu w/ arm target and static-user
# /etc/init.d/qemu-binfmt start
Get the stage3.
Unpack it.
# cp /usr/bin/qemu-arm stage3/usr/bin/qemu-arm
# chroot stage3 /bin/bash
# install-xattr
Comment 3 Mike Gilbert gentoo-dev 2016-07-16 15:34:47 UTC
Do most other binaries work? If so, this would be more likely a bug in intall-xattr than in qemu.
Comment 4 Sergey 'L29Ah' Alirzaev 2016-07-16 15:36:19 UTC
(In reply to Mike Gilbert from comment #3)
> Do most other binaries work? If so, this would be more likely a bug in
> intall-xattr than in qemu.

Yes, at least it succeeds in compiling a basic system for me.
Comment 5 Anthony Basile gentoo-dev 2016-07-16 17:16:42 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #4)
> (In reply to Mike Gilbert from comment #3)
> > Do most other binaries work? If so, this would be more likely a bug in
> > intall-xattr than in qemu.
> 
> Yes, at least it succeeds in compiling a basic system for me.

I don't get this because the stage3 wouldn't even build if install-xattr seg faulted.  I build on native hardware.

Can you get me a strace and a backtrace with gdb?
Comment 6 Sergey 'L29Ah' Alirzaev 2016-07-16 20:00:43 UTC
Somehow it started to "work". I guess that's because i've built qemu with USE=debug or updated my kernel:

l29ah-x201 / # install-xattr
install-xattr: failed to find 'install' in PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/armv7a-hardfloat-linux-musleabi/gcc-bin/4.9.3: No such file or directory
l29ah-x201 / # which install
/usr/bin/install
l29ah-x201 / # install
/usr/bin/install: missing file operand
Try '/usr/bin/install --help' for more information.
l29ah-x201 / # /usr/bin/install
/usr/bin/install: missing file operand
Try '/usr/bin/install --help' for more information.
l29ah-x201 / # strace install-xattr
qemu: Unsupported syscall: 26
qemu: Unsupported syscall: 26
/usr/bin/strace: ptrace(PTRACE_TRACEME, ...): Function not implemented
+++ exited with 1 +++


Removed the flag, but it refuses to build now (maybe because of upgrading to dev-libs/glib-2.48.1):

>>> Starting src_configure
../configure --prefix=/usr --sysconfdir=/etc --libdir=/usr/lib64 --docdir=/usr/share/doc/qemu-2.6.0/html --disable-bsd-user --disable-guest-agent --disable-strip --disable-werror --disable-gcrypt --python=/usr/bin/python2.7 --cc=x86_64-pc-linux-gnu-gcc --cxx=x86_64-pc-linux-gnu-g++ --host-cc=x86_64-pc-linux-gnu-gcc --disable-debug-info --disable-debug-tcg --enable-docs --disable-tcg-interpreter --enable-attr --disable-brlapi --enable-linux-aio --disable-bluez --enable-cap-ng --enable-curl --enable-fdt --disable-glusterfs --disable-gnutls --disable-nettle --disable-gtk --disable-rdma --disable-libiscsi --enable-vnc-jpeg --enable-kvm --disable-lzo --enable-curses --disable-libnfs --disable-numa --enable-opengl --enable-vnc-png --disable-rbd --disable-vnc-sasl --disable-sdl --disable-seccomp --disable-smartcard --disable-snappy --enable-spice --disable-libssh2 --enable-libusb --disable-usb-redir --enable-uuid --disable-vde --enable-vhost-net --disable-virglrenderer --enable-virtfs --enable-vnc --disable-vte --disable-xen --disable-xen-pci-passthrough --disable-xfsctl --disable-linux-user --enable-system --with-system-pixman --audio-drv-list=alsa,oss --target-list=i386-softmmu,x86_64-softmmu --enable-pie
Install prefix    /usr
BIOS directory    /usr/share/qemu
binary directory  /usr/bin
library directory /usr/lib64
module directory  /usr/lib64/qemu
libexec directory /usr/libexec
include directory /usr/include
config directory  /etc
local state directory   /usr/var
Manual directory  /usr/share/man
ELF interp prefix /usr/gnemul/qemu-%M
Source path       /var/tmp/paludis/app-emulation-qemu-2.6.0/work/qemu-2.6.0
C compiler        x86_64-pc-linux-gnu-gcc
Host C compiler   x86_64-pc-linux-gnu-gcc
C++ compiler      x86_64-pc-linux-gnu-g++
Objective-C compiler clang
ARFLAGS           rv
CFLAGS            -pthread -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -O2 -pipe -O2 -pipe -march=native
QEMU_CFLAGS       -I/usr/include/pixman-1  -fPIE -DPIE -m64 -D_GNU_SOURCE -D_FILE_OFFSET_BITS=64 -D_LARGEFILE_SOURCE -Wstrict-prototypes -Wredundant-decls -Wall -Wundef -Wwrite-strings -Wmissing-prototypes -fno-strict-aliasing -fno-common  -Wendif-labels -Wmissing-include-dirs -Wempty-body -Wnested-externs -Wformat-security -Wformat-y2k -Winit-self -Wignored-qualifiers -Wold-style-declaration -Wold-style-definition -Wtype-limits -fstack-protector-strong  -I/usr/include/libpng16 -I/usr/include/spice-server -I/usr/include/glib-2.0 -I/usr/lib64/glib-2.0/include -I/usr/include/pixman-1 -I/usr/include/spice-1 -I/usr/include/libusb-1.0
LDFLAGS           -Wl,--warn-common -Wl,-z,relro -Wl,-z,now -pie -m64 -Wl,-O1 -Wl,--as-needed
make              make
install           install
python            /usr/bin/python2.7 -B
smbd              /usr/sbin/smbd
module support    no
host CPU          x86_64
host big endian   no
target list       i386-softmmu x86_64-softmmu
tcg debug enabled no
gprof enabled     no
sparse enabled    no
strip binaries    no
profiler          no
static build      no
pixman            system
SDL support       no
GTK support       no
GTK GL support    no
GNUTLS support    no
GNUTLS hash       no
GNUTLS rnd        no
libgcrypt         no
libgcrypt kdf     no
nettle            no
nettle kdf        no
libtasn1          yes
VTE support       no
curses support    yes
virgl support     no
curl support      yes
mingw32 support   no
Audio drivers     alsa oss
Block whitelist (rw) 
Block whitelist (ro) 
VirtFS support    yes
VNC support       yes
VNC SASL support  no
VNC JPEG support  yes
VNC PNG support   yes
xen support       no
brlapi support    no
bluez  support    no
Documentation     yes
PIE               yes
vde support       no
netmap support    no
Linux AIO support yes
ATTR/XATTR support yes
Install blobs     yes
KVM support       yes
RDMA support      no
TCG interpreter   no
fdt support       yes
preadv support    yes
fdatasync         yes
madvise           yes
posix_madvise     yes
sigev_thread_id   yes
uuid support      yes
libcap-ng support yes
vhost-net support yes
vhost-scsi support yes
Trace backends    log
spice support     yes (0.12.11/0.13.1)
rbd support       no
xfsctl support    no
smartcard support no
libusb            yes
usb net redir     no
OpenGL support    yes
OpenGL dmabufs    yes
libiscsi support  no
libnfs support    no
build guest agent no
QGA VSS support   no
QGA w32 disk info no
QGA MSI support   no
seccomp support   no
coroutine backend ucontext
coroutine pool    yes
GlusterFS support no
Archipelago support no
gcov              gcov
gcov enabled      no
TPM support       yes
libssh2 support   no
TPM passthrough   yes
QOM debugging     yes
vhdx              yes
lzo support       no
snappy support    no
bzip2 support     yes
NUMA host support no
tcmalloc support  no
jemalloc support  no
avx2 optimization yes
../configure --prefix=/usr --sysconfdir=/etc --libdir=/usr/lib64 --docdir=/usr/share/doc/qemu-2.6.0/html --disable-bsd-user --disable-guest-agent --disable-strip --disable-werror --disable-gcrypt --python=/usr/bin/python2.7 --cc=x86_64-pc-linux-gnu-gcc --cxx=x86_64-pc-linux-gnu-g++ --host-cc=x86_64-pc-linux-gnu-gcc --disable-debug-info --disable-debug-tcg --enable-docs --disable-tcg-interpreter --enable-attr --disable-brlapi --disable-linux-aio --disable-bluez --disable-cap-ng --disable-curl --disable-fdt --disable-glusterfs --disable-gnutls --disable-nettle --disable-gtk --disable-rdma --disable-libiscsi --disable-vnc-jpeg --disable-kvm --disable-lzo --disable-curses --disable-libnfs --disable-numa --disable-opengl --disable-vnc-png --disable-rbd --disable-vnc-sasl --disable-sdl --disable-seccomp --disable-smartcard --disable-snappy --disable-spice --disable-libssh2 --disable-libusb --disable-usb-redir --disable-uuid --disable-vde --disable-vhost-net --disable-virglrenderer --disable-virtfs --disable-vnc --disable-vte --disable-xen --disable-xen-pci-passthrough --disable-xfsctl --enable-linux-user --disable-system --disable-blobs --disable-tools --target-list=arm-linux-user,i386-linux-user,x86_64-linux-user --static --disable-pie

Error:
  * In program /usr/bin/cave --colour yes perform install --hooks --managed-output --output-exclusivity with-others =app-emulation/qemu-2.6.0:0::gentoo --destination installed --replacing =app-emulation/qemu-2.6.0:0::installed --x-of-y 1 of 1:
  * When installing 'app-emulation/qemu-2.6.0:0::gentoo' replacing { 'app-emulation/qemu-2.6.0:0::installed' }:
  * When running an ebuild command on 'app-emulation/qemu-2.6.0:0::gentoo':
  * Install failed for 'app-emulation/qemu-2.6.0:0::gentoo' (paludis::ActionFailedError)


ERROR: sizeof(size_t) doesn't match GLIB_SIZEOF_SIZE_T.
       You probably need to set PKG_CONFIG_LIBDIR
       to point to the right pkg-config files for your
       build target
Comment 7 Anthony Basile gentoo-dev 2016-07-16 21:55:59 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #6)

> l29ah-x201 / # strace install-xattr
> qemu: Unsupported syscall: 26
> qemu: Unsupported syscall: 26
> /usr/bin/strace: ptrace(PTRACE_TRACEME, ...): Function not implemented
> +++ exited with 1 +++

I've seen this happen before with qemu + arm, but I forget the details.  There's nothing to fix in musl or install-xattr.

Unless you can narrow it more and want to pursue this with qemu, we should close this  bug.
Comment 8 Anthony Basile gentoo-dev 2016-07-16 21:58:58 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #6)
> Somehow it started to "work". I guess that's because i've built qemu with
> USE=debug or updated my kernel:

Sorry I quoted the wrong section in my previous comment making it sound like I was referring to the failed strace.  That's because of a missing sys_ptrace, which is unrelated to the original seg fault.
Comment 9 SpanKY gentoo-dev 2016-07-17 14:59:47 UTC
(In reply to Anthony Basile from comment #8)

correct, strace is not usable under qemu

you can try exporting QEMU_STRACE=1 though and qemu itself will do the syscall tracing for you
Comment 10 Anthony Basile gentoo-dev 2016-07-18 09:17:23 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #6)
> Somehow it started to "work". I guess that's because i've built qemu with
> USE=debug or updated my kernel:

I just tested on native hardware, exact same stage as above, and it worked.  I think this is a problem with qemu+arm.
Comment 11 Sergey 'L29Ah' Alirzaev 2016-07-18 11:05:07 UTC
So what's invalid about the report?
Comment 12 Anthony Basile gentoo-dev 2016-07-18 11:46:07 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #11)
> So what's invalid about the report?

(In reply to Sergey 'L29Ah' Alirzaev from comment #6)
> Somehow it started to "work".

This is in contradiction to the title.

INVALID doesn't mean you didn't hit some problem, just that there's nothing here to act on.  We don't have any better category to use.  Its not NEEDINFO because install-xattr works, nor is it an identified bug in qemu. So ...?
Comment 13 Sergey 'L29Ah' Alirzaev 2016-07-18 15:38:21 UTC
(In reply to Anthony Basile from comment #12)
> (In reply to Sergey 'L29Ah' Alirzaev from comment #11)
> > So what's invalid about the report?
> 
> (In reply to Sergey 'L29Ah' Alirzaev from comment #6)
> > Somehow it started to "work".
> 
> This is in contradiction to the title.

"Work" ≠ work.

> INVALID doesn't mean you didn't hit some problem, just that there's nothing
> here to act on.  We don't have any better category to use.  Its not NEEDINFO
> because install-xattr works, nor is it an identified bug in qemu. So ...?

# QEMU_STRACE=1 install-xattr
18111 set_tid_address(-159391584,0,1,-159391204,-159391612,-150999136) = 18111
18111 mprotect(0xf67fb000,4096,PROT_READ) = 0
18111 mprotect(0x00021000,4096,PROT_READ) = 0
18111 open("/proc/self/exe",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = 3
18111 readlink("/proc/self/fd/3",0xf6ffde88,4095) = -1 errno=2 (No such file or directory)
18111 close(3) = -1 errno=9 (Bad file descriptor)
18111 rt_sigprocmask(SIG_BLOCK,0xf67ead50,0xf6ffee10) = 0
18111 fork() = 18114
 = 0
18111 rt_sigprocmask(SIG_SETMASK,0xf6ffee10,NULL) = 0
18114 gettid(0,-159470256,-150999536,-159391408,0,-150999536) = 18114
18114 rt_sigprocmask(SIG_SETMASK,0xf6ffee10,NULL) = 0
18111 wait4(-1,-150999372,0,0,0,0)18114 open("/root/bin//install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/local/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/local/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = 3
18114 readlink("/proc/self/fd/3",0xf6ffdde8,4095) = -1 errno=2 (No such file or directory)
18114 close(3) = 0
18114 open("/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/local/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/local/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = 3
18114 readlink("/proc/self/fd/3",0xf6ffdde8,4095) = -1 errno=2 (No such file or directory)
18114 close(3) = 0
18114 open("/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/opt/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/x86_64-pc-linux-gnu/gcc-bin/4.9.3/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/usr/lib/plan9/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 open("/opt/eagle-5.11.0/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
18114 writev(2,0xf6ffec80,0x2)install-xattr:  = 15
18114 writev(2,0xf6ffe9a0,0x2)failed to find 'install' in PATH=/root/bin/:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/bin:/usr/x86_64-pc-linux-gnu/gcc-bin/4.9.3:/usr/lib/plan9/bin:/opt/eagle-5.11.0/bin = 254
18114 writev(2,0xf6ffec98,0x2) = 0
18114 writev(2,0xf6ffed70,0x2):  = 2
18114 writev(2,0xf6ffed78,0x2)No such file or directory = 25
18114 writev(2,0xf6ffeda0,0x2)
 = 1
18114 exit_group(1)
 = 18114
18111 exit_group(1)


Okay, i've mounted /proc:


# QEMU_STRACE=1 install-xattr
20776 set_tid_address(-159391584,0,1,-159391204,-159391612,-150999136) = 20776
20776 mprotect(0xf67fb000,4096,PROT_READ) = 0
20776 mprotect(0x00021000,4096,PROT_READ) = 0
20776 open("/proc/self/exe",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = 3
20776 readlink("/proc/self/fd/3",0xf6ffde88,4095) = -1 errno=2 (No such file or directory)
20776 close(3) = -1 errno=9 (Bad file descriptor)
20776 rt_sigprocmask(SIG_BLOCK,0xf67ead50,0xf6ffee10) = 0
20776 fork() = 20779
 = 0
20779 gettid(0,-159470256,-150999536,-159391408,0,-150999536) = 20779
20779 rt_sigprocmask(SIG_SETMASK,0xf6ffee10,NULL) = 0
20776 rt_sigprocmask(SIG_SETMASK,0xf6ffee10,NULL) = 0
20779 open("/root/bin//install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
20776 20779 open("/usr/local/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
20779 open("/usr/local/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
20779 open("/usr/sbin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = -1 errno=2 (No such file or directory)
20779 wait4(-1,-150999372,0,0,0,0)open("/usr/bin/install",O_RDONLY|O_LARGEFILE|O_NONBLOCK|O_CLOEXEC|O_PATH) = 3
20779 readlink("/proc/self/fd/3",0xf6ffdde8,4095) = 16
20779 fstat64(3,0xf6ffdd18) = 0
20779 stat64("/usr/bin/install",0xf6ffdd80) = 0
20779 close(3) = 0
 = 20779
20776 getpid() = 20776
20776 kill(20776,SIGSEGV)Segmentation fault (core dumped)


Not sure what to do next.
Comment 14 Anthony Basile gentoo-dev 2016-07-18 16:26:51 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #13)
> (In reply to Anthony Basile from comment #12)
> > (In reply to Sergey 'L29Ah' Alirzaev from comment #11)
> > > So what's invalid about the report?
> > 
> > (In reply to Sergey 'L29Ah' Alirzaev from comment #6)
> > > Somehow it started to "work".
> > 
> > This is in contradiction to the title.
> 
> "Work" ≠ work.
> 

I misunderstood.  

> 
> 
> Not sure what to do next.

If I have time I'll try to reproduce in qemu.  As I said, this works in native hardware.  The only other thing I can think of is to use gdb and get a backtrace so I can see where it happens.
Comment 15 Mike Gilbert gentoo-dev 2016-07-18 16:28:27 UTC
Does that core dump actually get written anywhere? Maybe it would be possible to feed that to gdb somehow and get a backtrace?
Comment 16 Anthony Basile gentoo-dev 2016-07-19 13:18:49 UTC
(In reply to Mike Gilbert from comment #15)
> Does that core dump actually get written anywhere? Maybe it would be
> possible to feed that to gdb somehow and get a backtrace?

I could analyze a core dump.
Comment 17 SpanKY gentoo-dev 2016-07-19 14:38:39 UTC
(In reply to Sergey 'L29Ah' Alirzaev from comment #13)

running under a system where /proc or /sys isn't mounted isn't supported.  if you hit a crash, that's unfortunate, but your system is misconfigured.

you can also use QEMU_GDB to tell the new instance to sleep until a gdb connection is made.  then connect a cross-gdb (from outside the chroot) and try to get a backtrace that way.
Comment 18 Sergei Trofimovich (RETIRED) gentoo-dev 2019-12-19 23:01:59 UTC
Is it still an issue?
Comment 19 Andrew Aladjev 2020-03-13 23:27:18 UTC
Yes, It is easy to reproduce this issue today.

"/usr/aarch64-gentoo-linux-musl/usr/bin/install-xattr --version" = segfault.
"qemu-aarch64 /usr/aarch64-gentoo-linux-musl/usr/bin/install-xattr --version" = works fine.

This issue is related to qemu code execution. I don't know even how to start debugging it. I will try to find tail that is possible to pull, but I can't guarantee result. We may need qemu core developers here.
Comment 20 Sergei Trofimovich (RETIRED) gentoo-dev 2020-03-14 00:10:29 UTC
You can use QEMU_GDB and more low-level options like '-d in_asm' to see where crash happens.
Comment 21 Sergei Trofimovich (RETIRED) gentoo-dev 2020-04-19 11:54:24 UTC
(In reply to Andrew Aladjev from comment #19)
> Yes, It is easy to reproduce this issue today.
> 
> "/usr/aarch64-gentoo-linux-musl/usr/bin/install-xattr --version" = segfault.
> "qemu-aarch64 /usr/aarch64-gentoo-linux-musl/usr/bin/install-xattr
> --version" = works fine.

You might want to double-check how binfmt hook actually executes qemu. Lack of library search path is suspicious. qemu probably pulls in from host too much. strace would show.

Here it Just Works:

"""
$ LANG=C /usr/bin/qemu-aarch64 -L /usr/aarch64-gentoo-linux-musl/ /usr/aarch64-gentoo-linux-musl/usr/bin/install-xattr --version
install (GNU coreutils) 8.32
Packaged by Gentoo (8.32-r1 (p0))
Copyright (C) 2020 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <https://gnu.org/licenses/gpl.html>.
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.

Written by David MacKenzie.
"""

> This issue is related to qemu code execution. I don't know even how to start
> debugging it. I will try to find tail that is possible to pull, but I can't
> guarantee result. We may need qemu core developers here.

Given that there was no backtrace or core dump provided I'm closing as WORKSFORME. Feel free to reopen if you get one.
Comment 22 Andrew Aladjev 2020-04-19 12:55:47 UTC
For now I am too busy. I will work on this issue a bit later. Thank you.
Comment 23 Andrew Aladjev 2020-08-08 15:01:07 UTC
Hello. I've found the reason of this bug, the following line makes segfault:

if (!strcmp(mypath, canpath))

"mypath" is NULL, we can see that qemu + musl library provides the following result for realpath:

realpath("/proc/self/exe", NULL) == NULL

I will try to diff implementations of realpath in glibc and musl.
Comment 24 Anthony Basile gentoo-dev 2020-08-08 15:37:08 UTC
(In reply to Andrew Aladjev from comment #23)
> Hello. I've found the reason of this bug, the following line makes segfault:
> 
> if (!strcmp(mypath, canpath))
> 
> "mypath" is NULL, we can see that qemu + musl library provides the following
> result for realpath:
> 
> realpath("/proc/self/exe", NULL) == NULL
> 
> I will try to diff implementations of realpath in glibc and musl.

Thanks, this is very useful.
Comment 25 Andrew Aladjev 2020-08-08 19:38:31 UTC
https://github.com/ifduyue/musl/blob/master/src/misc/realpath.c#L23-L27

I am going to share a way how to reproduce this issue. For now I have 2 containers: aarch64-unknown-linux-gnu and aarch64-gentoo-linux-musl, they are using same software versions, only one difference is libc.

gcc /tmp/test.c -o /tmp/test && strace /tmp/test

native result:
openat(AT_FDCWD, "/proc/self/exe", O_RDONLY|O_PATH) = 3
readlinkat(AT_FDCWD, "/proc/self/fd/3", "/tmp/test", 512) = 9
write(2, "resolved path 0x560f71e2e2a0

gcc /tmp/test.c -o /tmp/test && QEMU_STRACE=1 /tmp/test

aarch64-unknown-linux-gnu result:
1 openat(AT_FDCWD,"/proc/self/exe",O_RDONLY|O_PATH) = 3
1 readlinkat(-100,"/proc/self/fd/3",0x0000005501812a58,512) = -1 errno=2 (No such file or directory)
resolved path 0x55000122a0

aarch64-gentoo-linux-musl result:
1 openat(AT_FDCWD,"/proc/self/exe",O_RDONLY|O_NONBLOCK|O_CLOEXEC|O_PATH|0x20000) = 3
1 readlinkat(AT_FDCWD,"/proc/self/fd/3",0x0000005501811950,4095) = -1 errno=2 (No such file or directory)
resolved path 0

We can see that open + readlinkat approach is working on native machine only. But there is some hand from the dark in qemu container that takes glibc realpath and returns right result. I think that this hand is qemu itself, but not sure.

Funny picture =) https://i.imgur.com/s4SiKSL.jpg
Comment 26 Andrew Aladjev 2020-08-08 19:39:38 UTC
Created attachment 653834 [details]
test.c
Comment 27 Andrew Aladjev 2020-08-08 20:09:49 UTC
I've just read qemu code a bit and can explain what happens. Please read the following code:

https://github.com/qemu/qemu/blob/master/linux-user/syscall.c#L7485-L7507

Function "is_proc_myself" doesn't depend on anything related from qemu. You can just copy it to your test file and verify that:

filename: "/proc/self/exe", entry: "exe" - passed
filename: "/proc/<getpid>/exe", entry: "exe" - passed
filename: "/proc/self/fd/<getpid>", entry: "exe" - failed

It means that qemu today can't bypass readlink with filename "/proc/self/fd/<getpid>", so musl way won't work. Only legacy glibc way will work.
Comment 28 Andrew Aladjev 2020-08-12 21:27:42 UTC
I've found a way how to implement exe fd mapping in easy way.

if (is_proc_myself(pathname, "exe")) {
  int execfd = qemu_getauxval(AT_EXECFD);
  return execfd ? execfd : safe_openat(dirfd, exec_path, flags, mode);
}

You can just try to open open("/proc/self/exe", O_PATH) twice: native system will give you two different fds, but qemu will always return single fd.

So we are sure that only one "/proc/self/fd/<global_execfd>" should be treated as "/proc/self/exe".

I am going to think how to refactor "syscall_proc" staff and patch will be ready soon.
Comment 29 Andrew Aladjev 2020-08-13 20:49:33 UTC
Created attachment 654506 [details, diff]
incomplete patch
Comment 30 Andrew Aladjev 2020-08-13 20:52:43 UTC
Unfortunatelly this patch is not enough to fix this issue:

1 openat(AT_FDCWD,"/proc/self/exe",O_RDONLY|O_PATH|0x20000) = 3
1 openat(AT_FDCWD,"/proc/self/exe",O_RDONLY|O_PATH|0x20000) = 3
1 fstat(3,0x0000005501812650) = -1 errno=9 (Bad file descriptor)
1 fcntl(3,F_GETFD) = -1 errno=9 (Bad file descriptor)
1 fstat(3,0x0000005501812650) = -1 errno=9 (Bad file descriptor)
1 fcntl(3,F_GETFD) = -1 errno=9 (Bad file descriptor)
1 readlinkat(AT_FDCWD,"/proc/self/exe",0x0000005501812b78,512) = 9
1 readlinkat(AT_FDCWD,"/proc/self/fd/3",0x0000005501812b78,512) = 9
1 readlinkat(AT_FDCWD,"/proc/self/fd/3",0x0000005501812b78,512) = 9
1 close(3) = -1 errno=9 (Bad file descriptor)
1 close(3) = -1 errno=9 (Bad file descriptor

"openat" + "readlinkat" works fine, but "fstat" + "fcntl" ("close" too) is still broken. There is another bug here, it is related to "execfd" (equals "3" in example) behaviour.
Comment 31 Andrew Aladjev 2020-08-16 16:58:50 UTC
Created attachment 654982 [details, diff]
patch for qemu v5.0.0
Comment 32 Andrew Aladjev 2020-08-16 17:02:19 UTC
Patch works fine for aarch64-gentoo-linux-musl, I will try to send it to qemu team.
Comment 33 Joakim Tjernlund 2020-08-17 15:00:23 UTC
(In reply to Andrew Aladjev from comment #32)
> Patch works fine for aarch64-gentoo-linux-musl, I will try to send it to
> qemu team.

Great, had a look at your patch and it is white space damaged. You
will want to clean that up before submitting it to QEMU
Comment 34 Andrew Aladjev 2020-08-17 15:05:01 UTC
I've submited updated patch here, please review.

https://lists.gnu.org/archive/html/qemu-devel/2020-08/msg03249.html
Comment 35 Andrew Aladjev 2020-09-07 18:06:09 UTC
Created attachment 659016 [details, diff]
final patch for qemu 5.1.0
Comment 36 Ed Wildgoose 2020-11-06 17:37:48 UTC
Apologies for the "me too" comment, but I just hit precisely this problem. For the benefit of google I initial saw this as more "segfault running install under qemu-arm". However, after finding this bug I realised it's the more subtle.

Thanks for working this solution. I can confirm it resolves my segfault for me (amd64 host with arm 32bit build chroot).

I'm not clear if your patch has been accepted upstream? Can I +1 the possibility of adding this to the existing qemu-5.1.0 ebuild please?

Thanks
Comment 37 Andrew Aladjev 2020-11-06 18:42:38 UTC
Hello, I've send this patch to upstream, but it looks like it has been lost in other user patches.

It looks like Joakim Tjernlund wanted to review patch, maybe we can assign issue to him.

I think patch (for now) can be added to qemu-5.1.0 patches list, in this case we need to assign issue to Mike Gilbert.

I have no permissions to assign issue, please help =).
Comment 38 Mike Gilbert gentoo-dev 2020-11-06 20:23:13 UTC
(In reply to Andrew Aladjev from comment #37)
> I think patch (for now) can be added to qemu-5.1.0 patches list, in this
> case we need to assign issue to Mike Gilbert.

I do not maintain qemu, but I will reassign this bug to its maintainer.
Comment 39 Sergei Trofimovich (RETIRED) gentoo-dev 2020-11-06 23:41:40 UTC
Please work with upstream to make it accepted and then we can backport it. Reading https://lists.gnu.org/archive/html/qemu-devel/2020-08/msg03628.html it needs some work.
Comment 40 Andrew Aladjev 2021-02-26 10:22:22 UTC
I've send new series of patches here https://lists.gnu.org/archive/html/qemu-devel/2021-02/msg08088.html. Unfortunately qemu devel email system is overloaded, previous series of patches were not reviewed, I am sending it again. Please send invites to qemu developers for review our small patches.
Comment 41 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2021-12-17 23:05:20 UTC
Doesn't seem to have made it upstream. Maybe try resending and CC the linux-user maintainer? Seems to be "laurent AT vivier.eu" based on the MAINTAINERS file.