1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
|
user-level: 0.840
mistranslation: 0.794
register: 0.778
graphic: 0.762
performance: 0.759
architecture: 0.755
permissions: 0.750
semantic: 0.749
device: 0.748
risc-v: 0.745
virtual: 0.745
debug: 0.740
arm: 0.738
assembly: 0.737
KVM: 0.727
network: 0.725
files: 0.712
socket: 0.712
PID: 0.710
kernel: 0.709
peripherals: 0.708
TCG: 0.700
boot: 0.695
hypervisor: 0.692
VMM: 0.675
x86: 0.656
vnc: 0.652
i386: 0.647
ppc: 0.634
--------------------
debug: 0.959
user-level: 0.942
x86: 0.818
PID: 0.113
virtual: 0.051
semantic: 0.048
files: 0.034
TCG: 0.021
assembly: 0.019
register: 0.019
performance: 0.011
VMM: 0.004
hypervisor: 0.004
architecture: 0.004
permissions: 0.003
device: 0.003
network: 0.002
graphic: 0.002
i386: 0.002
socket: 0.002
kernel: 0.001
risc-v: 0.001
vnc: 0.001
peripherals: 0.001
boot: 0.001
KVM: 0.001
mistranslation: 0.001
ppc: 0.001
arm: 0.000
weak symbol access makes qemu in user mode hang for mips, mips64
A program that is statically linked and invokes a weak pointer should crash (because the weak pointer evaluates to NULL).
With qemu in user mode, for mips and mips64, it hangs. The process needs to be killed with "kill -9".
How to reproduce for mips:
- Compile the program: mips-linux-gnu-gcc-5 -O -Wall -static -o testpthsigmask-mips testpthsigmask.c -pthread
- Set environment variables for running qemu-mips.
- ~/inst-qemu/2.9.0/bin/qemu-mips testpthsigmask-mips
How to reproduce for mips64:
- Compile the program: mips64-linux-gnuabi64-gcc-5 -O -Wall -static -o testpthsigmask-mips64 testpthsigmask.c -lpthread
- Set environment variables for running qemu-mips64.
- ~/inst-qemu/2.9.0/bin/qemu-mips64 testpthsigmask-mips64
When I attach gdb to the process, I see that it is hanging inside 'gen_intermediate_code':
$ gdb /home/bruno/inst-qemu/2.9.0/bin/qemu-mips 9726
...
Reading symbols from /home/bruno/inst-qemu/2.9.0/bin/qemu-mips...done.
Attaching to program: /home/bruno/inst-qemu/2.9.0/bin/qemu-mips, process 9726
...
(gdb) info threads
Id Target Id Frame
* 1 Thread 0x7f1e7e535740 (LWP 9726) "qemu-mips" __lll_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
2 Thread 0x7f1e7d0ad700 (LWP 9727) "qemu-mips" syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
(gdb) where
#0 __lll_lock_wait () at ../sysdeps/unix/sysv/linux/x86_64/lowlevellock.S:135
#1 0x00007f1e7d6f1dbd in __GI___pthread_mutex_lock (mutex=mutex@entry=0x55de1c7ff830 <tcg_ctx+272>) at ../nptl/pthread_mutex_lock.c:80
#2 0x000055de1c527199 in qemu_mutex_lock (mutex=mutex@entry=0x55de1c7ff830 <tcg_ctx+272>)
at /media/develdata/devel/build/qemu-2.9.0/util/qemu-thread-posix.c:60
#3 0x000055de1c435083 in tb_lock () at /media/develdata/devel/build/qemu-2.9.0/translate-all.c:167
#4 cpu_restore_state (cpu=cpu@entry=0x55de1e915cb0, retaddr=retaddr@entry=94412445741769) at /media/develdata/devel/build/qemu-2.9.0/translate-all.c:350
#5 0x000055de1c4658d0 in handle_cpu_signal (old_set=0x7ffe5ffd8ea8, is_write=0, address=0, pc=94412445741767)
at /media/develdata/devel/build/qemu-2.9.0/user-exec.c:124
#6 cpu_mips_signal_handler (host_signum=host_signum@entry=11, pinfo=pinfo@entry=0x7ffe5ffd8eb0, puc=puc@entry=0x7ffe5ffd8d80)
at /media/develdata/devel/build/qemu-2.9.0/user-exec.c:229
#7 0x000055de1c4803be in host_signal_handler (host_signum=11, info=0x7ffe5ffd8eb0, puc=0x7ffe5ffd8d80)
at /media/develdata/devel/build/qemu-2.9.0/linux-user/signal.c:646
#8 <signal handler called>
#9 __bswap_32 (__bsx=<optimized out>) at /usr/include/x86_64-linux-gnu/bits/byteswap.h:47
#10 bswap32 (x=<optimized out>) at /media/develdata/devel/build/qemu-2.9.0/include/qemu/bswap.h:21
#11 ldl_be_p (ptr=<optimized out>) at /media/develdata/devel/build/qemu-2.9.0/include/qemu/bswap.h:434
#12 cpu_ldl_code (env=0x55de1e91df48, ptr=0) at /media/develdata/devel/build/qemu-2.9.0/include/exec/cpu_ldst_useronly_template.h:68
#13 gen_intermediate_code (env=env@entry=0x55de1e91df48, tb=tb@entry=0x7f1e7b288e58)
at /media/develdata/devel/build/qemu-2.9.0/target/mips/translate.c:19962
#14 0x000055de1c4352e6 in tb_gen_code (cpu=cpu@entry=0x55de1e915cb0, pc=pc@entry=0, cs_base=cs_base@entry=0, flags=flags@entry=162, cflags=<optimized out>,
cflags@entry=0) at /media/develdata/devel/build/qemu-2.9.0/translate-all.c:1295
#15 0x000055de1c436a7a in tb_find (tb_exit=0, last_tb=0x0, cpu=<optimized out>) at /media/develdata/devel/build/qemu-2.9.0/cpu-exec.c:365
#16 cpu_exec (cpu=<optimized out>) at /media/develdata/devel/build/qemu-2.9.0/cpu-exec.c:673
#17 0x000055de1c466278 in cpu_loop (env=0x55de1e91df48) at /media/develdata/devel/build/qemu-2.9.0/linux-user/main.c:2236
#18 0x000055de1c433103 in main (argc=<optimized out>, argv=0x7ffe5ffd9de8, envp=<optimized out>)
at /media/develdata/devel/build/qemu-2.9.0/linux-user/main.c:4860
(gdb) thread 2
[Switching to thread 2 (Thread 0x7f1e7d0ad700 (LWP 9727))]
#0 syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
38 ../sysdeps/unix/sysv/linux/x86_64/syscall.S: Datei oder Verzeichnis nicht gefunden.
(gdb) where
#0 syscall () at ../sysdeps/unix/sysv/linux/x86_64/syscall.S:38
#1 0x000055de1c527605 in qemu_futex_wait (val=<optimized out>, f=<optimized out>) at /media/develdata/devel/build/qemu-2.9.0/include/qemu/futex.h:26
#2 qemu_event_wait (ev=ev@entry=0x55de1e82c124 <rcu_call_ready_event>) at /media/develdata/devel/build/qemu-2.9.0/util/qemu-thread-posix.c:399
#3 0x000055de1c52d41e in call_rcu_thread (opaque=<optimized out>) at /media/develdata/devel/build/qemu-2.9.0/util/rcu.c:249
#4 0x00007f1e7d6ef6ba in start_thread (arg=0x7f1e7d0ad700) at pthread_create.c:333
#5 0x00007f1e7d4253dd in clone () at ../sysdeps/unix/sysv/linux/x86_64/clone.S:109
The behaviour in qemu-2.10 is the same as in qemu-2.9.
This is fixed in qemu-2.11:
$ ~/inst-qemu/2.11.0/bin/qemu-mips testpthsigmask-mips
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
$ ~/inst-qemu/2.11.0/bin/qemu-mips64 testpthsigmask-mips64
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
|
