Segmentation Fault on generating binaries from the llvm bitcode file obtained by McSema

[Mayur Pandey]

Hi,

I am trying to get the llvm bitcode file from x86 object code so that i can run it on either x86-64 or ARM by again compiling the bitcode file for x86-64 or ARM but I am getting segmentation fault when executing the same. The bitcode file when compiled for x86 works fine. I am doing the following steps:

A very simple test code:

$ cat test.c

int main() {

return -5;

}

Compiling it using the following command to get the object file(i have to use -m32 option, as if i dont use the option then bin_descend tool is not able to convert it bitcode file, Also as the main purpose is to get llvm bitcode which is target independent, so it should not matter i think, I may be wrong though):

$ clang -ggdb -m32 -c -o test.o test.c

Using the bin_descend tool to get the CFG

$ bin_descend -d -entry-symbol=main -i=test.o

The command to get .bc file from

$ cfg_to_bc -i test.cfg -driver=main,main,0,return,C -o test.bc

To optimize the code using:

$ opt -O3 test.bc -o test_opt.bc

Now i am compiling the test_opt.bc using llc for target x86-64

$ llc test_opt.bc -o test_opt.s -march=x86-64

using the following command to generate the executable:

$ clang -ggdb test_opt.s

On executing it I am getting segmentation fault

$ ./a.out

Segmentation fault (core dumped)

On trying to debug it using gdb, i m getting the output:

gdb) b main

Breakpoint 1 at 0x4005d0: file test_opt.s, line 9.

(gdb) r

Starting program: /home/mayur/mcsema/mc-sema/tests/mayur/a.out

Breakpoint 1, main () at test_opt.s:9

9               pushq   %r14

(gdb) n

12              pushq   %rbx

(gdb) n

15              subq    $24, %rsp

(gdb) c

Continuing.

Program received signal SIGSEGV, Segmentation fault.

main () at test_opt.s:37

37              movl    $0, (%rax)

(gdb)

I m surprised why pushq   %r14 is in the assembly, as r14 is an ARM register. Still it goes through that instruction and fails at :  movl    $0, (%rax)

Can someone please point it out what is going wrong? Or maybe i am doing something wrong in using the commands. Also can someone tell why bin_descend only is able to create cfg from object files of 32 bit. Are 64 bit object files not supported as of now?

Thanks,

Mayur

[慕冬亮]

we both want to transform elf binary(x86,x86_64) to llvm IR. 

[Artem Dinaburg]

See the linked_elf example:

https://github.com/trailofbits/mcsema/blob/master/mc-sema/tests/linked_elf_test.sh

Its probably doing what you want.

Artem

-- 
You received this message because you are subscribed to the Google Groups "mcsema-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to mcsema-dev+...@googlegroups.com.
To post to this group, send email to mcsem...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/mcsema-dev/1c145d2f-bad3-4e4f-aa6f-ed4581032419%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.