Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

i#4719 qemu: Add xarch_root option for QEMU #4726

Merged
merged 6 commits into from
Feb 10, 2021
Merged

i#4719 qemu: Add xarch_root option for QEMU #4726

merged 6 commits into from
Feb 10, 2021

Conversation

derekbruening
Copy link
Contributor

Adds a new option -xarch_root which sets a path that is prepended to:

  • The application executable's interpreter, if the original does not exist.
  • SYS_openat paths, if the original does not exist.
  • System paths ued for loading private libraries: here the prefix is prepended
    before checking whether the original exists.

Splits dynamorio_app_init() into two pieces in order to have the
options set up at the time the loader maps the interpreter, while
avoiding ordering problems with the rest of the initialization.

The new option also auto-sets -ignore_takeover_timeout for
convenience, as that is always needed when running under QEMU.

Manually tested in cross-compile AArchXX setups on a Debian system.
Test suite integration is forthcoming.

Issue: #4719

@derekbruening
i#4719 qemu: Add xarch_root option for QEMU
bc71318 
Adds a new option -xarch_root which sets a path that is prepended to:
+ The application executable's interpreter, if the original does not exist.
+ SYS_openat paths, if the original does not exist.
+ System paths ued for loading private libraries: here the prefix is prepended
  before checking whether the original exists.

Splits dynamorio_app_init() into two pieces in order to have the
options set up at the time the loader maps the interpreter, while
avoiding ordering problems with the rest of the initialization.

The new option also auto-sets -ignore_takeover_timeout for
convenience, as that is always needed when running under QEMU.

Manually tested in cross-compile AArchXX setups on a Debian system.
Test suite integration is forthcoming.

Issue: #4719
@derekbruening
Make xarch_root an external option
f528aef
@derekbruening
Fix standalone-mode bug revealed by the init split: set dynamo_heap_i…
63190f5 
…nitialized to false in standalone_exit
@derekbruening
Copy link
Contributor Author

The failure is the low4G test. The problem is that the heap_in_lower_4GB option is now set during interp mapping, and it's used in os_map_file to add MAP_32BIT. DR's vmm is taking up a bunch of the low 2G and it seems the kernel won't put ld.so below it:

$ cat /proc/1024986/maps
3fffe000-40006000 rw-p 00000000 00:00 0 
40006000-40007000 ---p 00000000 00:00 0 
40007000-40009000 rw-p 00000000 00:00 0 
40009000-4000f000 ---p 00000000 00:00 0 
4000f000-40010000 rw-p 00000000 00:00 0 
40010000-40017000 ---p 00000000 00:00 0 
40017000-40018000 rw-p 00000000 00:00 0 
40018000-7ffff000 ---p 00000000 00:00 0 
7ffff3b6e000-7ffff3b6f000 r--p 00000000 fe:01 7371509                    /home/bruening/dr/git/build_x64_dbg_tests/suite/tests/bin/simple_app
...

Not sure of the cleanest fix...avoid the MAP_32BIT just for this mapping via some special flag or sthg?

@derekbruening
Adds new module load flag MODLOAD_IS_APP and file mapping flag
1d3e686 
MAP_FILE_APP to avoid MAP_32BIT on the app interpreter when
-heap_in_lower_4GB is set, now that the options are parsed before we
map the interpreter.
@derekbruening
Copy link
Contributor Author

Failures are the delay-global pair #4711. But, going to wait for the fix for PR #4725 on attaching to large apps before merging anything else including this PR.

@derekbruening
Copy link
Contributor Author

There are enough additions since the review it may be worth another look.

@derekbruening derekbruening merged commit 7e84de6 into master Feb 10, 2021
@derekbruening derekbruening deleted the i4719-xarch-root branch February 10, 2021 15:00
derekbruening added a commit that referenced this pull request Feb 11, 2021
@derekbruening
Avoid blind syslog during init
f39f9de 
Avoids printing of an internal warning during early initialization for
single-bitwidth setups regardless of -stderr_mask by moving options
init even earlier.

To avoid DR heap init messing up the app's brk setup, moves heap init
out of the options init and into the later half.  This undoes the
early heap init from PR #4726, which is worked around by switching to
a stack buffer for -arch_init.  This seems safer in any case, delaying
heap init and client lib loads until after the app's interpreter is
loaded.

Issue: #4719
@derekbruening derekbruening mentioned this pull request Feb 11, 2021
Merged
derekbruening added a commit that referenced this pull request Feb 11, 2021
@derekbruening
Avoid blind syslog during init (#4729)
6667641 
Avoids printing of an internal warning during early initialization for
single-bitwidth setups regardless of -stderr_mask by moving options
init even earlier.

To avoid DR heap init messing up the app's brk setup, moves heap init
out of the options init and into the later half.  This undoes the
early heap init from PR #4726, which is worked around by switching to
a stack buffer for -arch_init.  This seems safer in any case, delaying
heap init and client lib loads until after the app's interpreter is
loaded.

Moves the 1config file deletion from d_r_config_init() to -config_heap_init(),
after any potential reload_dynamorio().

Issue: #4719
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@abhinav92003 abhinav92003 abhinav92003 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@derekbruening @abhinav92003