[Qemu-devel] [Bug 1404690] Re: Qemu crashes with chrooted m68k

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [Bug 1404690] Re: Qemu crashes with chrooted m68k

From:	Peter Maydell
Subject:	[Qemu-devel] [Bug 1404690] Re: Qemu crashes with chrooted m68k
Date:	Mon, 22 Dec 2014 22:49:01 -0000

I've identified the cause of "ls" not returning any output, but I don't
think we can fix it in QEMU.

This happens if the host fs is ext3 or ext4 on a 64 bit system. Here the
"d_off" entry in a linux_dirent64 is actually a hashtable hash, and so
can be a full 64 bits. Unfortunately the guest binary here is trying to
convert getdents64() syscall return information into a dirent with only
a 32 bit offset field, and so it (guest libc, I think) just ignores
dirents with offsets >4GB, which is all of them.

Sadly although ext3/4 support an f_mode bit for "make hash offsets fit
in 32 bit", this is only for the benefit of kernel internal APIs (it's
used by NFS) and AFAICT can't be set by userspace. So I can't at the
moment think of any way for QEMU to deal with this...

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1404690

Title:
  Qemu crashes with chrooted m68k

Status in QEMU:
  New

Bug description:
  I'm using qemu-m68k 2.2.0 to chroot into a m68k coldfire linux, which
  works fine on the coldfire machine.

  I've been able to use binfmt_msc and used the above code to use qemu
  with strace:

  #include <unistd.h>
  #include <string.h>

  int main(int argc, char **argv, char **envp) {
          char *newargv[argc + 4];

          newargv[0] = argv[0];
          newargv[1] = "-cpu";
          newargv[2] = "cfv4e";
          newargv[3] = "-strace";

          memcpy(&newargv[4], &argv[1], sizeof(*argv) * (argc - 1));
          newargv[argc + 3] = NULL;
          return execve("/usr/bin/qemu-m68k", newargv, envp);
  }

  Everything works fine. I can run bash, busybox, ash, but when I try to
  run a ls or just type an invalid command, I got the attached sequence
  of messages, which end like so:

  11351 waitpid(-1,0xf6fffa00,0x3) = -1 errno=10 (No child processes)
  qemu: fatal: Illegal instruction: 0000 @ f6fffa30
  D0 = ffffffff   A0 = f67dcf50   F0 = 0000000000000000 (           0)
  D1 = 0000000a   A1 = f66e0898   F1 = 0000000000000000 (           0)
  D2 = f6fffaa8   A2 = f67df268   F2 = 0000000000000000 (           0)
  D3 = 00000000   A3 = 00000000   F3 = 0000000000000000 (           0)
  D4 = 00000008   A4 = 800026c4   F4 = 0000000000000000 (           0)
  D5 = 00000000   A5 = f67d98e0   F5 = 0000000000000000 (           0)
  D6 = f6fffaa8   A6 = f6fffa7c   F6 = 0000000000000000 (           0)
  D7 = 00000002   A7 = f6fffa24   F7 = 0000000000000000 (           0)
  PC = f6fffa30   SR = 0000 ----- FPRESULT =            0
  Aborted

  How can I debug it further to try to figure out if this is a qemu
  issue or not? Thanks

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1404690/+subscriptions

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [PATCH 0/4] Migration Deciphering aid, Alexander Graf, 2014/12/22
- [Qemu-devel] [PATCH 2/4] qemu-file: Add fast ftell code path, Alexander Graf, 2014/12/22
- [Qemu-devel] [PATCH 4/4] Add migration stream analyzation script, Alexander Graf, 2014/12/22
- [Qemu-devel] [PATCH 1/4] QJSON: Add JSON writer, Alexander Graf, 2014/12/22
- [Qemu-devel] [PATCH 3/4] migration: Append JSON description of migration stream, Alexander Graf, 2014/12/22

Prev by Date: [Qemu-devel] [PULL 14/14] vfio: Cleanup error_report()s
Next by Date: [Qemu-devel] [PATCH 2/4] qemu-file: Add fast ftell code path
Previous by thread: [Qemu-devel] [PULL 00/14] QEMU: VFIO updates
Next by thread: [Qemu-devel] [PATCH 2/4] qemu-file: Add fast ftell code path
Index(es):
- Date
- Thread