|
From: Madhan S. <mad...@gm...> - 2009-10-05 17:17:35
|
Hello,
The program below captures the essence of running dynamically generated code
in my application. It causes the following with --trace-signals=yes enabled.
--smc-check=all, doesn't help. Is there a known workaround.
--4416-- translations not allowed here (0x400b000) - throwing SEGV
--4416-- delivering signal 11 (SIGSEGV):2 to thread 1
--4416-- delivering 11 (code 2) to default handler; action: terminate+core
==4416==
==4416== Process terminating with default action of signal 11 (SIGSEGV)
==4416== Bad permissions for mapped region at address 0x400B000
==4416== at 0x400B000: ???
==4416== by 0x748DF2: (below main) (in /lib/tls/libc-2.3.4.so)
Thanks,
Madhan.
#include <stdio.h>
#include <sys/mman.h>
#include <sys/shm.h>
#include <assert.h>
int f1(int c)
{
int i;
int res = 0;
for( i = 0; i < c; ++i )
{
res += i*i;
}
return res;
}
int f2()
{
return 0;
}
typedef int (*f_t)(int);
int main()
{
key_t key;
int smid;
int rc;
void *smad;
int sz;
f_t f = f1;
struct shmid_ds buf;
key = ftok("/dev/zero",13);
if ( key == (key_t)(-1) ) perror("ftok");
smid = shmget( key, 8192, 0777 | IPC_CREAT );
if ( smid < 0 ) perror("shmget");
smad = shmat( smid, 0, 0 );
if ( smad == (void*)(-1) ) perror("shmat");
rc = mprotect( smad, 8192, PROT_READ | PROT_WRITE | PROT_EXEC );
if ( rc < 0 ) perror("mprotect");
sz = (char*)&f2 - (char*)&f1;
assert( sz > 0 && sz < 8192 );
memcpy( smad, &f1, sz );
printf("SoS(10)=%d, a=%p\n", f(10), f);
f = (f_t)smad;
printf("SoS(10)=%d, a=%p\n", f(10), f);
shmctl( smid, IPC_RMID, 0 );
return 0;
}
|