On Mon, Feb 1, 2021 at 11:22 PM Detlef Vollmann <d...@vollmann.ch> wrote: > > On 2/1/21 3:56 AM, Shengjing Zhu wrote: > > On Sun, Jan 31, 2021 at 11:07:09PM +0100, Detlef Vollmann wrote: > >> Package: docker.io > >> Version: 20.10.2+dfsg1-2 > >> Severity: minor > >> X-Debbugs-Cc: d...@vollmann.ch > >> > >> Dear Maintainer, > >> > >> > >> * What led up to the situation? > >> On system startup, dockerd starts a container with a single > >> S/390 binary. Via binfmt this starts qemu-s390x-static with this > >> binary, and that segfaults: > >> kernel: check[2481]: segfault at 2346320 ip 000000000043afa0 sp > >> 00007ffdb3fc62c8 error 4 in qemu-s390x-static[401000+2b0000] > >> > > > > The segfault is in qemu-s390x-static, thus it's more likely a bug in qemu. > While I agree that a segfault is not the best way to react > to a precondition that's not met, the problem with dockerd is that > dockerd is calling it without providing the precondition > (which I assume is a mounted /proc).
I don't think so. In the container you don't need to mount binfmt. For example $ docker run --rm -it --platform arm64 alpine sh -c 'ldd; mount|grep proc' musl libc (aarch64) Version 1.2.2 Dynamic Program Loader Usage: /lib/ld-musl-aarch64.so.1 [options] [--] pathname proc on /proc type proc (rw,nosuid,nodev,noexec,relatime) proc on /proc/bus type proc (ro,relatime) proc on /proc/fs type proc (ro,relatime) proc on /proc/irq type proc (ro,relatime) proc on /proc/sys type proc (ro,relatime) proc on /proc/sysrq-trigger type proc (ro,relatime) tmpfs on /proc/asound type tmpfs (ro,relatime) tmpfs on /proc/acpi type tmpfs (ro,relatime) tmpfs on /proc/kcore type tmpfs (rw,nosuid,size=65536k,mode=755) tmpfs on /proc/keys type tmpfs (rw,nosuid,size=65536k,mode=755) tmpfs on /proc/timer_list type tmpfs (rw,nosuid,size=65536k,mode=755) tmpfs on /proc/sched_debug type tmpfs (rw,nosuid,size=65536k,mode=755) It runs an arm64 image, with qemu-user-static. I only register the binfmt on the host. In the container it doesn't have. > > >> This started with docker.io 20.10.1+dfsg1-1. > >> > > > > Has the version of qemu-user-static package changed? > Yes (from 1:5.2+dfsg-2 to 1:5.2+dfsg-3), but that's not the point. > If I start qemu-s390x-static exactly the same way as docker, > but in the host environment, it doesn't crash. > > BTW, I'm still not really clear why dockerd starts an S/390 > binary at all. It doesn't do that for any other (foreign) > architecture. I think it's the script in the image. Especially what is the `check` binary? Who calls it? If your image doesn't have that, then maybe you have some custom hooks on the host. -- Shengjing Zhu
