didi2@linux:~> strace -f qemu testclonenonptl execve("/usr/local/bin/qemu", ["qemu", "testclonenonptl"], [/* 67 vars */]) = 0 uname({sys="Linux", node="linux", ...}) = 0 brk(0) = 0x80463540 old_mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40019000 open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=102185, ...}) = 0 old_mmap(NULL, 102185, PROT_READ, MAP_PRIVATE, 3, 0) = 0x4001a000 close(3) = 0 open("/lib/i686/libm.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 5\0\000"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=183008, ...}) = 0 old_mmap(NULL, 142672, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40033000 old_mmap(0x40055000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x21000) = 0x40055000 close(3) = 0 open("/lib/i686/libc.so.6", O_RDONLY) = 3 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320]\1"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1461208, ...}) = 0 old_mmap(NULL, 1256644, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x40056000 old_mmap(0x40182000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x12c000) = 0x40182000 old_mmap(0x40187000, 7364, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40187000 close(3) = 0 mprotect(0x80000000, 327680, PROT_READ|PROT_WRITE) = 0 mprotect(0x80000000, 327680, PROT_READ|PROT_EXEC) = 0 munmap(0x4001a000, 102185) = 0 brk(0) = 0x80463540 brk(0x80484540) = 0x80484540 brk(0) = 0x80484540 brk(0x80485000) = 0x80485000 open("/usr/local/qemu-i386", O_RDONLY|O_NONBLOCK|O_LARGEFILE|O_DIRECTORY) = -1 ENOENT (No such file or directory) open("testclonenonptl", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0755, st_size=9503, ...}) = 0 geteuid32() = 500 getegid32() = 100 lseek(3, 0, SEEK_SET) = 0 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\2\0\3\0\1\0\0\0\360\203"..., 128) = 128 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001a000 lseek(3, 52, SEEK_SET) = 52 read(3, "\6\0\0\0004\0\0\0004\200\4\0104\200\4\10\300\0\0\0\300"..., 192) = 192 lseek(3, 244, SEEK_SET) = 244 read(3, "/lib/ld-linux.so.2\0", 19) = 19 open("/lib/ld-linux.so.2", O_RDONLY) = 4 lseek(4, 0, SEEK_SET) = 0 read(4, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\20\f\0"..., 128) = 128 mmap2(NULL, 528384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40189000 mprotect(0x40209000, 4096, PROT_NONE) = 0 munmap(0x4001a000, 4096) = 0 mmap2(0x8048000, 4096, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x8048000 mmap2(0x8049000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0) = 0x8049000 lseek(4, 52, SEEK_SET) = 52 read(4, "\1\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\354s\1\0\354s\1\0\5\0"..., 128) = 128 mmap2(NULL, 33554432, PROT_NONE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4020a000 mmap2(0x4020a000, 98304, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0) = 0x4020a000 mmap2(0x40222000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 4, 0x17) = 0x40222000 close(4) = 0 close(4) = -1 EBADF (Bad file descriptor) close(3) = 0 getuid32() = 500 geteuid32() = 500 getgid32() = 100 getegid32() = 100 rt_sigaction(SIGHUP, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGINT, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGQUIT, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGILL, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGTRAP, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGABRT, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGBUS, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGFPE, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGKILL, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = -1 EINVAL (Invalid argument) rt_sigaction(SIGUSR1, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGSEGV, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGUSR2, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGPIPE, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGALRM, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGTERM, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGSTKFLT, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGCHLD, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGCONT, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGSTOP, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = -1 EINVAL (Invalid argument) rt_sigaction(SIGTSTP, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGTTIN, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGTTOU, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGURG, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGXCPU, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGXFSZ, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGVTALRM, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGPROF, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGWINCH, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGIO, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGPWR, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGSYS, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRTMIN, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_1, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_2, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_3, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_4, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_5, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_6, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_7, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_8, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_9, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_10, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_11, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_12, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_13, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_14, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_15, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_16, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_17, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_18, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_19, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_20, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_21, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_22, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_23, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_24, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_25, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_26, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_27, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_28, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_29, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_30, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_31, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 rt_sigaction(SIGRT_32, {0x800276a0, ~[], SA_RESTORER|SA_SIGINFO, 0x4007faa0}, NULL, 8) = 0 uname({sys="Linux", node="linux", ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001a000 open("/etc/ld.so.preload", O_RDONLY) = -1 ENOENT (No such file or directory) open("/etc/ld.so.cache", O_RDONLY) = 3 fstat64(3, {st_mode=S_IFREG|0644, st_size=102185, ...}) = 0 mmap2(NULL, 102400, PROT_READ, MAP_PRIVATE, 3, 0) = 0x4220a000 close(3) = 0 open("/lib/i686/libc.so.6", O_RDONLY) = 3 mprotect(0x40207000, 4096, PROT_READ|PROT_WRITE) = 0 read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320]\1"..., 512) = 512 fstat64(3, {st_mode=S_IFREG|0755, st_size=1461208, ...}) = 0 mmap2(NULL, 1257472, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x42223000 mmap2(0x4234f000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x12c) = 0x4234f000 mmap2(0x42354000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x42354000 close(3) = 0 munmap(0x4220a000, 102400) = 0 mmap2(0x804a000, 135168, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, 0, 0) = 0x804a000 mmap2(0x806b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, 0, 0) = 0x806b000 clone(Process 2751 attached child_stack=0x80479dd4, flags=CLONE_VM|CLONE_FS|CLONE_FILES|SIGCHLD) = 2751 [pid 2750] clone(Process 2752 attached child_stack=0x8047c144, flags=CLONE_VM|CLONE_FS|CLONE_FILES|SIGCHLD) = 2752 [pid 2750] waitpid(2751, Process 2750 suspended <unfinished ...> [pid 2752] --- SIGSTOP (Stopped (signal)) @ 0 (0) --- [pid 2752] write(1, "thread2: 0 hello2\n", 18thread2: 0 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] --- SIGSTOP (Stopped (signal)) @ 0 (0) --- [pid 2751] write(1, "thread1: 0 hello1\n", 18thread1: 0 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, {0, 0}) = 0 [pid 2751] write(1, "thread1: 1 hello1\n", 18thread1: 1 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 1 hello2\n", 18thread2: 1 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] write(1, "thread1: 2 hello1\n", 18thread1: 2 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 2 hello2\n", 18thread2: 2 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] write(1, "thread1: 3 hello1\n", 18thread1: 3 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 3 hello2\n", 18thread2: 3 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] write(1, "thread1: 4 hello1\n", 18thread1: 4 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 4 hello2\n", 18thread2: 4 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] write(1, "thread1: 5 hello1\n", 18thread1: 5 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 5 hello2\n", 18 <unfinished ...> [pid 2751] write(1, "thread1: 6 hello1\n", 18thread2: 5 hello2 <unfinished ...> [pid 2752] <... write resumed> ) = 18 thread1: 6 hello1 [pid 2751] <... write resumed> ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] nanosleep({0, 100000000}, {0, 0}) = 0 [pid 2751] write(1, "thread1: 7 hello1\n", 18thread1: 7 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 6 hello2\n", 18thread2: 6 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] write(1, "thread1: 8 hello1\n", 18thread1: 8 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 7 hello2\n", 18thread2: 7 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] write(1, "thread1: 9 hello1\n", 18thread1: 9 hello1 ) = 18 [pid 2751] nanosleep({0, 100000000}, <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 8 hello2\n", 18thread2: 8 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, <unfinished ...> [pid 2751] <... nanosleep resumed> {0, 0}) = 0 [pid 2751] exit_group(0) = ? Process 2750 resumed Process 2751 detached [pid 2750] <... waitpid resumed> [WIFEXITED(s) && WEXITSTATUS(s) == 0], 0) = 2751 [pid 2750] --- SIGCHLD (Child exited) @ 0 (0) --- [pid 2750] rt_sigreturn(0xabf) = 2751 [pid 2750] waitpid(2752, Process 2750 suspended <unfinished ...> [pid 2752] <... nanosleep resumed> {0, 0}) = 0 [pid 2752] write(1, "thread2: 9 hello2\n", 18thread2: 9 hello2 ) = 18 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 10 hello2\n", 19thread2: 10 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 11 hello2\n", 19thread2: 11 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 12 hello2\n", 19thread2: 12 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 13 hello2\n", 19thread2: 13 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 14 hello2\n", 19thread2: 14 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 15 hello2\n", 19thread2: 15 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 16 hello2\n", 19thread2: 16 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 17 hello2\n", 19thread2: 17 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 18 hello2\n", 19thread2: 18 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] write(1, "thread2: 19 hello2\n", 19thread2: 19 hello2 ) = 19 [pid 2752] nanosleep({0, 120000000}, {0, 0}) = 0 [pid 2752] exit_group(0) = ? Process 2750 resumed Process 2752 detached <... waitpid resumed> [WIFEXITED(s) && WEXITSTATUS(s) == 0], 0) = 2752 --- SIGCHLD (Child exited) @ 0 (0) --- rt_sigreturn(0xac0) = 2752 fstat64(1, {st_mode=S_IFCHR|0600, st_rdev=makedev(136, 1), ...}) = 0 mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x4001b000 write(1, "status1=0x0\n", 12status1=0x0 ) = 12 write(1, "status2=0x0\n", 12status2=0x0 ) = 12 write(1, "End of clone test.\n", 19End of clone test. ) = 19 munmap(0x4001b000, 4096) = 0 exit_group(0) = ? didi2@linux:~>
-- You received this bug notification because you are a member of qemu- devel-ml, which is subscribed to QEMU. https://bugs.launchpad.net/bugs/1035572 Title: Bug in Qemu User Mode Status in QEMU: New Bug description: Hi, I make an interesting discovery. My aim is to have a working qemu-i386 on Raspberry Pi. After long searching in the dark what goes wrong with ANY Qemu version for User Mode until today, I find the following: The bug must be in at least one function, that the program testclone from the testpackage for i386 in linux-user-test-0.3 calls. The wrong function is in the part, which enables more than one thread at the same time, NPTL. Funny, how I find this out: All the programs from the tests in linux-user-test-0.3 I can now run succesfull with my new builded qemu-i386 for Raspi. But the program testclone does not stop after it gives out all the right messages. The program testclone stops on my Desktop computer with Debian Wheezy installed. So, the error is not in the program testclone. So I make a look, what is going on there with strace. With strace you get informations about all the values in the working program, here testclone. I see, that the reason, why testclone not stops is in an infinite loop because of while (waitpid(pid1, &status1, 0) != pid1); while (waitpid(pid2, &status2, 0) != pid2); at its end is never fullfilled. This is the reason for the famous error message from Qemu User Mode qemu: uncaught target signal 11 (Segmentation fault) - core dumped Segmentation fault stack1 = malloc(STACK_SIZE); pid1 = clone(thread1_func, stack1 + STACK_SIZE, CLONE_VM | CLONE_FS | CLONE_FILES | SIGCHLD, "hello1"); stack2 = malloc(STACK_SIZE); pid2 = clone(thread2_func, stack2 + STACK_SIZE, CLONE_VM | CLONE_FS | CLONE_FILES | SIGCHLD, "hello2"); The error happens early in the program testclone. Strace says, it is because no childprocess at all can be found. So, some basiccalculations in those four lines must be done wrong from Qemu. I think, that the adressspace for each thread is calculated wrong, or overlapps. Funny, it has nothing to do with the ARM processor. I get exact the same errormessages, when I run the program testclone on my desktopcompi i386 with a Wheezy in Qemu and then qemu-i386 testclone. This is a good message, because it means it is an error, that belongs at least to the i386 family but I think, every processor in Qemu User Mode is involved, so until now NPTL does not work. Today I make a hand by hand calculation with the source code from testclone and compare it with the values, that Qemu User Mode give. The handcalculated values should be the same which my Desktop computer with Wheezy with tesclone produces, but who knows, Dietmar PS: I hope, that this is the right source code for testclone. Any help is welcome:-)! Code: Select all #include <stdlib.h> #include <stdio.h> #include <string.h> #include <signal.h> #include <unistd.h> #include <inttypes.h> #include <pthread.h> #include <sys/wait.h> #include <sched.h> int thread1_func(void *arg) { int i; char buf[512]; for(i=0;i<10;i++) { snprintf(buf, sizeof(buf), "thread1: %d %s\n", i, (char *)arg); write(1, buf, strlen(buf)); usleep(100 * 1000); } return 0; } int thread2_func(void *arg) { int i; char buf[512]; for(i=0;i<20;i++) { snprintf(buf, sizeof(buf), "thread2: %d %s\n", i, (char *)arg); write(1, buf, strlen(buf)); usleep(120 * 1000); } return 0; } #define STACK_SIZE 16384 void test_clone(void) { uint8_t *stack1, *stack2; int pid1, pid2, status1, status2; stack1 = malloc(STACK_SIZE); pid1 = clone(thread1_func, stack1 + STACK_SIZE, CLONE_VM | CLONE_FS | CLONE_FILES | SIGCHLD, "hello1"); stack2 = malloc(STACK_SIZE); pid2 = clone(thread2_func, stack2 + STACK_SIZE, CLONE_VM | CLONE_FS | CLONE_FILES | SIGCHLD, "hello2"); while (waitpid(pid1, &status1, 0) != pid1); while (waitpid(pid2, &status2, 0) != pid2); printf("status1=0x%x\n", status1); printf("status2=0x%x\n", status2); printf("End of clone test.\n"); } int main(int argc, char **argv) { test_clone(); return 0; } Posts: 210 Joined: 04 Sep 2011 17:43 To manage notifications about this bug go to: https://bugs.launchpad.net/qemu/+bug/1035572/+subscriptions