diff options
Diffstat (limited to 'results/classifier/zero-shot/108/other/1773743')
| -rw-r--r-- | results/classifier/zero-shot/108/other/1773743 | 45 |
1 files changed, 45 insertions, 0 deletions
diff --git a/results/classifier/zero-shot/108/other/1773743 b/results/classifier/zero-shot/108/other/1773743 new file mode 100644 index 000000000..5a06f8e04 --- /dev/null +++ b/results/classifier/zero-shot/108/other/1773743 @@ -0,0 +1,45 @@ +performance: 0.750 +device: 0.740 +semantic: 0.739 +graphic: 0.724 +other: 0.716 +vnc: 0.657 +debug: 0.634 +network: 0.520 +permissions: 0.507 +socket: 0.506 +PID: 0.476 +files: 0.422 +boot: 0.277 +KVM: 0.215 + +qemu-user -g xxx -E LD_PROFILE=xxx segfault + +Here is two simple steps to reproduce the bug: + +$ qemu-x86_64 -E LD_PROFILE=libc.so.6 -E LD_PROFILE_OUTPUT=. -g 12345 -L / /bin/ls + +(libc.so and /bin/ls might change on your system, in this case we just need a binary with a profilable needed library) + +In a other window launch: + +$ gdb +(gdb) target remote :12345 +(gdb) c + +At this point qemu will segfault. + +It seems this problem is appends when sigprof passed to gdb. +One way I have found to bypass this: +patch gdbstub.c gdb_handlesig and ignore sig if +sig == TARGET_SIGPROF +(which means now I can't catch sigprof on gdb anymore) + +We were mis-parsing the 'vCont' packet in the gdb protocol, so when gdb told us "send a SIGPROF (0x1b)" we skipped the first digit in the hex signal number and interpreted it as "send an 0xb", which happens to be SIGSEGV. + +Should be fixed by this: +https://<email address hidden>/ + + +https://gitlab.com/qemu-project/qemu/-/commit/3ddd9036389f5f577e09 + |