The arithmetic within the loop was not adjusted properly after SIGRTMIN
was stolen for the guest SIGABRT.  The effect was that the guest libc
could not send itself __SIGRTMIN to wake sleeping threads.

Fixes: 38ee0a7dfb4b ("linux-user: Remap guest SIGABRT")
Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1967
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
---
 linux-user/signal.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/linux-user/signal.c b/linux-user/signal.c
index 3b8efec89f..b35d1e512f 100644
--- a/linux-user/signal.c
+++ b/linux-user/signal.c
@@ -536,11 +536,10 @@ static void signal_table_init(void)
     host_to_target_signal_table[SIGABRT] = 0;
     host_to_target_signal_table[hsig++] = TARGET_SIGABRT;
 
-    for (; hsig <= SIGRTMAX; hsig++) {
-        tsig = hsig - SIGRTMIN + TARGET_SIGRTMIN;
-        if (tsig <= TARGET_NSIG) {
-            host_to_target_signal_table[hsig] = tsig;
-        }
+    for (tsig = TARGET_SIGRTMIN;
+         hsig <= SIGRTMAX && tsig <= TARGET_NSIG;
+         hsig++, tsig++) {
+        host_to_target_signal_table[hsig] = tsig;
     }
 
     /* Invert the mapping that has already been assigned. */
-- 
2.34.1

Richard Henderson <richard.henderson@linaro.org> writes:

> The arithmetic within the loop was not adjusted properly after SIGRTMIN
> was stolen for the guest SIGABRT.  The effect was that the guest libc
> could not send itself __SIGRTMIN to wake sleeping threads.
>
> Fixes: 38ee0a7dfb4b ("linux-user: Remap guest SIGABRT")
> Resolves: https://gitlab.com/qemu-project/qemu/-/issues/1967
> Signed-off-by: Richard Henderson <richard.henderson@linaro.org>

Reviewed-by: Alex Bennée <alex.bennee@linaro.org>

-- 
Alex Bennée
Virtualisation Tech Lead @ Linaro