qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Qemu-devel] linux-user/mmap: Should not return NULL on guest call m

From: Maximilian Riemensberger
Subject: Re: [Qemu-devel] linux-user/mmap: Should not return NULL on guest call mmap(NULL, ...), causes crash inside glibc
Date: Fri, 5 Jan 2018 22:13:05 +0100
User-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 
On 05.01.18 19:38, Peter Maydell wrote:
> On 5 January 2018 at 18:13, Maximilian Riemensberger
> <address@hidden> wrote:
>> Hi,
>>
>> yesterday I hit the following problem when running an arm linux executable on
>> qemu-2.10 (qemu-arm-static through binfmt_misc)
>>
>> 1879 
>> mmap2(NULL,8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|0x20000,-1,0)
>>  = 0x00000000
>> 1879 write(2,0xf6fd39d0,79) stx_test: allocatestack.c:514: allocate_stack: 
>> Assertion `mem != NULL' failed.
>>
>> The issue comes up when the executable creates and joins lots of
>> threads in a loop (it's a unit test).  Eventually, glibc allocatestack
>> hits the mmap(NULL, ...) == NULL.  Judging from the posix and linux
>> manuals mmap(NULL, ...) never returns NULL.  Either it fails with MAP_FAILED
>> or it succeeds and returns non-NULL address.
> 
> Given the heavy use of threading, can you retest with QEMU 2.11,
> please? We fixed a couple of threading issues in linux-user there.

Same error with fresh qemu-2.11 build.

648 
clone(CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID,child_stack=0x01ffef88,parent_tidptr=0x01fff4b8,tls=0x01fff910,child_tidptr=0x01fff4b8)
 = 1273
648 
mmap2(NULL,8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|0x20000,-1,0) 
= 0x01000000
648 mprotect(0x01000000,4096,PROT_NONE) = 0
648 
clone(CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID,child_stack=0x017fef88,parent_tidptr=0x017ff4b8,tls=0x017ff910,child_tidptr=0x017ff4b8)
 = 1274
648 
mmap2(NULL,8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|0x20000,-1,0) 
= 0x00800000
648 mprotect(0x00800000,4096,PROT_NONE) = 0
648 
clone(CLONE_VM|CLONE_FS|CLONE_FILES|CLONE_SIGHAND|CLONE_THREAD|CLONE_SYSVSEM|CLONE_SETTLS|CLONE_PARENT_SETTID|CLONE_CHILD_CLEARTID,child_stack=0x00ffef88,parent_tidptr=0x00fff4b8,tls=0x00fff910,child_tidptr=0x00fff4b8)
 = 1275
648 
mmap2(NULL,8388608,PROT_READ|PROT_WRITE,MAP_PRIVATE|MAP_ANONYMOUS|0x20000,-1,0)648
 futex(0xff1c6268,FUTEX_PRIVATE_FLAG|FUTEX_WAIT,0,NULL,0xff1c6268,-14917016) = 
0x00000000
648 
futex(0xff1c6268,FUTEX_PRIVATE_FLAG|FUTEX_WAIT,0,NULL,0xff1c6268,-14917016)648 
futex(0xff1c6268,FUTEX_PRIVATE_FLAG|FUTEX_WAIT,0,NULL,0xff1c6268,-14917016)648 
write(2,0xfffc39d0,79)stx_test: allocatestack.c:514: allocate_stack: Assertion 
`mem != NULL' failed.
 = 79

Cheers,
        Max

> 
> thanks
> -- PMM
> 

-- 
----------------------------------------------------------------------
Cadami UG (haftungsbeschränkt)
Waagstraße 10, 85386 Eching (near Munich), Germany
Office:    c/o Wayra, Kaufingerstraße 15, 80331 Munich, Germany

Contact:   +49-176-63360306, address@hidden, www.cadami.net

Geschäftsführer:         Andreas Dotzler, Michael Heindlmaier,
                         Thomas Kühn, Maximilian Riemensberger
Sitz der Gesellschaft:   Eching, HRB 219979 Amtsgericht München
USt-IdNr.:               DE301293803
----------------------------------------------------------------------
reply via email to
[Prev in Thread] Current Thread [Next in Thread]