Hi, sorry this has fallen through the cracks, but bug 1928075 made me re-discover it and it is time finally to complete that.
** Tags added: server-next ** Description changed: [Impact] - * The current space reserved can be too small and we can end up - with no space at all for BRK. It can happen to any case, but is - much more likely with the now common PIE binaries. + * The current space reserved can be too small and we can end up + with no space at all for BRK. It can happen to any case, but is + much more likely with the now common PIE binaries. - * Backport the upstream fix which reserves a bit more space while loading - and giving it back after interpreter and stack is loaded. + * Backport the upstream fix which reserves a bit more space while loading + and giving it back after interpreter and stack is loaded. [Test Plan] - * On x86 run: + * On x86 run: sudo apt install -y qemu-user-static docker.io sudo docker run --rm arm64v8/debian:bullseye bash -c 'apt update && apt install -y wget' ... Running hooks in /etc/ca-certificates/update.d... done. Errors were encountered while processing: - libc-bin + libc-bin E: Sub-process /usr/bin/dpkg returned an error code (1) + Second test from bug 1928075 + + $ sudo qemu-debootstrap --arch=arm64 bullseye bullseye-arm64 + http://ftp.debian.org/debian + + In the bad case this is failing like + W: Failure trying to run: /sbin/ldconfig + W: See //debootstrap/debootstrap.log for detail + + And in that log file you'll see the segfault + $ tail -n 2 bullseye-arm64/debootstrap/debootstrap.log + qemu: uncaught target signal 11 (Segmentation fault) - core dumped + Segmentation fault (core dumped) + [Where problems could occur] - * Regressions would be around use-cases of linux-user that is - emulation not of a system but of binaries. - Commonly uses for cross-tests and cross-builds so that is the - space to watch for regressions + * Regressions would be around use-cases of linux-user that is + emulation not of a system but of binaries. + Commonly uses for cross-tests and cross-builds so that is the + space to watch for regressions [Other Info] - - * n/a + * n/a --- In Debian unstable, we recently switched bash to be a PIE-compiled binary (for hardening). Unfortunately this resulted in bash being broken when run under qemu-user (for all target architectures, host being amd64 for me). $ sudo chroot /srv/chroots/sid-i386/ qemu-i386-static /bin/bash bash: xmalloc: .././shell.c:1709: cannot allocate 10 bytes (0 bytes allocated) bash has its own malloc implementation based on sbrk(): https://git.savannah.gnu.org/cgit/bash.git/tree/lib/malloc/malloc.c When we disable this internal implementation and rely on glibc's malloc, then everything is fine. But it might be that glibc has a fallback when sbrk() is not working properly and it might hide the underlying problem in qemu-user. This issue has also been reported to the bash upstream author and he suggested that the issue might be in qemu-user so I'm opening a ticket here. Here's the discussion with the bash upstream author: https://lists.gnu.org/archive/html/bug-bash/2018-02/threads.html#00080 You can find the problematic bash binary in that .deb file: http://snapshot.debian.org/archive/debian/20180206T154716Z/pool/main/b/bash/bash_4.4.18-1_i386.deb The version of qemu I have been using is 2.11 (Debian package qemu-user- static version 1:2.11+dfsg-1) but I have had reports that the problem is reproducible with older versions (back to 2.8 at least). Here are the related Debian bug reports: https://bugs.debian.org/889869 https://bugs.debian.org/865599 It's worth noting that bash used to have this problem (when compiled as a PIE binary) even when run directly but then something got fixed in the kernel and now the problem only appears when run under qemu-user: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1518483 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1749393 Title: sbrk() not working under qemu-user with a PIE-compiled binary? To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1749393/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs