search

Rtoax / ulpatch

ULPatch is open source user space live patch tool.
https://rtoax.github.io/ulpatch/
GNU General Public License v2.0
3 stars 2 forks source link

test: Patch.ftrace_nop Illegal instruction on Debian12 #19

Open Rtoax opened 2 months ago

Rtoax commented 2 months ago 
$ ./src/tests/ulpatch_test -f Patch.ftrace_nop -v
Command: ulpatch_test
Exe:     /home/sdb/Git/ulpatch/build/src/tests/ulpatch_test
Pid:     22017
PIE:     NO
FTO:     8c
MemFD:   4
Disasm:
0x0:    push    rbp
0x1:    mov rbp, rsp
0x4:    sub rsp, 0x20
0x8:    call    0xffffffffffff7c95
0xd:
Disasm:
0x0:    push    rbp
0x1:    mov rbp, rsp
0x4:    sub rsp, 0x20
0x8:    nop dword ptr [rax + rax]
0xd:
Disasm:
0x0:    push    rbp
0x1:    mov rbp, rsp
0x4:    sub rsp, 0x20
0x8:    call    0xffffffffffff7c95

$ objdump -d ./src/tests/ulpatch_test | grep 'try_to_wake_up>:' -A 10
000000000040df0b <try_to_wake_up>:
  40df0b:   55                      push   %rbp
  40df0c:   48 89 e5                mov    %rsp,%rbp
  40df0f:   48 83 ec 20             sub    $0x20,%rsp
  40df13:   e8 88 7c ff ff          call   405ba0 <mcount@plt>
  40df18:   48 89 7d e8             mov    %rdi,-0x18(%rbp)
  40df1c:   89 75 e4                mov    %esi,-0x1c(%rbp)
  40df1f:   89 55 e0                mov    %edx,-0x20(%rbp)
  40df22:   41 b9 52 ab 4f 00       mov    $0x4fab52,%r9d
  40df28:   41 b8 32 00 00 00       mov    $0x32,%r8d
  40df2e:   b9 e8 ac 4f 00          mov    $0x4face8,%ecx

On Debian/Ubuntu

$ ./src/tests/ulpatch_test -f Patch.ftrace_nop -v
Command: ulpatch_test
Exe:     /home/rongtao/Git/ulpatch/build/src/tests/ulpatch_test
Pid:     9202
PIE:     YES
FTO:     8c
MemFD:   4
Disasm:
0x0:    push    rbp
0x1:    mov rbp, rsp
0x4:    sub rsp, 0x20
0x8:    call    qword ptr [rip + 0x2e1c4]
0xe:    mov qword ptr [rbp - 0x18], rdi
0x12:   mov dword ptr [rbp - 0x1c], esi
0x15:
Disasm:
0x0:    push    rbp
0x1:    mov rbp, rsp
0x4:    sub rsp, 0x20
0x8:    call    qword ptr [rip + 0x2e1c4]
0xe:    mov qword ptr [rbp + 0xf], rdi
0x12:
Illegal instruction

$ objdump -d ./src/tests/ulpatch_test | grep 'try_to_wake_up>:' -A 10
000000000001fcfe <try_to_wake_up>:
   1fcfe:   55                      push   %rbp
   1fcff:   48 89 e5                mov    %rsp,%rbp
   1fd02:   48 83 ec 20             sub    $0x20,%rsp
   1fd06:   ff 15 c4 e1 02 00       call   *0x2e1c4(%rip)        # 4ded0 <mcount@GLIBC_2.2.5>
   1fd0c:   48 89 7d e8             mov    %rdi,-0x18(%rbp)
   1fd10:   89 75 e4                mov    %esi,-0x1c(%rbp)
   1fd13:   89 55 e0                mov    %edx,-0x20(%rbp)
   1fd16:   4c 8d 0d 3d fc 01 00    lea    0x1fc3d(%rip),%r9        # 3f95a <__func__.0+0x33a>
   1fd1d:   41 b8 32 00 00 00       mov    $0x32,%r8d
   1fd23:   48 8d 05 d6 fd 01 00    lea    0x1fdd6(%rip),%rax        # 3fb00 <__func__.4>
Rtoax commented 2 months ago

See https://github.com/Rtoax/ulpatch/commit/5ad74c471105dda619e4677607f56426df7ef5c0