Re: qemu-i386 crash on signal handler return

[Tavis Ormandy]

On 2022-10-02, Peter Maydell wrote:
> On Sun, 2 Oct 2022 at 04:41, Tavis Ormandy  wrote:
>> Hello, I'm trying to use qemu-i386 on aarch64 to run an old binary and
>> running into a crash.
>
> 5.2 is a couple of years old now -- does the same bug still repro on
> 7.1 or head-of-git ?
>

Oops, you're right - I'm not usually a Debian user and thought I was
using backports, and apparently I messed that up. Fixing that and the
minimized testcase works.

Unfortunately my binary still doesn't work, but fails in a different
way! I'll try to minimize that one instead.

Tavis.

-- 
 _o)$ lynx lock.cmpxchg8b.com
 /\\  _o)  _o)  $ finger tav...@sdf.org
_\_V _( ) _( )  @taviso

Re: qemu-i386 crash on signal handler return

[Peter Maydell]

On Sun, 2 Oct 2022 at 04:41, Tavis Ormandy  wrote:
> Hello, I'm trying to use qemu-i386 on aarch64 to run an old binary and
> running into a crash.
>
> I've minimized it down to %esp getting corrupted after return from a
> signal handler return, but this seems so trivial that I must be doing
> something wrong?
>
> Here is a minimal reproducer:
>
> https://lock.cmpxchg8b.com/files/repro.s
>
> To compile it on an x86_64 machine:
>
> $ as --32 repro.s -o repro.o
> $ ld -melf_i386 repro.o -o repro
>
> # It runs totally fine on i386/x86_64:
>
> $ strace ./repro
> [ Process PID=1848 runs in 32 bit mode. ]
> sigaction(SIGALRM, {sa_handler=0x8049001, sa_mask=[],
> sa_flags=SA_INTERRUPT|SA_NODEFER|SA_RESETHAND}, NULL) = 0
> alarm(1)= 0
> pause() = ? ERESTARTNOHAND (To be restarted 
> if no handler)
> --- SIGALRM {si_signo=SIGALRM, si_code=SI_KERNEL} ---
> sigreturn({mask=[]})= -1 EINTR (Interrupted system call)
> exit(0) = ?
> +++ exited with 0 +++
>
> Now trying the same binary on aarch64:
> $ qemu-i386 -version
> qemu-i386 version 5.2.0 (Debian 1:5.2+dfsg-11+deb11u2)

5.2 is a couple of years old now -- does the same bug still repro on
7.1 or head-of-git ?

thanks
-- PMM