Package: qemu-user-static
Version: 1:7.2+dfsg-7+deb12u1
Severity: important
Control: found -1 1:7.2+dfsg-7+deb12u2
Hi,
on an amd64 host in an arm64 sid chroot which uses qemu-user-static for
executing the foreign binaries, ldd fails on certain binaries:
# file /usr/bin/ls
/usr/bin/ls: ELF 64-bit LSB pie executable, ARM aarch64, version 1 (SYSV),
dynamically linked, interpreter /lib/ld-linux-aarch64.so.1,
BuildID[sha1]=9f127c37a4c459cf01639f6ded2fcf11a49d3da9, for GNU/Linux 3.7.0,
stripped
# ldd /usr/bin/ls
libselinux.so.1 => /lib/aarch64-linux-gnu/libselinux.so.1
(0x00000055028a0000)
libc.so.6 => /lib/aarch64-linux-gnu/libc.so.6 (0x00000055028f0000)
/lib/ld-linux-aarch64.so.1 (0x0000005500000000)
libpcre2-8.so.0 => /lib/aarch64-linux-gnu/libpcre2-8.so.0
(0x0000005502ab0000)
# file /usr/bin/aarch64-linux-gnu-g++-13
/usr/bin/aarch64-linux-gnu-g++-13: ELF 64-bit LSB executable, ARM aarch64,
version 1 (GNU/Linux), dynamically linked, interpreter
/lib/ld-linux-aarch64.so.1,
BuildID[sha1]=abd2555af6df7d835a23217915452003fadfc423, for GNU/Linux 3.7.0,
stripped
# ldd /usr/bin/aarch64-linux-gnu-g++-13
ldd: exited with unknown exit code (139)
The actual failing subcommand run by the ldd script is
# /lib/ld-linux-aarch64.so.1 --verify /usr/bin/aarch64-linux-gnu-g++-13
Segmentation fault
I haven't seen this ldd failure on shared libraries, yet.
I couldn't reproduce it on a porterbox in an arm64 chroot, so this is
likely dependent on the qemu usage.
If I try to get a core dump (inside the arm64 chroot) and load that into
gdb (on the amd64 host), the backtrace looks like an infinite loop of
signal handlers getting called until the stack got exhausted:
#0 0x0000000000401130 in ?? ()
#1 0x0000000000757e19 in g_str_equal ()
#2 0x000000000075691a in g_hash_table_lookup ()
#3 0x000000000064c36b in type_table_lookup (name=0x8868fe "cpu") at
../../qom/object.c:87
#4 type_get_by_name (name=0x8868fe "cpu") at ../../qom/object.c:175
#5 object_class_dynamic_cast (class=class@entry=0x2a5da40,
typename=typename@entry=0x8868fe "cpu") at ../../qom/object.c:925
#6 0x000000000064c572 in object_class_dynamic_cast_assert (class=0x2a5da40,
typename=typename@entry=0x8868fe "cpu", file=file@entry=0x86a01d
"./include/hw/core/cpu.h", line=line@entry=62, func=func@entry=0x8c3490
<__func__.0> "CPU_GET_CLASS")
at ../../qom/object.c:981
#7 0x000000000062850a in CPU_GET_CLASS (obj=obj@entry=0x2a721c0) at
./include/hw/core/cpu.h:62
#8 0x00000000006298fc in cpu_loop_exit_sigsegv (cpu=cpu@entry=0x2a721c0,
addr=addr@entry=4198704, access_type=access_type@entry=MMU_DATA_LOAD,
maperr=maperr@entry=true, ra=4198706) at ../../linux-user/signal.c:669
#9 0x0000000000629dda in host_signal_handler (host_sig=11,
info=0x7ffd7a4c3a30, puc=0x7ffd7a4c3900) at ../../linux-user/signal.c:839
#10 <signal handler called>
#11 0x0000000000401130 in ?? ()
#12 0x0000000000757e19 in g_str_equal ()
#13 0x000000000075691a in g_hash_table_lookup ()
#14 0x000000000064c36b in type_table_lookup (name=0x8868fe "cpu") at
../../qom/object.c:87
#15 type_get_by_name (name=0x8868fe "cpu") at ../../qom/object.c:175
#16 object_class_dynamic_cast (class=class@entry=0x2a5da40,
typename=typename@entry=0x8868fe "cpu") at ../../qom/object.c:925
#17 0x000000000064c572 in object_class_dynamic_cast_assert (class=0x2a5da40,
typename=typename@entry=0x8868fe "cpu", file=file@entry=0x86a01d
"./include/hw/core/cpu.h", line=line@entry=62, func=func@entry=0x8c3490
<__func__.0> "CPU_GET_CLASS")
at ../../qom/object.c:981
#18 0x000000000062850a in CPU_GET_CLASS (obj=obj@entry=0x2a721c0) at
./include/hw/core/cpu.h:62
#19 0x00000000006298fc in cpu_loop_exit_sigsegv (cpu=cpu@entry=0x2a721c0,
addr=addr@entry=4198704, access_type=access_type@entry=MMU_DATA_LOAD,
maperr=maperr@entry=true, ra=4198706) at ../../linux-user/signal.c:669
#20 0x0000000000629dda in host_signal_handler (host_sig=11,
info=0x7ffd7a4c4970, puc=0x7ffd7a4c4840) at ../../linux-user/signal.c:839
#21 <signal handler called>
...
#23572 <signal handler called>
#23573 0x0000000000401130 in ?? ()
#23574 0x0000000000757e19 in g_str_equal ()
#23575 0x000000000075691a in g_hash_table_lookup ()
#23576 0x000000000064c36b in type_table_lookup (name=0x8868fe "cpu") at
../../qom/object.c:87
#23577 type_get_by_name (name=0x8868fe "cpu") at ../../qom/object.c:175
#23578 object_class_dynamic_cast (class=class@entry=0x2a5da40,
typename=typename@entry=0x8868fe "cpu") at ../../qom/object.c:925
#23579 0x000000000064c572 in object_class_dynamic_cast_assert (class=0x2a5da40,
typename=typename@entry=0x8868fe "cpu", file=file@entry=0x86a01d
"./include/hw/core/cpu.h", line=line@entry=62, func=func@entry=0x8c3490
<__func__.0> "CPU_GET_CLASS")
at ../../qom/object.c:981
#23580 0x000000000062850a in CPU_GET_CLASS (obj=obj@entry=0x2a721c0) at
./include/hw/core/cpu.h:62
#23581 0x00000000006298fc in cpu_loop_exit_sigsegv (cpu=cpu@entry=0x2a721c0,
addr=addr@entry=4198704, access_type=access_type@entry=MMU_DATA_LOAD,
maperr=maperr@entry=true, ra=4198706) at ../../linux-user/signal.c:669
#23582 0x0000000000629dda in host_signal_handler (host_sig=11,
info=0x7ffd7acbe2f0, puc=0x7ffd7acbe1c0) at ../../linux-user/signal.c:839
#23583 <signal handler called>
#23584 0x0000000000401130 in ?? ()
#23585 0x0000000000757e19 in g_str_equal ()
#23586 0x000000000075691a in g_hash_table_lookup ()
#23587 0x000000000064c36b in type_table_lookup (name=0x8868fe "cpu") at
../../qom/object.c:87
#23588 type_get_by_name (name=0x8868fe "cpu") at ../../qom/object.c:175
#23589 object_class_dynamic_cast (class=class@entry=0x2a5da40,
typename=typename@entry=0x8868fe "cpu") at ../../qom/object.c:925
#23590 0x000000000064c572 in object_class_dynamic_cast_assert (class=0x2a5da40,
typename=typename@entry=0x8868fe "cpu", file=file@entry=0x86a01d
"./include/hw/core/cpu.h", line=line@entry=62, func=func@entry=0x8c3490
<__func__.0> "CPU_GET_CLASS")
at ../../qom/object.c:981
#23591 0x000000000062850a in CPU_GET_CLASS (obj=obj@entry=0x2a721c0) at
./include/hw/core/cpu.h:62
#23592 0x00000000006298fc in cpu_loop_exit_sigsegv (cpu=cpu@entry=0x2a721c0,
addr=addr@entry=4198528, access_type=access_type@entry=MMU_DATA_LOAD,
maperr=maperr@entry=true, ra=4198530) at ../../linux-user/signal.c:669
#23593 0x0000000000629dda in host_signal_handler (host_sig=11,
info=0x7ffd7acbf230, puc=0x7ffd7acbf100) at ../../linux-user/signal.c:839
#23594 <signal handler called>
#23595 0x0000000000401080 in ?? ()
#23596 0x000000000075edb1 in g_malloc0 ()
#23597 0x000000000061abd3 in page_find_alloc (index=index@entry=1024,
alloc=alloc@entry=true) at ../../accel/tcg/translate-all.c:443
#23598 0x000000000061c698 in page_reset_target_data (start=start@entry=4194304,
end=end@entry=5128192) at ../../accel/tcg/user-exec.c:233
#23599 0x000000000061b795 in page_set_flags (start=4194304, end=5128192,
flags=2125) at ../../accel/tcg/translate-all.c:1395
#23600 0x0000000000627727 in target_mmap (start=start@entry=4194304,
len=<optimized out>, len@entry=933888, target_prot=target_prot@entry=5,
flags=<optimized out>, fd=fd@entry=3, offset=offset@entry=0) at
../../linux-user/mmap.c:648
#23601 0x0000000000640396 in do_syscall1 (cpu_env=cpu_env@entry=0x2a724e0,
num=num@entry=222, arg1=arg1@entry=4194304, arg2=arg2@entry=933888,
arg3=arg3@entry=5, arg4=arg4@entry=2066, arg5=<optimized out>, arg6=<optimized
out>, arg8=0, arg7=0)
at ../../linux-user/syscall.c:10091
#23602 0x0000000000642895 in do_syscall (cpu_env=cpu_env@entry=0x2a724e0,
num=222, arg1=4194304, arg2=933888, arg3=5, arg4=2066, arg5=3, arg6=0, arg7=0,
arg8=0) at ../../linux-user/syscall.c:13375
#23603 0x00000000004059af in cpu_loop (env=env@entry=0x2a724e0) at
../../linux-user/aarch64/cpu_loop.c:101
#23604 0x000000000040220c in main (argc=<optimized out>, argv=<optimized out>,
envp=<optimized out>) at ../../linux-user/main.c:950
(backtrace from 1:7.2+dfsg-7+deb12u2)
Andreas
