[Bug 760413] [NEW] qemu-i386-static segfault on armel

Steve Langasek Wed, 13 Apr 2011 22:30:46 -0700

Public bug reported:

Running nspluginwrapper under qemu on armel yields a segfault.  This is
after rebuilding locally with -U_FORTIFY_SOURCE, because when the
default FORTIFY_SOURCE settings are used, it instead aborts with "***
longjmp causes uninitialized stack frame ***"; I was hoping this was a
false positive but it seems it might not be.


Program received signal SIGSEGV, Segmentation fault.
[Switching to LWP 16563]
0x600942f8 in __pthread_mutex_lock (mutex=0x6225dff4) at pthread_mutex_lock.c:54
54      pthread_mutex_lock.c: No such file or directory.
        in pthread_mutex_lock.c
(gdb) thread apply all bt full

Thread 2 (LWP 16563):
#0  0x600942f8 in __pthread_mutex_lock (mutex=0x6225dff4)
    at pthread_mutex_lock.c:54
        __PRETTY_FUNCTION__ = "__pthread_mutex_lock"
        type = 0
        id = <value optimized out>
#1  0x60029564 in cpu_x86_exec (env1=0x6225dff4)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/cpu-exec.c:545
        saved_env_reg = 0x1
        ret = -1
        interrupt_request = -1216
        next_tb = 0
#2  0x60000324 in cpu_loop (env=0x63a67600)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/linux-user/main.c:311
        trapnr = 0
        info = {si_signo = 0, si_errno = 0, si_code = 0, _sifields = {_pad = {
              0 <repeats 29 times>}, _kill = {_pid = 0, _uid = 0}, _timer = {
              _timer1 = 0, _timer2 = 0}, _rt = {_pid = 0, _uid = 0, 
              _sigval = {sival_int = 0, sival_ptr = 0}}, _sigchld = {
              _pid = 0, _uid = 0, _status = 0, _utime = 0, _stime = 0}, 
            _sigfault = {_addr = 0}, _sigpoll = {_band = 0, _fd = 0}}}
#3  0x600043d4 in clone_func (arg=0x6225dff4)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/linux-user/syscall.c:3746
No locals.
#4  0x600cf718 in clone ()
No symbol table info available.
#5  0x600cf718 in clone ()
No symbol table info available.
Backtrace stopped: previous frame identical to this frame (corrupt stack?)

Thread 1 (LWP 16560):
#0  tcg_temp_new_internal (temp_local=0)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/tcg/tcg.c:457
No locals.
#1  tcg_temp_new_internal_i32 (temp_local=0)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/tcg/tcg.c:460
        idx = 1
#2  0x6007320c in tcg_temp_new_i32 (env=0x63a58e28, tb=0x40208d00)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/tcg/tcg.h:371
No locals.
#3  gen_intermediate_code_internal (env=0x63a58e28, tb=0x40208d00)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/target-i386/translate.c:7769
        dc1 = {override = 1646841484, prefix = 41347, aflag = 1646650108, 
          dflag = 1611106976, pc = 0, is_jmp = 3, cs_base = 0, pe = 1, 
          code32 = 1, ss32 = 1, cc_op = 0, addseg = 0, f_st = 0, vm86 = 0, 
          cpl = 3, iopl = 0, tf = 0, singlestep_enabled = 0, jmp_opt = 1, 
          mem_index = 0, flags = 4194483, tb = 0x40208d00, popl_esp_hack = 0, 
          rip_offset = 1613076184, cpuid_features = 125938681, 
          cpuid_ext_features = -2139095039, cpuid_ext2_features = 0, 
          cpuid_ext3_features = 0}
        bp = 0x0
        flags = 4194483
        num_insns = 4194483
        max_insns = 0
        cs_base = 0
#4  gen_intermediate_code (env=0x63a58e28, tb=0x40208d00)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/target-i386/translate.c:7885
No locals.
#5  0x600291d8 in cpu_x86_gen_code (env=0x63a58e28, tb=0x40208d00, 
    gen_code_size_ptr=0xbe8e490c)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/translate-all.c:73
        gen_code_buf = 0x0
        gen_code_size = 1
#6  0x60028498 in tb_gen_code (env=0x63a58e28, pc=1134487336, cs_base=0, 
    flags=4194483, cflags=0)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/exec.c:989
        tb = 0x40208d00
        virt_page2 = 1
        code_gen_size = 1615849440
#7  0x600297dc in tb_find_slow (env1=0x0)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/cpu-exec.c:167
        ptb1 = 0x62271810
        h = 14794
        phys_page1 = 1134485504
#8  tb_find_fast (env1=0x0)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/cpu-exec.c:194
No locals.
#9  cpu_x86_exec (env1=0x0)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/cpu-exec.c:546
        saved_env_reg = 0x1
        ret = 628
        interrupt_request = 1
        next_tb = 0
#10 0x60000324 in cpu_loop (env=0x63a58e28)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/linux-user/main.c:311
        trapnr = 1615849440
        info = {si_signo = -1, si_errno = -1, si_code = 1646664384, 
          _sifields = {_pad = {-1 <repeats 20 times>, 255, 255, 0, 71, 
              13629952, 1671794216, 5, 1646664384, 1671788904}, _kill = {
              _pid = -1, _uid = 4294967295}, _timer = {_timer1 = 4294967295, 
              _timer2 = 4294967295}, _rt = {_pid = -1, _uid = 4294967295, 
              _sigval = {sival_int = -1, sival_ptr = 4294967295}}, 
            _sigchld = {_pid = -1, _uid = 4294967295, _status = -1, 
              _utime = -1, _stime = -1}, _sigfault = {_addr = 4294967295}, 
            _sigpoll = {_band = -1, _fd = -1}}}
#11 0x60000ee4 in main (argc=5, argv=0x47, envp=0x1)
    at /builddir/qemu-linaro-0.14.50-2011.03-1/linux-user/main.c:3381
        cpu_model = 0x63a58e28 "\263@"
        regs1 = {ebx = 0, ecx = 0, edx = 0, esi = 0, edi = 0, ebp = 0, 
          eax = 0, xds = 0, xes = 0, orig_eax = 0, eip = 1122375760, xcs = 0, 
          eflags = 0, esp = 1121272152, xss = 0}
        info1 = {load_bias = 0, load_addr = 1122373632, 
          start_code = 134512640, end_code = 134657628, 
          start_data = 134665584, end_data = 134669128, start_brk = 0, 
          brk = 134692840, start_mmap = 2147483648, mmap = 0, rss = 1, 
          start_stack = 1121272152, stack_limit = 1112887296, 
          entry = 1122375760, code_offset = 0, data_offset = 0, 
          saved_auxv = 1121272300, arg_start = 1121272449, 
          arg_end = 1121272618, personality = 0}
        bprm = {
          buf = 
"\177ELF\001\001\001\000\000\000\000\000\000\000\000\000\003\000\003\000\001\000\000\000P\b\000\000\064\000\000\000\060\311\001\000\000\000\000\000\064\000
 \000\a\000(\000\027\000\026\000\001", '\000' <repeats 15 times>"\344, 
\270\001\000\344\270\001\000\005\000\000\000\000\020\000\000\001\000\000\000\200\274\001\000\200\314\001\000\200\314\001\000\324\v\000\000\224\f\000\000\006\000\000\000\000\020\000\000\002\000\000\000\024\277\001\000\024\317\001\000\024\317\001\000\270\000\000\000\270\000\000\000\006\000\000\000\004\000\000\000\004\000\000\000\024\001\000\000\024\001\000\000\024\001\000\000$\000\000\000$\000\000\000\004\000\000\000\004\000\000\000P\345td@\261\001\000@\261\001\000@\261\001\000\\\001\000\000\\\001\000\000\004\000\000\000\004\000\000\000Q\345td",
 '\000' <repeats 20 times>, "\006\000\000\000"..., page = {
            0x0 <repeats 32 times>, 0x63a5f5f0}, p = 1121272152, fd = 6, 
          e_uid = 1000, e_gid = 1000, argc = 5, envc = 29, argv = 0x63a57968, 
          envp = 0x63a5e880, 
          filename = 0xbe8e5298 
"/usr/lib/nspluginwrapper/i386/linux/npviewer.bin", core_dump = 0x600169f4 
<elf_core_dump>}
        ts = 0x604fe7e0
        env = 0x63a58e28
        r = 0xbe8e5298 "/usr/lib/nspluginwrapper/i386/linux/npviewer.bin"
        gdbstub_port = 0
        target_environ = 0x63a5e880
        wrk = 0x0
        target_argc = 5
        envlist = 0x63a57968
        argv0 = 0x0
        ret = 0
(gdb)

** Affects: qemu-linaro (Ubuntu)
     Importance: Undecided
         Status: New

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/760413

Title:
  qemu-i386-static segfault on armel

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 760413] [NEW] qemu-i386-static segfault on armel

Reply via email to