Re: [Qemu-devel] [PATCH] linux-user: fix segfault deadlock

Fri, 13 Jan 2012 08:21:35 -0800 

On 13.01.2012, at 17:16, Peter Maydell wrote:

> On 13 January 2012 15:46, Alexander Graf <ag...@suse.de> wrote:
>> When entering the guest we take a lock to ensure that nobody else messes
>> with our TB chaining while we're doing it. If we get a segfault inside that
>> code, we manage to work on, but will not unlock the lock.
>> 
>> This patch forces unlocking of that lock in the segv handler. I'm not sure
>> this is the right approach though. Maybe we should rather make sure we don't
>> segfault in the code? I would greatly appreciate someone more intelligible
>> than me to look at this :).
> 
> A segfault while we're walking the TB chains in QEMU C code?
> That's just a bug (and we know we have one there) -- we should
> fix it rather than papering over it like this.

Well, we're segfaulting in this exact special case which calls setrlimit() 
before an mmap which fails:


agraf@wichary:/abuild/agraf/buildroot.gmime> sudo chroot .
wichary:/> QEMU_LOG=in_asm,cpu,int,out_asm QEMU_STRACE=1 ./conftest 
32595 brk(NULL) = 0x00012000
32595 uname(0x18800808) = 0
32595 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 
0x18822000
32595 access("/etc/ld.so.preload",R_OK) = -1 errno=2 (No such file or directory)
32595 open("/etc/ld.so.cache",O_RDONLY) = 4
32595 fstat64(4,0x18800430) = 0
32595 mmap2(NULL,14915,PROT_READ,MAP_PRIVATE,4,0) = 0x18823000
32595 close(4) = 0
32595 open("/lib/libc.so.6",O_RDONLY) = 4
32595 read(4,0x18800534,512) = 512
32595 fstat64(4,0x18800468) = 0
32595 mmap2(NULL,947552,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_DENYWRITE,4,0) = 
0x18827000
32595 mprotect(0x18902000,28672,PROT_NONE) = 0
32595 
mmap2(0x18909000,12288,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_DENYWRITE|MAP_FIXED,4,0xda)
 = 0x18909000
32595 
mmap2(0x1890c000,9568,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|MAP_FIXED,-1,0)
 = 0x1890c000
32595 close(4) = 0
32595 open("/lib/libgcc_s.so.1",O_RDONLY) = 4
32595 read(4,0x1880051c,512) = 512
32595 fstat64(4,0x18800450) = 0
32595 mmap2(NULL,69908,PROT_EXEC|PROT_READ,MAP_PRIVATE|MAP_DENYWRITE,4,0) = 
0x1890f000
32595 mprotect(0x18918000,28672,PROT_NONE) = 0
32595 
mmap2(0x1891f000,8192,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_DENYWRITE|MAP_FIXED,4,0x8)
 = 0x1891f000
32595 close(4) = 0
32595 mmap2(NULL,4096,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 
0x18921000
32595 mprotect(0x18909000,8192,PROT_READ) = 0
32595 mprotect(0x1891f000,4096,PROT_READ) = 0
32595 mprotect(0x00010000,4096,PROT_READ) = 0
32595 mprotect(0x18820000,4096,PROT_READ) = 0
32595 munmap(0x18823000,14915) = 0
32595 rt_sigaction(SIGSEGV,0x18800a00,0x18800a8c) = 0
32595 rt_sigaction(70x18800a00,0x18800a8c) = 0
32595 Unknown syscall 369
32595 ugetrlimit(2,411044936,412226752,38,411044960,2) = 0
32595 Unknown syscall 369
32595 setrlimit(2,411044936,5000000,0,411044960,2) = 0
32595 Unknown syscall 369
32595 ugetrlimit(9,411044936,412226752,38,411044960,9) = 0
32595 Unknown syscall 369
32595 setrlimit(9,411044936,5000000,0,411044960,9) = 0
32595 Unknown syscall 369
32595 ugetrlimit(3,411044936,412226752,38,411044960,3) = 0
32595 Unknown syscall 369
32595 setrlimit(3,411044936,5000000,0,411044960,3) = 0
32595 mmap2(NULL,5001216,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS,-1,0) = 
0xfffffff4

*** this is where we deadlock otherwise ***

32595 exit_group(1)


Alex

Reply via email to