diff options
| author | Christian Krinitsin <mail@krinitsin.com> | 2025-07-07 17:23:11 +0000 |
|---|---|---|
| committer | Christian Krinitsin <mail@krinitsin.com> | 2025-07-07 17:23:11 +0000 |
| commit | c50b0c4da17b6e83640e4ed2380fffb5f507c846 (patch) | |
| tree | b4f203fce1380e2ea3578a784bb8ee060fe42cbd /results/classifier/zero-shot-user-mode/output/instruction/1749393 | |
| parent | 61361f925d4914a6608a0076e64cc2399311ed5f (diff) | |
| download | qemu-analysis-c50b0c4da17b6e83640e4ed2380fffb5f507c846.tar.gz qemu-analysis-c50b0c4da17b6e83640e4ed2380fffb5f507c846.zip | |
add zero-shot results
Diffstat (limited to 'results/classifier/zero-shot-user-mode/output/instruction/1749393')
| -rw-r--r-- | results/classifier/zero-shot-user-mode/output/instruction/1749393 | 32 |
1 files changed, 32 insertions, 0 deletions
diff --git a/results/classifier/zero-shot-user-mode/output/instruction/1749393 b/results/classifier/zero-shot-user-mode/output/instruction/1749393 new file mode 100644 index 000000000..666458855 --- /dev/null +++ b/results/classifier/zero-shot-user-mode/output/instruction/1749393 @@ -0,0 +1,32 @@ +instruction: 0.613 +runtime: 0.288 +syscall: 0.099 + + + +sbrk() not working under qemu-user with a PIE-compiled binary? + +In Debian unstable, we recently switched bash to be a PIE-compiled binary (for hardening). Unfortunately this resulted in bash being broken when run under qemu-user (for all target architectures, host being amd64 for me). + +$ sudo chroot /srv/chroots/sid-i386/ qemu-i386-static /bin/bash +bash: xmalloc: .././shell.c:1709: cannot allocate 10 bytes (0 bytes allocated) + +bash has its own malloc implementation based on sbrk(): +https://git.savannah.gnu.org/cgit/bash.git/tree/lib/malloc/malloc.c + +When we disable this internal implementation and rely on glibc's malloc, then everything is fine. But it might be that glibc has a fallback when sbrk() is not working properly and it might hide the underlying problem in qemu-user. + +This issue has also been reported to the bash upstream author and he suggested that the issue might be in qemu-user so I'm opening a ticket here. Here's the discussion with the bash upstream author: +https://lists.gnu.org/archive/html/bug-bash/2018-02/threads.html#00080 + +You can find the problematic bash binary in that .deb file: +http://snapshot.debian.org/archive/debian/20180206T154716Z/pool/main/b/bash/bash_4.4.18-1_i386.deb + +The version of qemu I have been using is 2.11 (Debian package qemu-user-static version 1:2.11+dfsg-1) but I have had reports that the problem is reproducible with older versions (back to 2.8 at least). + +Here are the related Debian bug reports: +https://bugs.debian.org/889869 +https://bugs.debian.org/865599 + +It's worth noting that bash used to have this problem (when compiled as a PIE binary) even when run directly but then something got fixed in the kernel and now the problem only appears when run under qemu-user: +https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1518483 \ No newline at end of file |