summary refs log tree commit diff stats
path: root/results/classifier/user-mode-bugs/1346784
diff options
context:
space:
mode:
Diffstat (limited to 'results/classifier/user-mode-bugs/1346784')
-rw-r--r--results/classifier/user-mode-bugs/134678469
1 files changed, 69 insertions, 0 deletions
diff --git a/results/classifier/user-mode-bugs/1346784 b/results/classifier/user-mode-bugs/1346784
new file mode 100644
index 00000000..28b5c2d4
--- /dev/null
+++ b/results/classifier/user-mode-bugs/1346784
@@ -0,0 +1,69 @@
+
+
+qemu internal memory areas visible to a guest via /proc/self/maps
+
+
+Qemu internal memory areas are not suppressed in the output and are  visible to a guest via /proc/self/maps.
+
+$ echo "int main() { return 0; }" > /tmp/test.c
+$ gcc -m32 -fsanitize=address -fno-common -Wall -g -fPIC -o /tmp/test /tmp/test.c
+$ qemu-i386-static -R 0 /tmp/test
+
+We use -R option because the binary can't be executed under stock version of Qemu with address sanitizer instrumentations (Asan).
+
+Qemu memory map looks the following way where GUEST valid addresses are marked with ***** and invalid with @@@:
+
+***** 08048000-08049000 r-xp 00000000 08:01 28835889          /tmp/test
+***** 08049000-0804a000 rw-p 00000000 08:01 28835889          /tmp/test
+***** 1ffff000-24000000 rw-p 00000000 00:00 0 
+***** 24000000-28000000 ---p 00000000 00:00 0 
+***** 28000000-40000000 rw-p 00000000 00:00 0 
+***** 40000000-40001000 ---p 00000000 00:00 0 
+***** 40001000-40801000 rw-p 00000000 00:00 0                         [stack]
+***** 40801000-40821000 r-xp 00000000 08:01 26738694          /lib32/ld-2.19.so
+***** 40821000-40822000 r--p 0001f000 08:01 26738694          /lib32/ld-2.19.so
+***** 40822000-40823000 rw-p 00020000 08:01 26738694          /lib32/ld-2.19.so
+***** 40823000-40827000 rw-p 00000000 00:00 0 
+***** 40827000-408ca000 r-xp 00000000 08:01 49424994          /home/michail/build/lib32/libasan.so.1.0.0
+***** 408ca000-408cc000 rw-p 000a3000 08:01 49424994          /home/michail/build/lib32/libasan.so.1.0.0
+***** 408cc000-40d24000 rw-p 00000000 00:00 0 
+***** 40d3c000-40ee2000 r-xp 00000000 08:01 26738695          /lib32/libc-2.19.so
+***** 40ee2000-40ee4000 r--p 001a6000 08:01 26738695          /lib32/libc-2.19.so
+***** 40ee4000-40ee5000 rw-p 001a8000 08:01 26738695          /lib32/libc-2.19.so
+***** 40ee5000-40ee8000 rw-p 00000000 00:00 0 
+***** 40ee8000-40f00000 r-xp 00000000 08:01 26738711          /lib32/libpthread-2.19.so
+***** 40f00000-40f01000 r--p 00017000 08:01 26738711          /lib32/libpthread-2.19.so
+***** 40f01000-40f02000 rw-p 00018000 08:01 26738711          /lib32/libpthread-2.19.so
+***** 40f02000-40f04000 rw-p 00000000 00:00 0 
+***** 40f04000-40f07000 r-xp 00000000 08:01 26738708          /lib32/libdl-2.19.so
+***** 40f07000-40f08000 r--p 00002000 08:01 26738708          /lib32/libdl-2.19.so
+***** 40f08000-40f09000 rw-p 00003000 08:01 26738708          /lib32/libdl-2.19.so
+***** 40f09000-40fee000 r-xp 00000000 08:01 49424965          /home/michail/build/lib32/libstdc++.so.6.0.20
+***** 40fee000-40ff2000 r--p 000e5000 08:01 49424965          /home/michail/build/lib32/libstdc++.so.6.0.20
+***** 40ff2000-40ff3000 rw-p 000e9000 08:01 49424965          /home/michail/build/lib32/libstdc++.so.6.0.20
+***** 40ff3000-40ffa000 rw-p 00000000 00:00 0 
+***** 40ffa000-4103e000 r-xp 00000000 08:01 26738698          /lib32/libm-2.19.so
+***** 4103e000-4103f000 r--p 00043000 08:01 26738698          /lib32/libm-2.19.so
+***** 4103f000-41040000 rw-p 00044000 08:01 26738698          /lib32/libm-2.19.so
+***** 41040000-41041000 rw-p 00000000 00:00 0 
+***** 41041000-4105b000 r-xp 00000000 08:01 49424637          /home/michail/build/lib32/libgcc_s.so.1
+***** 4105b000-4105c000 rw-p 00019000 08:01 49424637          /home/michail/build/lib32/libgcc_s.so.1
+***** 4105c000-4105e000 rw-p 00000000 00:00 0 
+***** 4105f000-41061000 rw-p 00000000 00:00 0 
+***** 41065000-421ed000 rw-p 00000000 00:00 0 
+***** 421ee000-421f1000 rw-p 00000000 00:00 0 
+***** 60000000-6033b000 r-xp 00000000 08:01 48760980          /home/michail/build/bin/qemu-i386-static
+***** 6053b000-60546000 rw-p 0033b000 08:01 48760980          /home/michail/build/bin/qemu-i386-static
+***** 60546000-6059a000 rw-p 00000000 00:00 0 
+***** 6059a000-6259b000 rwxp 00000000 00:00 0 
+***** 6259b000-625ae000 rw-p 00000000 00:00 0 
+***** 62dce000-62e12000 rw-p 00000000 00:00 0                          [heap]
+@@@ 7f3f5e6a9000 - 7f3f61f28000 rw-p 00000000 00:00 0 
+@@@ 7fffad130000 - 7fffad132000 r-xp 00000000 00:00 0          [vdso]
+@@@ ffffffffff600000 - ffffffffff601000 r-xp 00000000 00:00 0          [vsyscall]
+
+qemu-i386-static and its heap are in ranges which are valid and be reported to guest in case of maps file reading.
+
+The issue is related to early reported bugs:
+http://lists.nongnu.org/archive/html/qemu-devel/2014-07/msg02793.html
+http://lists.nongnu.org/archive/html/qemu-devel/2014-07/msg03085.html
\ No newline at end of file