|
From: Madhan S. <mad...@gm...> - 2009-10-05 17:17:35
|
Hello,
The program below captures the essence of running dynamically generated code
in my application. It causes the following with --trace-signals=yes enabled.
--smc-check=all, doesn't help. Is there a known workaround.
--4416-- translations not allowed here (0x400b000) - throwing SEGV
--4416-- delivering signal 11 (SIGSEGV):2 to thread 1
--4416-- delivering 11 (code 2) to default handler; action: terminate+core
==4416==
==4416== Process terminating with default action of signal 11 (SIGSEGV)
==4416== Bad permissions for mapped region at address 0x400B000
==4416== at 0x400B000: ???
==4416== by 0x748DF2: (below main) (in /lib/tls/libc-2.3.4.so)
Thanks,
Madhan.
#include <stdio.h>
#include <sys/mman.h>
#include <sys/shm.h>
#include <assert.h>
int f1(int c)
{
int i;
int res = 0;
for( i = 0; i < c; ++i )
{
res += i*i;
}
return res;
}
int f2()
{
return 0;
}
typedef int (*f_t)(int);
int main()
{
key_t key;
int smid;
int rc;
void *smad;
int sz;
f_t f = f1;
struct shmid_ds buf;
key = ftok("/dev/zero",13);
if ( key == (key_t)(-1) ) perror("ftok");
smid = shmget( key, 8192, 0777 | IPC_CREAT );
if ( smid < 0 ) perror("shmget");
smad = shmat( smid, 0, 0 );
if ( smad == (void*)(-1) ) perror("shmat");
rc = mprotect( smad, 8192, PROT_READ | PROT_WRITE | PROT_EXEC );
if ( rc < 0 ) perror("mprotect");
sz = (char*)&f2 - (char*)&f1;
assert( sz > 0 && sz < 8192 );
memcpy( smad, &f1, sz );
printf("SoS(10)=%d, a=%p\n", f(10), f);
f = (f_t)smad;
printf("SoS(10)=%d, a=%p\n", f(10), f);
shmctl( smid, IPC_RMID, 0 );
return 0;
}
|
|
From: Madhan S. <mad...@gm...> - 2009-10-12 13:46:22
|
I am sorry, I did not give a gist of what happens in the program. Was
looking at the problem for a while, so I was getting too cozy with it.
The intention is to generate and copy executable code into a shared
memory segment and run it during program execution. To capture the
idea, the given sample program copies the code of a local function to
a newly created shared memory segment and jumps to it.
The program works find without Valgrind, but with Valgrind 3.5.0 the
given error appears.
Thanks,
Madhan
On Mon, Oct 5, 2009 at 10:47 PM, Madhan Sadasivam <mad...@gm...> wrote:
> Hello,
>
> The program below captures the essence of running dynamically generated code
> in my application. It causes the following with --trace-signals=yes enabled.
> --smc-check=all, doesn't help. Is there a known workaround.
>
> --4416-- translations not allowed here (0x400b000) - throwing SEGV
> --4416-- delivering signal 11 (SIGSEGV):2 to thread 1
> --4416-- delivering 11 (code 2) to default handler; action: terminate+core
> ==4416==
> ==4416== Process terminating with default action of signal 11 (SIGSEGV)
> ==4416== Bad permissions for mapped region at address 0x400B000
> ==4416== at 0x400B000: ???
> ==4416== by 0x748DF2: (below main) (in /lib/tls/libc-2.3.4.so)
>
> Thanks,
> Madhan.
>
> #include <stdio.h>
> #include <sys/mman.h>
> #include <sys/shm.h>
> #include <assert.h>
>
> int f1(int c)
> {
> int i;
> int res = 0;
>
> for( i = 0; i < c; ++i )
> {
> res += i*i;
> }
> return res;
> }
>
> int f2()
> {
> return 0;
> }
>
> typedef int (*f_t)(int);
>
> int main()
> {
> key_t key;
> int smid;
> int rc;
> void *smad;
> int sz;
> f_t f = f1;
>
> struct shmid_ds buf;
>
> key = ftok("/dev/zero",13);
> if ( key == (key_t)(-1) ) perror("ftok");
>
> smid = shmget( key, 8192, 0777 | IPC_CREAT );
> if ( smid < 0 ) perror("shmget");
>
> smad = shmat( smid, 0, 0 );
>
> if ( smad == (void*)(-1) ) perror("shmat");
>
> rc = mprotect( smad, 8192, PROT_READ | PROT_WRITE | PROT_EXEC );
>
> if ( rc < 0 ) perror("mprotect");
>
> sz = (char*)&f2 - (char*)&f1;
>
> assert( sz > 0 && sz < 8192 );
>
> memcpy( smad, &f1, sz );
>
> printf("SoS(10)=%d, a=%p\n", f(10), f);
>
> f = (f_t)smad;
>
> printf("SoS(10)=%d, a=%p\n", f(10), f);
>
> shmctl( smid, IPC_RMID, 0 );
>
> return 0;
> }
>
|
|
From: Madhan S. <mad...@gm...> - 2009-10-12 13:58:28
|
Tom gave a super fast patch and it fixes the issue. Please refer to. https://bugs.kde.org/show_bug.cgi?id=210322 Thanks, Madhan. On Mon, Oct 12, 2009 at 7:08 PM, Madhan Sadasivam <mad...@gm...> wrote: > I am sorry, I did not give a gist of what happens in the program. Was > looking at the problem for a while, so I was getting too cozy with it. > > The intention is to generate and copy executable code into a shared > memory segment and run it during program execution. To capture the > idea, the given sample program copies the code of a local function to > a newly created shared memory segment and jumps to it. > > The program works find without Valgrind, but with Valgrind 3.5.0 the > given error appears. > > Thanks, > Madhan > > On Mon, Oct 5, 2009 at 10:47 PM, Madhan Sadasivam <mad...@gm...> wrote: >> Hello, >> >> The program below captures the essence of running dynamically generated code >> in my application. It causes the following with --trace-signals=yes enabled. >> --smc-check=all, doesn't help. Is there a known workaround. >> >> --4416-- translations not allowed here (0x400b000) - throwing SEGV >> --4416-- delivering signal 11 (SIGSEGV):2 to thread 1 >> --4416-- delivering 11 (code 2) to default handler; action: terminate+core >> ==4416== >> ==4416== Process terminating with default action of signal 11 (SIGSEGV) >> ==4416== Bad permissions for mapped region at address 0x400B000 >> ==4416== at 0x400B000: ??? >> ==4416== by 0x748DF2: (below main) (in /lib/tls/libc-2.3.4.so) >> >> Thanks, >> Madhan. >> >> #include <stdio.h> >> #include <sys/mman.h> >> #include <sys/shm.h> >> #include <assert.h> >> >> int f1(int c) >> { >> int i; >> int res = 0; >> >> for( i = 0; i < c; ++i ) >> { >> res += i*i; >> } >> return res; >> } >> >> int f2() >> { >> return 0; >> } >> >> typedef int (*f_t)(int); >> >> int main() >> { >> key_t key; >> int smid; >> int rc; >> void *smad; >> int sz; >> f_t f = f1; >> >> struct shmid_ds buf; >> >> key = ftok("/dev/zero",13); >> if ( key == (key_t)(-1) ) perror("ftok"); >> >> smid = shmget( key, 8192, 0777 | IPC_CREAT ); >> if ( smid < 0 ) perror("shmget"); >> >> smad = shmat( smid, 0, 0 ); >> >> if ( smad == (void*)(-1) ) perror("shmat"); >> >> rc = mprotect( smad, 8192, PROT_READ | PROT_WRITE | PROT_EXEC ); >> >> if ( rc < 0 ) perror("mprotect"); >> >> sz = (char*)&f2 - (char*)&f1; >> >> assert( sz > 0 && sz < 8192 ); >> >> memcpy( smad, &f1, sz ); >> >> printf("SoS(10)=%d, a=%p\n", f(10), f); >> >> f = (f_t)smad; >> >> printf("SoS(10)=%d, a=%p\n", f(10), f); >> >> shmctl( smid, IPC_RMID, 0 ); >> >> return 0; >> } >> > |