QEMU

qemu hangs in pselect syscall

Bug #1617929 reported by hyokeun on 2016-08-29

This bug affects 3 people

Affects		Status	Importance	Assigned to	Milestone
	QEMU	Fix Released	Undecided	Unassigned

Bug Description

I'm using git commit d75aa4372f0414c9960534026a562b0302fcff29 (v2.7.0-rc4) configured with;
    --enable-linux-user \
    --disable-system \
    --disable-tools \
    --disable-guest-agent \
    --static --disable-linux-aio \
    --disable-fdt \
    --without-pixman \
    --disable-blobs \
Stable version (v2.6.0) also have the same problem.

In a chroot environment I ran below command-line to compile some things, different sources each time.
/usr/bin/qemu-arm -0 /usr/bin/edje_cc /usr/bin/edje_cc -id /home/abuild/rpmbuild/BUILD/org.tizen.browser-1.6.2/services/SimpleUI/images_mob/ -DBROWSER_RESOLUTION_720x1280=1 -DPROFILE_MOBILE=1 /home/abuild/rpmbuild/BUILD/org.tizen.browser-1.6.2/services/SimpleUI/edc/TextPopup_mob.edc /home/abuild/rpmbuild/BUILD/org.tizen.browser-1.6.2/build-tizen/services/SimpleUI/720x1280_TextPopup.edj

Here is back trace with gdb;
#0 safe_syscall_end () at /usr/src/debug/qemu-2.6.94/linux-user/host/i386/safe-syscall.inc.S:78
#1 0x60049370 in safe_pselect6 (nfds=10, readfds=0xffa31b5c, writefds=0xffa31bdc, exceptfds=0xffa31c5c, timeout=0x0, sig=0x0)
    at /usr/src/debug/qemu-2.6.94/linux-user/syscall.c:855
#2 0x6004b2fe in do_select (n=10, rfd_addr=1082122232, wfd_addr=1082122360, efd_addr=1082122488, target_tv_addr=0)
    at /usr/src/debug/qemu-2.6.94/linux-user/syscall.c:1386
#3 0x6005e5ba in do_syscall (cpu_env=0x640d0454, num=142, arg1=10, arg2=1082122232, arg3=1082122360, arg4=1082122488, arg5=0, arg6=1087473216, arg7=0,
    arg8=0) at /usr/src/debug/qemu-2.6.94/linux-user/syscall.c:9690
#4 0x60045def in cpu_loop (env=0x640d0454) at /usr/src/debug/qemu-2.6.94/linux-user/main.c:876
#5 0x60047640 in main (argc=10, argv=0xffa33c84, envp=0xffa33cb0) at /usr/src/debug/qemu-2.6.94/linux-user/main.c:4817

Attached core file taken from gdb. To see the stack frame, you could try;
$ tar -xf reproduced_118_04.tar.bz2; gdb --core core.1823 qemu-arm

And recent strace log for PID 1823(stucked one);
79965 [ 313s] 1823 :0x8e _newselect(10,[9,3,],[],[],NULL)
79966 [ 313s] ==>[pselect6(0xa)=]
79967 [ 313s] [pselect6=0x1]<==
79968 [ 313s] 1823 :0x8e _newselect(10,[9,],[],[],NULL)
79969 [ 313s] 1823 :0x8e => = 0x00000001 ([9,],[],[],NULL)
79970 [ 313s] 1823 :0xfc epoll_wait(3,1082121456,32,0,1082121456,3)
79971 [ 313s] 1823 :0xfc epoll_wait(3,1082121456,32,0,1082121456,3)
79972 [ 313s] 1823 :0xfc => = 0
79973 [ 313s] 1823 :0x3 read(9,0x407fdeec,16)
79974 [ 313s] 1823 :0x3 read(9,0x407fdeec,16)
79975 [ 313s] 1823 :0x3 => = 8
79976 [ 313s] 1823 :0x107 clock_gettime(1,1082122120,0,1082829144,1082827588,0)
79977 [ 313s] 1823 :0x107 clock_gettime(1,1082122120,0,1082829144,1082827588,0)
79978 [ 313s] 1823 :0x107 => = 0
79979 [ 313s] 1823 :0x8e _newselect(10,[9,3,],[],[],NULL)
79980 [ 313s] ==>[pselect6(0xa)=]

I'm using 64-bit Ubuntu with kernel release Linux 3.19.0-25-generic #26~14.04.1-Ubuntu.
Reproducibility is low. One occurrence out of 50+ trials.

Revision history for this message

hyokeun (hyokeun-jeon) wrote on 2016-08-29:

core file of the hang issue Edit (12.0 MiB, application/x-tar)

Revision history for this message

hyokeun (hyokeun-jeon) wrote on 2016-08-29:

log with strace enabled Edit (389.4 KiB, application/x-tar)

FYI, adding a build log with strace enabled.

Revision history for this message

Peter Maydell (pmaydell) wrote on 2016-09-01:

Can you provide sufficient instructions for me to reproduce this on my machine, please?

Revision history for this message

hyokeun (hyokeun-jeon) wrote on 2016-09-02:

scratch.armv7l.0.tar.gz.ab Edit (170.0 MiB, application/octet-stream)

Second part of scratch.armv7l.0.tar.gz.

Revision history for this message

hyokeun (hyokeun-jeon) wrote on 2016-09-05:

scratch.armv7l.0.tar.gz.aa.aa Edit (124.0 MiB, application/octet-stream)

Third part of scratch.armv7l.0.tar.gz.

Revision history for this message

hyokeun (hyokeun-jeon) wrote on 2016-09-05:

scratch.armv7l.0.tar.gz.aa.ab Edit (114.4 MiB, application/octet-stream)

Dear Peter.

Thank you for the update.
Please find the attached full chroot environment that I used(scratch.armv7l.0.tar.gz, split three parts).
You could try make build with below steps;

$ sudo su
$ echo -1 > /proc/sys/fs/binfmt_misc/arm
$ echo ':arm:M::\x7fELF\x01\x01\x01\x00\x00\x00\x00\x00\x00\x00\x00\x00\x02\x00\x28\x00:\xff\xff\xff\xff\xff\xff\xff\x00\xff\xff\xff\xff\xff\xff\xff\xff\xfa\xff\xff\xff:/usr/bin/qemu-arm-static:' > /proc/sys/fs/binfmt_misc/register

$ cat scratch.armv7l.0.tar.gz.a* > scratch.armv7l.0.tar.gz; sudo tar -zxf scratch.armv7l.0.tar.gz
$ cd scratch.armv7l.0
$ chroot .
chroot> cd /home/abuild/rpmbuild/BUILD/org.tizen.browser-1.6.2/build-tizen/services/
chroot> while :; do make clean; make -j32; done

Reproducibility is ver low but it surely happened.

Thanks.

Revision history for this message

Peter Maydell (pmaydell) wrote on 2017-11-06:

I can't reproduce this with current git master, and I know we fixed a lot of race conditions in linux-user. So I'm going to close this bug -- if it's still a problem for you with new QEMU, please reopen, preferably with a repro case that's more frequent than 1-in-50-or-less.

Changed in qemu:
status:	New → Fix Committed

Thomas Huth (th-huth) on 2017-12-15

Changed in qemu:
status:	Fix Committed → Fix Released

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Bug attachments

Add attachment

Remote bug watches

Bug watches keep track of this bug in other bug trackers.