Ubuntu
qemu package

qemu-aarch64-static segfaults running ldconfig.real (amd64 host)

Bug #2072564 reported by Dimitry Andric
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
QEMU
New
Unknown
qemu (Ubuntu)
Triaged
Undecided
Sergio Durigan Junior

Bug Description

This affects the qemu-user-static 1:8.2.2+ds-0ubuntu1 package on Ubuntu 24.04, running on a amd64 host.

When running docker containers with Ubuntu 22.04 in them, emulating arm64 with qemu-aarch64-static, invocations of ldconfig (actually ldconfig.real) segfault. For example:

$ docker run -ti --platform linux/arm64/v8 ubuntu:22.04
root@8861ff640a1c:/# /sbin/ldconfig.real
Segmentation fault

If you copy the ldconfig.real binary to the host, and run it directly via qemu-aarch64-static:

$ gdb --args qemu-aarch64-static ./ldconfig.real
GNU gdb (Ubuntu 15.0.50.20240403-0ubuntu1) 15.0.50.20240403-git
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from qemu-aarch64-static...
Reading symbols from /home/dim/.cache/debuginfod_client/86579812b213be0964189499f62f176bea817bf2/debuginfo...
(gdb) r
Starting program: /usr/bin/qemu-aarch64-static ./ldconfig.real
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".
[New Thread 0x7ffff76006c0 (LWP 28378)]

Thread 1 "qemu-aarch64-st" received signal SIGSEGV, Segmentation fault.
0x00007fffe801645b in ?? ()
(gdb) disassemble
No function contains program counter for selected frame.

It looks like this is a known qemu regression after v8.1.1:
https://gitlab.com/qemu-project/qemu/-/issues/1913

Downgrading the package to qemu-user-static_8.0.4+dfsg-1ubuntu3_amd64.deb fixes the segfault.

Revision history for this message
Dimitry Andric (dimitry.unified-streaming.com) wrote :

I can confirm that reverting https://gitlab.com/qemu-project/qemu/-/commit/aec338d63bc28f1f13d5e64c561d7f1dd0e4b07e, as described in https://gitlab.com/qemu-project/qemu/-/issues/1913, solves the issue.

Revision history for this message
Sergio Durigan Junior (sergiodj) wrote :

Thank you for taking the time to report a bug.

It seems that the discussion about whether that specific commit should be reverted is still ongoing. As such, I don't feel confident in backporting any fixes that have not been accepted by upstream, and I would like to wait for their solution to the problem.

I will mark the bug as Triaged, but let's wait until there's a decision upstream on what to do with the issue.

Thanks.

Changed in qemu (Ubuntu):
status: New → Triaged
assignee: nobody → Sergio Durigan Junior (sergiodj)
Revision history for this message
Dimitry Andric (dimitry.unified-streaming.com) wrote :

For the moment, the problem can be worked around by installing older packages, but it is not really a supported configuration: the older package was built for Ubuntu 22.04.

I agree that upstream should make a decision first, but it seems that they are not yet convinced whether reverting will cause other issues.

Indeed it looks like /sbin/ldconfig is a bit of a special case, and the versions shipped in some Ubuntu releases work, while others segfault (the permission error is fine, as my non-privileged user cannot write /etc):

ldconfig.real.focal ldconfig.real.focal: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
ldconfig.real.groovy ldconfig.real.groovy: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
ldconfig.real.hirsute Segmentation fault (core dumped)
ldconfig.real.impish Segmentation fault (core dumped)
ldconfig.real.jammy Segmentation fault (core dumped)
ldconfig.real.kinetic ldconfig.real.kinetic: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
ldconfig.real.lunar ldconfig.real.lunar: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
ldconfig.real.mantic ldconfig.real.mantic: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
ldconfig.real.noble ldconfig.real.noble: Can't create temporary cache file /etc/ld.so.cache~: Permission denied
ldconfig.real.oracular ldconfig.real.oracular: Can't create temporary cache file /etc/ld.so.cache~: Permission denied

So the 'window' of bad ldconfig versions is from hirsute (21.04) through jammy (22.04). After that, the problem seems to disappear.

Bug Watch Updater (bug-watch-updater)
Changed in qemu:
status: Unknown → New
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.