qemu-ppc segfault on simple hello world

Does installing the qemu-slof package solve the problem?

 status: incomplete

Nope, qemu-slof made no difference.

Note that I'm using qemu in user mode emulation, rather than full system emulation.

(see https://help.ubuntu.com/community/Installation/QemuEmulator#What_is_QEMU_.3F )

Alternatively to `qemu-ppc a.out', I can also just run './a.out' and get the same effect.

Finally, the same test works just fine with arm:

jruble@jruble-linux:~/ppc_qemu_test$ export QEMU_LD_PREFIX=/usr/arm-linux-gnueabihf
jruble@jruble-linux:~/ppc_qemu_test$ arm-linux-gnueabihf-gcc test.c
jruble@jruble-linux:~/ppc_qemu_test$ file a.out
a.out: ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=3f42842e35e9d847e5b16f1c50903fc2e8cebfcd, not stripped
jruble@jruble-linux:~/ppc_qemu_test$ ./a.out
asdf
jruble@jruble-linux:~/ppc_qemu_test$

Thanks. Could you try with the qemu package from
ppa:ubuntu-virt/virt-daily-upstream?

hmm, nope, happens with that version as well:

jruble@jruble-linux:~/ppc_qemu_test$ qemu-ppc -version
qemu-ppc version 2.0.92 (Debian 2.1.0~rc2~git-20140721.b0ddb8bf.14.04.3), Copyright (c) 2003-2008 Fabrice Bellard
jruble@jruble-linux:~/ppc_qemu_test$ qemu-ppc a.out
Invalid data memory access: 0xfa98c008
NIP f67e2b9c LR f67e2c40 CTR 00000000 XER 00000000
MSR 00006040 HID0 00000000 HF 00006000 idx 0
TB 00000000 00000000
GPR00 00000000f67e2c1c 00000000f6ffe710 0000000000000000 00000000feb6c010
GPR04 00000000f67ec784 000000000000000b 0000000000000002 0000000000000000
GPR08 0000000000000030 00000000083c0010 00000000f67ac00a 0000000080808080
GPR12 00000000f67dcfc8 0000000000000000 0000000000000000 00000000f67fe8c4
GPR16 00000000f67fe900 00000000f6ffe988 00000000f6ffe98c 00000000f67feaf0
GPR20 00000000f67fd6c4 000000000000000a 00000000feb6c010 00000000f67fd320
GPR24 00000000fa98bff4 00000000f7c5ef8d 00000000100001f9 00000000041dfff4
GPR28 00000000f67fe900 000000005604ffff 00000000f67fdff4 000000002b027fff
CR 44284042 [ G G E L G - G E ] RES ffffffff
FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 00000000
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)
jruble@jruble-linux:~/ppc_qemu_test$

are you able to repro this?

okay, the plot thickens - a static-compiled executable works!:

jruble@jruble-linux:~/ppc_qemu_test$ powerpc-linux-gnu-gcc test.c -static -o test_static

jruble@jruble-linux:~/ppc_qemu_test$ powerpc-linux-gnu-gcc test.c -o test_dynamic

jruble@jruble-linux:~/ppc_qemu_test$ file test_static
test_static: ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, for GNU/Linux 2.6.32, BuildID[sha1]=accb82b5eb863eb8e7a15b420e8929a010afcbaa, not stripped

jruble@jruble-linux:~/ppc_qemu_test$ file test_dynamic
test_dynamic: ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.32, BuildID[sha1]=714f9cfad9e06d0478bcd238ccbcbd10468741fc, not stripped
jruble@jruble-linux:~/ppc_qemu_test$

jruble@jruble-linux:~/ppc_qemu_test$ ./test_static
asdf
jruble@jruble-linux:~/ppc_qemu_test$ ./test_dynamic
Invalid data memory access: 0xfa98c008
NIP f67e2b9c LR f67e2c40 CTR 00000000 XER 00000000
MSR 00006040 HID0 00000000 HF 00006000 idx 0
TB 00000000 00000000
GPR00 00000000f67e2c1c 00000000f6ffe710 0000000000000000 00000000feb6c010
GPR04 00000000f67ec784 000000000000000b 0000000000000002 0000000000000000
GPR08 0000000000000030 00000000083c0010 00000000f67ac00a 0000000080808080
GPR12 00000000f67dcfc8 0000000000000000 0000000000000000 00000000f67fe8c4
GPR16 00000000f67fe900 00000000f6ffe988 00000000f6ffe98c 00000000f67feaf0
GPR20 00000000f67fd6c4 000000000000000a 00000000feb6c010 00000000f67fd320
GPR24 00000000fa98bff4 00000000f7c5ef8d 00000000100001f9 00000000041dfff4
GPR28 00000000f67fe900 000000005604ffff 00000000f67fdff4 000000002b027fff
CR 44284042 [ G G E L G - G E ] RES ffffffff
FPR00 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR04 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR08 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR12 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR16 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR20 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR24 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPR28 0000000000000000 0000000000000000 0000000000000000 0000000000000000
FPSCR 00000000
qemu: uncaught target signal 11 (Segmentation fault) - core dumped
Segmentation fault (core dumped)

jruble@jruble-linux:~/ppc_qemu_test$ powerpc-linux-gnu-readelf -d test_dynamic

Dynamic section at offset 0xf20 contains 21 entries:
  Tag Type Name/Value
 0x00000001 (NEEDED) Shared library: [libc.so.6]
 0x0000000c (INIT) 0x1000029c
 0x0000000d (FINI) 0x10000730
 0x6ffffef5 (GNU_HASH) 0x10000188
 0x00000005 (STRTAB) 0x100001f8
 0x00000006 (SYMTAB) 0x100001a8
 0x0000000a (STRSZ) 74 (bytes)
 0x0000000b (SYMENT) 16 (bytes)
 0x00000015 (DEBUG) 0x0
 0x00000003 (PLTGOT) 0x10011000
 0x00000002 (PLTRELSZ) 36 (bytes)
 0...

er, after adding the PPA, I had only updated the 'qemu' package. I just did a dist-upgrade and it pulled down several more packages: qemu-system-common, qemu-keymaps, qemu-system-ppc, qemu-user-static.

Now it seems to work!:

jruble@jruble-linux:~/ppc_qemu_test$ qemu-ppc -version
qemu-ppc version 2.0.92 (Debian 2.1.0~rc2~git-20140721.b0ddb8bf.14.04.3), Copyright (c) 2003-2008 Fabrice Bellard
jruble@jruble-linux:~/ppc_qemu_test$ qemu-ppc test_dynamic
asdf

So I guess it's fixed upstream. Any idea when this will trickle down to Ubuntu?

Hm. No, I could not reproduce it because regardless how I built the binary, I get

qemu-ppc-static ./ppc
/lib/ld.so.1: No such file or directory

Hopefully we can get 2.1 into utopic, however to get the fix into trusty we'll have to narrow it down to a particular cherry-pickable patchset.

This sounds like it could be the problem fixed by this:

    commit a70daba3771e96cc6b8fd3d11ed297ab13717018
    Author: Alexander Graf <email address hidden>
    Date: Thu Jun 5 11:39:43 2014 +0200

    linux-user: Tell guest about big host page sizes

    We tell the guest its page size via AUX vectors. The guest process then uses
    this page size as information on which boundaries it can mmap() things.

    However, if the host has a bigger page size granularity than the guest, it can
    not fulfill these mmap() requests - which falls apart when MAP_FIXED is passed
    to mmap.

    So in that case, let the guest know that we're running on a bigger page size
    granularity than the target would require.

    This fixes running qemu-ppc (TARGET_PAGE_SIZE=4k) on a 64k page size ppc64 host
    for me.

    Signed-off-by: Alexander Graf <email address hidden>
    Reviewed-by: Richard Henderson <email address hidden>

or possibly by this:

    commit f46e9a0b9911fcfbc13f85f3a8808067990a0f5c
    Author: Tom Musta <email address hidden>
    Date: Thu May 29 09:12:23 2014 -0500

    target-ppc: Confirm That .bss Pages Are Valid

    The existing code does a check to ensure that a .bss region is properly
    mmap'd. When additional mmap is required, the (guest) pages are also
    validated. However, this code has a bug: when host page size is larger
    than target page size, it is possible for the .bss pages to already be
    (host) mapped but the guest .bss pages may not be valid.

    The check to mmap additional space is separated from the flagging of the
    target (guest) pages, thus ensuring that both aspects are done properly.

    Signed-off-by: Tom Musta <email address hidden>
    Signed-off-by: Alexander Graf <email address hidden>

Hi,

the two commits cited in comment #9 are applied in the new 2.1+dfsg-2ubuntu1 version in utopic. Would you be able to test whether that fixes it? If so I can line up an SRU for trusty with those patches.

(raised priority as there doesn't seem to be a reasonable workaround -
static compilation is not always reasonable)

I was having this same issue with qemu-ppc both the 2.0 version and a handbuilt 2.1.0 version running on 14.04. By installing these packages the error disappeared:

acl libaio1 libasound2 libasound2-data libasyncns0 libbrlapi0.6 libcaca0 libflac8 libogg0 libpulse0 librados2 librbd1 libsdl1.2debian libseccomp2 libsndfile1 libspice-server1 libvorbis0a libvorbisenc2 libxen-4.4 libxenstore3.0 libyajl2 sharutils

I'm not sure which one of the libvorbis/flac/ogg/asound packages fixed it, but they were key for the segfault to go away.

I noticed based on the post from jrr that packages qemu-system-common, qemu-keymaps, qemu-system-ppc, qemu-user-static pulled in those other packages as deps and tried just installing the packages along with qemu-user. Just wan'ted to add that to this post.

So later on I had the ability to setup some more servers running with QEMU and found these packages were causing the same issues:

lib32asan0 lib32atomic1 lib32gcc-4.8-dev lib32gcc1 lib32gcc1 lib32gomp1 lib32itm1 lib32quadmath0 libc6-x32 libx32atomic1 libx32gomp1 libx32itm1 libx32quadmath0 gcc-4.8-multilib libx32gcc-4.8-dev libx32gcc1

After removing those things started working again.

Hi,
nothing happened since then.
I was trying to reproduce but it seems (to me) down to none of us knowing how to correctly resolve libraries.

So before here people reported:
- static builds work
- dynamic builds fail for some with ld.so failing and crashing for others
- dynamic builds fail

To resolve this a bit one has to follow [1] which also needs [2].
Once you did that the issue of the missing ld.so (of the target arch) is resolved.

Doing that I can re-create the issue - even on xenial still with a much newer qemu.
I can also confirm that doing the same e.g. with armhf is working - so it must be ppc specific.
Given the fact that this is a super rare case to need it and OTOH powerpc is mostly dropped in more recent releases this is still a low prio issue.

So even if it is low prio for me, I hope the links help if a community member wants to get onto this. to not let this bug hang-on for another few years I'll mark the tasks incomplete to see if one is still caring and might have a suggestion.
If for quite long again nobody volunteers to help or has a suggestion we might end up closing it.
Sorry but better honest than faking activity here :-/

[1]: https://wiki.debian.org/QemuUserEmulation
[2]: https://wiki.debian.org/Multiarch/HOWTO#Setting_up_apt_sources

Since dropped in later releases the devel task is won#t fix

[Expired for qemu (Ubuntu Trusty) because there has been no activity for 60 days.]

[Expired for qemu (Ubuntu Xenial) because there has been no activity for 60 days.]