Issue with msgrcv in a 32-bit application and -ve argument

Bug #1393355 reported by bugproxy on 2014-11-17
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
linux (Ubuntu)
Undecided
Unassigned
Trusty
Undecided
Tim Gardner
Utopic
Undecided
Unassigned
Vivid
Undecided
Unassigned

Bug Description

== Comment: #0 - R. Wilson <email address hidden> - 2014-11-13 08:11:01 ==
---Problem Description---
system call msgrcv() from 32-bit application shows error: msgrcv: No message of desired type
The following upstream commit resolves the issue.

commit e7ca2552369c1dfe0216c626baf82c3d83ec36bb
Author: Mateusz Guzik <email address hidden>
Date: Mon Jan 27 17:07:11 2014 -0800

    ipc: fix compat msgrcv with negative msgtyp

    Compat function takes msgtyp argument as u32 and passes it down to
    do_msgrcv which results in casting to long, thus the sign is lost and we
    get a big positive number instead.

    Cast the argument to signed type before passing it down.

We now hit the problem on Ubuntu 14_04 and need to know if a similar patch is forthcoming.

---uname output---
Linux ctg-a-il-u1 3.13.0-39-generic #66-Ubuntu SMP Tue Oct 28 13:30:27 UTC 2014 x86_64 x86_64 x86_64 GNU/Linux

Machine Type = VMware guest

---Debugger---
A debugger is not configured

---Steps to Reproduce---
 Compile test applications using gcc -m32 -o <name> <name.c>
Run test application testmsgs to send a message to a queue
Run test application testmsgr that *should* retriieve message sent by testmsgs
Observe that testmsgr does not retrieve message

Repeat test, compilling with -m64 instead - applications work as expected

Stack trace output:
 no

Oops output:
 no

Userspace tool common name: custom application designed to replicate problem

The userspace tool has the following bit modes: 32-bit

System Dump Info:
  The system is not configured to capture a system dump.

== Comment: #2 - R. Wilson <email address hidden> - 2014-11-13 08:15:25 ==
Back trace for testmsgr:

(gdb) bt
#0 0xf777c430 in __kernel_vsyscall ()
#1 0xf76a4660 in msgrcv () from /lib32/libc.so.6
#2 0x08048573 in main ()
(gdb)

The msgrcv *should* have returned immediately as the message was placed on the queue by testmsgs

Default Comment by Bridge

tags: added: architecture-all bugnameltc-118951 severity-critical targetmilestone-inin---
bugproxy (bugproxy) wrote :

Default Comment by Bridge

Thank you for taking the time to report this bug and helping to make Ubuntu better. It seems that your bug report is not filed about a specific source package though, rather it is just filed against Ubuntu in general. It is important that bug reports be filed about source packages so that people interested in the package can find the bugs about it. You can find some hints about determining what package your bug might be about at https://wiki.ubuntu.com/Bugs/FindRightPackage. You might also ask for help in the #ubuntu-bugs irc channel on Freenode.

To change the source package that this bug is filed about visit https://bugs.launchpad.net/ubuntu/+bug/1393355/+editstatus and add the package name in the text box next to the word Package.

[This is an automated message. I apologize if it reached you inappropriately; please just reply to this message indicating so.]

tags: added: bot-comment
affects: ubuntu → linux
affects: linux → linux (Ubuntu)
Changed in linux (Ubuntu):
status: New → Incomplete
status: Incomplete → Confirmed
tags: added: kernel-da-key
Tim Gardner (timg-tpi) on 2014-11-20
Changed in linux (Ubuntu Utopic):
status: New → Fix Released
Changed in linux (Ubuntu Vivid):
status: Confirmed → Fix Released
Changed in linux (Ubuntu Trusty):
assignee: nobody → Tim Gardner (timg-tpi)
status: New → In Progress
Tim Gardner (timg-tpi) on 2014-11-20
Changed in linux (Ubuntu Trusty):
status: In Progress → Fix Committed
Brad Figg (brad-figg) wrote :

This bug is awaiting verification that the kernel in -proposed solves the problem. Please test the kernel and update this bug with the results. If the problem is solved, change the tag 'verification-needed-trusty' to 'verification-done-trusty'.

If verification is not done by 5 working days from today, this fix will be dropped from the source code, and this bug will be closed.

See https://wiki.ubuntu.com/Testing/EnableProposed for documentation how to enable and use -proposed. Thank you!

tags: added: verification-needed-trusty

------- Comment From <email address hidden> 2014-12-03 05:22 EDT-------
Comment: From R. Wilson:

Having applied the latest kernel, I can confirm that the issue appears resolved.
Is there a timescale for when this kernel will be made available for general release?

Luis Henriques (henrix) wrote :

As per comment #5 I'm tagging this bug as verified. The kernel you tested should be released during this week.

tags: added: verification-done-trusty
removed: verification-needed-trusty
Launchpad Janitor (janitor) wrote :
Download full text (14.0 KiB)

This bug was fixed in the package linux - 3.13.0-41.70

---------------
linux (3.13.0-41.70) trusty; urgency=low

  [ Luis Henriques ]

  * Release Tracking Bug
    - LP: #1396112

  [ Chris J Arges ]

  * [Config] CONFIG_SCOM_DEBUGFS=y for powerpc/powerpc64-smp
    ppc64el/generic
    - LP: #1395855

  [ Upstream Kernel Changes ]

  * Revert "KVM: x86: Handle errors when RIP is set during far jumps"
    - LP: #1393477
  * Revert "net/macb: add pinctrl consumer support"
    - LP: #1393477
  * Revert "iwlwifi: mvm: treat EAPOLs like mgmt frames wrt rate"
    - LP: #1393477
  * Revert "ipmi: simplify locking"
    - LP: #1383921
  * ACPI / blacklist: add Win8 OSI quirks for some Dell laptop models
    - LP: #1339456
  * ACPI / battery: Accelerate battery resume callback
    - LP: #838543
  * tools: cpu-hotplug fix unexpected operator error
  * netlink: reset network header before passing to taps
    - LP: #1393477
  * rtnetlink: fix VF info size
    - LP: #1393477
  * myri10ge: check for DMA mapping errors
    - LP: #1393477
  * tcp: don't use timestamp from repaired skb-s to calculate RTT (v2)
    - LP: #1393477
  * sit: Fix ipip6_tunnel_lookup device matching criteria
    - LP: #1393477
  * tcp: fix tcp_release_cb() to dispatch via address family for
    mtu_reduced()
    - LP: #1393477
  * tcp: fix ssthresh and undo for consecutive short FRTO episodes
    - LP: #1393477
  * packet: handle too big packets for PACKET_V3
    - LP: #1393477
  * openvswitch: fix panic with multiple vlan headers
    - LP: #1393477
  * vxlan: fix incorrect initializer in union vxlan_addr
    - LP: #1393477
  * l2tp: fix race while getting PMTU on PPP pseudo-wire
    - LP: #1393477
  * bonding: fix div by zero while enslaving and transmitting
    - LP: #1393477
  * bridge: Check if vlan filtering is enabled only once.
    - LP: #1393477
  * bridge: Fix br_should_learn to check vlan_enabled
    - LP: #1393477
  * net: allow macvlans to move to net namespace
    - LP: #1393477
  * tg3: Work around HW/FW limitations with vlan encapsulated frames
    - LP: #1393477
  * tg3: Allow for recieve of full-size 8021AD frames
    - LP: #1393477
  * xfrm: Generate blackhole routes only from route lookup functions
    - LP: #1393477
  * xfrm: Generate queueing routes only from route lookup functions
    - LP: #1393477
  * macvtap: Fix race between device delete and open.
    - LP: #1393477
  * gro: fix aggregation for skb using frag_list
    - LP: #1393477
  * hyperv: Fix a bug in netvsc_start_xmit()
    - LP: #1393477
  * ip6_gre: fix flowi6_proto value in xmit path
    - LP: #1393477
  * team: avoid race condition in scheduling delayed work
    - LP: #1393477
  * sctp: handle association restarts when the socket is closed.
    - LP: #1393477
  * tcp: fixing TLP's FIN recovery
    - LP: #1393477
  * sparc64: Do not disable interrupts in nmi_cpu_busy()
    - LP: #1393477
  * sparc64: Fix pcr_ops initialization and usage bugs.
    - LP: #1393477
  * sparc32: dma_alloc_coherent must honour gfp flags
    - LP: #1393477
  * sparc64: sun4v TLB error power off events
    - LP: #1393477
  * sparc64: Fix corrupted thread fault code.
    - LP: #1393477
  * sparc64: find_node adjustment
   ...

Changed in linux (Ubuntu Trusty):
status: Fix Committed → Fix Released
bugproxy (bugproxy) wrote :

------- Comment From <email address hidden> 2015-01-13 16:08 EDT-------
Released with Linux - 3.13.0-41.70 - and LP# status is Fix Released with tag: verification_done so closing bug.

bugproxy (bugproxy) on 2015-01-13
tags: added: targetmilestone-inin14042
removed: targetmilestone-inin---
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Other bug subscribers