From mboxrd@z Thu Jan  1 00:00:00 1970
Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1Fcdp8-0007hI-Mx
	for qemu-devel@nongnu.org; Sun, 07 May 2006 03:37:02 -0400
Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1Fcdp7-0007h6-6y
	for qemu-devel@nongnu.org; Sun, 07 May 2006 03:37:01 -0400
Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1Fcdp7-0007h3-2N
	for qemu-devel@nongnu.org; Sun, 07 May 2006 03:37:01 -0400
Received: from [80.91.229.2] (helo=ciao.gmane.org)
	by monty-python.gnu.org with esmtps (TLS-1.0:RSA_AES_256_CBC_SHA:32)
	(Exim 4.52) id 1Fcdpf-0000r0-Ih
	for qemu-devel@nongnu.org; Sun, 07 May 2006 03:37:35 -0400
Received: from list by ciao.gmane.org with local (Exim 4.43)
	id 1Fcdou-00020q-Pv
	for qemu-devel@nongnu.org; Sun, 07 May 2006 09:36:48 +0200
Received: from d83-176-18-74.cust.tele2.it ([83.176.18.74])
	by main.gmane.org with esmtp (Gmexim 0.1 (Debian))
	id 1AlnuQ-0007hv-00
	for <qemu-devel@nongnu.org>; Sun, 07 May 2006 09:36:48 +0200
Received: from lorenzo.campedelli by d83-176-18-74.cust.tele2.it with local
	(Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00
	for <qemu-devel@nongnu.org>; Sun, 07 May 2006 09:36:48 +0200
From: Lorenzo Campedelli <lorenzo.campedelli@tele2.it>
Date: Sun, 07 May 2006 09:36:38 +0200
Message-ID: <e3k827$gcn$1@sea.gmane.org>
References: <46d6db660605050521t8eab9eajff24cf235acddaf2@mail.gmail.com>
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="------------010609070709070808020702"
In-Reply-To: <46d6db660605050521t8eab9eajff24cf235acddaf2@mail.gmail.com>
Sender: news <news@sea.gmane.org>
Subject: [Qemu-devel] Re: "sleep" segfaults on qemu-0.8.1/kqemu-1.3.0pre6
Reply-To: qemu-devel@nongnu.org
List-Id: qemu-devel.nongnu.org
List-Unsubscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/qemu-devel>
List-Post: <mailto:qemu-devel@nongnu.org>
List-Help: <mailto:qemu-devel-request@nongnu.org?subject=help>
List-Subscribe: <http://lists.nongnu.org/mailman/listinfo/qemu-devel>,
	<mailto:qemu-devel-request@nongnu.org?subject=subscribe>
To: qemu-devel@nongnu.org

This is a multi-part message in MIME format.
--------------010609070709070808020702
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit

I see this also.

host is Fedora Core 4
guest is a 2.4 kernel

It seems to die in modify_ldt(), the libc function just after returning 
from the modify_ldt() system call, if I understand the traces.

This doesn't happen using the same qemu with kqemu-1.3.0pre5.

Attached are gdb and strace output, in case they can tell something more...

Regards,
Lorenzo


Christian MICHON wrote:
> Host: winXP pro
> Guest: Redhat 7.2
> 
> when kqemu (user mode) is active, "sleep 1" segfaults each time.
> With kqemu disabled, no problem
> 
> -- 
> Christian


--------------010609070709070808020702
Content-Type: text/plain;
 name="strace.out"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="strace.out"

execve("/bin/sleep", ["sleep", "1"], [/* 21 vars */]) = 0
uname({sys="Linux", node="MCP-1-0", ...}) = 0
brk(0)                                  = 0x804b310
open("/etc/ld.so.preload", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("i686/mmx/libm.so.6", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("i686/libm.so.6", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("mmx/libm.so.6", O_RDONLY)         = -1 ENOENT (No such file or directory)
open("libm.so.6", O_RDONLY)             = -1 ENOENT (No such file or directory)
open("/usr/local/lib/i686/mmx/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/i686/mmx", 0xbffff200) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/i686/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/i686", 0xbffff200) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/mmx/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib/mmx", 0xbffff200) = -1 ENOENT (No such file or directory)
open("/usr/local/lib/libm.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
stat64("/usr/local/lib", {st_mode=S_IFDIR|0755, st_size=3072, ...}) = 0
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=11583, ...}) = 0
mmap2(NULL, 11583, PROT_READ, MAP_PRIVATE, 3, 0) = 0x40016000
close(3)                                = 0
open("/lib/libm.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\3005\0"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=152872, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x40019000
mmap2(NULL, 137984, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4001a000
mprotect(0x4003b000, 2816, PROT_NONE)   = 0
mmap2(0x4003b000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x20) = 0x4003b000
close(3)                                = 0
open("i686/mmx/librt.so.1", O_RDONLY)   = -1 ENOENT (No such file or directory)
open("i686/librt.so.1", O_RDONLY)       = -1 ENOENT (No such file or directory)
open("mmx/librt.so.1", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("librt.so.1", O_RDONLY)            = -1 ENOENT (No such file or directory)
open("/usr/local/lib/librt.so.1", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/librt.so.1", O_RDONLY)       = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320\33"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=29700, ...}) = 0
mmap2(NULL, 74584, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4003c000
mprotect(0x40043000, 45912, PROT_NONE)  = 0
mmap2(0x40043000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x6) = 0x40043000
mmap2(0x40044000, 41816, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x40044000
close(3)                                = 0
open("i686/mmx/libc.so.6", O_RDONLY)    = -1 ENOENT (No such file or directory)
open("i686/libc.so.6", O_RDONLY)        = -1 ENOENT (No such file or directory)
open("mmx/libc.so.6", O_RDONLY)         = -1 ENOENT (No such file or directory)
open("libc.so.6", O_RDONLY)             = -1 ENOENT (No such file or directory)
open("/usr/local/lib/libc.so.6", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libc.so.6", O_RDONLY)        = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0 Z\1\000"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0755, st_size=1356440, ...}) = 0
mmap2(NULL, 1300612, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4004f000
mprotect(0x40186000, 26756, PROT_NONE)  = 0
mmap2(0x40186000, 16384, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0x136) = 0x40186000
mmap2(0x4018a000, 10372, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4018a000
close(3)                                = 0
open("i686/mmx/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
open("i686/libpthread.so.0", O_RDONLY)  = -1 ENOENT (No such file or directory)
open("mmx/libpthread.so.0", O_RDONLY)   = -1 ENOENT (No such file or directory)
open("libpthread.so.0", O_RDONLY)       = -1 ENOENT (No such file or directory)
open("/usr/local/lib/libpthread.so.0", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/lib/libpthread.so.0", O_RDONLY)  = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\340@\0"..., 1024) = 1024
fstat64(3, {st_mode=S_IFREG|0644, st_size=61612, ...}) = 0
mmap2(NULL, 327296, PROT_READ|PROT_EXEC, MAP_PRIVATE, 3, 0) = 0x4018d000
mprotect(0x4019a000, 274048, PROT_NONE) = 0
mmap2(0x4019a000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED, 3, 0xd) = 0x4019a000
mmap2(0x4019b000, 269952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4019b000
close(3)                                = 0
munmap(0x40016000, 11583)               = 0
modify_ldt(1, {entry_number:0, base_addr:0x4019a060, limit:1048575, seg_32bit:1, contents:0, read_exec_only:0, limit_in_pages:1, seg_not_present:0, useable:1}, 16) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++

--------------010609070709070808020702
Content-Type: text/plain;
 name="gdb.out"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
 filename="gdb.out"

root@MCP-1-0:~# gdb /bin/sleep
GNU gdb 6.0 (MontaVista 6.0-8.0.7.0300532 2003-12-24)
Copyright 2003 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "i686-hardhat-linux"...(no debugging symbols found)...
(gdb) r 1
Starting program: /bin/sleep 1
(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...(no debugging symbols found)...
Program received signal SIGSEGV, Segmentation fault.
0x4014f794 in modify_ldt () from /lib/libc.so.6
(gdb)


--------------010609070709070808020702--