Advertisement
Guest User

Untitled

a guest
Feb 21st, 2024
58
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 8.28 KB | None | 0 0
  1. pavel@debian:~/reproducer_new$ cat main.c
  2. #include <fcntl.h>
  3. #include <sys/shm.h>
  4.  
  5. int main(void)
  6. {
  7. shmat(shmget(IPC_PRIVATE, 1836016, IPC_CREAT | 0600), (void
  8. *)0x20000804000, 0);
  9. open("/proc/self/maps", O_RDONLY);
  10. }
  11. pavel@debian:~/reproducer_new$ gcc -g -ggdb main.c
  12. pavel@debian:~/reproducer_new$ ./qemu-x86_64 ./a.out
  13. Segmentation fault
  14. pavel@debian:~/reproducer_new$ strace ./qemu-x86_64 ./a.out
  15. execve("./qemu-x86_64", ["./qemu-x86_64", "./a.out"], 0x7fff49565a18 /* 26 vars */) = 0
  16. brk(NULL) = 0x55c346630000
  17. arch_prctl(0x3001 /* ARCH_??? */, 0x7ffc56b25080) = -1 EINVAL (Invalid argument)
  18. readlinkat(AT_FDCWD, "/proc/self/exe", "/home/pavel/reproducer_new/qemu-"..., 4096) = 38
  19. mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30b4c63000
  20. access("/etc/ld.so.preload", R_OK) = -1 ENOENT (No such file or directory)
  21. openat(AT_FDCWD, "/home/pavel/reproducer_new/../lib/librt.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
  22. newfstatat(AT_FDCWD, "/home/pavel/reproducer_new/../lib/", 0x7ffc56b242c0, 0) = -1 ENOENT (No such file or directory)
  23. openat(AT_FDCWD, "/home/pavel/reproducer_new/../../lib/librt.so.1", O_RDONLY|O_CLOEXEC) = -1 ENOENT (No such file or directory)
  24. newfstatat(AT_FDCWD, "/home/pavel/reproducer_new/../../lib/", 0x7ffc56b242c0, 0) = -1 ENOENT (No such file or directory)
  25. openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
  26. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=26649, ...}, AT_EMPTY_PATH) = 0
  27. mmap(NULL, 26649, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f30b4c5c000
  28. close(3) = 0
  29. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/librt.so.1", O_RDONLY|O_CLOEXEC) = 3
  30. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\260#\0\0\0\0\0\0"..., 832) = 832
  31. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=35808, ...}, AT_EMPTY_PATH) = 0
  32. mmap(NULL, 39904, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b4c52000
  33. mmap(0x7f30b4c54000, 16384, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f30b4c54000
  34. mmap(0x7f30b4c58000, 8192, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f30b4c58000
  35. mmap(0x7f30b4c5a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x7000) = 0x7f30b4c5a000
  36. close(3) = 0
  37. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libm.so.6", O_RDONLY|O_CLOEXEC) = 3
  38. read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\0\322\0\0\0\0\0\0"..., 832) = 832
  39. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1321344, ...}, AT_EMPTY_PATH) = 0
  40. mmap(NULL, 1323280, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b4b0e000
  41. mmap(0x7f30b4b1b000, 630784, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xd000) = 0x7f30b4b1b000
  42. mmap(0x7f30b4bb5000, 634880, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa7000) = 0x7f30b4bb5000
  43. mmap(0x7f30b4c50000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x141000) = 0x7f30b4c50000
  44. close(3) = 0
  45. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libglib-2.0.so.0", O_RDONLY|O_CLOEXEC) = 3
  46. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\315\1\0\0\0\0\0"..., 832) = 832
  47. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=1240528, ...}, AT_EMPTY_PATH) = 0
  48. mmap(NULL, 1245672, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b49dd000
  49. mprotect(0x7f30b49f9000, 1122304, PROT_NONE) = 0
  50. mmap(0x7f30b49f9000, 561152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c000) = 0x7f30b49f9000
  51. mmap(0x7f30b4a82000, 557056, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xa5000) = 0x7f30b4a82000
  52. mmap(0x7f30b4b0b000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x12d000) = 0x7f30b4b0b000
  53. mmap(0x7f30b4b0d000, 488, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f30b4b0d000
  54. close(3) = 0
  55. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libgmodule-2.0.so.0", O_RDONLY|O_CLOEXEC) = 3
  56. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@\22\0\0\0\0\0\0"..., 832) = 832
  57. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=18480, ...}, AT_EMPTY_PATH) = 0
  58. mmap(NULL, 20600, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b49d7000
  59. mmap(0x7f30b49d8000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f30b49d8000
  60. mmap(0x7f30b49da000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b49da000
  61. mmap(0x7f30b49db000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b49db000
  62. close(3) = 0
  63. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpthread.so.0", O_RDONLY|O_CLOEXEC) = 3
  64. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0 l\0\0\0\0\0\0"..., 832) = 832
  65. newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=149520, ...}, AT_EMPTY_PATH) = 0
  66. mmap(NULL, 136304, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b49b5000
  67. mmap(0x7f30b49bb000, 65536, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f30b49bb000
  68. mmap(0x7f30b49cb000, 24576, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x16000) = 0x7f30b49cb000
  69. mmap(0x7f30b49d1000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1b000) = 0x7f30b49d1000
  70. mmap(0x7f30b49d3000, 13424, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f30b49d3000
  71. close(3) = 0
  72. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
  73. read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0@>\2\0\0\0\0\0"..., 832) = 832
  74. newfstatat(3, "", {st_mode=S_IFREG|0755, st_size=1901536, ...}, AT_EMPTY_PATH) = 0
  75. mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30b49b3000
  76. mmap(NULL, 1914496, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b47df000
  77. mmap(0x7f30b4801000, 1413120, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x22000) = 0x7f30b4801000
  78. mmap(0x7f30b495a000, 323584, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17b000) = 0x7f30b495a000
  79. mmap(0x7f30b49a9000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1c9000) = 0x7f30b49a9000
  80. mmap(0x7f30b49af000, 13952, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f30b49af000
  81. close(3) = 0
  82. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libpcre.so.3", O_RDONLY|O_CLOEXEC) = 3
  83. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\340!\0\0\0\0\0\0"..., 832) = 832
  84. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=464848, ...}, AT_EMPTY_PATH) = 0
  85. mmap(NULL, 467208, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b476c000
  86. mmap(0x7f30b476e000, 331776, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x2000) = 0x7f30b476e000
  87. mmap(0x7f30b47bf000, 122880, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x53000) = 0x7f30b47bf000
  88. mmap(0x7f30b47dd000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x70000) = 0x7f30b47dd000
  89. close(3) = 0
  90. openat(AT_FDCWD, "/lib/x86_64-linux-gnu/libdl.so.2", O_RDONLY|O_CLOEXEC) = 3
  91. read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000\21\0\0\0\0\0\0"..., 832) = 832
  92. newfstatat(3, "", {st_mode=S_IFREG|0644, st_size=18688, ...}, AT_EMPTY_PATH) = 0
  93. mmap(NULL, 20752, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f30b4766000
  94. mmap(0x7f30b4767000, 8192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1000) = 0x7f30b4767000
  95. mmap(0x7f30b4769000, 4096, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b4769000
  96. mmap(0x7f30b476a000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x3000) = 0x7f30b476a000
  97. close(3) = 0
  98. mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f30b4764000
  99. arch_prctl(ARCH_SET_FS, 0x7f30b4764c40) = 0
  100. set_tid_address(0x7f30b4764f10) = 1583001
  101. set_robust_list(0x7f30b4764f20, 24) = 0
  102. rseq(0x7f30b4765560, 0x20, 0, 0x53053053) = 0
  103. mprotect(0x7f30b49a9000, 16384, PROT_READ) = 0
  104. mprotect(0x7f30b476a000, 4096, PROT_READ) = 0
  105. mprotect(0x7f30b49d1000, 4096, PROT_READ) = 0
  106. mprotect(0x7f30b47dd000, 4096, PROT_READ) = 0
  107. --- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0x800} ---
  108. +++ killed by SIGSEGV +++
  109. Segmentation fault
  110.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement