From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1JM81d-00024m-QE
	for qemu-devel@nongnu.org; Mon, 04 Feb 2008 15:34:45 -0500
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1JM81c-00024a-Vj
	for qemu-devel@nongnu.org; Mon, 04 Feb 2008 15:34:45 -0500
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1JM81c-00024X-QE
	for qemu-devel@nongnu.org; Mon, 04 Feb 2008 15:34:44 -0500
Received: from partizan.velesys.com ([213.184.230.195])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <k.shutemov@velesys.com>) id 1JM81b-0005fo-Tk
	for qemu-devel@nongnu.org; Mon, 04 Feb 2008 15:34:44 -0500
Received: from localhost (mail.velesys.com [10.0.5.31])
	by partizan.velesys.com (partizan.velesys.com) with ESMTP id
	718F2136AF7
	for <qemu-devel@nongnu.org>; Mon,  4 Feb 2008 20:34:10 +0000 (UTC)
Received: from partizan.velesys.com ([10.0.5.31])
	by localhost (mail.velesys.com [10.0.5.31]) (amavisd-new, port 10024)
	with ESMTP id LQrDNFOD2JGj for <qemu-devel@nongnu.org>;
	Mon,  4 Feb 2008 20:34:08 +0000 (UTC)
Received: from localhost.localdomain (unknown [86.57.195.107])
	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by partizan.velesys.com (partizan.velesys.com) with ESMTP id
	57344136AD6
	for <qemu-devel@nongnu.org>; Mon,  4 Feb 2008 20:34:07 +0000 (UTC)
Date: Mon, 4 Feb 2008 22:36:46 +0200
From: "Kirill A. Shutemov" <k.shutemov@velesys.com>
Subject: Re: [Qemu-devel] Fix writev syscall emulation
Message-ID: <20080204203645.GA1468@localhost.localdomain>
References: <1202155382.4788.95.camel@localhost.localdomain>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="x+6KMIRAuhnl3hBn"
Content-Disposition: inline
In-Reply-To: <1202155382.4788.95.camel@localhost.localdomain>
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org


--x+6KMIRAuhnl3hBn
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On [Mon, 04.02.2008 20:03], Richard Purdie wrote:
> Hi,
>=20
> OpenEmbedded/Poky use qemu for locale generation when cross compiling.
> When we upgraded to qemu 0.9.1 it started giving locale generation
> errors on all 64 bit machines and some 32 bit ones.
>=20
> I've traced it to the writev syscall failing. localedef passes several
> { NULL, 0 } iovec entries which trip up lock_iovec(). That function is
> returning an error for these but the return value isn't checked. The
> syscall is therefore always made but sometimes with a iovec that has
> only been half copied. If the total writes exceed size_t, EINVAL is
> returned by the kernel and glibc code emulates the call with a write
> which is most likely to happen on 32 bit so it sometimes works. size_t
> is unlikely to be exceeded on 64 bit so that returns an EFAULT and
> always corrupts/fails.
>=20
> Anyhow, it seems 0 length iovec entries are allowed and we shouldn't
> care about the addresses in those cases. The patch below is one way to
> fix this. Ideally the return value of lock_iovec() needs be be checked
> too.
>=20
> Regards,
>=20
> Richard
>=20
> ---
>  linux-user/syscall.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>=20
> Index: qemu-0.9.1/linux-user/syscall.c
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
> --- qemu-0.9.1.orig/linux-user/syscall.c	2008-02-03 00:00:00.000000000 +0=
000
> +++ qemu-0.9.1/linux-user/syscall.c	2008-02-03 00:00:38.000000000 +0000
> @@ -1048,7 +1048,7 @@ static abi_long lock_iovec(int type, str
>          base =3D tswapl(target_vec[i].iov_base);
>          vec[i].iov_len =3D tswapl(target_vec[i].iov_len);
>          vec[i].iov_base =3D lock_user(type, base, vec[i].iov_len, copy);
> -	if (!vec[i].iov_base)=20
> +	if (!vec[i].iov_base && vec[i].iov_len)=20
>              goto fail;
>      }
>      unlock_user (target_vec, target_addr, 0);

I have post similar patch some days ago.

--=20
Regards,  Kirill A. Shutemov
 + Belarus, Minsk
 + Velesys Ltd, http://www.velesys.com/
 + ALT Linux Team, http://www.altlinux.com/

--x+6KMIRAuhnl3hBn
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (GNU/Linux)

iEYEARECAAYFAkend10ACgkQbWYnhzC5v6ppugCeNlEu35VBV6KGo+NelwnJKlLZ
QggAn36RVhHmGPEkdS53fc0M0WpAbeJl
=l4zr
-----END PGP SIGNATURE-----

--x+6KMIRAuhnl3hBn--