diff options
author | Peter Maydell | 2016-07-22 14:41:52 +0200 |
---|---|---|
committer | Riku Voipio | 2016-08-04 15:38:17 +0200 |
commit | ef4330c23bb47b97a859dbdbae1c784fd2ca402f (patch) | |
tree | ccfa578631f3779b49952e117b2ca65f414d9304 /linux-user/syscall.c | |
parent | linux-user: Fix target_semid_ds structure definition (diff) | |
download | qemu-ef4330c23bb47b97a859dbdbae1c784fd2ca402f.tar.gz qemu-ef4330c23bb47b97a859dbdbae1c784fd2ca402f.tar.xz qemu-ef4330c23bb47b97a859dbdbae1c784fd2ca402f.zip |
linux-user: Handle brk() attempts with very large sizes
In do_brk(), we were inadvertently truncating the size
of a requested brk() from the guest by putting it into an
'int' variable. This meant that we would incorrectly report
success back to the guest rather than a failed allocation,
typically resulting in the guest then segfaulting. Use
abi_ulong instead.
This fixes a crash in the '31370.cc' test in the gcc libstdc++ test
suite (the test case starts by trying to allocate a very large
size and reduces the size until the allocation succeeds).
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Signed-off-by: Riku Voipio <riku.voipio@linaro.org>
Diffstat (limited to 'linux-user/syscall.c')
-rw-r--r-- | linux-user/syscall.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/linux-user/syscall.c b/linux-user/syscall.c index df6f2a9d0f..833f853200 100644 --- a/linux-user/syscall.c +++ b/linux-user/syscall.c @@ -839,7 +839,7 @@ void target_set_brk(abi_ulong new_brk) abi_long do_brk(abi_ulong new_brk) { abi_long mapped_addr; - int new_alloc_size; + abi_ulong new_alloc_size; DEBUGF_BRK("do_brk(" TARGET_ABI_FMT_lx ") -> ", new_brk); |