summary refs log tree commit diff stats
path: root/results/classifier/zero-shot-user-mode/runtime/2170
blob: d1cfb53ccd15c9ed8666a3b9ce8597b473f83d57 (plain) (blame) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50

runtime: 0.376
instruction: 0.326
syscall: 0.299



qemu-x86_64 crashes when the application calls pthread_getattr_np()
Description of problem:
QEMU user emulation crashes with this program:
```
#define _GNU_SOURCE
#include <stdio.h>
#include <pthread.h>

int main()
{
        pthread_attr_t attr;
        int error = pthread_getattr_np(pthread_self(), &attr);

        printf("%d\n", error);
        return 0;
}
```
Steps to reproduce:
1. Compile the program above
2. Run QEMU
Additional information:
QEMU crashes with:
```
qemu-x86_64: QEMU internal SIGSEGV {code=MAPERR, addr=0x20}
Segmentation fault (core dumped)

```

In gdb I get this backtrace:
```
#0  0x0000555555627d6d in open_self_maps_2 (opaque=0x7fffffffc020, guest_start=18446744073699065856, guest_end=<optimized out>, flags=12) at ../linux-user/syscall.c:8089
#1  0x000055555560ce67 in walk_memory_regions (priv=priv@entry=0x7fffffffc020, fn=fn@entry=0x555555627d30 <open_self_maps_2>) at ../accel/tcg/user-exec.c:176
#2  0x0000555555628b3a in open_self_maps_1 (smaps=<optimized out>, fd=<optimized out>, env=<optimized out>) at ../linux-user/syscall.c:8112
#3  open_self_maps (cpu_env=<optimized out>, fd=3) at ../linux-user/syscall.c:8122
#4  0x0000555555631e24 in do_guest_openat (cpu_env=cpu_env@entry=0x55555583ae20, dirfd=dirfd@entry=-100, fname=fname@entry=0x2aaaab496eb4 "/proc/self/maps", flags=524288, mode=mode@entry=0, safe=safe@entry=true) at ../linux-user/syscall.c:8381
#5  0x0000555555638f71 in do_syscall1 (cpu_env=cpu_env@entry=0x55555583ae20, num=num@entry=257, arg1=arg1@entry=4294967196, arg2=arg2@entry=46912506523316, arg3=arg3@entry=524288, arg4=arg4@entry=0, arg5=<optimized out>, arg6=<optimized out>, arg8=0, arg7=0) at ../linux-user/syscall.c:9075
#6  0x000055555563b659 in do_syscall (cpu_env=cpu_env@entry=0x55555583ae20, num=257, arg1=4294967196, arg2=46912506523316, arg3=524288, arg4=0, arg5=8, arg6=1, arg7=0, arg8=0) at ../linux-user/syscall.c:13658
#7  0x000055555558db19 in cpu_loop (env=env@entry=0x55555583ae20) at ../linux-user/x86_64/../i386/cpu_loop.c:242
#8  0x00005555555898d8 in main (argc=<optimized out>, argv=0x7fffffffdd38, envp=<optimized out>) at ../linux-user/main.c:1012

```

This bug was introduced in the rewrite of `open_self_maps` in 7b7a3366e142d3baeb3fd1d3660a50e7956c19eb.
The current master (5767815218efd3cbfd409505ed824d5f356044ae) is still affected.