Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Symqemu raise SIGSEGV #56

Open
ntcmp2u opened this issue Apr 22, 2024 · 2 comments
Open

Symqemu raise SIGSEGV #56

ntcmp2u opened this issue Apr 22, 2024 · 2 comments
Labels
bug Something isn't working

Comments

@ntcmp2u
Copy link

ntcmp2u commented Apr 22, 2024

I use the following command to test a simple c++ program

echo "2" | x86_64-linux-user/qemu-x86_64 /tmp/test.out

However, the qemu process crashes after generating several testcases:

...
[INFO] New testcase: /tmp/output/000010-optimistic
[STAT] SMT: { "solving_time": 23999, "total_time": 95028 }
[STAT] SMT: { "solving_time": 24114 }
[STAT] SMT: { "solving_time": 24114, "total_time": 95333 }
[STAT] SMT: { "solving_time": 24200 }
[INFO] New testcase: /tmp/output/000011-optimistic
[STAT] SMT: { "solving_time": 24200, "total_time": 96206 }
[STAT] SMT: { "solving_time": 24324 }
[STAT] SMT: { "solving_time": 24324, "total_time": 96524 }
[STAT] SMT: { "solving_time": 24410 }
[INFO] New testcase: /tmp/output/000012-optimistic
[STAT] SMT: { "solving_time": 24410, "total_time": 97448 }
[STAT] SMT: { "solving_time": 24536 }
[STAT] SMT: { "solving_time": 24536, "total_time": 97777 }
[STAT] SMT: { "solving_time": 25712 }
[INFO] New testcase: /tmp/output/000013-optimistic
[STAT] SMT: { "solving_time": 25712, "total_time": 99812 }
[STAT] SMT: { "solving_time": 25843 }
[STAT] SMT: { "solving_time": 25843, "total_time": 100138 }
[STAT] SMT: { "solving_time": 26948 }
[INFO] New testcase: /tmp/output/000014-optimistic
[STAT] SMT: { "solving_time": 26948, "total_time": 102200 }
[STAT] SMT: { "solving_time": 27032 }
[STAT] SMT: { "solving_time": 27032, "total_time": 102477 }
[STAT] SMT: { "solving_time": 27100 }
qemu-x86_64: QEMU internal SIGSEGV {code=MAPERR, addr=0x14}
fish: Process 24522, 'x86_64-linux-user/qemu-x86_64' from job 1, 'echo "2" | x86_64-linux-user/qe…' terminated by signal SIGSEGV (Address boundary error)

The test code I used is:

#include <stdio.h>
#include <stdint.h>
#include <unistd.h>

int main(int argc, char* argv[]) {
    int x;
    if (scanf("%d", &x) != 1) {
        printf("read fail\n");
        return 1;
    }

    if(x > 100) {
        printf("aaa\n");
    } else if(x < 100) {
        printf("bbb\n");
    } else {
        printf("ccc\n");
    }

    return 0;
}

and the code to compile this code is:

clang++ test.cc -o test.out

The clang version is 14.0.0 and the symqemu I used is this commit: 45b4700

Any idea for this crash?

@ntcmp2u
Copy link
Author

ntcmp2u commented Apr 25, 2024

@aurelf Hi, can you reproduce this issue?

@aurelf aurelf added the bug Something isn't working label May 15, 2024
@aurelf
Copy link
Member

aurelf commented May 15, 2024

Yes in the docker, with LLVM 15 but not on my machine with LLVM 17... So this looks like a bug we need to address.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants