Wine causes process hang in kernel when running applications from FAT partition

Bug #137978 reported by Krzysztof Lichota on 2007-09-07
14
Affects Status Importance Assigned to Milestone
Wine
Invalid
High
linux-source-2.6.15 (Ubuntu)
High
Colin Ian King
Dapper
High
Unassigned

Bug Description

Binary package hint: wine

Distro: Kubuntu Dapper 6.06
Wine: 0.9.9-0ubuntu2 (tested also with 0.9.39 from winehq.org)
Kernel: 2.6.15-29-386 (2.6.15-29.58)

When .exe is run from FAT partition, wine process gets stuck in kernel in "D" state and cannot be killed.
I have straced the process and it appears it is stuck in:
ioctl(9, TUNIOCGETINFO or VFAT_IOCTL_READDIR_BOTH

This way user can prevent unmounting FAT partition by running wine on FAT partition.

TESTCASE:
1. Mount any FAT volume (for example USB pendrive)
2. Copy some file.exe file to it.
3. Run: wine /media/mydisk/file.exe
4. Wine hangs and cannot be killed.

Possible workaround is to recompile wine with "#define VFAT_IOCTL_READDIR_BOTH" in dlls/ntdll/directory.c commented out.
I have checked that it works.

> This is kernel bug, but affects only wine, so workaround in wine is easier.

Invalid right from the gate.

> When .exe is run from FAT partition

Wine does not support running apps from a FAT partition.

Closing.

James it a perfectly valid bug report. Please do not close something that does not fit the google's perspective on the world.

Reporter, upgrade to the latest Wine version (which is wine-0.9.44) and retest.
However you should really upgrade your kernel version.

> Wine does not support running apps from a FAT partition.

According to http://wiki.winehq.org/FAQ,"Does it matter what filesystem I use?"
<quote>
Wine is written to be file system independent, so MS Windows applications will
install and run under virtually any file system supported by your brand of UNIX.
</quote>

Wine already has workarounds for various kernel bugs in VFAT driver, so adding
one more shouldn't hurt IMO.

Re-opening.

Have we talked to the kernel dev for vfat about these problems?

(In reply to comment #1)
> Wine does not support running apps from a FAT partition.

Wine contains hooks which are valid only on FAT partition, like the mentioned VFAT_IOCTL_READDIR_BOTH ioctl.

I will re-test on wine 0.44, but from reading the source I am pretty sure it is the same.

Tested with 0.9.44 (0.9.44~winehq0~ubuntu~6.06-1).
It is the same:
3525 pts/2 D+ 0:00 ./putty.exe

Please don't change the original reported version.

Binary package hint: wine

Distro: Kubuntu Dapper 6.06
Wine: 0.9.9-0ubuntu2 (tested also with 0.9.39 from winehq.org)
Kernel: 2.6.15-29-386 (2.6.15-29.58)

When .exe is run from FAT partition, wine process gets stuck in kernel in "D" state and cannot be killed.
I have straced the process and it appears it is stuck in:
ioctl(9, TUNIOCGETINFO or VFAT_IOCTL_READDIR_BOTH

This way user can prevent unmounting FAT partition by running wine on FAT partition.

To reproduce:
1. Mount any FAT volume (for example USB pendrive)
2. Copy some file.exe file to it.
3. Run: wine /media/mydisk/file.exe
4. Wine hangs and cannot be killed.

Possible workaround is to recompile wine with "#define VFAT_IOCTL_READDIR_BOTH" in dlls/ntdll/directory.c commented out.
I have checked that it works.

In , Dan Kegel (dank) wrote :

How urgent is this to fix?

Does it e.g. hurt people using "portable apps" on pen drives?
I haven't heard of any complaints from those folks for some reason...

I guess this does not happen in newer kernel version.
Kernel 2.6.15 is though used in Ubuntu 6.06, which is long-term supported version, so it should be spotted by some people.

I have come across the bug when some other user reported he cannot run application from his Windows partition (which used FAT), but FAT Windows partitions are rare this time.

If this particular bug is fixed newer kernels, can we just resolve this invalid then? It's not a wine bug.

If you want this fixed in ubuntu LTS, you should file a bug report there. That seems reasonable enough.

(In reply to comment #12)
> If this particular bug is fixed newer kernels, can we just resolve this invalid
> then? It's not a wine bug.
>
> If you want this fixed in ubuntu LTS, you should file a bug report there. That
> seems reasonable enough.

I don't know if it is fixed in newer kernel versions. If it is, I guess you should close the bug.

Changed in wine:
status: Unknown → New

I have sucessfuly started several programs from a pen-drive on my 2.6.20-16 kernel from Ubuntu 7.04 and then unmounted the drive. Do you have this problem with every executable you try to run or only certain directories or executables triggers the bug? Can you create a small FAT image (let's say no more than 360kB) that triggers it and attach it (compressed) to this bug?

Abandoned.

Closing.

Changed in wine:
status: New → Invalid
b.rich (richardbuehler) wrote :

It's a problem for me, too.

I must start Windows instead using wine,
I guess many users got that problem
but didn't complain yet.

This is not a wine bug, wine will not solve it because actual Kernels don't have this bug.

Last 6.06-LTS Kernel version without this bug: 2.6.15-27 (works well with wine),
2.6.15-28 produces hangup in wine.

Stephan Rügamer (sruegamer) wrote :

I'll change the package for this bug, because this is a kernel bug in dapper as it seems.

Regards,
\sh

Stephan Rügamer (sruegamer) wrote :

Dear Colleagues,

this is a regression against latest linux kernel images.
last working kernel in dapper: 2.6.15-27

Regards,

\sh

I ran into this bug with wine 1.0-rc1 and Picasa on a machine running Ubuntu Dapper. Picasa scanned a USB drive and hung on the ioctl call.

I'll test on more machines when I get a chance. Reopening.

Changed in wine:
status: Invalid → New

This is a kernel bug only found in Ubuntu Dapper 2.6.15-28 and up, due to a copy and paste error in the Ubuntu specific patches. Fortunately it's an one-liner so hopefully Ubuntu will push out a new update soon.

Lei Zhang (thestig-google) wrote :

When the package maintainers backported CVE-2007-2878, [1] they made a typo while adapting the code to kernel 2.6.15.

With [2] applied to the 2.6.15 source code, fat_ioctl_readdir() is as follows:

...
down(&inode->i_sem);
ret = -ENOENT;
if (!IS_DEADDIR(inode)) {
    ret = __fat_readdir(inode, filp, &buf, filldir, short_only, both);
}
down(&inode->i_sem);
...

The second down() should be an up().

This only affect the dapper kernels 2.6.15-28-51, but not later kernels used in Ubuntu 6.10+, which kept the mutex_lock() / mutex_unlock() from the original commit in kernel 2.6.21.2.

[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2878
[2] http://archive.ubuntu.com/ubuntu/pool/main/l/linux-source-2.6.15/linux-source-2.6.15_2.6.15-51.66.diff.gz

Changed in wine:
status: New → Invalid
Scott Ritchie (scottritchie) wrote :

We can work around this in Wine when we backport 1.0 to dapper, if need be. it's a fairly simple patch:

Lei Zhang (thestig-google) wrote :

I'd like to see the fix go into the kernel. (Who do we have to nudge for that to happen, BTW?) Though according to Google code search, Wine is pretty much the only project that calls that ioctl. So I guess we can just work around it if needed.

Beginning with the Hardy Heron 8.04 development cycle, all open Ubuntu kernel bugs need to be reported against the "linux" kernel package. We are automatically migrating this linux-source-2.6.15 kernel bug to the new "linux" package. We appreciate your patience and understanding as we make this transition. Also, if you would be interested in testing the upcoming Intrepid Ibex 8.10 release, it is available at http://www.ubuntu.com/testing . Please let us know your results. Thanks!

Moving this back to be against the linux-source-2.6.15 package. Will ping the kernel team to take a look. Thanks.

Changed in linux:
assignee: nobody → ubuntu-kernel-team
importance: Undecided → High
status: New → Triaged
Changed in linux-source-2.6.15:
assignee: ubuntu-kernel-team → colin-king
milestone: none → dapper-updates
status: Triaged → In Progress
Colin Ian King (colin-king) wrote :

Hi, I have build a set of kernels with this fix. Can you download the appropriate deb from:

http://people.ubuntu.com/~cking/sru-137978/

and try it out to see if this fixes the bug. Once it has been verified, it can be put into the kernel as fix for the next release.

Thanks, Colin

Colin Ian King (colin-king) wrote :

OK, I've tested this myself doing:

1. Install 6.0.6 LTS i386 Desktop inside VirtualBox
2. Download all the latest updates
3. Install Wine
4. Download a Windows application (VisualGPS from http://www.visualgps.net/VisualGPS/VisualGPSInstall.exe)
5. Create a fat32 filesystem and loop-back mount it
6. Copy the Windows application to the fat32 filesystem
7. Start wine on the application and indeed it hangs.
8. Install the fixed kernel
9. Reboot
10. Remount the fat32 filesystem
11. Start wine on the application and it runs OK.

Lei Zhang (thestig-google) wrote :

Colin's test kernel works for me with Picasa 2.7 in Wine.

Colin Ian King (colin-king) wrote :

SRU Justification:

Impact: Running wine applications from a FAT filesystem causes the wine
process to get stuck in a kernel "D" state and cannot be killed. This
prevents a user from unmounting the FAT filesystem.

Fix: Replace a typo in fat_ioctl_readdir() introduced during
CVE-2007-2878, where the second semaphore down() should in fact be an
up().

Testcase: Without the patch one can trip the bug by:

1. Mount any FAT filesystem
2. Copy some file.exe file to it.
3. Run: wine /media/fattest/file.exe
4. Wine hangs and cannot be killed.

With the patch, this works. This has been tested by Lei Zhang (message 12 above) and by
myself (message 11).

Changed in linux-source-2.6.15:
status: In Progress → Fix Committed
Martin Pitt (pitti) wrote :

Accepted into -proposed, please test and give feedback here. Please see https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you in advance!

Closing invalid.

Steve Beattie (sbeattie) on 2008-09-19
Changed in linux-source-2.6.15:
importance: Undecided → High
status: New → Fix Committed
milestone: none → dapper-updates
description: updated

FYI, the one liner patch has been committed into Ubuntu. A linux kernel with version > 2.6.15-52.71 should be available for Dapper in the near future.

Steve Beattie (sbeattie) wrote :

I have reproduced the problem with the linux kernel image version 2.6.15-52.71 in dapper-security and can confirm that the version in dapper-proposed, 2.6.15-52.72, addresses the issue; with the dapper-proposed kernel, I am now able to run windows applications off of FAT filesystems with wine.

Unfortunately, because the kernel was accidentally left in NEW and hadn't made it out to dapper-proposed, we should probably reset the 7 day waiting period.

Thanks!

Steve Beattie (sbeattie) wrote :

I also have run the ltp tests from the dapper ltp packages (such as they are, they're a bit buggy) and didn't find any regressions with the kernel from dapper-proposed.

Martin Pitt (pitti) wrote :

I assume this doesn't affect intrepid.

Changed in linux-source-2.6.15:
milestone: dapper-updates → none
status: Fix Committed → Invalid
Martin Pitt (pitti) wrote :

Copied to dapper-updates.

Changed in linux-source-2.6.15:
status: Fix Committed → Fix Released
Lei Zhang (thestig-google) wrote :

Correct, it only affects Dapper.

Changed in wine:
importance: Unknown → High
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.