dynamically linked binaries crash for big-endian targets
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
QEMU |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
On the targets
hppa
m68k
mips
mips64
powerpc
powerpc64
s390x
sparc64
dynamically linked binaries crash, but statically linked binaries work.
On the targets
aarch64
alpha
armhf
powerpc64le
sh4
both dynamically linked and statically linked binaries work.
How to reproduce:
1) On Ubuntu 16.04, install the packages
g++-5-aarch64-
g++-5-alpha-
g++-5-arm-
g++-5-hppa-
g++-5-m68k-
g++-5-mips-
g++-5-mips64-
g++-5-powerpc-
g++-5-powerpc64
g++-5-powerpc64
g++-5-s390x-
g++-5-sh4-linux-gnu
g++-5-sparc64-
2) Install qemu 2.9.0 from source (for m68k, use the 2.7.0-m68k
code from https:/
$ ../configure --prefix=
$ make
$ make install
3) Cross-compile the programs:
$ aarch64-
$ alpha-linux-
$ arm-linux-
$ hppa-linux-
$ m68k-linux-
$ mips-linux-
$ mips64-
$ powerpc-
$ powerpc64-
$ powerpc64le-
$ s390x-linux-
$ sh4-linux-gnu-gcc-5 -O hello.c -o hello.sh4
$ sparc64-
4) Run the programs:
* aarch64 works:
$ QEMU_LD_
Hello world
* alpha works:
$ QEMU_LD_
Hello world
* armhf works:
$ QEMU_LD_
Hello world
* powerpc64le works:
$ QEMU_LD_
Hello world
* sh4 works:
$ QEMU_LD_
Hello world
* ===== sparc64 does not work:
$ QEMU_LD_
Segmentation fault (core dumped)
When I copy the file to a machine with `uname -srm` = "Linux 4.5.0-2-sparc64 sparc64",
it works:
$ ./hello.sparc64
Hello world
When I copy the file and its execution environment /usr/sparc64-
same machine and run the binary in a chroot environment:
# /bin/hello.sparc64
Hello world
* ===== mips does not work:
$ QEMU_LD_
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
When I copy the file to a machine with `uname -srm` = "Linux 3.16.0-4-4kc-malta mips",
it works:
$ ./hello.mips
Hello world
When I copy the file and its execution environment /usr/mips-linux-gnu to the
same machine and run the binary in a chroot environment:
# /bin/hello.mips
Hello world
* ===== mips64 does not work:
$ QEMU_LD_
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
When I copy the file to a machine with `uname -srm` = "Linux 3.16.0-4-5kc-malta mips64",
it works:
$ ./hello.mips64
Hello world
* ===== powerpc does not work:
$ QEMU_LD_
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
When I copy the file to a machine with `uname -srm` = "Linux 3.17.2-
it works:
$ ./hello.powerpc
Hello world
* ===== powerpc64 does not work:
$ QEMU_LD_
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
When I copy the file to a machine with `uname -srm` = "Linux 3.17.2-
it works:
$ ./hello.powerpc64
Hello world
* ===== s390x does not work:
$ QEMU_LD_
<hangs>
$ QEMU_LD_
qemu-s390x: /media/
Segmentation fault (core dumped)
When I copy the file to a machine with `uname -srm` = "Linux 3.16.0-4-s390x s390x",
it works:
$ ./hello.s390x
Hello world
* ===== hppa does not work:
$ QEMU_LD_
Segmentation fault (core dumped)
* ===== m68k does not work:
$ QEMU_LD_
qemu: uncaught target signal 4 (Illegal instruction) - core dumped
$ QEMU_LD_
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
The set of targets where it does not work is exactly the big-endian targets.
tags: | added: linux-user |
I would guess that the problem comes from a missing (or an extra) BSWAP call in one of the files hw/elf_ ops.h user/elfload. c
include/elf.h
include/
linux-