* [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0
@ 2018-07-24 16:18 umarcor
2018-07-25 15:23 ` [Qemu-devel] [Bug 1783362] " umarcor
` (7 more replies)
0 siblings, 8 replies; 10+ messages in thread
From: umarcor @ 2018-07-24 16:18 UTC (permalink / raw)
To: qemu-devel
Public bug reported:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c -o
mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
** Affects: qemu
Importance: Undecided
Status: New
** Affects: qemu (Ubuntu)
Importance: Undecided
Status: New
** Attachment added: "mmap_qemu.c"
https://bugs.launchpad.net/bugs/1783362/+attachment/5167203/+files/mmap_qemu.c
** Also affects: qemu (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure
(MAP_FAILED, -1) with len==0
Status in QEMU:
New
Status in qemu package in Ubuntu:
New
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
@ 2018-07-25 15:23 ` umarcor
2018-07-25 16:57 ` [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 umarcor
` (6 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-07-25 15:23 UTC (permalink / raw)
To: qemu-devel
I did some research and found that this bug is present since 2003:
- 2003/05/13: https://github.com/qemu/qemu/commit/54936004fddc52c321cb3f9a9a51140e782bed5d#diff-2bf4728e0473404c39c97190bd02b2f8
- https://github.com/qemu/qemu/blob/54936004fddc52c321cb3f9a9a51140e782bed5d/linux-user/mmap.c#L182-L183
- 2008/06/02: https://github.com/qemu/qemu/commit/c8a706fe6242a553960ccc3071a4e75ceba6f3d2#diff-2bf4728e0473404c39c97190bd02b2f8
- https://github.com/qemu/qemu/blob/c8a706fe6242a553960ccc3071a4e75ceba6f3d2/linux-user/mmap.c#L284-L285
- https://github.com/qemu/qemu/blob/c8a706fe6242a553960ccc3071a4e75ceba6f3d2/linux-user/mmap.c#L400-L410
It is present in versions 2.11.2, 2.12.0 and master:
- https://github.com/qemu/qemu/blob/v2.11.2/linux-user/mmap.c#L401-L402
- https://github.com/qemu/qemu/blob/v2.12.0/linux-user/mmap.c#L401-L402
- https://github.com/qemu/qemu/blob/master/linux-user/mmap.c#L400-L401
I think that a possible fix is:
@@ -397,8 +397,10 @@ abi_long target_mmap(abi_ulong start, abi_ulong len, int prot,
}
len = TARGET_PAGE_ALIGN(len);
- if (len == 0)
- goto the_end;
+ if (len == 0) {
+ errno = EINVAL;
+ goto fail;
+ }
real_start = start & qemu_host_page_mask;
host_offset = offset & qemu_host_page_mask;
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure
(MAP_FAILED, -1) with len==0
Status in QEMU:
New
Status in qemu package in Ubuntu:
New
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
2018-07-25 15:23 ` [Qemu-devel] [Bug 1783362] " umarcor
@ 2018-07-25 16:57 ` umarcor
2018-07-25 17:19 ` umarcor
` (5 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-07-25 16:57 UTC (permalink / raw)
To: qemu-devel
** Summary changed:
- qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0
+ qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
New
Status in qemu package in Ubuntu:
New
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
2018-07-25 15:23 ` [Qemu-devel] [Bug 1783362] " umarcor
2018-07-25 16:57 ` [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 umarcor
@ 2018-07-25 17:19 ` umarcor
2018-07-30 2:05 ` umarcor
` (4 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-07-25 17:19 UTC (permalink / raw)
To: qemu-devel
Following
https://wiki.qemu.org/Contribute/SubmitAPatch#Make_code_motion_patches_easy_to_review:
@@ -1,5 +1,5 @@
---
--- a/linux-user/mmap.c
- if (len == 0)
- goto the_end;
--
+++ b/linux-user/mmap.c
+ if (len == 0) {
+ errno = EINVAL;
+ goto fail;
+ }
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
New
Status in qemu package in Ubuntu:
New
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
` (2 preceding siblings ...)
2018-07-25 17:19 ` umarcor
@ 2018-07-30 2:05 ` umarcor
2018-07-31 22:57 ` umarcor
` (3 subsequent siblings)
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-07-30 2:05 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: New => In Progress
** Changed in: qemu (Ubuntu)
Status: New => In Progress
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
In Progress
Status in qemu package in Ubuntu:
In Progress
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
` (3 preceding siblings ...)
2018-07-30 2:05 ` umarcor
@ 2018-07-31 22:57 ` umarcor
2018-08-01 7:25 ` Laurent Vivier
2018-08-01 16:03 ` umarcor
` (2 subsequent siblings)
7 siblings, 1 reply; 10+ messages in thread
From: umarcor @ 2018-07-31 22:57 UTC (permalink / raw)
To: qemu-devel
Alex, Laurent, I'm new to this management/development system. So, first
off, thanks for working on this bug.
I have a few (probably silly) questions:
1. What is 'the r-b' that Alex used in #14?
2. When should I change the status of the bug? I can already see it in GitHub's mirror and in https://git.qemu.org/?p=qemu.git;a=summary. But not in the Changelog: https://wiki.qemu.org/ChangeLog/3.0#User-mode_emulation. I am not sure if it is in 'Fix Committed' or 'Fix Released' state.
3. Where did you push these commits to before they where merge in https://git.qemu.org/?p=qemu.git;a=summary? I cannot find your personal forks/branches. Are commits automatically created from the mailing list?
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
In Progress
Status in qemu package in Ubuntu:
In Progress
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* Re: [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-31 22:57 ` umarcor
@ 2018-08-01 7:25 ` Laurent Vivier
0 siblings, 0 replies; 10+ messages in thread
From: Laurent Vivier @ 2018-08-01 7:25 UTC (permalink / raw)
To: qemu-devel
Le 01/08/2018 à 00:57, umarcor a écrit :
> Alex, Laurent, I'm new to this management/development system. So, first
> off, thanks for working on this bug.
>
> I have a few (probably silly) questions:
>
> 1. What is 'the r-b' that Alex used in #14?
"Reviewed-By:", it's a tag I've sent in answer to his e-email to say
I've reviewed his patch, and it is good for me.
> 2. When should I change the status of the bug? I can already see it in
GitHub's mirror and in https://git.qemu.org/?p=qemu.git;a=summary. But
not in the Changelog: https://wiki.qemu.org/ChangeLog/3.0#User-
mode_emulation. I am not sure if it is in 'Fix Committed' or 'Fix
Released' state.
I didn't update the Changelog, but the fix is now committed. It will be
released soon (07/08 or 14/08). But you should test master now to check
the commit really fixes your bug.
> 3. Where did you push these commits to before they where merge in
https://git.qemu.org/?p=qemu.git;a=summary? I cannot find your personal
forks/branches. Are commits automatically created from the mailing list?
No, sub-system maintainers collect patches from the mailing list. They
create and send a pull request (in their own git repo) to the QEMU
maintainers, and he merges the patches into the master.
my git repo for linux-user pull request is
git://github.com/vivier/qemu.git, and generally I prepare my pull
request on linux-user-for-3.0 branch (the release number changes).
Thanks,
Laurent
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
In Progress
Status in qemu package in Ubuntu:
In Progress
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
` (4 preceding siblings ...)
2018-07-31 22:57 ` umarcor
@ 2018-08-01 16:03 ` umarcor
2018-08-01 16:18 ` umarcor
2018-08-08 14:54 ` umarcor
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-08-01 16:03 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: In Progress => Fix Committed
** Changed in: qemu (Ubuntu)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
Fix Committed
Status in qemu package in Ubuntu:
Fix Committed
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
` (5 preceding siblings ...)
2018-08-01 16:03 ` umarcor
@ 2018-08-01 16:18 ` umarcor
2018-08-08 14:54 ` umarcor
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-08-01 16:18 UTC (permalink / raw)
To: qemu-devel
2018-08-01 8:25 GMT+01:00 Laurent Vivier:
> "Reviewed-By:", it's a tag I've sent in answer to his e-email to say
I've reviewed his patch, and it is good for me.
It's clear now. Thanks.
> I didn't update the Changelog, but the fix is now committed. It will be
released soon (07/08 or 14/08). But you should test master now to check
the commit really fixes your bug.
I tested it, and it is fixed as expected. I changed the status of this
bug accordingly. I'll change it again once it is released.
> my git repo for linux-user pull request is
git://github.com/vivier/qemu.git, and generally I prepare my pull
request on linux-user-for-3.0 branch (the release number changes).
Thanks again.
Regards,
umarcor
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
Fix Committed
Status in qemu package in Ubuntu:
Fix Committed
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
* [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
` (6 preceding siblings ...)
2018-08-01 16:18 ` umarcor
@ 2018-08-08 14:54 ` umarcor
7 siblings, 0 replies; 10+ messages in thread
From: umarcor @ 2018-08-08 14:54 UTC (permalink / raw)
To: qemu-devel
** Changed in: qemu
Status: Fix Committed => Fix Released
** Changed in: qemu (Ubuntu)
Status: Fix Committed => Fix Released
--
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1783362
Title:
qemu-user: mmap should return failure (MAP_FAILED, -1) instead of
success (NULL, 0) when len==0
Status in QEMU:
Fix Released
Status in qemu package in Ubuntu:
Fix Released
Bug description:
As shown in https://github.com/beehive-
lab/mambo/issues/19#issuecomment-407420602, with len==0 mmap returns
success (NULL, 0) instead of failure (MAP_FAILED, -1) in a x86_64 host
executing a ELF 64-bit LSB executable, ARM aarch64 binary.
Steps to reproduce the bug:
- (cross-)compile the attached source file:
$ aarch64-linux-gnu-gcc -static -std=gnu99 -lpthread test/mmap_qemu.c
-o mmap_qemu
- Execute in a x86_64 host with qemu-user and qemu-user-binfmt:
$ ./mmap_qemu
alloc: 0
MAP_FAILED: -1
errno: 0
mmap_qemu: test/mmap_qemu.c:15: main: Assertion `alloc == MAP_FAILED' failed.
qemu: uncaught target signal 6 (Aborted) - core dumped
Aborted (core dumped)
- Execute in a ARM host without any additional dependecy:
$ ./mmap_qemu
alloc: -1
MAP_FAILED: -1
errno: 22
The bug is present in Fedora:
$ qemu-aarch64 --version
qemu-aarch64 version 2.11.2(qemu-2.11.2-1.fc28)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.17.7-200.fc28.x86_64
And also in Ubuntu:
$ qemu-aarch64 --version
qemu-aarch64 version 2.12.0 (Debian 1:2.12+dfsg-3ubuntu3)
Copyright (c) 2003-2017 Fabrice Bellard and the QEMU Project developers
$ uname -r
4.15.0-23-generic
Possibly related to:
- https://lists.freebsd.org/pipermail/freebsd-hackers/2009-July/029109.html
- https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=203852
To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1783362/+subscriptions
^ permalink raw reply [flat|nested] 10+ messages in thread
end of thread, other threads:[~2018-08-08 15:01 UTC | newest]
Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-07-24 16:18 [Qemu-devel] [Bug 1783362] [NEW] qemu-user-aarch64: mmap returns success (NULL, 0) instead of failure (MAP_FAILED, -1) with len==0 umarcor
2018-07-25 15:23 ` [Qemu-devel] [Bug 1783362] " umarcor
2018-07-25 16:57 ` [Qemu-devel] [Bug 1783362] Re: qemu-user: mmap should return failure (MAP_FAILED, -1) instead of success (NULL, 0) when len==0 umarcor
2018-07-25 17:19 ` umarcor
2018-07-30 2:05 ` umarcor
2018-07-31 22:57 ` umarcor
2018-08-01 7:25 ` Laurent Vivier
2018-08-01 16:03 ` umarcor
2018-08-01 16:18 ` umarcor
2018-08-08 14:54 ` umarcor
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.