[UBUNTU 21.10] qemu: target/s390x: Fix translation exception on illegal instruction

Bug #1929926 reported by bugproxy
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Ubuntu on IBM z Systems
Medium
Skipper Bug Screeners
qemu (Ubuntu)
Medium
Canonical Server Team
Focal
Low
Unassigned
Groovy
Low
Unassigned
Hirsute
Low
Unassigned

Bug Description

--Problem Description---
Using an uretprobe in QEMU without hardware acceleration causes a SIGSEGV.

---uname output---
na

Machine Type = na

---Debugger---
A debugger is not configured

---Steps to Reproduce---
 Run attach_probe eBPF testcase in QEMU.

https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/tools/testing/selftests/bpf/prog_tests/attach_probe.c?h=v5.12#n73

Userspace tool common name: na
The userspace tool has the following bit modes: 64-bit
Userspace rpm: na
Userspace tool obtained from project website: na

Fix: https://git.qemu.org/?p=qemu.git;a=commit;h=86131c71b13257e095d8c4f4453d52cbc6553c07

Package qemu
    focal (20.04LTS) 1:4.2-3ubuntu6.14
    groovy (20.10) 1:5.0-5ubuntu9.6
    hirsute (21.04) 1:5.2+dfsg-9ubuntu2
    impish (metapackages): 1:5.2+dfsg-9ubuntu3

It would be good to have this fix in 20.04 and the later ones.

The patch applies cleanly to all levels.

Related branches

bugproxy (bugproxy)
tags: added: architecture-all bugnameltc-192947 severity-medium targetmilestone-inin2110
Changed in ubuntu:
assignee: nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage)
affects: ubuntu → qemu (Ubuntu)
Changed in ubuntu-power-systems:
importance: Undecided → Medium
Frank Heimes (fheimes)
Changed in ubuntu-power-systems:
assignee: nobody → Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage)
Changed in qemu (Ubuntu):
assignee: Ubuntu on IBM Power Systems Bug Triage (ubuntu-power-triage) → Canonical Server Team (canonical-server)
Changed in ubuntu-z-systems:
assignee: nobody → Skipper Bug Screeners (skipper-screen-team)
tags: added: qemu-21.10
Changed in qemu (Ubuntu Focal):
status: New → Triaged
Changed in qemu (Ubuntu Groovy):
status: New → Triaged
Changed in qemu (Ubuntu Hirsute):
status: New → Triaged
Changed in qemu (Ubuntu):
status: New → Triaged
Changed in qemu (Ubuntu Focal):
importance: Undecided → Low
Changed in qemu (Ubuntu Groovy):
importance: Undecided → Low
Changed in qemu (Ubuntu):
importance: Undecided → Medium
Changed in qemu (Ubuntu Hirsute):
importance: Undecided → Low
Revision history for this message
Frank Heimes (fheimes) wrote :

@IBM Please could you provide a more step-by-step test case?
That would allow us to verify the package once the fix got picked up.

Revision history for this message
Christian Ehrhardt  (paelzer) wrote :

Thanks for the report, it LGMT and makes sense - although uretprobe inside of s390x emulation is super rare and therefore not urgent IMHO.
I'd make this part of the qemu 6.0 (it is applied upstream after that) that I'll prep for Ubuntu 21.10 and once that is completed consider SRUs.

If you are not ok with this plan of action please speak up.

And to help the eventually happening SRU of this - an easy to use testcase would be very helpful.

Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
status: New → Triaged
Frank Heimes (fheimes)
Changed in ubuntu-power-systems:
status: New → Triaged
Revision history for this message
bugproxy (bugproxy) wrote : Comment bridged from LTC Bugzilla

------- Comment From <email address hidden> 2021-06-01 09:37 EDT-------
Here is a small test that doesn't require installing extra tools or building code:

echo "r:bash_readline /bin/bash:0x$(nm -D /bin/bash | awk '/T readline$/ {print $1}')" >/sys/kernel/debug/tracing/uprobe_events
echo 1 >/sys/kernel/debug/tracing/events/uprobes/bash_readline/enable
cat /sys/kernel/debug/tracing/trace

With the unfixed qemu you will lose your shell (provided it's bash) after step 2.

Frank Heimes (fheimes)
no longer affects: ubuntu-power-systems
Frank Heimes (fheimes)
Changed in ubuntu-z-systems:
importance: Undecided → Medium
Frank Heimes (fheimes)
Changed in qemu (Ubuntu):
status: Triaged → Fix Committed
Revision history for this message
Launchpad Janitor (janitor) wrote :
Download full text (6.0 KiB)

This bug was fixed in the package qemu - 1:6.0+dfsg-1~ubuntu3

---------------
qemu (1:6.0+dfsg-1~ubuntu3) impish; urgency=medium

  * d/p/u/lp-1935617-target-ppc-Fix-load-endianness-for-lxvwsx-lxvdsx.patch:
    fix TCG emulation for ppc64 (LP: #1935617)

qemu (1:6.0+dfsg-1~ubuntu2) impish; urgency=medium

  * d/control: remove fuse2 trial-build (LP 1934510)

qemu (1:6.0+dfsg-1~ubuntu1) impish; urgency=medium

  * Merge with Debian experimental, Among many other things this fixes LP Bugs:
    (LP: #1907952) broken arrow keys in -display gtk on aarch64
    - qemu-kvm to systemd unit
      - d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
        hugepages and architecture specifics
      - d/qemu-system-common.qemu-kvm.service: systemd unit to call
        qemu-kvm-init
      - d/qemu-system-common.install: install helper script
      - d/qemu-system-common.qemu-kvm.default: defaults for
        /etc/default/qemu-kvm
      - d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
    - Distribution specific machine type
      (LP: 1304107 1621042 1776189 1761372 1761372 1776189)
      - d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
        types containing release versioned machine attributes
      - d/qemu-system-x86.NEWS Info on fixed machine type defintions
        for host-phys-bits=true
      - Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
      - ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
    - Enable nesting by default
      - d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
        in qemu64 on amd
        [ No more strictly needed, but required for backward compatibility ]
    - improved dependencies
      - Make qemu-system-common depend on qemu-block-extra
      - Make qemu-utils depend on qemu-block-extra
      - Let qemu-utils recommend sharutils
    - tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
      - d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
        reference 256k path
      - d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
        handle incoming migrations from former releases.
    - d/control-in: Disable capstone disassembler library support (universe)
    - d/qemu-system-x86.README.Debian: add info about updated nesting changes
    - d/control*, d/rules: disable xen by default, but provide universe
      package qemu-system-x86-xen as alternative
      [includes compat links changes of 5.0-5ubuntu4]
    - Fix upgrade module handling (LP 1905377)
      --enable-module-upgrades for qemu-xen which doesn't exist in Debian
  * Dropped Changes [in 6.0]:
    - d/p/ubuntu/lp-1907789-build-no-pie-is-no-functional-liker-flag.patch: fix
      ld usage of -no-pie (LP 1907789)
    - d/p/u/lp-1916230-hw-s390x-fix-build-for-virtio-9p-ccw.patch: fix
      virtio-9p-ccw being missing (LP 1916230)
    - d/p/u/lp-1916705-disas-Fix-build-with-glib2.0-2.67.3.patch: Fix FTFBS due
      to glib2.0 >=2.67.3 (LP 1916705)
    - d/p/u/lp-1921754*: add EPYC-Rome-v2 as v1 missed IBRS and thereby fails
      on some HW/Guest combinations e.g. Windows 10 on Threadripper chips
  ...

Read more...

Changed in qemu (Ubuntu):
status: Fix Committed → Fix Released
Revision history for this message
Frank Heimes (fheimes) wrote :

Ubuntu 20.10 (Groovy Gorilla) reached its End of Life on July 22 2021, hence I'm updating now the groovy entry of this ticket to Won't Fix.

Changed in qemu (Ubuntu Groovy):
status: Triaged → Won't Fix
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers