linux-user: Fixed cpu restore with pc 0 on SIGBUS

Commit f4e1168198 (linux-user: Split out host_sig{segv,bus}_handler)
introduced a bug, when returning from host_sigbus_handler the PC is
never set.

linux-user: Fixed cpu restore with pc 0 on SIGBUS

Commit f4e1168198 (linux-user: Split out host_sig{segv,bus}_handler)
introduced a bug, when returning from host_sigbus_handler the PC is
never set. Thus cpu_loop_exit_restore is called with a zero PC and
we immediate get a SIGSEGV.

Signed-off-by: Robbin Ehn <rehn@rivosinc.com>
Fixes: f4e1168198 ("linux-user: Split out host_sig{segv,bus}_handler")
Reviewed-by: Palmer Dabbelt <palmer@rivosinc.com>
Message-Id: <33f27425878fb529b9e39ef22c303f6e0d90525f.camel@rivosinc.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
(cherry picked from commit 6d913158b5023ac948b8fd649d77fc86e28072f6)
Signed-off-by: Michael Tokarev <mjt@tls.msk.ru>

show more ...

linux-user: Fix guest signal remapping after adjusting SIGABRT

The arithmetic within the loop was not adjusted properly after SIGRTMIN
was stolen for the guest SIGABRT. The effect was that the gues

linux-user: Fix guest signal remapping after adjusting SIGABRT

The arithmetic within the loop was not adjusted properly after SIGRTMIN
was stolen for the guest SIGABRT. The effect was that the guest libc
could not send itself __SIGRTMIN to wake sleeping threads.

Fixes: 38ee0a7dfb4b ("linux-user: Remap guest SIGABRT")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1967
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Remap guest SIGABRT

Distinguish host SIGABRT from guest SIGABRT by mapping
the guest signal onto one of the host RT signals.

This prevents a cycle by which a host assertion failure
is c

linux-user: Remap guest SIGABRT

Distinguish host SIGABRT from guest SIGABRT by mapping
the guest signal onto one of the host RT signals.

This prevents a cycle by which a host assertion failure
is caught and handled by host_signal_handler, queued for
the guest, and then we attempt to continue past the
host abort. What happens next depends on the host libc,
but is neither good nor helpful.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Detect and report host SIGILL, SIGFPE, SIGTRAP

These signals, when not spoofed via kill(), are always bugs.
Use die_from_signal to report this sensibly.

Acked-by: Helge Deller <deller@g

linux-user: Detect and report host SIGILL, SIGFPE, SIGTRAP

These signals, when not spoofed via kill(), are always bugs.
Use die_from_signal to report this sensibly.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Split out host_sig{segv,bus}_handler

Make host_signal_handler slightly easier to read.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.

linux-user: Split out host_sig{segv,bus}_handler

Make host_signal_handler slightly easier to read.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Simplify signal_init

Install the host signal handler at the same time we are
probing the target signals for SIG_IGN/SIG_DFL. Ignore
unmapped target signals.

Acked-by: Helge Deller <del

linux-user: Simplify signal_init

Install the host signal handler at the same time we are
probing the target signals for SIG_IGN/SIG_DFL. Ignore
unmapped target signals.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Map unsupported signals to an out-of-bounds value

Do not return a valid signal number in one domain
when given an invalid signal number in the other domain.

Acked-by: Helge Deller <dell

linux-user: Map unsupported signals to an out-of-bounds value

Do not return a valid signal number in one domain
when given an invalid signal number in the other domain.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Only register handlers for core_dump_signal by default

The set of fatal signals is really immaterial. If one arrives,
and is unhandled, then the qemu process dies and the parent gets
th

linux-user: Only register handlers for core_dump_signal by default

The set of fatal signals is really immaterial. If one arrives,
and is unhandled, then the qemu process dies and the parent gets
the correct signal.

It is only for those signals which we would like to perform a
guest core dump instead of a host core dump that we need to catch.

Acked-by: Helge Deller <deller@gmx.de>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Detect and report host crashes

If there is an internal program error in the qemu source code which
raises SIGSEGV or SIGBUS, we currently assume the signal belongs to
the guest. With an

linux-user: Detect and report host crashes

If there is an internal program error in the qemu source code which
raises SIGSEGV or SIGBUS, we currently assume the signal belongs to
the guest. With an artificial error introduced, we will now print

QEMU internal SIGSEGV {code=MAPERR, addr=(nil)}

Signed-off-by: Helge Deller <deller@gmx.de>
Message-Id: <20230812164314.352131-1-deller@gmx.de>
[rth: Use in_code_gen_buffer and die_with_signal; drop backtrace]
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Exit not abort in die_with_backtrace

This line is supposed to be unreachable, but if we're going to
have it at all, SIGABRT via abort() is subject to the same signal
peril that created t

linux-user: Exit not abort in die_with_backtrace

This line is supposed to be unreachable, but if we're going to
have it at all, SIGABRT via abort() is subject to the same signal
peril that created this function in the first place.

We can _exit immediately without peril.

Acked-by: Helge Deller <deller@gmx.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Split out die_with_signal

Because we trap so many signals for use by the guest,
we have to take extra steps to exit properly.

Acked-by: Helge Deller <deller@gmx.de>
Reviewed-by: Philipp

linux-user: Split out die_with_signal

Because we trap so many signals for use by the guest,
we have to take extra steps to exit properly.

Acked-by: Helge Deller <deller@gmx.de>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

build: Remove --enable-gprof

This build option has been deprecated since 8.0.
Remove all CONFIG_GPROF code that depends on that,
including one errant check using TARGET_GPROF.

Acked-by: Alex Bennée

build: Remove --enable-gprof

This build option has been deprecated since 8.0.
Remove all CONFIG_GPROF code that depends on that,
including one errant check using TARGET_GPROF.

Acked-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <philmd@linaro.org>
Acked-by: Paolo Bonzini <pbonzini@redhat.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

accel/tcg: Replace CPUState.env_ptr with cpu_env()

Reviewed-by: Anton Johansson <anjo@rev.ng>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

gdbstub: move chunks of user code into own files

The process was pretty similar to the softmmu move except we take the
time to split stuff between user.c and user-target.c to avoid as much
target sp

gdbstub: move chunks of user code into own files

The process was pretty similar to the softmmu move except we take the
time to split stuff between user.c and user-target.c to avoid as much
target specific compilation as possible. We also start to make use of
our shiny new header scheme so the user-only helpers can be included
without the rest of the exec/gsbstub.h cruft.

As before we split some functions into user and softmmu versions

Reviewed-by: Fabiano Rosas <farosas@suse.de>
Signed-off-by: Alex Bennée <alex.bennee@linaro.org>

Message-Id: <20230302190846.2593720-12-alex.bennee@linaro.org>
Message-Id: <20230303025805.625589-12-richard.henderson@linaro.org>

show more ...

linux-user: Clean up when exiting due to a signal

When exiting due to an exit() syscall, qemu-user calls
preexit_cleanup(), but this is currently not the case when exiting due
to a signal. This lead

linux-user: Clean up when exiting due to a signal

When exiting due to an exit() syscall, qemu-user calls
preexit_cleanup(), but this is currently not the case when exiting due
to a signal. This leads to various buffers not being flushed (e.g.,
for gprof, for gcov, and for the upcoming perf support).

Add the missing call.

Signed-off-by: Ilya Leoshkevich <iii@linux.ibm.com>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20230112152013.125680-2-iii@linux.ibm.com>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Add missing signals in strace output

Some of the guest signal numbers are currently not converted to
their representative names in the strace output, e.g. SIGVTALRM.

This patch introduc

linux-user: Add missing signals in strace output

Some of the guest signal numbers are currently not converted to
their representative names in the strace output, e.g. SIGVTALRM.

This patch introduces a smart way to generate and keep in sync the
host-to-guest and guest-to-host signal conversion tables for usage in
the qemu signal and strace code. This ensures that any signals
will now show up in both tables.

There is no functional change in this patch - with the exception that yet
missing signal names now show up in the strace code too.

Signed-off-by: Helge Deller <deller@gmx.de>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220918194555.83535-2-deller@gmx.de>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

compiler.h: replace QEMU_NORETURN with G_NORETURN

G_NORETURN was introduced in glib 2.68, fallback to G_GNUC_NORETURN in
glib-compat.

Note that this attribute must be placed before the function dec

compiler.h: replace QEMU_NORETURN with G_NORETURN

G_NORETURN was introduced in glib 2.68, fallback to G_GNUC_NORETURN in
glib-compat.

Note that this attribute must be placed before the function declaration
(bringing a bit of consistency in qemu codebase usage).

Signed-off-by: Marc-André Lureau <marcandre.lureau@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Message-Id: <20220420132624.2439741-20-marcandre.lureau@redhat.com>

show more ...

linux-user: Split out helpers for sigsuspend

Two new functions: process_sigsuspend_mask and finish_sigsuspend_mask.
Move the size check and copy-from-user code.

Signed-off-by: Richard Henderson <ri

linux-user: Split out helpers for sigsuspend

Two new functions: process_sigsuspend_mask and finish_sigsuspend_mask.
Move the size check and copy-from-user code.

Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <20220315084308.433109-3-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

linux-user: Remove stale "not threadsafe" comments

In linux-user/signal.c we have two FIXME comments claiming that
parts of the signal-handling code are not threadsafe. These are
very old, as they w

linux-user: Remove stale "not threadsafe" comments

In linux-user/signal.c we have two FIXME comments claiming that
parts of the signal-handling code are not threadsafe. These are
very old, as they were first introduced in commit 624f7979058
in 2008. Since then we've radically overhauled the signal-handling
logic, while carefully preserving these FIXME comments.

It's unclear exactly what thread-safety issue the original
author was trying to point out -- the relevant data structures
are in the TaskStruct, which makes them per-thread and only
operated on by that thread. The old code at the time of that
commit did have various races involving signal handlers being
invoked at awkward times; possibly this was what was meant.

Delete these FIXME comments:
* they were written at a time when the way we handled
signals was completely different
* the code today appears to us to not have thread-safety issues
* nobody knows what the problem the comments were trying to
point out was
so they are serving no useful purpose for us today.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Alex Bennée <alex.bennee@linaro.org>
Reviewed-by: Warner Losh <imp@bsdimp.com>
Message-Id: <20220114155032.3767771-1-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

linux-user: Introduce host_sigcontext

Do not directly access ucontext_t as the third signal parameter.
This is preparation for a sparc64 fix.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
R

linux-user: Introduce host_sigcontext

Do not directly access ucontext_t as the third signal parameter.
This is preparation for a sparc64 fix.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Introduce host_signal_mask

Do not directly access the uc_sigmask member.
This is preparation for a sparc64 fix.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philip

linux-user: Introduce host_signal_mask

Do not directly access the uc_sigmask member.
This is preparation for a sparc64 fix.

Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

show more ...

linux-user: Return void from queue_signal()

The linux-user queue_signal() function always returns 1, and none of
its callers check the return value. Give it a void return type
instead.

The return

linux-user: Return void from queue_signal()

The linux-user queue_signal() function always returns 1, and none of
its callers check the return value. Give it a void return type
instead.

The return value is a leftover from the old pre-2016 linux-user
signal handling code, which really did have a queue of signals and so
might return a failure indication if too many signals were queued at
once. The current design avoids having to ever have more than one
signal queued via queue_signal() at once, so it can never fail.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220114153732.3767229-4-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

linux-user: Rename user_force_sig tracepoint to match function name

In commit c599d4d6d6e9bfdb64 in 2016 we renamed the old force_sig()
function to dump_core_and_abort(), but we forgot to rename the

linux-user: Rename user_force_sig tracepoint to match function name

In commit c599d4d6d6e9bfdb64 in 2016 we renamed the old force_sig()
function to dump_core_and_abort(), but we forgot to rename the
associated tracepoint. Rename the tracepoint to to match the
function it's called from.

Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Philippe Mathieu-Daudé <f4bug@amsat.org>
Message-Id: <20220114153732.3767229-3-peter.maydell@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

linux-user/nios2: Use set_sigmask in do_rt_sigreturn

Using do_sigprocmask directly was incorrect, as it will
leave the signal blocked by the outer layers of linux-user.

Reviewed-by: Laurent Vivier

linux-user/nios2: Use set_sigmask in do_rt_sigreturn

Using do_sigprocmask directly was incorrect, as it will
leave the signal blocked by the outer layers of linux-user.

Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-Id: <20211221025012.1057923-8-richard.henderson@linaro.org>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...

linux-user/signal: Map exit signals in SIGCHLD siginfo_t

When converting a siginfo_t from waitid(), the interpretation of si_status
depends on the value of si_code: For CLD_EXITED, it is an exit cod

linux-user/signal: Map exit signals in SIGCHLD siginfo_t

When converting a siginfo_t from waitid(), the interpretation of si_status
depends on the value of si_code: For CLD_EXITED, it is an exit code and
should be copied verbatim. For other codes, it is a signal number
(possibly with additional high bits from ptrace) that should be mapped.

This code was previously changed in commit 1c3dfb506ea3
("linux-user/signal: Decode waitid si_code"), but the fix was
incomplete.

Tested with the following test program:

#include <stdio.h>
#include <stdlib.h>
#include <unistd.h>
#include <sys/wait.h>

int main() {
pid_t pid = fork();
if (pid == 0) {
exit(12);
} else {
siginfo_t siginfo = {};
waitid(P_PID, pid, &siginfo, WEXITED);
printf("Code: %d, status: %d\n", (int)siginfo.si_code, (int)siginfo.si_status);
}

pid = fork();
if (pid == 0) {
raise(SIGUSR2);
} else {
siginfo_t siginfo = {};
waitid(P_PID, pid, &siginfo, WEXITED);
printf("Code: %d, status: %d\n", (int)siginfo.si_code, (int)siginfo.si_status);
}
}

Output with an x86_64 host and mips64el target before 1c3dfb506ea3
(incorrect: exit code 12 is translated like a signal):

Code: 1, status: 17
Code: 2, status: 17

After 1c3dfb506ea3 (incorrect: signal number is not translated):

Code: 1, status: 12
Code: 2, status: 12

With this patch:

Code: 1, status: 12
Code: 2, status: 17

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Reviewed-by: Laurent Vivier <laurent@vivier.eu>
Message-Id: <81534fde7cdfc6acea4889d886fbefdd606630fb.1635019124.git.mschiffer@universe-factory.net>
Signed-off-by: Laurent Vivier <laurent@vivier.eu>

show more ...