There seems to be a different issue now: calling getProcedures() on the
default module of a stripped PIE results in an assertion failure at
common/src/arc-x86.C:7993. It seems that the heuristic gap parser is trying
to decode the assembly as x86_32 instead of x86_64 (I may be wrong though).
Exact stack trace is attached.
This is triggered by simply opening the binary, getting the default module,
then calling getProcedure.
Sample offending program is /usr/bin/ssh on Ubuntu 16.04 x86_64.
Thanks.
On Mon, May 30, 2016 at 9:21 PM Mohamed Elsabagh <[email protected]> wrote:
> Thanks Bill for the response. This is indeed fixed in the master branch.
>
> On Mon, May 30, 2016 at 10:23 AM Bill Williams <[email protected]> wrote:
>
>> Known issue in 9.1, but this should be fixed on github's master. Is this
>> not the case?
>> ------------------------------
>> *From:* Dyninst-api <[email protected]> on behalf of
>> Mohamed Elsabagh <[email protected]>
>> *Sent:* Friday, May 27, 2016 9:10:51 PM
>> *To:* dyninst-api
>> *Subject:* [DynInst_API:] PIE segfault
>>
>> In the latest version of Dyninst, rewriting a PIE binary (not a library)
>> results in an executable that immediately segfaults. This happens even if
>> no instrumentation was done at all. Simply opening the binary and saving it
>> reproduces the problem. Here's a sample backtrace:
>>
>> dl_main at rtld.c:172
>> _dl_sysdep_start at ../elf/dl-sysdep.c:249
>> _dl_start_final at rtld.c:332
>> dl_start at rtld.c:558
>> _start() from /lib64/ld-linux-x86_64.so.2
>>
>> I am having this issue on both Ubuntu 14.04 and Ubuntu 16, the x86_64
>> versions.
>>
>> Any clue?
>>
>> Thanks.
>>
>
test: /dyninst/common/src/arch-x86.C:7993: NS_x86::ia32_instruction&
NS_x86::ia32_decode(unsigned int, const unsigned char*,
NS_x86::ia32_instruction&): Assertion `0' failed.
#0 0x00007ffff6279418 in __GI_raise (sig=sig@entry=6) at
../sysdeps/unix/sysv/linux/raise.c:54
#1 0x00007ffff627b01a in __GI_abort () at abort.c:89
#2 0x00007ffff6271bd7 in __assert_fail_base (fmt=<optimized out>,
assertion=assertion@entry=0x7ffff6c5c396 "0",
file=file@entry=0x7ffff6c61f10 "/dyninst/common/src/arch-x86.C",
line=line@entry=7993,
function=function@entry=0x7ffff6c61b80 <NS_x86::ia32_decode(unsigned int,
unsigned char const*, NS_x86::ia32_instruction&)::__PRETTY_FUNCTION__>
"NS_x86::ia32_instruction& NS_x86::ia32_decode(unsigned int, const unsigned
char*, NS_x86::ia32_instruction&)") at assert.c:92
#3 0x00007ffff6271c82 in __GI___assert_fail
(assertion=assertion@entry=0x7ffff6c5c396 "0",
file=file@entry=0x7ffff6c61f10 "/dyninst/common/src/arch-x86.C",
line=line@entry=7993,
function=function@entry=0x7ffff6c61b80 <NS_x86::ia32_decode(unsigned int,
unsigned char const*, NS_x86::ia32_instruction&)::__PRETTY_FUNCTION__>
"NS_x86::ia32_instruction& NS_x86::ia32_decode(unsigned int, const unsigned
char*, NS_x86::ia32_instruction&)") at assert.c:101
#4 0x00007ffff6c09c5a in NS_x86::ia32_decode (capa=capa@entry=1,
addr=<optimized out>, instruct=...) at /dyninst/common/src/arch-x86.C:7993
#5 0x00007ffff763e826 in
Dyninst::InstructionAPI::InstructionDecoder_x86::doIA32Decode (this=0x67dd60,
b=...)
at /dyninst/instructionAPI/src/InstructionDecoder-x86.C:1292
#6 0x00007ffff763f179 in
Dyninst::InstructionAPI::InstructionDecoder_x86::decodeOpcode (this=<optimized
out>, b=...)
at /dyninst/instructionAPI/src/InstructionDecoder-x86.C:1352
#7 0x00007ffff7740a8a in
Dyninst::InstructionAPI::InstructionDecoderImpl::decode (this=0x67dd60, b=...)
at /dyninst/instructionAPI/src/InstructionDecoderImpl.C:56
#8 0x00007ffff763db7d in
Dyninst::InstructionAPI::InstructionDecoder_x86::decode (this=<optimized out>,
b=...)
at /dyninst/instructionAPI/src/InstructionDecoder-x86.C:1406
#9 0x00007ffff763d966 in Dyninst::InstructionAPI::InstructionDecoder::decode
(this=this@entry=0x7fffffffd650)
at /dyninst/instructionAPI/src/InstructionDecoder.C:65
#10 0x00007ffff7a3b0da in hd::ProbabilityCalculator::decodeInstruction
(this=this@entry=0x7fffffffd860, data=..., addr=addr@entry=151394)
at /dyninst/parseAPI/src/ProbabilisticParser.C:493
#11 0x00007ffff7a3bdb2 in hd::ProbabilityCalculator::calcForwardWeights
(this=0x7fffffffd860, cur=0, addr=151394, tree=0x7fffffffd868,
valid=@0x7fffffffd78f: true)
at /dyninst/parseAPI/src/ProbabilisticParser.C:416
#12 0x00007ffff7a3c0cb in hd::ProbabilityCalculator::calcProbByMatchingIdioms
(this=this@entry=0x7fffffffd860, addr=addr@entry=151394)
at /dyninst/parseAPI/src/ProbabilisticParser.C:331
#13 0x00007ffff79ceec0 in Dyninst::ParseAPI::Parser::probabilistic_gap_parsing
(this=0x6d7780, cr=cr@entry=0x6a1f40)
at /dyninst/parseAPI/src/Parser-speculative.C:361
#14 0x00007ffff79c3ce2 in Dyninst::ParseAPI::CodeObject::parseGaps
(this=<optimized out>, cr=cr@entry=0x6a1f40,
type=type@entry=Dyninst::ParseAPI::IdiomMatching)
at /dyninst/parseAPI/src/CodeObject.C:188
#15 0x00007ffff6f93fbc in image::analyzeImage (this=this@entry=0x663cd0) at
/dyninst/dyninstAPI/src/image.C:1201
#16 0x00007ffff6f940ab in image::analyzeIfNeeded (this=0x663cd0) at
/dyninst/dyninstAPI/src/image.C:1165
#17 0x00007ffff6f95e37 in image::getAllFunctions (this=<optimized out>) at
/dyninst/dyninstAPI/src/image.C:945
#18 pdmodule::getFunctions (this=0x677c80, funcs=std::vector of length 0,
capacity 0) at /dyninst/dyninstAPI/src/image.C:1809
#19 0x00007ffff6faaec6 in mapped_module::getAllFunctions (this=0x7920d0) at
/dyninst/dyninstAPI/src/mapped_module.C:48
#20 0x00007ffff6f331dd in BPatch_module::getProcedures (this=0x799750,
funcs=std::vector of length 0, capacity 0, incUninstrumentable=false)
at /dyninst/dyninstAPI/src/BPatch_module.C:350
#21 0x00007ffff6f333e7 in BPatch_module::getProcedures (this=0x799750,
incUninstrumentable=incUninstrumentable@entry=false)
at /dyninst/dyninstAPI/src/BPatch_module.C:331
#22 0x00000000004038a4 in main (argc=<optimized out>, argv=<optimized out>,
envp=<optimized out>)
_______________________________________________
Dyninst-api mailing list
[email protected]
https://lists.cs.wisc.edu/mailman/listinfo/dyninst-api
