[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: linux-user/elfload.c: Seeing a segfault in qemu with a binary with n
From: |
Stephen Long |
Subject: |
Re: linux-user/elfload.c: Seeing a segfault in qemu with a binary with no data section |
Date: |
Mon, 2 Nov 2020 19:52:34 +0000 |
I think that a variant of that patch made it into master:
/*
* Some segments may be completely empty without any backing file
* segment, in that case just let zero_bss allocate an empty buffer
* for it.
*/
if (eppnt->p_filesz != 0) {
error = target_mmap(vaddr_ps, vaddr_len, elf_prot,
MAP_PRIVATE | MAP_FIXED,
image_fd, eppnt->p_offset - vaddr_po);
if (error == -1) {
goto exit_perror;
}
}
vaddr_ef = vaddr + eppnt->p_filesz;
In the case of my elf, it is letting zero_bss() allocate the empty buffer. But
since there is no data segment before it, the memset in zero_bss() segfaults.
zero_bss()'s mapping starts at host_map_start.
Here's the output of "readelf -l" on my elf:
Elf file type is EXEC (Executable file)
Entry point 0x2102e8
There are 8 program headers, starting at offset 64
Program Headers:
Type Offset VirtAddr PhysAddr FileSiz MemSiz
Flg Align
PHDR 0x000040 0x0000000000200040 0x0000000000200040 0x0001c0
0x0001c0 R 0x8
LOAD 0x000000 0x0000000000200000 0x0000000000200000 0x0002e4
0x0002e4 R 0x10000
LOAD 0x0002e8 0x00000000002102e8 0x00000000002102e8 0x000c88
0x000c88 R E 0x10000
LOAD 0x000f70 0x0000000000220f70 0x0000000000220f70 0x000068
0x000068 RW 0x10000
LOAD 0x000fd8 0x0000000000230fd8 0x0000000000230fd8 0x000000
0x000278 RW 0x10000
GNU_RELRO 0x000f70 0x0000000000220f70 0x0000000000220f70 0x000068
0x000090 R 0x1
GNU_EH_FRAME 0x000224 0x0000000000200224 0x0000000000200224 0x00002c
0x00002c R 0x4
GNU_STACK 0x000000 0x0000000000000000 0x0000000000000000 0x000000
0x000000 RW 0
Section to Segment mapping:
Segment Sections...
00
01 .rodata .eh_frame_hdr .eh_frame
02 .text .init .fini
03 .init_array .got
04 .bss
05 .init_array .got
06 .eh_frame_hdr
07