1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
instruction: 0.500
runtime: 0.303
syscall: 0.197
shmat fails on 32-to-64 setup
I am trying to run a guest mips32 program (user mode) on a x86_64 host. The program fails on a call to shmat() reproducibly. when digging into this problem, I could make a small guest POC that fails when compiled as i386 (-m32) running on a x86_64 host, but pass when compiled as 64bit. The problem has to do with mmap flags.
From what I can understand, when running 32bits guests programs, qemu reserve the whole guest virtual space with an mmap call. That mmap call specifys MAP:PRIVATE flag. When shmat is called, it tries to make part of that region MAP_SHARED and that fails.
As a possible fix, it looks like it is possible to first unmap the shm region before calling shmat.
steps to reproduce:
1 - create a file shm.c with content below
2 - compile with: gcc -m32 shm.c -o shm32
3 - run on a x86_64 host: qemu-i386 ./shm32
4 - observe shmat fails, by returning ptr -1
5- compile without -m32: : gcc shm.c -o shm64
6 - observe it pass: qemu-x84_64 ./shm64
#include <sys/ipc.h>
#include <sys/shm.h>
#include <sys/mman.h>
#include <stdio.h>
int main()
{
struct shmid_ds shm_desc;
int err = 0;
int id = shmget(IPC_PRIVATE, 688128, IPC_CREAT|IPC_EXCL|0666);
err = shmctl(id, IPC_STAT, &shm_desc);
const void *at = 0x7f7df38ea000;
void* ptr = shmat(id, at, 0);
printf( "got err %d, ptr %p\n", err, ptr );
}
|