[Bug 1980896] Re: failed to install ca-certificates-java in ppc64le systems: fatal: Tried to call a TRAP
Launchpad Bug Tracker
1980896 at bugs.launchpad.net
Tue Jul 19 18:21:22 UTC 2022
This bug was fixed in the package qemu - 1:7.0+dfsg-7ubuntu1
---------------
qemu (1:7.0+dfsg-7ubuntu1) kinetic; urgency=medium
* Merge with Debian unstable (LP: #1971315)(LP: #1980896), remaining changes:
- qemu-kvm to systemd unit
- d/qemu-kvm-init: script for QEMU KVM preparation modules, ksm,
hugepages and architecture specifics
- d/qemu-system-common.qemu-kvm.service: systemd unit to call
qemu-kvm-init
- d/qemu-system-common.install: install helper script
- d/qemu-system-common.qemu-kvm.default: defaults for
/etc/default/qemu-kvm
- d/rules: call dh_installinit and dh_installsystemd for qemu-kvm
- Distribution specific machine type
(LP: 1304107 1621042 1776189 1761372 1761372 1776189)
- d/p/ubuntu/define-ubuntu-machine-types.patch: define distro machine
types containing release versioned machine attributes
- d/qemu-system-x86.NEWS Info on fixed machine type defintions
for host-phys-bits=true
- Add an info about -hpb machine type in debian/qemu-system-x86.NEWS
- ubuntu-q35 alias added to auto-select the most recent q35 ubuntu type
- Enable nesting by default
- d/p/ubuntu/enable-svm-by-default.patch: Enable nested svm by default
in qemu64 on amd
[ No more strictly needed, but required for backward compatibility ]
- tolerate ipxe size change on migrations to >=18.04 (LP: 1713490)
- d/p/ubuntu/pre-bionic-256k-ipxe-efi-roms.patch: old machine types
reference 256k path
- d/control-in: depend on ipxe-qemu-256k-compat-efi-roms to be able to
handle incoming migrations from former releases.
- d/qemu-system-x86.README.Debian: add info about updated nesting changes
- Ease the use of module retention on upgrades (LP 1913421)
- debian/qemu-block-extra.postinst: enable mount unit on install/upgrade
- Fix I/O stalls when using NVMe storage (LP 1970737).
- d/p/lp1970737-linux-aio-*.patch: Fix unbalanced plugged counter
in laio_io_unplug.
- SECURITY UPDATE: heap overflow in floppy disk emulator
- debian/patches/CVE-2021-3507.patch: prevent end-of-track overrun in
hw/block/fdc.c.
- CVE-2021-3507
* Dropped Changes [now part of 1:7.0+dfsg-7]:
- d/rules: xen libexec dir is no more versioned
- d/rules: ensure xen is built on x86
- d/kvm-spice: fix when acceleration is already defined on the commandline
- debian/control[-in]: no more disable glusterfs in Ubuntu (LP 1246924)
* Dropped Changes [now part of upstream v7.0.0]
- d/p/u/lp-1959984-s390x-ipl-support-extended-kernel-command-line-size.patch
Allow long kernel command lines for QEMU (LP 1959984)
- d/p/u/fix-virtiofsd-for-glibc2.35.patch: add rseq to seccomp allow list
- d/p/u/tcg-Remove-dh_alias-indirection-for-dh_typecode.patch: fix 32bit
tcg on s390x.
- Fix diff handling on ceph that can cause data corruption (LP 1968258)
- d/p/u/lp-1968258-block-rbd-fix-handling-of-holes-in-.bdrv_co.patch
- d/p/u/lp-1968258-block-rbd-workaround-for-ceph-issue-53784.patch
- d/p/u/lp-1970563-ui-vnc.c-Fixed-a-deadlock-bug.patch: avoid deadlock
in vnc connections (LP 1970563)
- All CVE fixes of 1:6.2+dfsg-2ubuntu8 except CVE-2021-3507
* Dropped Changes
- d/p/lp-1952448-relax-skiboot-gcc-deprecation-errors.patch:
add patch to workaround FTBFS when building against OpenSSL 3.0.
[ now working with OpenSSL 3.0 ]
- d/optionrom.mak, d/p/u/avoid-fcf-clashing-with-i486.patch: fix
-fcf-protection being unavailble on -march=i486 (LP 1940029)
[ fixed in compiler toolchain ]
- Make qemu-system-x86-microvm a transitional package as the binary is now
in qemu-system-x86 itself.
[ no more needed]
* Added Changes
- d/control-in: switch qemu-system-x86-xen to qemu-system-xen as this
landed in Debian but under a different name.
- d/p/u/qboot-Disable-LTO-for-ELF-binary-build-step.patch: fix qboot FTBFS
with LTO
- d/p/u/lp-1981339-*: fix s390x system emulation (LP: #1981339)
qemu (1:7.0+dfsg-7) unstable; urgency=medium
* d/tests/test-qemu-user: rework ls/glob test a bit
* d/tests/test-qemu-user: fix ppc64le qemu architecture name
* d/binfmt-install: use proper name for binfmt.d (*.conf)
Hopefully closes: #1011003
* two virtio-scsi bugfixes from upstream:
virtio-scsi-fix-ctrl-and-event-handler-functions-in-dataplane.patch
virtio-scsi-don-t-waste-CPU-polling-the-event-virtqueue.patch
* 3 patches from upstream to fix possible coroutine crashes:
coroutine-use-QEMU_DEFINE_STATIC_CO_TLS.patch
coroutine-rename-qemu_coroutine_inc-dec_pool_size.patch
coroutine-revert-to-constant-batch-size.patch
* target-i386-do-not-consult-nonexistent-host-leaves.patch
* d/control: stop suggesting sudo for qemu-user-static
* Revert "d/rules: do not try to enable tcg-interpreter on unsupported
targets, it does not help anymore" - it does help but it needs a bit
more work
* disable xen support for qemu-system-x86 build and create a wrapper
for -i386 to redirect xen-related usage to xen-specific binary
with a warning (for bookworm only)
* common-user-no-user.patch: fix one of FTBFS on unsupported architectures
* d/rules: use regular variable assignment for BUILD_PACKAGES
* two trivial patches to fix spelling in roms:
openbios-spelling-endianess.patch
slof-spelling-seperator.patch
qemu (1:7.0+dfsg-6) unstable; urgency=medium
* d/rules: the forgotten --enable-xen-pci-passthrough for the xen build
* d/tests/test-qemu-user: rewrite to be more robust and complete and
include test for qemu-user-static too.
qemu (1:7.0+dfsg-5) unstable; urgency=medium
* d/tests/test-qemu-user.sh: more arch-specific debugging/updates
qemu (1:7.0+dfsg-4) unstable; urgency=medium
* d/tests/: fix failing tests.
- test-qemu-user: depend on gcc for dpkg-architecture to work,
and print debugging info for future switch to uname -m
- test-qemu-img: switch from using file to qemu-img info
qemu (1:7.0+dfsg-3) unstable; urgency=medium
[ Michael Tokarev ]
* d/binfmt-install: also generate binfmt.d/ entries for systemd
* d/control: use systemd as preferred alternative to binfmt-support
hopefully Closes: #789011 (Minimal dependencies to register binfmt)
Closes: #985889 (make binfmt setup configurable)
* d/control: remove Riku Voipio from Uploaders. Thank you Riku!
* d/rules: simplify DEB_BUILD_OPTIONS=parallel=N parsing
[ Guido Günther ]
* Add minimal autopkgtest (Closes: #832982)
qemu (1:7.0+dfsg-2) unstable; urgency=medium
* d/control: add Rules-Requires-Root: no
* d/control: switch to debhelper-compat=13
* d/control: drop "qemu" empty/dummy pseudopackage
* d/control: do not build linux-user* on ia64 and powerpc
(not supported by upstream anymore)
* d/control: add Breaks for qemu-system-data for other packages from which
it borrowed files in the past (Closes: #1008095)
* d/rules: switch to the dh sequence (but keep build-{arch,indep}),
rearrange some rules.
This brings us dh_dwz (very slow) and dh_strip_nondeterminism.
* d/rules: do not explicitly turn off slirp & capstone (now properly
controlled by --with[out]-default-features option)
* d/rules: do not try to enable tcg-interpreter on the unsupported
targets, it does not help to build tools anymore
* d/rules: do not chown -w d/control, it breaks dpkg-source
* d/rules: clean up the clean target
* d/not-installed: list many documentation files and qemu-plugin.h
* configure-make-fortify_source-yes-by-default.patch: enable
fortify-source for minimal builds too
* d/changelog: mention #990562 (CVE-2021-3611) closed by 7.0
qemu (1:7.0+dfsg-1) unstable; urgency=medium
* update to 7.0 release
qemu (1:7.0~rc4+dfsg-1) experimental; urgency=medium
* New upstream 7.0 (rc)
Closes: #990562, CVE-2021-3611
* remove patches applied upstream
* remove new binary file, pc-bios/edk2-x86_64-microvm.fd.bz2
* d/control: remove libxfs-dev build dependency,
the ioctl is implemented inline
* d/control: stop build-depend-indep on libc6.1-dev-alpha-cross,
not needed anymore
* d/rules: update skiboot version check (skiboot hasn't canged since 6.1)
* build & install vbootrom (npcm7xx_bootrom.bin), and
build-depend-indep on gcc-arm-none-eabi
* create a new binary package, qemu-system-xen, which provides
/usr/libexec/xen-qemu-system-i386 binary for use by xen only.
Once xen switches to use this binary instead of usual qemu-system-i386,
xen support will be removed from the regular qemu-system-x86 build
* use a fast inline version of /usr/share/dpkg/architecture.mk
qemu (1:6.2+dfsg-3) unstable; urgency=medium
[ Christian Ehrhardt ]
* d/rules: ensure xen is built on x86
* d/rules: xen libexec dir is no more versioned
* d/kvm-spice: fix when acceleration is already defined on the commandline
[ Michael Tokarev ]
* d/control, d/rules: do not compile xen support on i386,
since it is amd64-only now (since 4.16)
* d/control: add libbpf-dev & --enable-bpf for eBPF support
(Closes: #994573)
-- Christian Ehrhardt <christian.ehrhardt at canonical.com> Tue, 05 Jul
2022 12:07:19 +0200
** Changed in: qemu (Ubuntu Kinetic)
Status: In Progress => Fix Released
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3507
** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2021-3611
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1980896
Title:
failed to install ca-certificates-java in ppc64le systems: fatal:
Tried to call a TRAP
Status in qemu package in Ubuntu:
Fix Released
Status in qemu source package in Bionic:
Confirmed
Status in qemu source package in Focal:
Confirmed
Status in qemu source package in Impish:
Confirmed
Status in qemu source package in Jammy:
In Progress
Status in qemu source package in Kinetic:
Fix Released
Bug description:
[SRU Justification]
[Impact]
Failed to install ca-certificates-java in qemu emulated ppc64el guest
environment.
[Fix]
Upstream commit 083fe9a12d20 ("linux-user/ppc: deliver SIGTRAP on
POWERPC_EXCP_TRAP") along with the corresponding fix for tests in
commit 62089c849d49 ("tests/tcg/ppc64le: change
signal_save_restore_xer to use SIGTRAP") have been accepted in
upstream version v7.0.0-rc0.
The first patch depends on commit d30e60e7b4c3 ("linux-user/ppc: Use
force_sig_fault").
[Test Case]
apt-get install -y qemu qemu-user-static
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker run -it ppc64le/ubuntu:20.04 bash
apt-get update && apt-get install -y openjdk-11-jdk
[Where problems could occur]
SIGTRAP will then be handled properly inside the emulated environment,
so if some tool in the host side is expecting for such failure, it
will no longer be valid.
[Other Info]
While Debian already packaged qemu 1:7.0+dfsg-7 in
https://packages.debian.org/source/sid/qemu, it would be better to
upgrade qemu/kinetic to that instead, but I'll left that for the
maintainers.
For Impish and older, it takes more prerequisite commits yet to be
found and back ported.
========== original bug report ==========
Upstream bug: https://gitlab.com/qemu-project/qemu/-/issues/588
[Host environmen]
Operating system: Ubuntu Bionic/Focal/Kinetic
OS/kernel version:
Architecture: ppc64le
QEMU flavor: qemu-system-x86_64
QEMU version: 1:2.11+dfsg-1ubuntu7.40 (bionic), 1:4.2-3ubuntu6.23 (focal), 1:6.2+dfsg-2ubuntu6.2 (jammy)
[QEMU command line]
apt-get install -y qemu qemu-user-static
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker run -it ppc64le/ubuntu:20.04 bash
apt-get update && apt-get install -y openjdk-11-jdk
[Emulated/Virtualized environment]
Operating system: Ubuntu Bionic/Focal/Impish/Kinetic
OS/kernel version:
Architecture: ppc64le
[Description of problem]
qemu: fatal: Tried to call a TRAP occurs while running the:
/etc/ca-certificates/update.d/jks-keystore script which is part of the package ca-certificates-java that is installed as a dependency of openjdk-11-jdk
Unknown privilege violation (03)
NIP 0000004012db12b0 LR 0000004002a4335c CTR 0000004012db1280 XER 0000000000000000 CPU#1
MSR 9000000102806901 HID0 0000000000000000 HF 9000000002806001 iidx 6 didx 6
TB 00000538 2314542730558
GPR00 ffffffbffcc22660 00000040033dd940 0000004002d92f00 00000040033de9a0
GPR04 0000000000000000 0000000000002000 0000000000000000 0000000000000000
GPR08 0000004002df2f00 0000004002df3460 0000000000000001 0000000000000000
GPR12 0000004012db1280 00000040033e88f0 0000004001b87410 0000000000000000
GPR16 0000004001872000 0000004012db12a4 0000004012db12ac 0000004012db12d0
GPR20 0000004012db12d8 00000000000003d8 0000004004014e20 00000040040151f8
GPR24 0000004002dc39f8 00000040033df9a0 0000004004014e10 0000004004014dd0
GPR28 0000004002df3470 0000004012db1280 0000004002df4600 00000040033dd940
CR 24884400 [ E G L L G G - - ] RES 00000040033de9a0
qemu: fatal: Tried to call a TRAP
NIP 0000004013342588 LR 0000004013340d84 CTR 0000004013340c8c XER 0000000000000000 CPU#1
MSR 9000000102806901 HID0 0000000000000000 HF 9000000002806001 iidx 6 didx 6
TB 00000539 2317026761994
GPR00 0000000000000001 00000040033df9d0 0000004013340c00 00000000fff7ad68
GPR04 00000000fff7ad68 000000404d235860 0000000000000105 0000000000000000
GPR08 0000000100013f10 0000000000000000 0000000000000008 00000040033cfa60
GPR12 000000010003cd10 00000040033e88f0 000000404d204303 00000040033dfac0
GPR16 0000004004016000 00000000fff7ad68 00000040033dfb88 0000000100001808
GPR20 0000004012db8b90 00000040033dfa50 0000004012db8b90 0000000044000000
GPR24 0000004012dd9000 0000004002dd6aa0 00000040033dfad8 000000404d204b08
GPR28 0000000000000000 0000004012db1000 0000000000000010 000000404d2047a8
CR 48884424 [ G L L L G G E G ] RES ffffffffffffffff
FPR00 0000000100016f00 3ff000853ce957eb 0000000000000000 0000000000000000
FPR04 000000000000000a 0000000000000006 000000000000000e 0000000000000000
FPR08 0000000000000042 403a000000000000 0000000000000064 0000000000000064
FPR12 4060000000000000 0000003000000000 0000000000000000 0000000000000060
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 000000008a008000
Aborted (core dumped)
[Steps to reproduce]
apt-get install -y qemu qemu-user-static
docker run --rm --privileged multiarch/qemu-user-static --reset -p yes
docker run -it ppc64le/ubuntu:20.04 bash
apt-get update && apt-get install -y openjdk-11-jdk
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1980896/+subscriptions
More information about the Ubuntu-sponsors
mailing list