Symqemu raise SIGSEGV #56
Description
I use the following command to test a simple c++ program
echo "2" | x86_64-linux-user/qemu-x86_64 /tmp/test.outHowever, the qemu process crashes after generating several testcases:
...
[INFO] New testcase: /tmp/output/000010-optimistic
[STAT] SMT: { "solving_time": 23999, "total_time": 95028 }
[STAT] SMT: { "solving_time": 24114 }
[STAT] SMT: { "solving_time": 24114, "total_time": 95333 }
[STAT] SMT: { "solving_time": 24200 }
[INFO] New testcase: /tmp/output/000011-optimistic
[STAT] SMT: { "solving_time": 24200, "total_time": 96206 }
[STAT] SMT: { "solving_time": 24324 }
[STAT] SMT: { "solving_time": 24324, "total_time": 96524 }
[STAT] SMT: { "solving_time": 24410 }
[INFO] New testcase: /tmp/output/000012-optimistic
[STAT] SMT: { "solving_time": 24410, "total_time": 97448 }
[STAT] SMT: { "solving_time": 24536 }
[STAT] SMT: { "solving_time": 24536, "total_time": 97777 }
[STAT] SMT: { "solving_time": 25712 }
[INFO] New testcase: /tmp/output/000013-optimistic
[STAT] SMT: { "solving_time": 25712, "total_time": 99812 }
[STAT] SMT: { "solving_time": 25843 }
[STAT] SMT: { "solving_time": 25843, "total_time": 100138 }
[STAT] SMT: { "solving_time": 26948 }
[INFO] New testcase: /tmp/output/000014-optimistic
[STAT] SMT: { "solving_time": 26948, "total_time": 102200 }
[STAT] SMT: { "solving_time": 27032 }
[STAT] SMT: { "solving_time": 27032, "total_time": 102477 }
[STAT] SMT: { "solving_time": 27100 }
qemu-x86_64: QEMU internal SIGSEGV {code=MAPERR, addr=0x14}
fish: Process 24522, 'x86_64-linux-user/qemu-x86_64' from job 1, 'echo "2" | x86_64-linux-user/qe…' terminated by signal SIGSEGV (Address boundary error)
The test code I used is:
#include <stdio.h>
#include <stdint.h>
#include <unistd.h>
int main(int argc, char* argv[]) {
int x;
if (scanf("%d", &x) != 1) {
printf("read fail\n");
return 1;
}
if(x > 100) {
printf("aaa\n");
} else if(x < 100) {
printf("bbb\n");
} else {
printf("ccc\n");
}
return 0;
}and the code to compile this code is:
clang++ test.cc -o test.outThe clang version is 14.0.0 and the symqemu I used is this commit: 45b4700
Any idea for this crash?