Re: [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3

qemu-devel.nongnu.org archive mirror
 help / color / mirror / Atom feed

From: Riku Voipio <riku.voipio@iki.fi>
To: "Jan-Simon Möller" <dl9pf@gmx.de>
Cc: Martin Mohring <martin.mohring@opensuse.org>,
	Riku Voipio <riku.voipio@iki.fi>,
	qemu-devel@nongnu.org, Aurelien Jarno <aurelien@aurel32.net>,
	Richard Henderson <rth@twiddle.net>
Subject: Re: [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3
Date: Mon, 15 Mar 2010 14:48:03 +0000	[thread overview]
Message-ID: <20100315144803.GA1895@afflict.kos.to> (raw)
In-Reply-To: <201003151346.10470.dl9pf@gmx.de>

On Mon, Mar 15, 2010 at 01:46:10PM +0100, Jan-Simon Möller wrote:
> We're still investigating the topic. So far, we tracked one failure down to
> ldconfig.real which is a static arm binary executed after the chroot got the 
> basic packages installed. If we setup a chroot with an older qemu-arm and 
> exchange it afterwards with the new qemu and rerun just the build step, it 
> works. Thus it seems to be an issue with static arm binaries atm.
> 
> Strace of a call of ldconfig.real with the qemu-arm failing:
> 
> http://pastie.org/870189
> 
> Sort version:
> 
> root@frodo:/# qemu-arm -strace /sbin/ldconfig.real                  
> 16359 uname(0x403fef78) = 0                                         
> 16359 brk(NULL) = 0x000a9000                                        
> 16359 brk(0x000a9d08) = 0x000a9d08                                  
> 16359 open("/dev/urandom",O_RDONLY) = 3                             
> 16359 read(3,0x403ff27d,3) = 3                                      
> 16359 close(3) = 0                                                  
> [...]
> 16359 stat64("/usr/lib/libgettextlib.so",0x403fdf28) = 0
> 16359 stat64("/usr/lib/libgettextpo.so.0",0x403fdec0) = 0
> 16359 stat64("/usr/lib/libgettextpo.so.0.4.0",0x403fdf28) = 0
> 16359 stat64("/usr/lib/libpython2.6.so.1.0",0x403fdec0) = 0
> 16359 stat64("/usr/lib/libpython2.6.so.1.0",0x403fdf28) = 0
> 16359 open("/etc/ld.so.cache~",O_WRONLY|O_CREAT|O_NOFOLLOW|O_TRUNC,0600) = 3
> 16359 write(3,0xb03d0,1288) = 1288
> 16359 write(3,0x403ff0a0,0) = -1 errno=14 (Bad address)

A zero sized write. According to manpage ok. 

In qemu we do a lock_user to to get the string to write. Richards change changes
the access checks the get called by lock_user:

page_check_range:

-    if (start + len < start)
-        /* we've wrapped around */
...
+    if (start + len - 1 < start) {
+        /* We've wrapped around.  */

This now blows up with len = 0;

> 16359 write(2,0x403fca08,21)/sbin/ldconfig.real:  = 21
> 16359 write(2,0x403fc9e8,28)Writing of cache data failed = 28
> 16359 write(2,0x403fc5b8,13): Bad address = 13
> 16359 write(2,0x403fc9c0,1)
>  = 1
> 16359 exit_group(1)
> 
> Best,
> Jan-Simon
>

next prev parent reply	other threads:[~2010-03-15 14:48 UTC|newest]

Thread overview: 23+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2010-03-10 23:59 [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3 Richard Henderson
2010-03-10 22:33 ` [Qemu-devel] [PATCH 1/6] Move TARGET_PHYS_ADDR_SPACE_BITS to target-*/cpu.h Richard Henderson
2010-03-11 11:11   ` Aurelien Jarno
2010-03-11 15:19     ` Richard Henderson
2010-03-10 22:36 ` [Qemu-devel] [PATCH 2/6] Use TARGET_VIRT_ADDR_SPACE_BITS in h2g_valid Richard Henderson
2010-03-10 22:38 ` [Qemu-devel] [PATCH 3/6] linux-user: Use h2g_valid in qemu_vmalloc Richard Henderson
2010-03-10 23:39 ` [Qemu-devel] [PATCH 4/6] linux-user: Fix mmap_find_vma returning invalid addresses Richard Henderson
2010-03-10 23:53 ` [Qemu-devel] [PATCH 5/6] Implement multi-level page tables Richard Henderson
2010-03-13 22:48   ` Stefan Weil
2010-03-14 15:02     ` Paul Brook
2010-03-14 16:41       ` Aurelien Jarno
2010-03-10 23:57 ` [Qemu-devel] [PATCH 6/6] Fix last page errors in page_check_range and page_set_flags Richard Henderson
2010-03-12 18:51 ` [Qemu-devel] [PATCH 0/6] Multi-level page tables and userland mapping fixes, v3 Paul Brook
2010-03-12 19:26   ` Blue Swirl
2010-03-12 23:28     ` Paul Brook
2010-03-13 12:45   ` Aurelien Jarno
2010-03-13 14:00     ` Martin Mohring
2010-03-15  7:45       ` Riku Voipio
2010-03-15 12:46         ` Jan-Simon Möller
2010-03-15 14:48           ` Riku Voipio [this message]
2010-03-15 15:08             ` Jan-Simon Möller
2010-03-17 11:48               ` Riku Voipio
2010-03-17 14:32                 ` Richard Henderson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20100315144803.GA1895@afflict.kos.to \
    --to=riku.voipio@iki.fi \
    --cc=aurelien@aurel32.net \
    --cc=dl9pf@gmx.de \
    --cc=martin.mohring@opensuse.org \
    --cc=qemu-devel@nongnu.org \
    --cc=rth@twiddle.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).