Re: Bash's malloc does not work within qemu-user when compiled with PIE enabled

[Chet Ramey]

On 2/13/18 11:23 AM, Raphael Hertzog wrote:
> Hello,
> 
> On Tue, 13 Feb 2018, Chet Ramey wrote:
>>> It would be nice if bash's malloc implementation could be fixed to also
>>> work under qemu-user.
>>
>> Does sbrk(2) work in a PIE-enabled environment?
> 
> Note that a bash binary compiled with PIE works fine for normal usage
> with a current Linux kernel. Apparently it was causing troubles with
> older Linux kernels, see 
> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1518483
> 
> But with current kernels it works fine. The problem only happens
> under qemu-user.

Wouldn't that imply that the problem has something to do with
qemu-user and how it interacts with sbrk?

> 
> From what I understood the memory layout of a PIE-compiled binary is
> different but sbrk() still works the same. Maybe some assumption that you
> are doing about the memory layout are not holding true however.

The only assumption bash makes is that sbrk() extends the break and that
the pointer it returns marks the beginning of contiguously addressable
storage of the requested size.

> 
> While trying to learn more about this I found this URL
> https://gist.github.com/CMCDragonkai/10ab53654b2aa6ce55c11cfc5b2432a4

The applicable part of this is that sbrk() extends the heap.

The thing about the error message in the ubuntu bug report is that it's
literally the first call to xmalloc bash makes at startup: the call to
savestring when saving the default locale. You can tell because it reports
0 bytes as having been allocated. sbrk() fails immediately.

-- 
``The lyf so short, the craft so long to lerne.'' - Chaucer
                 ``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU    chet@case.edu    http://tiswww.cwru.edu/~chet/