[Qemu-devel] [Bug 1527322] Re: undefined behavior issues

qemu-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Qemu-devel] [Bug 1527322] Re: undefined behavior issues

From:	Octoploid
Subject:	[Qemu-devel] [Bug 1527322] Re: undefined behavior issues
Date:	Thu, 17 Dec 2015 17:00:23 -0000

Program received signal SIGSEGV, Segmentation fault.
thread_pool_submit_aio (pool=0x0, func=0x555555820bc0 <coroutine_enter_func>, 
arg=0x5555579db430, cb=<optimized out>, opaque=<optimized out>)
    at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/thread-pool.c:246
246         QLIST_INSERT_HEAD(&pool->head, req, all);
(gdb) bt
#0  thread_pool_submit_aio (pool=0x0, func=0x555555820bc0 
<coroutine_enter_func>, arg=0x5555579db430, cb=<optimized out>, 
opaque=<optimized out>)
    at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/thread-pool.c:246
#1  0x00005555559451cd in aio_bh_call (bh=<optimized out>) at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/async.c:64
#2  aio_bh_poll (address@hidden) at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/async.c:92
#3  0x00005555559524f0 in aio_dispatch (ctx=0x5555561c1da0) at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/aio-posix.c:305
#4  0x0000555555944f4e in aio_ctx_dispatch (source=<optimized out>, 
callback=<optimized out>, user_data=<optimized out>)
    at /var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/async.c:231
#5  0x00007ffff726ce2e in g_main_context_dispatch () from 
/usr/lib/libglib-2.0.so.0
#6  0x0000555555950baa in glib_pollfds_poll () at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/main-loop.c:211
#7  os_host_main_loop_wait (timeout=<optimized out>) at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/main-loop.c:256
#8  main_loop_wait (nonblocking=<optimized out>) at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/main-loop.c:504
#9  0x00005555556ddf46 in main_loop () at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/vl.c:1923
#10 main (argc=<optimized out>, argv=<optimized out>, envp=<optimized out>) at 
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/vl.c:4684
(gdb) p pool
$1 = (ThreadPool *) 0x0

-- 
You received this bug notification because you are a member of qemu-
devel-ml, which is subscribed to QEMU.
https://bugs.launchpad.net/bugs/1527322

Title:
  undefined behavior issues

Status in QEMU:
  New

Bug description:
  Building qemu-2.5.0 with -fsanitize=undefined shows, e.g.:

  address@hidden linux % qemu-system-x86_64 -s -enable-kvm -net 
nic,vlan=0,model=virtio -net user -fsdev 
local,security_model=none,id=root,path=/ -device virtio-9p-pci,id=root,fsdev
  =root,mount_tag=/dev/root -m 512 -smp 2 -kernel 
/usr/src/linux/arch/x86/boot/bzImage -nographic -append "init=/bin/zsh 
root=/dev/root console=ttyS0 kgdboc=ttyS0 rootflags=rw,
  trans=virtio rootfstype=9p ip=dhcp earlyprintk=ttyS0"
  /var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/exec.c:307:5: 
runtime error: variable length array bound evaluates to non-positive value 0
  
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/hw/i386/kvm/apic.c:37:47:
 runtime error: left shift of 15 by 28 places cannot be represented in type 
'int'
  
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/include/qemu/rcu.h:85:21:
 runtime error: member access within null pointer of type 'struct 
rcu_reader_data'
  
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/include/qemu/rcu.h:101:5:
 runtime error: member access within null pointer of type 'struct 
rcu_reader_data'
  
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/include/qemu/rcu.h:102:8:
 runtime error: member access within null pointer of type 'struct 
rcu_reader_data'
  ...
  ALSA device list:
    No soundcards found.
  
/var/tmp/portage/app-emulation/qemu-2.5.0/work/qemu-2.5.0/thread-pool.c:246:5: 
runtime error: member access within null pointer of type 'struct ThreadPool'
  [1]    9295 segmentation fault  qemu-system-x86_64 -s -enable-kvm -net 
nic,vlan=0,model=virtio -net user  

  As you can see it segfaults when build with upcoming gcc-6, that is more 
aggressive when it comes to undefined behavior.
  The compiler just assumes that "this" can never be NULL and optimizes 
accordingly.

To manage notifications about this bug go to:
https://bugs.launchpad.net/qemu/+bug/1527322/+subscriptions

[Prev in Thread]

Current Thread

[Next in Thread]

[Qemu-devel] [Bug 1527322] [NEW] undefined behavior issues, Octoploid, 2015/12/17
- [Qemu-devel] [Bug 1527322] Re: undefined behavior issues, Octoploid, 2015/12/17
- [Qemu-devel] [Bug 1527322] Re: undefined behavior issues, Octoploid <=
- [Qemu-devel] [Bug 1527322] Re: sefault in thread-pool.c:246:5:, Octoploid, 2015/12/17

Prev by Date: Re: [Qemu-devel] [PATCH v3 03/11] fdc: add disk field
Next by Date: Re: [Qemu-devel] [Qemu-block] [PATCH] iscsi: fix readcapacity error message
Previous by thread: [Qemu-devel] [Bug 1527322] Re: undefined behavior issues
Next by thread: [Qemu-devel] [Bug 1527322] Re: sefault in thread-pool.c:246:5:
Index(es):
- Date
- Thread