qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] Segmentation fault running i386 Linux binary

From: Chris Emerson
Subject: [Qemu-devel] Segmentation fault running i386 Linux binary
Date: Sat, 24 Apr 2004 14:18:35 +0100
User-agent: Mutt/1.3.28i 
I'm getting a crash running "zayit", a Linux/i386 ELF binary which comes
with Sun's Wireless Toolkit on my PowerPC Linux box, using qemu 0.5.3
and also CVS updated this morning.  The source to this binary doesn't
seem to be available.  It crashes quite early, before it gets as far as
complaining about bad arguments.

Below are gdb backtrace and /proc/nnn/maps, and the qemu.log (~400k
compressed) from "qemu-i386 -d exec,out_asm,in_asm,op,op_opt,int,pcall"
is currently available at http://www.tartarus.org/~chris/tmp/qemu.log.gz.
Let me know if anything else could be useful.

I did have to fix the "-d" argument (and usage message) to get the above
trace; patch at http://www.tartarus.org/~chris/tmp/qemu_d-20040424.diff.

It seems to be trying to read from a large region of anonymous memory
with no permissions.

gopher:/usr3/java/WTK2.1$ gdb ~/working/qemu/qemu-cvs/i386-user/qemu-i386
gdb: Symbol `emacs_ctlx_keymap' has different size in shared object, onsider 
re-linking
GNU gdb 2002-04-01-cvs
Copyright 2002 Free Software Foundation, Inc.
GDB is free software, covered by the GNU General Public License, and you are
welcome to change it and/or distribute copies of it under certain conditions.
Type "show copying" to see the conditions.
There is absolutely no warranty for GDB.  Type "show warranty" for details.
This GDB was configured as "powerpc-linux"...
(gdb) run bin/zayit
Starting program: /usr/src/cme20/qemu/qemu-cvs/i386-user/qemu-i386 bin/zayit

Program received signal SIGSEGV, Segmentation fault.
0x60861164 in code_gen_buffer ()
(gdb) bt
#0  0x60861164 in code_gen_buffer ()
#1  0x600130a8 in cpu_x86_exec (env1=0x601dcc40)
    at /home/cme20/working/qemu/qemu-cvs/cpu-exec.c:482
#2  0x60004bc8 in cpu_loop (env=0xffffffff)
    at /home/cme20/working/qemu/qemu-cvs/linux-user/main.c:143
#3  0x60005240 in main (argc=0, argv=0x0)
    at /home/cme20/working/qemu/qemu-cvs/linux-user/main.c:1037
#4  0x5fe2b100 in __libc_start_main () from /lib/libc.so.6
(gdb) disass 0x60861160 0x60861170
Dump of assembler code from 0x60861160 to 0x60861170:
0x60861160 <code_gen_buffer+239072>:    lwz     r25,12(r27)
0x60861164 <code_gen_buffer+239076>:    lbz     r24,0(r26)
0x60861168 <code_gen_buffer+239080>:    and     r24,r24,r25
0x6086116c <code_gen_buffer+239084>:    stb     r24,0(r26)
End of assembler dump.
(gdb) info registers r26
r26            0x300c2284       806101636
(gdb)

gopher:/usr3/java/WTK2.1/apps/demos/classes$ cat /proc/13474/maps
08048000-08049000 r-xp 00000000 03:4d 32442      /usr3/java/WTK2.1/bin/zayit
08049000-0804a000 rw-p 00000000 03:4d 32442      /usr3/java/WTK2.1/bin/zayit
0804a000-0804b000 rw-p 00000000 00:00 0 
30000000-30016000 r-xp 00000000 03:09 121280     /lib/ld-2.3.2.so
30024000-30025000 rw-p 00000000 00:00 0 
30025000-30027000 rwxp 00015000 03:09 121280     /lib/ld-2.3.2.so
30027000-300a6000 rw-p 00000000 00:00 0 
300a6000-300a7000 r--p 0007f000 00:00 0 
300a7000-300a8000 ---p 00080000 00:00 0 
300a8000-300bb000 r-xp 00000000 03:4c 120034     
/usr/gnemul/qemu-i386/lib/ld-2.2.5.so
300bb000-300bc000 rw-p 00013000 03:4c 120034     
/usr/gnemul/qemu-i386/lib/ld-2.2.5.so
300bc000-320a8000 ---p 00014000 00:00 0 
320a9000-320ab000 r-xp 00000000 03:4c 118376     
/usr/gnemul/qemu-i386/lib/libdl-2.1.3.so
320ab000-320ad000 rw-p 00001000 03:4c 118376     
/usr/gnemul/qemu-i386/lib/libdl-2.1.3.so
320ad000-321c0000 r-xp 00000000 03:4c 120032     
/usr/gnemul/qemu-i386/lib/libc-2.2.5.so
321c0000-321c6000 rw-p 00113000 03:4c 120032     
/usr/gnemul/qemu-i386/lib/libc-2.2.5.so
321c6000-321cb000 rw-p 00000000 00:00 0 
5fe0e000-5ff40000 r-xp 00000000 03:09 121283     /lib/libc-2.3.2.so
5ff40000-5ff4e000 ---p 00132000 03:09 121283     /lib/libc-2.3.2.so
5ff4e000-5ff5a000 rwxp 00130000 03:09 121283     /lib/libc-2.3.2.so
5ff5a000-5ff5c000 rwxp 00000000 00:00 0 
5ff6c000-5ffde000 r-xp 00000000 03:09 121290     /lib/libm-2.3.2.so
5ffde000-5ffec000 ---p 00072000 03:09 121290     /lib/libm-2.3.2.so
5ffec000-5fff0000 rwxp 00070000 03:09 121290     /lib/libm-2.3.2.so
60000000-60057000 r-xp 00000000 03:48 677201     
/usr/src/cme20/qemu/qemu-cvs/i386-user/qemu-i386
60156000-6015e000 rwxp 00056000 03:48 677201     
/usr/src/cme20/qemu/qemu-cvs/i386-user/qemu-i386
6015e000-60e6e000 rwxp 00000000 00:00 0 
7fffe000-80000000 rwxp fffff000 00:00 0

Chris
reply via email to
[Prev in Thread] Current Thread [Next in Thread]