APP CRASH: Program received internal crash when use dr_wrap under android 10
Created by: Iv4n550
Describe the bug We received a internal crash when use sample client libwrap.so to wrap some APIs. We cannot get the backtraces, so checked the maps, found that the crashed PC is not in the any modules(but always with a fixed offset behind libwrap.sp). Any suggestion to debug the crash?
To Reproduce Steps to reproduce the behavior:
bin64/drrun -c /data/DynamoRIO-Linux-7.91.18822-0/samples/bin64/libwrap.so ./ -- ./testchanged client libwrap.so src:
#define MALLOC_ROUTINE_NAME IF_WINDOWS_ELSE("xxx", "xxx")
static void
module_load_event(void *drcontext, const module_data_t *mod, bool loaded)
{
app_pc towrap = NULL;
dr_fprintf(STDERR, "module load:%s %p---%p\n", mod->full_path, mod->start, mod->end);
if(strcmp(mod->full_path, "xxx.so") == 0) {
towrap = (app_pc)dr_get_proc_address(mod->handle, MALLOC_ROUTINE_NAME);
if(towrap != NULL) {
dr_fprintf(STDERR, "-----------------------> dr_get_proc_address sucess:%s\n", MALLOC_ROUTINE_NAME);
} else {
dr_fprintf(STDERR, "-----------------------> dr_get_proc_address failed:%s\n", MALLOC_ROUTINE_NAME);
towrap = mod->start + 0x1cf3c ;//test APIs's offset
}
}
if (towrap != NULL) {
dr_fprintf(STDERR, "call drwrap_wrap:%s\n", mod->full_path);
bool ok = drwrap_wrap(towrap, wrap_pre, wrap_post);
}
}
static void
wrap_pre(void *wrapcxt, OUT void **user_data)
{
dr_fprintf(STDERR, "------------------ we are in wrap_pre\n");
}
static void
wrap_post(void *wrapcxt, void *user_data)
{
dr_fprintf(STDERR, "------------------ we are in wrap_post\n");
}Screenshots or Pasted Text
<Application /xxx/test (23809). DynamoRIO Sample Client 'wrap' internal crash at PC 0x00000078a5baf6dc. Please report this at http://dynamorio.org/issues. Program aborted.
Received SIGSEGV at generated pc 0x00000078a5baf6dc in thread 23841
Base: 0x00000078e9ba8000
Registers: eflags=0x00000000a0000000
version 7.91.18822, custom build
-no_dynamic_options -client_lib '/data/DynamoRIO-Linux-7.91.18822-0/samples/bin64/libwrap.so;0;' -code_api -stack_size 56K -signal_stack_size 32K -max_elide_jmp 0 -max_elide_call 0 -early_inject -emulate_brk -no_inline_ignored_sycalls -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct
0x00000077a4dfbbb0 0x00000078e60a6f88
0x00000077a4dfbc40 0x00000078e60a715c
0x00000077a4dfbc70 0x00000078e60a7a9c
0x00000077a4dfbca0 0x00000078e85ff334
0x00000077a4dfbcd0 0x00000078e85f9004
0x00000077a4dfbcf0 0x00000078e82127c4
0x00000077a4dfbd10 0x00000078e81b51ac
0x00000077a4dfbd40 0x0000000000000000>
Client wrap is running
module load:/data/secdive/DynamoRIO-Linux-7.91.18822-0/samples/bin64/libwrap.so 0x00000078a5b91000---0x00000078a5ba4000
module load:/system/bin/idea_mediacontrol_proc_server 0x00000078e5b91000---0x00000078e5ba7000
module load:/data/secdive/DynamoRIO-Linux-7.91.18822-0/lib64/release/libdynamorio.so 0x00000078e9ba8000---0x00000078e9d6a000
module load:/apex/com.android.runtime/bin/linker64 0x00000078e9d9d000---0x00000078e9ec2000
module load:[vdso] 0x00000078e9ec4000---0x00000078e9ec5000
module load:/apex/com.android.runtime/lib64/bionic/libdl.so 0x0000007825985000---0x0000007825989000
module load:/apex/com.android.runtime/lib64/bionic/libc.so 0x00000078e8143000---0x00000078e822a000
module load:/system/lib64/libc++.so 0x00000078e70ad000---0x00000078e717c000
Versions**
- DynamoRIO version:DynamoRIO-Linux-7.91.18822
- Env: Android10 arm64
- my application is 64-bit.