This is fixed in qemu-2.11:
$ ~/inst-qemu/2.11.0/bin/qemu-mips testpthsigmask-mips
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
$ ~/inst-qemu/2.11.0/bin/qemu-mips64 testpthsigmask-mips64
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
** Changed in: qemu
Status: New => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1704638
Title:
weak symbol access makes qemu in user mode hang for mips, mips64
Status in QEMU:
Fix Released
Bug description:
A program that is statically linked and invokes a weak pointer should
crash (because the weak pointer evaluates to NULL).
With qemu in user mode, for mips and mips64, it hangs. The process
needs to be killed with "kill -9".
How to reproduce for mips:
- Compile the program: mips-linux-gnu-gcc-5 -O -Wall -static -o
testpthsigmask-mips testpthsigmask.c -pthread
- Set environment variables for running qemu-mips.
- ~/inst-qemu/2.9.0/bin/qemu-mips testpthsigmask-mips
How to reproduce for mips64:
- Compile the program: mips64-linux-gnuabi64-gcc-5 -O -Wall -static -o
testpthsigmask-mips64 testpthsigmask.c -lpthread
- Set environment variables for running qemu-mips64.
- ~/inst-qemu/2.9.0/bin/qemu-mips64 testpthsigmask-mips64
When I attach gdb to the process, I see that it is hanging inside
'gen_intermediate_code':
$ gdb /home/bruno/inst-qemu/2.9.0/bin/qemu-mips 9726
...
Reading symbols from /home/bruno/inst-qemu/2.9.0/bin/qemu-mips...done.
Attaching to program: /home/bruno/inst-qemu/2.9.0/bin/qemu-mips, process 9726
...
(gdb) info threads
Id Target Id Frame
* 1 Thread 0x7f1e7e535740 (LWP 9726) "qemu-mips" __lll_lock_wait () at
../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
2 Thread 0x7f1e7d0ad700 (LWP 9727) "qemu-mips" syscall () at
../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
(gdb) where
#0 __lll_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
#1 0x00007f1e7d6f1dbd in __GI___pthread_mutex_lock
(mutex=mutex@entry=0x55de1c7ff830 <tcg_ctx+272>) at
../nptl/pthread_mutex_lock.c:80
#2 0x000055de1c527199 in qemu_mutex_lock (mutex=mutex@entry=0x55de1c7ff830
<tcg_ctx+272>)
at /media/develdata/devel/build/qemu-2.9.0/util/qemu-thread-posix.c:60
#3 0x000055de1c435083 in tb_lock () at
/media/develdata/devel/build/qemu-2.9.0/translate-all.c:167
#4 cpu_restore_state (cpu=cpu@entry=0x55de1e915cb0,
retaddr=retaddr@entry=94412445741769) at
/media/develdata/devel/build/qemu-2.9.0/translate-all.c:350
#5 0x000055de1c4658d0 in handle_cpu_signal (old_set=0x7ffe5ffd8ea8,
is_write=0, address=0, pc=94412445741767)
at /media/develdata/devel/build/qemu-2.9.0/user-exec.c:124
#6 cpu_mips_signal_handler (host_signum=host_signum@entry=11,
pinfo=pinfo@entry=0x7ffe5ffd8eb0, puc=puc@entry=0x7ffe5ffd8d80)
at /media/develdata/devel/build/qemu-2.9.0/user-exec.c:229
#7 0x000055de1c4803be in host_signal_handler (host_signum=11,
info=0x7ffe5ffd8eb0, puc=0x7ffe5ffd8d80)
at /media/develdata/devel/build/qemu-2.9.0/linux-user/signal.c:646
#8 <signal handler called>
#9 __bswap_32 (__bsx=<optimized out>) at
/usr/include/x86_64-linux-gnu/bits/byteswap.h:47
#10 bswap32 (x=<optimized out>) at
/media/develdata/devel/build/qemu-2.9.0/include/qemu/bswap.h:21
#11 ldl_be_p (ptr=<optimized out>) at
/media/develdata/devel/build/qemu-2.9.0/include/qemu/bswap.h:434
#12 cpu_ldl_code (env=0x55de1e91df48, ptr=0) at
/media/develdata/devel/build/qemu-2.9.0/include/exec/cpu_ldst_useronly_template.h:68
#13 gen_intermediate_code (env=env@entry=0x55de1e91df48,
tb=tb@entry=0x7f1e7b288e58)
at /media/develdata/devel/build/qemu-2.9.0/target/mips/translate.c:19962
#14 0x000055de1c4352e6 in tb_gen_code (cpu=cpu@entry=0x55de1e915cb0,
pc=pc@entry=0, cs_base=cs_base@entry=0, flags=flags@entry=162,
cflags=<optimized out>,
cflags@entry=0) at
/media/develdata/devel/build/qemu-2.9.0/translate-all.c:1295
#15 0x000055de1c436a7a in tb_find (tb_exit=0, last_tb=0x0, cpu=<optimized
out>) at /media/develdata/devel/build/qemu-2.9.0/cpu-exec.c:365
#16 cpu_exec (cpu=<optimized out>) at
/media/develdata/devel/build/qemu-2.9.0/cpu-exec.c:673
#17 0x000055de1c466278 in cpu_loop (env=0x55de1e91df48) at
/media/develdata/devel/build/qemu-2.9.0/linux-user/main.c:2236
#18 0x000055de1c433103 in main (argc=<optimized out>, argv=0x7ffe5ffd9de8,
envp=<optimized out>)
at /media/develdata/devel/build/qemu-2.9.0/linux-user/main.c:4860
(gdb) thread 2
[Switching to thread 2 (Thread 0x7f1e7d0ad700 (LWP 9727))]
#0 syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
38 ../sysdeps/unix/sysv/linux/x86_64/syscall.S: Datei oder Verzeichnis
nicht gefunden.
(gdb) where
#0 syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1 0x000055de1c527605 in qemu_futex_wait (val=<optimized out>, f=<optimized
out>) at /media/develdata/devel/build/qemu-2.9.0/include/qemu/futex.h:26
#2 qemu_event_wait (ev=ev@entry=0x55de1e82c124 <rcu_call_ready_event>) at
/media/develdata/devel/build/qemu-2.9.0/util/qemu-thread-posix.c:399
#3 0x000055de1c52d41e in call_rcu_thread (opaque=<optimized out>) at
/media/develdata/devel/build/qemu-2.9.0/util/rcu.c:249
#4 0x00007f1e7d6ef6ba in start_thread (arg=0x7f1e7d0ad700) at
pthread_create.c:333
#5 0x00007f1e7d4253dd in clone () at
../sysdeps/unix/sysv/linux/x86_64/clone.S:109
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1704638/+subscriptions
