[Bug 1285363] Re: qemu-aarch64-static segfaults
Peter Maydell
peter.maydell at linaro.org
Thu Mar 6 22:29:07 UTC 2014
Doing this only for aarch64 targets seems like a bad idea to me -- this
isn't an aarch64 specific issue. QEMU needs SIGSEGV to go to its own
handler (so we can unprotect pages we've marked as read-only in order to
catch guest writes to them so we can throw away invalidated translated
code), and that's true for all targets. It probably just happens more
often on the aarch64 target than others you've tested because aarch64
has a signal-return trampoline on the stack frame, so we'll often see
that page get translated and thrown away again. (Other targets with a
trampoline include sparc, cris, openrisc and ppc.)
PS: the comment "this is not required for qemu to work" just means that
QEMU will work fine whether we tell the guest a lie about what's going
on with SIGSEGV in one way (saying "it's blocked") or the other (saying
"it's not blocked").
--
You received this bug notification because you are a member of Ubuntu
Sponsors Team, which is subscribed to the bug report.
https://bugs.launchpad.net/bugs/1285363
Title:
qemu-aarch64-static segfaults
Status in QEMU:
New
Status in “qemu” package in Ubuntu:
Confirmed
Bug description:
I've found a couple conditions that causes qemu-user-static to core
dump fairly reliably - same with upstream git - while a binary built
from suse's aarch64-1.6 branch seems to consistently work fine.
Testing suggests they are resolved by the sigprocmask wrapper patches
included in suse's tree.
1) dh_fixperms is a script that commonly runs at the end of a package build.
Its basically doing a `find | xargs chmod`.
2) debootstrap --second-stage
This is used to configure an arm64 chroot that was built using
debootstrap on a non-native host. It is basically invoking a bunch of
shell scripts (postinst, etc). When it blows up, the stack consistently
looks like this:
Core was generated by `/usr/bin/qemu-aarch64-static /bin/sh -e
/debootstrap/debootstrap --second-stage'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0 0x0000000060058e55 in memcpy (__len=8, __src=0x7fff62ae34e0,
__dest=0x400082c330) at
/usr/include/x86_64-linux-gnu/bits/string3.h:51
51 return __builtin___memcpy_chk (__dest, __src, __len, __bos0 (__dest));
(gdb) bt
#0 0x0000000060058e55 in memcpy (__len=8, __src=0x7fff62ae34e0,
__dest=0x400082c330) at
/usr/include/x86_64-linux-gnu/bits/string3.h:51
#1 stq_p (v=274886476624, ptr=0x400082c330) at
/mnt/qemu.upstream/include/qemu/bswap.h:280
#2 stq_le_p (v=274886476624, ptr=0x400082c330) at
/mnt/qemu.upstream/include/qemu/bswap.h:315
#3 target_setup_sigframe (set=0x7fff62ae3530, env=0x62d9c678,
sf=0x400082b0d0) at /mnt/qemu.upstream/linux-user/signal.c:1167
#4 target_setup_frame (usig=usig at entry=17, ka=ka at entry=0x604ec1e0
<sigact_table+512>, info=info at entry=0x0, set=set at entry=0x7fff62ae3530,
env=env at entry=0x62d9c678)
at /mnt/qemu.upstream/linux-user/signal.c:1286
#5 0x0000000060059f46 in setup_frame (env=0x62d9c678,
set=0x7fff62ae3530, ka=0x604ec1e0 <sigact_table+512>, sig=17) at
/mnt/qemu.upstream/linux-user/signal.c:1322
#6 process_pending_signals (cpu_env=cpu_env at entry=0x62d9c678) at
/mnt/qemu.upstream/linux-user/signal.c:5747
#7 0x0000000060056e60 in cpu_loop (env=env at entry=0x62d9c678) at
/mnt/qemu.upstream/linux-user/main.c:1082
#8 0x0000000060005079 in main (argc=<optimized out>, argv=<optimized
out>, envp=<optimized out>) at
/mnt/qemu.upstream/linux-user/main.c:4374
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1285363/+subscriptions
More information about the Ubuntu-sponsors
mailing list