From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1I23Xp-0005Vw-S6
	for qemu-devel@nongnu.org; Sat, 23 Jun 2007 07:12:45 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1I23Xn-0005Vb-8i
	for qemu-devel@nongnu.org; Sat, 23 Jun 2007 07:12:44 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1I23Xn-0005VY-1b
	for qemu-devel@nongnu.org; Sat, 23 Jun 2007 07:12:43 -0400
Received: from moutng.kundenserver.de ([212.227.126.183])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <SRS0=Kntx=LX=mail.berlios.de=weil@srs.kundenserver.de>)
	id 1I23Xm-0008No-I4
	for qemu-devel@nongnu.org; Sat, 23 Jun 2007 07:12:42 -0400
Message-ID: <467D0027.6040503@mail.berlios.de>
Date: Sat, 23 Jun 2007 13:12:39 +0200
From: Stefan Weil <weil@mail.berlios.de>
MIME-Version: 1.0
Subject: Re: [Qemu-devel] [PATCH] qemu-i386 segfaults running "hello world".
References: <200706221715.16729.rob@landley.net>
	<200706221831.20531.rob@landley.net>
In-Reply-To: <200706221831.20531.rob@landley.net>
Content-Type: multipart/mixed; boundary="------------080408060505000004060505"
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

This is a multi-part message in MIME format.
--------------080408060505000004060505
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 7bit

Rob Landley schrieb:
> Ok, it's a more fundamental problem:
>
> landley@triolith:/sys$ qemu-i386
> Segmentation fault (core dumped)
>
> Nothing to do with the program it's trying to run, it segfaults with no
> arguments.
>
> Is anybody else seeing this?
>
> Rob
Yes, I see this on Debian Linux since several months (libc update?).

The crash is caused by libc startup code which calls a null pointer.
QEMU provides this null pointer with the __init_array_start
workaround in linux-user/main.c.

This can be fixed with some kind of code hack - see my patch
(which is not really a solution, but one more workaround).

Nevertheless user mode emulations remains unusable even
with this patch because of TLS problems.

Regards,
Stefan


--------------080408060505000004060505
Content-Type: text/x-diff;
 name="main.patch"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="main.patch"

Index: linux-user/main.c
===================================================================
RCS file: /sources/qemu/qemu/linux-user/main.c,v
retrieving revision 1.116
diff -u -b -B -r1.116 main.c
--- linux-user/main.c	21 Jun 2007 22:55:02 -0000	1.116
+++ linux-user/main.c	23 Jun 2007 11:03:42 -0000
@@ -45,12 +45,16 @@
 /* for recent libc, we add these dummy symbols which are not declared
    when generating a linked object (bug in ld ?) */
 #if (__GLIBC__ > 2 || (__GLIBC__ == 2 && __GLIBC_MINOR__ >= 3)) && !defined(CONFIG_STATIC)
-long __preinit_array_start[0];
-long __preinit_array_end[0];
-long __init_array_start[0];
-long __init_array_end[0];
-long __fini_array_start[0];
-long __fini_array_end[0];
+typedef void (*dummy_function_t)(void);
+static void dummy_function(void)
+{
+}
+dummy_function_t __preinit_array_start = dummy_function;
+dummy_function_t __preinit_array_end = dummy_function;
+dummy_function_t __init_array_start = dummy_function;
+dummy_function_t __init_array_end = dummy_function;
+dummy_function_t __fini_array_start = dummy_function;
+dummy_function_t __fini_array_end = dummy_function;
 #endif
 
 /* XXX: on x86 MAP_GROWSDOWN only works if ESP <= address + 32, so

--------------080408060505000004060505--