Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

rr replay error at signal handler. mcontext->__reserved[i] data doesn't fully copyed after syscall #3877

Closed
IamHuskar opened this issue Nov 12, 2024 · 4 comments
Closed

rr replay error at signal handler. mcontext->__reserved[i] data doesn't fully copyed after syscall #3877

IamHuskar opened this issue Nov 12, 2024 · 4 comments

Comments

@IamHuskar
Copy link

IamHuskar commented Nov 12, 2024
edited
Loading

arch : aarch64
os:ububtu 22.04

mcontext->__reserved[i] data doesn't fully copyed after syscall

// pls remove .txt suffix .
aarch64_mcontext_poc.pls_remove_sufixx.txt
aarch64_mcontext_poc.cpp.txt

g++ -g -o aarch64_mcontext_poc aarch64_mcontext_poc.cpp

excepted result:
Accessing address 0... pc skip 4 bytes at signall handler
arm ok value 92000045 (SIGSEGV).
after skip

rr record aarch64_mcontext_poc
rr replay

[FATAL src/ReplaySession.cc:582:cont_syscall_boundary()]
(task 983741 (rec:983353) at time 138)
-> Assertion `false' failed to hold. Replay got unrecorded signal {signo:SIGSEGV,errno:SUCCESS,code:SEGV_MAPERR,addr:0xffffd66a4dd3}

set breakpoint at GetArmESR
MContext->__reserved[0] is ok . but the data in MContext->__reserved[1] when running rr record is different from the data when running in gdb

static inline uint64_t GetArmESR(void* ucontext) {
  auto MContext = GetMContext(ucontext);

  size_t i = 0;
  /*
   *  maybe not full  MContext->__reserved[i] copyed after return from syscall
   * rr replay 
   * after i+=HostState->Size
   *  *HostState is not valid data.
   * 
   */
  auto HostState = (struct HostCTXHeader*)(&MContext->__reserved[i]);
  do {
    if (HostState->Magic == ESR1_MAGIC) {
      auto ESR = (struct HostESRState*)(HostState);
      //gdb got here
      return ESR->ESR;
    }
    i += HostState->Size;
    HostState = (struct HostCTXHeader*)(&MContext->__reserved[i]);
    
  } while (HostState->Size != 0);
  
  // rr replay got here
  return 0;
}


static inline uint32_t GetProtectFlags(void* ucontext) {
  uint64_t ESR = GetArmESR(ucontext);
  if (!((ESR & ESR1_EC) == ESR1_EC_DataAbort || (ESR & ESR1_EC) == ESR1_EC_InstAbort)) {
    printf("arm error "); // rr replay got here
    ::exit(-100);
  }
  else{
	  printf("arm ok ");//gdb ot here
  }
  return ESR;
}
@IamHuskar
Copy link
Author

IamHuskar commented Nov 12, 2024
edited
Loading

@rocallahan

I can reproduce this bug, but I really don't know how to fix it. rr is very important for my debugging work. I need help
I stopped the analysis because this bug prevented me from debugging further.

@rocallahan
Copy link
Collaborator

This is pretty simple, the captured sigframe size is simply too low.

@IamHuskar
Copy link
Author

IamHuskar commented Nov 13, 2024
edited
Loading

This is pretty simple, the captured sigframe size is simply too low.

thank you very much. I was trying to fix this .but I am not very familiar with rr source code.
rr is a very useful tool for me ,BigBigBigBig thanks to you . @rocallahan you are my sunshine ,my only sunshine

@alehander92
Copy link
Contributor

I seriously think this is the best rr testimonial i've read lately

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@rocallahan @alehander92 @IamHuskar