* [Qemu-devel] [Bug 1840252] [NEW] Infinite loop over ERANGE from getsockopt
@ 2019-08-15 12:45 Fritz Katze
2019-08-15 12:56 ` [Qemu-devel] [Bug 1840252] " Peter Maydell
` (2 more replies)
0 siblings, 3 replies; 4+ messages in thread
From: Fritz Katze @ 2019-08-15 12:45 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
Host system: Ubuntu 18.04.3 AMD64
Qemu Version: qemu-arm-static --version
qemu-arm version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7.17)
Emulated System:
Root file system taken from RaspberryPi 3 image
ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img
from http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img.xz.
Then using system-nspawn with with /usr/bin/qemu-arm-static copied in.
When executing commands like
dpkg -i (--force-all) <...>.deb
or
tar tvf ..
or
tar xvf ..
the hosting qemu-arm-static process goes into an infinite loop of getsockopt calls of the form:
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of range)
I assume that this is because of an infinite retry without checking the actual error code of the call.
strace:
openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/librt.so.1", O_RDONLY|O_CLOEXEC) = 12
read(12, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\20\30\0\0004\0\0\0"..., 512) = 512
lseek(12, 21236, SEEK_SET) = 21236
read(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1240) = 1240
lseek(12, 20856, SEEK_SET) = 20856
read(12, "A2\0\0\0aeabi\0\1(\0\0\0\0057-A\0\6\n\7A\10\1\t\2\n\4\22"..., 51) = 51
fstat(12, {st_mode=S_IFREG|0644, st_size=22476, ...}) = 0
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_DENYWRIT
E, -1, 0) = 0x7f419952c000
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0) = 0x
7f419952c000
mprotect(0x7f4199531000, 61440, PROT_NONE) = 0
mmap(0x7f4199540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0x4000)
= 0x7f4199540000
close(12) = 0
mprotect(0x7f4199540000, 4096, PROT_READ) = 0
mprotect(0x7f4199578000, 8192, PROT_READ) = 0
mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
= 0x7f419957b000
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [HUP USR1 USR2 PIPE ALRM CHLD TSTP URG VTALRM PROF WINCH IO], NULL, 8
) = 0
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
getpid() = 26
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 12
getsockopt(12, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(12, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(12, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 29) = 0
getsockopt(12, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=0, gid=0}, [12]) = 0
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
range)
** Affects: qemu
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1840252
Title:
Infinite loop over ERANGE from getsockopt
Status in QEMU:
New
Bug description:
Host system: Ubuntu 18.04.3 AMD64
Qemu Version: qemu-arm-static --version
qemu-arm version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7.17)
Emulated System:
Root file system taken from RaspberryPi 3 image
ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img
from http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img.xz.
Then using system-nspawn with with /usr/bin/qemu-arm-static copied in.
When executing commands like
dpkg -i (--force-all) <...>.deb
or
tar tvf ..
or
tar xvf ..
the hosting qemu-arm-static process goes into an infinite loop of getsockopt calls of the form:
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of range)
I assume that this is because of an infinite retry without checking the actual error code of the call.
strace:
openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/librt.so.1", O_RDONLY|O_CLOEXEC) = 12
read(12, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\20\30\0\0004\0\0\0"..., 512) = 512
lseek(12, 21236, SEEK_SET) = 21236
read(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1240) = 1240
lseek(12, 20856, SEEK_SET) = 20856
read(12, "A2\0\0\0aeabi\0\1(\0\0\0\0057-A\0\6\n\7A\10\1\t\2\n\4\22"..., 51) = 51
fstat(12, {st_mode=S_IFREG|0644, st_size=22476, ...}) = 0
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_DENYWRIT
E, -1, 0) = 0x7f419952c000
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0) = 0x
7f419952c000
mprotect(0x7f4199531000, 61440, PROT_NONE) = 0
mmap(0x7f4199540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0x4000)
= 0x7f4199540000
close(12) = 0
mprotect(0x7f4199540000, 4096, PROT_READ) = 0
mprotect(0x7f4199578000, 8192, PROT_READ) = 0
mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
= 0x7f419957b000
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [HUP USR1 USR2 PIPE ALRM CHLD TSTP URG VTALRM PROF WINCH IO], NULL, 8
) = 0
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
getpid() = 26
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 12
getsockopt(12, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(12, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(12, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 29) = 0
getsockopt(12, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=0, gid=0}, [12]) = 0
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
range)
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1840252/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [Bug 1840252] Re: Infinite loop over ERANGE from getsockopt
2019-08-15 12:45 [Qemu-devel] [Bug 1840252] [NEW] Infinite loop over ERANGE from getsockopt Fritz Katze
@ 2019-08-15 12:56 ` Peter Maydell
2019-08-15 13:01 ` Fritz Katze
2019-08-16 6:31 ` Fritz Katze
2 siblings, 0 replies; 4+ messages in thread
From: Peter Maydell @ 2019-08-15 12:56 UTC (permalink / raw)
To: qemu-devel
*** This bug is a duplicate of bug 1823790 ***
https://bugs.launchpad.net/bugs/1823790
Hi; thanks for this bug report. It looks like it's the same as
LP:1823790. The underlying cause is that we don't implement the
SO_PEERSEC getsockopt option properly. Unfortunately this option appears
to be completely undocumented, which makes it pretty hard for us to
implement :-(
** This bug has been marked a duplicate of bug 1823790
QEMU mishandling of SO_PEERSEC forces systemd into tight loop
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1840252
Title:
Infinite loop over ERANGE from getsockopt
Status in QEMU:
New
Bug description:
Host system: Ubuntu 18.04.3 AMD64
Qemu Version: qemu-arm-static --version
qemu-arm version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7.17)
Emulated System:
Root file system taken from RaspberryPi 3 image
ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img
from http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img.xz.
Then using system-nspawn with with /usr/bin/qemu-arm-static copied in.
When executing commands like
dpkg -i (--force-all) <...>.deb
or
tar tvf ..
or
tar xvf ..
the hosting qemu-arm-static process goes into an infinite loop of getsockopt calls of the form:
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of range)
I assume that this is because of an infinite retry without checking the actual error code of the call.
strace:
openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/librt.so.1", O_RDONLY|O_CLOEXEC) = 12
read(12, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\20\30\0\0004\0\0\0"..., 512) = 512
lseek(12, 21236, SEEK_SET) = 21236
read(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1240) = 1240
lseek(12, 20856, SEEK_SET) = 20856
read(12, "A2\0\0\0aeabi\0\1(\0\0\0\0057-A\0\6\n\7A\10\1\t\2\n\4\22"..., 51) = 51
fstat(12, {st_mode=S_IFREG|0644, st_size=22476, ...}) = 0
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_DENYWRIT
E, -1, 0) = 0x7f419952c000
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0) = 0x
7f419952c000
mprotect(0x7f4199531000, 61440, PROT_NONE) = 0
mmap(0x7f4199540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0x4000)
= 0x7f4199540000
close(12) = 0
mprotect(0x7f4199540000, 4096, PROT_READ) = 0
mprotect(0x7f4199578000, 8192, PROT_READ) = 0
mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
= 0x7f419957b000
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [HUP USR1 USR2 PIPE ALRM CHLD TSTP URG VTALRM PROF WINCH IO], NULL, 8
) = 0
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
getpid() = 26
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 12
getsockopt(12, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(12, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(12, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 29) = 0
getsockopt(12, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=0, gid=0}, [12]) = 0
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
range)
And this last entry repeats endlessly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1840252/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [Bug 1840252] Re: Infinite loop over ERANGE from getsockopt
2019-08-15 12:45 [Qemu-devel] [Bug 1840252] [NEW] Infinite loop over ERANGE from getsockopt Fritz Katze
2019-08-15 12:56 ` [Qemu-devel] [Bug 1840252] " Peter Maydell
@ 2019-08-15 13:01 ` Fritz Katze
2019-08-16 6:31 ` Fritz Katze
2 siblings, 0 replies; 4+ messages in thread
From: Fritz Katze @ 2019-08-15 13:01 UTC (permalink / raw)
To: qemu-devel
*** This bug is a duplicate of bug 1823790 ***
https://bugs.launchpad.net/bugs/1823790
** Description changed:
Host system: Ubuntu 18.04.3 AMD64
Qemu Version: qemu-arm-static --version
qemu-arm version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7.17)
- Emulated System:
+ Emulated System:
Root file system taken from RaspberryPi 3 image
ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img
from http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img.xz.
Then using system-nspawn with with /usr/bin/qemu-arm-static copied in.
- When executing commands like
- dpkg -i (--force-all) <...>.deb
+ When executing commands like
+ dpkg -i (--force-all) <...>.deb
or
- tar tvf ..
+ tar tvf ..
or
- tar xvf ..
+ tar xvf ..
the hosting qemu-arm-static process goes into an infinite loop of getsockopt calls of the form:
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of range)
I assume that this is because of an infinite retry without checking the actual error code of the call.
strace:
openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/librt.so.1", O_RDONLY|O_CLOEXEC) = 12
read(12, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\20\30\0\0004\0\0\0"..., 512) = 512
lseek(12, 21236, SEEK_SET) = 21236
read(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1240) = 1240
lseek(12, 20856, SEEK_SET) = 20856
read(12, "A2\0\0\0aeabi\0\1(\0\0\0\0057-A\0\6\n\7A\10\1\t\2\n\4\22"..., 51) = 51
fstat(12, {st_mode=S_IFREG|0644, st_size=22476, ...}) = 0
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_DENYWRIT
E, -1, 0) = 0x7f419952c000
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0) = 0x
7f419952c000
mprotect(0x7f4199531000, 61440, PROT_NONE) = 0
mmap(0x7f4199540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0x4000)
- = 0x7f4199540000
+ = 0x7f4199540000
close(12) = 0
mprotect(0x7f4199540000, 4096, PROT_READ) = 0
mprotect(0x7f4199578000, 8192, PROT_READ) = 0
- mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
+ mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
= 0x7f419957b000
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [HUP USR1 USR2 PIPE ALRM CHLD TSTP URG VTALRM PROF WINCH IO], NULL, 8
) = 0
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
getpid() = 26
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 12
getsockopt(12, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(12, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(12, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 29) = 0
getsockopt(12, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=0, gid=0}, [12]) = 0
- getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
+ getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
range)
+
+ And this last entry repeats endlessly.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1840252
Title:
Infinite loop over ERANGE from getsockopt
Status in QEMU:
New
Bug description:
Host system: Ubuntu 18.04.3 AMD64
Qemu Version: qemu-arm-static --version
qemu-arm version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7.17)
Emulated System:
Root file system taken from RaspberryPi 3 image
ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img
from http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img.xz.
Then using system-nspawn with with /usr/bin/qemu-arm-static copied in.
When executing commands like
dpkg -i (--force-all) <...>.deb
or
tar tvf ..
or
tar xvf ..
the hosting qemu-arm-static process goes into an infinite loop of getsockopt calls of the form:
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of range)
I assume that this is because of an infinite retry without checking the actual error code of the call.
strace:
openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/librt.so.1", O_RDONLY|O_CLOEXEC) = 12
read(12, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\20\30\0\0004\0\0\0"..., 512) = 512
lseek(12, 21236, SEEK_SET) = 21236
read(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1240) = 1240
lseek(12, 20856, SEEK_SET) = 20856
read(12, "A2\0\0\0aeabi\0\1(\0\0\0\0057-A\0\6\n\7A\10\1\t\2\n\4\22"..., 51) = 51
fstat(12, {st_mode=S_IFREG|0644, st_size=22476, ...}) = 0
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_DENYWRIT
E, -1, 0) = 0x7f419952c000
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0) = 0x
7f419952c000
mprotect(0x7f4199531000, 61440, PROT_NONE) = 0
mmap(0x7f4199540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0x4000)
= 0x7f4199540000
close(12) = 0
mprotect(0x7f4199540000, 4096, PROT_READ) = 0
mprotect(0x7f4199578000, 8192, PROT_READ) = 0
mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
= 0x7f419957b000
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [HUP USR1 USR2 PIPE ALRM CHLD TSTP URG VTALRM PROF WINCH IO], NULL, 8
) = 0
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
getpid() = 26
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 12
getsockopt(12, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(12, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(12, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 29) = 0
getsockopt(12, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=0, gid=0}, [12]) = 0
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
range)
And this last entry repeats endlessly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1840252/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
* [Qemu-devel] [Bug 1840252] Re: Infinite loop over ERANGE from getsockopt
2019-08-15 12:45 [Qemu-devel] [Bug 1840252] [NEW] Infinite loop over ERANGE from getsockopt Fritz Katze
2019-08-15 12:56 ` [Qemu-devel] [Bug 1840252] " Peter Maydell
2019-08-15 13:01 ` Fritz Katze
@ 2019-08-16 6:31 ` Fritz Katze
2 siblings, 0 replies; 4+ messages in thread
From: Fritz Katze @ 2019-08-16 6:31 UTC (permalink / raw)
To: qemu-devel
*** This bug is a duplicate of bug 1823790 ***
https://bugs.launchpad.net/bugs/1823790
See my comment at LP:1823790.
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1840252
Title:
Infinite loop over ERANGE from getsockopt
Status in QEMU:
New
Bug description:
Host system: Ubuntu 18.04.3 AMD64
Qemu Version: qemu-arm-static --version
qemu-arm version 2.11.1(Debian 1:2.11+dfsg-1ubuntu7.17)
Emulated System:
Root file system taken from RaspberryPi 3 image
ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img
from http://cdimage.ubuntu.com/releases/18.04/release/ubuntu-18.04.3-preinstalled-server-armhf+raspi3.img.xz.
Then using system-nspawn with with /usr/bin/qemu-arm-static copied in.
When executing commands like
dpkg -i (--force-all) <...>.deb
or
tar tvf ..
or
tar xvf ..
the hosting qemu-arm-static process goes into an infinite loop of getsockopt calls of the form:
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of range)
I assume that this is because of an infinite retry without checking the actual error code of the call.
strace:
openat(AT_FDCWD, "/lib/arm-linux-gnueabihf/librt.so.1", O_RDONLY|O_CLOEXEC) = 12
read(12, "\177ELF\1\1\1\3\0\0\0\0\0\0\0\0\3\0(\0\1\0\0\0\20\30\0\0004\0\0\0"..., 512) = 512
lseek(12, 21236, SEEK_SET) = 21236
read(12, "\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"..., 1240) = 1240
lseek(12, 20856, SEEK_SET) = 20856
read(12, "A2\0\0\0aeabi\0\1(\0\0\0\0057-A\0\6\n\7A\10\1\t\2\n\4\22"..., 51) = 51
fstat(12, {st_mode=S_IFREG|0644, st_size=22476, ...}) = 0
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_DENYWRIT
E, -1, 0) = 0x7f419952c000
mmap(0x7f419952c000, 90112, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0) = 0x
7f419952c000
mprotect(0x7f4199531000, 61440, PROT_NONE) = 0
mmap(0x7f4199540000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 12, 0x4000)
= 0x7f4199540000
close(12) = 0
mprotect(0x7f4199540000, 4096, PROT_READ) = 0
mprotect(0x7f4199578000, 8192, PROT_READ) = 0
mmap(0x7f419957b000, 28672, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS|MAP_NORESERVE, -1, 0)
= 0x7f419957b000
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, ~[RTMIN RT_1], NULL, 8) = 0
rt_sigprocmask(SIG_SETMASK, [HUP USR1 USR2 PIPE ALRM CHLD TSTP URG VTALRM PROF WINCH IO], NULL, 8
) = 0
access("/etc/systemd/dont-synthesize-nobody", F_OK) = -1 ENOENT (No such file or directory)
getpid() = 26
socket(AF_UNIX, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 12
getsockopt(12, SOL_SOCKET, SO_RCVBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_RCVBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_RCVBUF, [8388608], 4) = 0
getsockopt(12, SOL_SOCKET, SO_SNDBUF, [212992], [4]) = 0
setsockopt(12, SOL_SOCKET, SO_SNDBUFFORCE, [8388608], 4) = -1 EPERM (Operation not permitted)
setsockopt(12, SOL_SOCKET, SO_SNDBUF, [8388608], 4) = 0
connect(12, {sa_family=AF_UNIX, sun_path="/run/dbus/system_bus_socket"}, 29) = 0
getsockopt(12, SOL_SOCKET, SO_PEERCRED, {pid=0, uid=0, gid=0}, [12]) = 0
getsockopt(12, SOL_SOCKET, SO_PEERSEC, 0x7fff7cac49d8, [4]) = -1 ERANGE (Numerical result out of
range)
And this last entry repeats endlessly.
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1840252/+subscriptions
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2019-08-16 6:41 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-15 12:45 [Qemu-devel] [Bug 1840252] [NEW] Infinite loop over ERANGE from getsockopt Fritz Katze
2019-08-15 12:56 ` [Qemu-devel] [Bug 1840252] " Peter Maydell
2019-08-15 13:01 ` Fritz Katze
2019-08-16 6:31 ` Fritz Katze
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).