summary refs log tree commit diff stats
path: root/results/scraper/launchpad/1773743
diff options
context:
space:
mode:
Diffstat (limited to 'results/scraper/launchpad/1773743')
-rw-r--r--results/scraper/launchpad/177374330
1 files changed, 30 insertions, 0 deletions
diff --git a/results/scraper/launchpad/1773743 b/results/scraper/launchpad/1773743
new file mode 100644
index 000000000..cf4987f00
--- /dev/null
+++ b/results/scraper/launchpad/1773743
@@ -0,0 +1,30 @@
+qemu-user -g xxx -E LD_PROFILE=xxx segfault
+
+Here is two simple steps to reproduce the bug:
+
+$ qemu-x86_64 -E LD_PROFILE=libc.so.6 -E LD_PROFILE_OUTPUT=. -g 12345 -L / /bin/ls
+
+(libc.so and /bin/ls might change on your system, in this case we just need a binary with a profilable needed library)
+
+In a other window launch:
+
+$ gdb
+(gdb) target remote :12345
+(gdb) c
+
+At this point qemu will segfault.
+
+It seems this problem is appends when sigprof passed to gdb.
+One way I have found to bypass this:
+patch gdbstub.c gdb_handlesig and ignore sig if
+sig == TARGET_SIGPROF
+(which means now I can't catch sigprof on gdb anymore)
+
+We were mis-parsing the 'vCont' packet in the gdb protocol, so when gdb told us "send a SIGPROF (0x1b)" we skipped the first digit in the hex signal number and interpreted it as "send an 0xb", which happens to be SIGSEGV.
+
+Should be fixed by this:
+https://<email address hidden>/
+
+
+https://gitlab.com/qemu-project/qemu/-/commit/3ddd9036389f5f577e09
+