Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- pavel@debian:~/reproducer_new$ cat main.c
- #include <fcntl.h>
- #include <sys/shm.h>
- int main(void)
- {
- shmat(shmget(IPC_PRIVATE, 1836016, IPC_CREAT | 0600), (void
- *)0x20000804000, 0);
- open("/proc/self/maps", O_RDONLY);
- }
- pavel@debian:~/reproducer_new$ gcc -g -ggdb main.c
- pavel@debian:~/reproducer_new$ ./qemu-x86_64 ./a.out
- Segmentation fault
- pavel@debian:~/reproducer_new$ strace ./qemu-x86_64 ./a.out
- execve("./qemu-x86_64", ["./qemu-x86_64", "./a.out"], 0x7fff49565a18 /* 26 vars */) = 0
- brk(NULL) = 0x55c346630000
- arch_prctl(0x3001 /* ARCH_??? */, 0x7ffc56b25080) = -1 EINVAL (Invalid argument)
- readlinkat(AT_FDCWD, "/proc/self/exe", "/home/pavel/reproducer_new/qemu-"..., 4096) = 38
- mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30b4c63000
- access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
- openat(AT_FDCWD, "/home/pavel/reproducer_new/../lib/librt.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
- newfstatat(AT_FDCWD, "/home/pavel/reproducer_new/../lib/", 0x7ffc56b242c0, 0) = -1 ENOENT (No such file or directory)
- openat(AT_FDCWD, "/home/pavel/reproducer_new/../../lib/librt.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
- newfstatat(AT_FDCWD, "/home/pavel/reproducer_new/../../lib/", 0x7ffc56b242c0, 0) = -1 ENOENT (No such file or directory)
- openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=26649, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 26649, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f30b4c5c000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260#\0\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=35808, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 39904, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b4c52000
- mmap(0x7f30b4c54000, 16384, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f30b4c54000
- mmap(0x7f30b4c58000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f30b4c58000
- mmap(0x7f30b4c5a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f30b4c5a000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\322\0\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1321344, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 1323280, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b4b0e000
- mmap(0x7f30b4b1b000, 630784, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd000) = 0x7f30b4b1b000
- mmap(0x7f30b4bb5000, 634880, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa7000) = 0x7f30b4bb5000
- mmap(0x7f30b4c50000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x141000) = 0x7f30b4c50000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libglib-2.0.so.0", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\315\1\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1240528, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 1245672, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b49dd000
- mprotect(0x7f30b49f9000, 1122304, PROT_NONE) = 0
- mmap(0x7f30b49f9000, 561152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x7f30b49f9000
- mmap(0x7f30b4a82000, 557056, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa5000) = 0x7f30b4a82000
- mmap(0x7f30b4b0b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x12d000) = 0x7f30b4b0b000
- mmap(0x7f30b4b0d000, 488, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f30b4b0d000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgmodule-2.0.so.0", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\22\0\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=18480, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 20600, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b49d7000
- mmap(0x7f30b49d8000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f30b49d8000
- mmap(0x7f30b49da000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b49da000
- mmap(0x7f30b49db000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b49db000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 l\0\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=149520, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 136304, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b49b5000
- mmap(0x7f30b49bb000, 65536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f30b49bb000
- mmap(0x7f30b49cb000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f30b49cb000
- mmap(0x7f30b49d1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7f30b49d1000
- mmap(0x7f30b49d3000, 13424, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f30b49d3000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@>\2\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1901536, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30b49b3000
- mmap(NULL, 1914496, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b47df000
- mmap(0x7f30b4801000, 1413120, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f30b4801000
- mmap(0x7f30b495a000, 323584, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17b000) = 0x7f30b495a000
- mmap(0x7f30b49a9000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c9000) = 0x7f30b49a9000
- mmap(0x7f30b49af000, 13952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f30b49af000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpcre.so.3", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340!\0\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=464848, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 467208, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b476c000
- mmap(0x7f30b476e000, 331776, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f30b476e000
- mmap(0x7f30b47bf000, 122880, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x53000) = 0x7f30b47bf000
- mmap(0x7f30b47dd000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x70000) = 0x7f30b47dd000
- close(3) = 0
- openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
- read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\21\0\0\0\0\0\0"..., 832) = 832
- newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=18688, ...}, AT_EMPTY_PATH) = 0
- mmap(NULL, 20752, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b4766000
- mmap(0x7f30b4767000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f30b4767000
- mmap(0x7f30b4769000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b4769000
- mmap(0x7f30b476a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b476a000
- close(3) = 0
- mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30b4764000
- arch_prctl(ARCH_SET_FS, 0x7f30b4764c40) = 0
- set_tid_address(0x7f30b4764f10) = 1583001
- set_robust_list(0x7f30b4764f20, 24) = 0
- rseq(0x7f30b4765560, 0x20, 0, 0x53053053) = 0
- mprotect(0x7f30b49a9000, 16384, PROT_READ) = 0
- mprotect(0x7f30b476a000, 4096, PROT_READ) = 0
- mprotect(0x7f30b49d1000, 4096, PROT_READ) = 0
- mprotect(0x7f30b47dd000, 4096, PROT_READ) = 0
- --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x800} ---
- +++ killed by SIGSEGV +++
- Segmentation fault
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement