[Qemu-devel] failed kpartx on qemu-aarch64-static

[Qemu-devel] failed kpartx on qemu-aarch64-static

[Chanho Park]

Hi all,

I've got a kpartx crash frin qemu-aarch64 user emulation.
The version of qemu-aarch64-static is 2.5.0 and it was also occurred
on 2.5.1 version.

/usr/bin/qemu-aarch64-static --version
qemu-aarch64 version 2.5.0 (Debian 1:2.5+dfsg-5ubuntu10.1), Copyright
(c) 2003-2008 Fabrice Bellard

== Bug report ==
kpartx -a -v test.img
Unsupported ioctl: cmd=0x4c82
*** stack smashing detected ***: /usr/sbin/kpartx terminated
======= Backtrace: =========
/lib64/libc.so.6(+0x6e334)[0x400091d334]
/lib64/libc.so.6(__fortify_fail+0x48)[0x400099dd60]
/lib64/libc.so.6(+0xeed14)[0x400099dd14]
/usr/sbin/kpartx[0x40385c]
/usr/sbin/kpartx(read_gpt_pt+0x40)[0x404710]
/usr/sbin/kpartx[0x402794]
/lib64/libc.so.6(__libc_start_main+0xe8)[0x40008ce810]
/usr/sbin/kpartx[0x403100]
======= Memory map: ========
0000000000400000-0000000000408000 r-xp 00000000 08:31 5931481
/usr/sbin/kpartx
0000000000417000-0000000000419000 rw-p 00007000 08:31 5931481
/usr/sbin/kpartx
0000000000419000-000000000043b000 rw-p 00000000 00:00 0
0000004000000000-0000004000001000 ---p 00000000 00:00 0
0000004000001000-0000004000801000 rw-p 00000000 00:00 0                [stack]
0000004000801000-000000400081f000 r-xp 00000000 08:31 5927581
/usr/lib64/ld-2.23.so
000000400081f000-0000004000830000 ---p 00000000 00:00 0
0000004000830000-0000004000831000 r--p 0001f000 08:31 5927581
/usr/lib64/ld-2.23.so
0000004000831000-0000004000832000 rw-p 00020000 08:31 5927581
/usr/lib64/ld-2.23.so
0000004000832000-0000004000833000 rw-p 00000000 00:00 0
000000400083a000-000000400083b000 rw-p 00000000 00:00 0
000000400083b000-0000004000896000 r-xp 00000000 08:31 5927133
/usr/lib64/libdevmapper.so.1.02
0000004000896000-00000040008aa000 ---p 0005b000 08:31 5927133
/usr/lib64/libdevmapper.so.1.02
00000040008aa000-00000040008ab000 r--p 0005f000 08:31 5927133
/usr/lib64/libdevmapper.so.1.02
00000040008ab000-00000040008ae000 rw-p 00060000 08:31 5927133
/usr/lib64/libdevmapper.so.1.02
00000040008ae000-00000040008af000 rw-p 00000000 00:00 0
00000040008af000-0000004000a12000 r-xp 00000000 08:31 5926975
/usr/lib64/libc-2.23.so
0000004000a12000-0000004000a2b000 ---p 00163000 08:31 5926975
/usr/lib64/libc-2.23.so
0000004000a2b000-0000004000a2f000 r--p 0016c000 08:31 5926975
/usr/lib64/libc-2.23.so
0000004000a2f000-0000004000a31000 rw-p 00170000 08:31 5926975
/usr/lib64/libc-2.23.so
0000004000a31000-0000004000a35000 rw-p 00000000 00:00 0
0000004000a35000-0000004000a3b000 r-xp 00000000 08:31 5926575
/usr/lib64/librt-2.23.so
0000004000a3b000-0000004000a54000 ---p 00006000 08:31 5926575
/usr/lib64/librt-2.23.so
0000004000a54000-0000004000a55000 r--p 0000f000 08:31 5926575
/usr/lib64/librt-2.23.so
0000004000a55000-0000004000a56000 rw-p 00010000 08:31 5926575
/usr/lib64/librt-2.23.so
0000004000a56000-0000004000a57000 rw-p 00000000 00:00 0
0000004000a57000-0000004000a7a000 r-xp 00000000 08:31 5926792
/usr/lib64/libselinux.so.1
0000004000a7a000-0000004000a96000 ---p 00023000 08:31 5926792
/usr/lib64/libselinux.so.1
0000004000a96000-0000004000a97000 r--p 0002f000 08:31 5926792
/usr/lib64/libselinux.so.1
0000004000a97000-0000004000a98000 rw-p 00030000 08:31 5926792
/usr/lib64/libselinux.so.1
0000004000a98000-0000004000a9a000 rw-p 00000000 00:00 0
0000004000a9a000-0000004000b2d000 r-xp 00000000 08:31 5927568
/usr/lib64/libsepol.so.1
0000004000b2d000-0000004000b48000 ---p 00093000 08:31 5927568
/usr/lib64/libsepol.so.1
0000004000b48000-0000004000b4a000 r--p 0009e000 08:31 5927568
/usr/lib64/libsepol.so.1
0000004000b4a000-0000004000b4b000 rw-p 000a0000 08:31 5927568
/usr/lib64/libsepol.so.1
0000004000b4b000-0000004000b4c000 rw-p 00000000 00:00 0
0000004000b4c000-0000004000b6a000 r-xp 00000000 08:31 5927042
/usr/lib64/libudev.so.1.6.4
0000004000b6a000-0000004000b7b000 ---p 0001e000 08:31 5927042
/usr/lib64/libudev.so.1.6.4
0000004000b7b000-0000004000b7c000 r--p 0001f000 08:31 5927042
/usr/lib64/libudev.so.1.6.4
0000004000b7c000-0000004000b7d000 rw-p 00020000 08:31 5927042
/usr/lib64/libudev.so.1.6.4
0000004000b7d000-0000004000b7e000 rw-p 00000000 00:00 0
0000004000b7e000-0000004000b96000 r-xp 00000000 08:31 5920806
/usr/lib64/libpthread-2.23.so
0000004000b96000-0000004000bad000 ---p 00018000 08:31 5920806
/usr/lib64/libpthread-2.23.so
0000004000bad000-0000004000bae000 r--p 0001f000 08:31 5920806
/usr/lib64/libpthread-2.23.so
0000004000bae000-0000004000baf000 rw-p 00020000 08:31 5920806
/usr/lib64/libpthread-2.23.so
0000004000baf000-0000004000bb3000 rw-p 00000000 00:00 0
0000004000bb3000-0000004000c60000 r-xp 00000000 08:31 5927575
/usr/lib64/libm-2.23.so
0000004000c60000-0000004000c72000 ---p 000ad000 08:31 5927575
/usr/lib64/libm-2.23.so
0000004000c72000-0000004000c73000 r--p 000af000 08:31 5927575
/usr/lib64/libm-2.23.so
0000004000c73000-0000004000c74000 rw-p 000b0000 08:31 5927575
/usr/lib64/libm-2.23.so
0000004000c74000-0000004000cd5000 r-xp 00000000 08:31 5920824
/usr/lib64/libpcre.so.1.2.6
0000004000cd5000-0000004000cf3000 ---p 00061000 08:31 5920824
/usr/lib64/libpcre.so.1.2.6
0000004000cf3000-0000004000cf4000 r--p 0006f000 08:31 5920824
/usr/lib64/libpcre.so.1.2.6
0000004000cf4000-0000004000cf5000 rw-p 00070000 08:31 5920824
/usr/lib64/libpcre.so.1.2.6
0000004000cf5000-0000004000cf6000 rw-p 00000000 00:00 0
0000004000cf6000-0000004000cf9000 r-xp 00000000 08:31 5926540
/usr/lib64/libdl-2.23.so
0000004000cf9000-0000004000d15000 ---p 00003000 08:31 5926540
/usr/lib64/libdl-2.23.so
0000004000d15000-0000004000d16000 r--p 0000f000 08:31 5926540
/usr/lib64/libdl-2.23.so
0000004000d16000-0000004000d17000 rw-p 00010000 08:31 5926540
/usr/lib64/libdl-2.23.so
0000004000d17000-0000004000d1b000 r-xp 00000000 08:31 5920811
/usr/lib64/libcap.so.2.24
0000004000d1b000-0000004000d36000 ---p 00004000 08:31 5920811
/usr/lib64/libcap.so.2.24
0000004000d36000-0000004000d37000 r--p 0000f000 08:31 5920811
/usr/lib64/libcap.so.2.24
0000004000d37000-0000004000d38000 rw-p 00010000 08:31 5920811
/usr/lib64/libcap.so.2.24
0000004000d38000-0000004000d4e000 r-xp 00000000 08:31 5926799
/usr/lib64/libresolv-2.23.so
0000004000d4e000-0000004000d67000 ---p 00016000 08:31 5926799
/usr/lib64/libresolv-2.23.so
0000004000d67000-0000004000d68000 r--p 0001f000 08:31 5926799
/usr/lib64/libresolv-2.23.so
0000004000d68000-0000004000d69000 rw-p 00020000 08:31 5926799
/usr/lib64/libresolv-2.23.so
0000004000d69000-0000004000d6c000 rw-p 00000000 00:00 0
0000004000d6c000-0000004000d7e000 r-xp 00000000 08:31 5931301
/usr/lib64/libgcc_s-6.1.1-20160621.so.1
0000004000d7e000-0000004000d8d000 ---p 00012000 08:31 5931301
/usr/lib64/libgcc_s-6.1.1-20160621.so.1
0000004000d8d000-0000004000d8e000 rw-p 00011000 08:31 5931301
/usr/lib64/libgcc_s-6.1.1-20160621.so.1
0000004000d8e000-0000004000d92000 r-xp 00000000 08:31 5920887
/usr/lib64/libattr.so.1.1.0
0000004000d92000-0000004000dad000 ---p 00004000 08:31 5920887
/usr/lib64/libattr.so.1.1.0
0000004000dad000-0000004000dae000 r--p 0000f000 08:31 5920887
/usr/lib64/libattr.so.1.1.0
0000004000dae000-0000004000db2000 rw-p 00000000 00:00 0
qemu: uncaught target signal 6 (Aborted) - core dumped


-- 
Best Regards,
Chanho Park

Re: [Qemu-devel] failed kpartx on qemu-aarch64-static

[Peter Maydell]

On 2 July 2016 at 17:25, Chanho Park <parkch98@gmail.com> wrote:
> I've got a kpartx crash frin qemu-aarch64 user emulation.
> The version of qemu-aarch64-static is 2.5.0 and it was also occurred
> on 2.5.1 version.
>
> /usr/bin/qemu-aarch64-static --version
> qemu-aarch64 version 2.5.0 (Debian 1:2.5+dfsg-5ubuntu10.1), Copyright
> (c) 2003-2008 Fabrice Bellard
>
> == Bug report ==
> kpartx -a -v test.img
> Unsupported ioctl: cmd=0x4c82

That's QEMU saying we don't support the ioctl, which is
LOOP_CTL_GET_FREE.

> *** stack smashing detected ***: /usr/sbin/kpartx terminated
> ======= Backtrace: =========
> /lib64/libc.so.6(+0x6e334)[0x400091d334]
> /lib64/libc.so.6(__fortify_fail+0x48)[0x400099dd60]
> /lib64/libc.so.6(+0xeed14)[0x400099dd14]
> /usr/sbin/kpartx[0x40385c]
> /usr/sbin/kpartx(read_gpt_pt+0x40)[0x404710]
> /usr/sbin/kpartx[0x402794]
> /lib64/libc.so.6(__libc_start_main+0xe8)[0x40008ce810]
> /usr/sbin/kpartx[0x403100]

This might be the result of kpartx's error handling
code not reacting well to the ioctl failing, or it might
be a different problem.

Can you retest with current QEMU git master, please?
(It will still have the missing ioctl but if the crash
is a threading or signal related problem there's a good
chance we'll do better in those areas than 2.5 was.)

I'll sort out a patch for adding the missing ioctls next
week; they should be straightforward.

thanks
-- PMM

Re: [Qemu-devel] failed kpartx on qemu-aarch64-static

[Peter Maydell]

On 2 July 2016 at 19:23, Peter Maydell <peter.maydell@linaro.org> wrote:
> On 2 July 2016 at 17:25, Chanho Park <parkch98@gmail.com> wrote:
>> I've got a kpartx crash frin qemu-aarch64 user emulation.
>> The version of qemu-aarch64-static is 2.5.0 and it was also occurred
>> on 2.5.1 version.
>>
>> /usr/bin/qemu-aarch64-static --version
>> qemu-aarch64 version 2.5.0 (Debian 1:2.5+dfsg-5ubuntu10.1), Copyright
>> (c) 2003-2008 Fabrice Bellard
>>
>> == Bug report ==
>> kpartx -a -v test.img
>> Unsupported ioctl: cmd=0x4c82
>
> That's QEMU saying we don't support the ioctl, which is
> LOOP_CTL_GET_FREE.
>
>> *** stack smashing detected ***: /usr/sbin/kpartx terminated
>> ======= Backtrace: =========
>> /lib64/libc.so.6(+0x6e334)[0x400091d334]
>> /lib64/libc.so.6(__fortify_fail+0x48)[0x400099dd60]
>> /lib64/libc.so.6(+0xeed14)[0x400099dd14]
>> /usr/sbin/kpartx[0x40385c]
>> /usr/sbin/kpartx(read_gpt_pt+0x40)[0x404710]
>> /usr/sbin/kpartx[0x402794]
>> /lib64/libc.so.6(__libc_start_main+0xe8)[0x40008ce810]
>> /usr/sbin/kpartx[0x403100]
>
> This might be the result of kpartx's error handling
> code not reacting well to the ioctl failing, or it might
> be a different problem.

I got round to testing this with current master myself.
It turns out to be a bug in our handling of the BSGSSZGET
ioctl; we were using the wrong type for it which meant
we would write to more memory than we should have if the
guest was a 64-bit one. I'll send a patch in a moment.

thanks
-- PMM

Re: [Qemu-devel] failed kpartx on qemu-aarch64-static

[Chanho Park]

Hi Peter,

On Tuesday, July 5, 2016, Peter Maydell <peter.maydell@linaro.org> wrote:

> On 2 July 2016 at 19:23, Peter Maydell <peter.maydell@linaro.org
> <javascript:;>> wrote:
> > On 2 July 2016 at 17:25, Chanho Park <parkch98@gmail.com <javascript:;>>
> wrote:
> >> I've got a kpartx crash frin qemu-aarch64 user emulation.
> >> The version of qemu-aarch64-static is 2.5.0 and it was also occurred
> >> on 2.5.1 version.
> >>
> >> /usr/bin/qemu-aarch64-static --version
> >> qemu-aarch64 version 2.5.0 (Debian 1:2.5+dfsg-5ubuntu10.1), Copyright
> >> (c) 2003-2008 Fabrice Bellard
> >>
> >> == Bug report ==
> >> kpartx -a -v test.img
> >> Unsupported ioctl: cmd=0x4c82
> >
> > That's QEMU saying we don't support the ioctl, which is
> > LOOP_CTL_GET_FREE.
> >
> >> *** stack smashing detected ***: /usr/sbin/kpartx terminated
> >> ======= Backtrace: =========
> >> /lib64/libc.so.6(+0x6e334)[0x400091d334]
> >> /lib64/libc.so.6(__fortify_fail+0x48)[0x400099dd60]
> >> /lib64/libc.so.6(+0xeed14)[0x400099dd14]
> >> /usr/sbin/kpartx[0x40385c]
> >> /usr/sbin/kpartx(read_gpt_pt+0x40)[0x404710]
> >> /usr/sbin/kpartx[0x402794]
> >> /lib64/libc.so.6(__libc_start_main+0xe8)[0x40008ce810]
> >> /usr/sbin/kpartx[0x403100]
> >
> > This might be the result of kpartx's error handling
> > code not reacting well to the ioctl failing, or it might
> > be a different problem.
>
> I got round to testing this with current master myself.
> It turns out to be a bug in our handling of the BSGSSZGET
> ioctl; we were using the wrong type for it which meant
> we would write to more memory than we should have if the
> guest was a 64-bit one. I'll send a patch in a moment.
>

Thanks. I've checked your patch has been fixed the problem.

Anyway, there is one more problem.
When I tries to detach the loop device using "kpartx -d" command, it was
not detached correctly. Below is my test sequence.

dd if=/dev/zero of=test.img bs=1M count=32
fdisk test.img << __EOF__
n
p



w
__EOF__

kpartx -a -v test4.img
Unsupported ioctl: cmd=0x4c82
add map loop3p1 (252:2) 0 63488 linear /dev/loop3 2048

kpartx -d test4.img
<- I expected the loop3 and loop3p1 are detached, but they weren't.

Best regards,
Chanho Park


-- 
Best Regards,
Chanho Park

Re: [Qemu-devel] failed kpartx on qemu-aarch64-static

[Peter Maydell]

On 5 July 2016 at 02:33, Chanho Park <parkch98@gmail.com> wrote:
> Anyway, there is one more problem.
> When I tries to detach the loop device using "kpartx -d" command, it was not
> detached correctly. Below is my test sequence.

Thanks. This turns out to be due to bugs in our handling of
another couple of ioctls (which also caused odd behaviour
of 'losetup -a' and similar). I've just sent a patch.

-- PMM