Option -disable_rseq seems to be ignored

[planetA]

Describe the bug

I compiled dynamo RIO in Ubuntu 24.04, but cannot run even the most trivial example with drrun. Here is the log:

/dynamorio/build/bin64/drrun  -verbose -disable_rseq   -- date
INFO: default root: /dynamorio/build/bin64/..
INFO: default toolconfig dir: /dynamorio/build/bin64/../tools
INFO: targeting application: "/usr/bin/date"
INFO: app cmdline:  "date"
INFO: configuration directory is "/root/.dynamorio"
INFO: will exec /usr/bin/date
<Application /dynamorio/build/lib64/release/libdynamorio.so (10). Restartable sequence behavior is not supported: struct rseq is not always at the same offset.>

It seems that indeed Ubuntu's glibc is executing rseq:

strace -e rseq date
--- SIGILL {si_signo=SIGILL, si_code=SI_TKILL, si_pid=39, si_uid=0} ---
rseq(0x7ffc090d25a0, 0x20, 0, 0)        = 0
rseq(0x7ffc090d25a0, 0x20, 0x1, 0)      = 0
--- SIGSEGV {si_signo=SIGSEGV, si_code=SEGV_MAPERR, si_addr=0xffffffffff600000} ---
rseq(0x7ffc090d2420, 0x20, 0, 0)        = 0
rseq(0x7ffc090d2420, 0x20, 0x1, 0)      = 0
rseq(0x7fde30668060, 0x20, 0, 0x53053053) = 0
Sat Dec 21 23:34:01 UTC 2024
+++ exited with 0 +++

But I would have expected -disable_rseq to fix the problem.

To Reproduce

Here is the Dockerfile you can use to reproduce the issue:

# Use the latest LTS Ubuntu as the base image
FROM ubuntu:24.04

# Set the working directory
WORKDIR /dynamorio

# Install necessary dependencies
RUN apt-get update && apt-get install -y \
    cmake \
    g++ \
    g++-multilib \
    doxygen \
    git \
    zlib1g-dev \
    libunwind-dev \
    libsnappy-dev \
    liblz4-dev

# Clone DynamoRIO repository
RUN git clone --recurse-submodules -j4 https://github.com/DynamoRIO/dynamorio.git .

# Create build directory and build DynamoRIO
RUN mkdir build && cd build && \
    cmake .. && \
    make -j

# Set the entry point to drrun
ENTRYPOINT ["/dynamorio/build/bin64/drrun"]

Versions

I tried git master (fa2eaa8) and precompiled 11.2.0 release. The behavior is the same.

[abhinav92003]

Thanks for reporting this issue. I can help take a look into this. What is the glibc version on the affected system? Also, does the linux.rseq_disable test also fail?

[planetA]

# ldd --version
ldd (Ubuntu GLIBC 2.31-0ubuntu9.16) 2.31
Copyright (C) 2020 Free Software Foundation, Inc.
This is free software; see the source for copying conditions.  There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
Written by Roland McGrath and Ulrich Drepper.

[abhinav92003]

Also: was this seen on x86 or aarch64?

[planetA]

x86

[abhinav92003]

I made an attempt to reproduce this issue on a VM (Ubuntu 24.04, x86) but couldn't. The one I got had glibc 2.39 though, which is much more recent than the one reported above (2.31). @planetA GLIBC 2.31 seems quite old for Ubuntu 24.04; did you manually downgrade to the older glibc?

$ uname -a
Linux instance-ubuntu-24-04-x86 6.8.0-1020-gcp #22-Ubuntu SMP Mon Dec  9 17:09:22 UTC 2024 x86_64 x86_64 x86_64 GNU/Linux
$ ldd --version
ldd (Ubuntu GLIBC 2.39-0ubuntu8.3) 2.39
...
$ ./bin64/drrun  -verbose -disable_rseq   -- date
...
<Starting application /usr/bin/date (22482)>
<Initial options = -no_dynamic_options -code_api -stack_size 56K -signal_stack_size 32K -max_elide_jmp 0 -max_elide_call 0 -early_inject -emulate_brk -no_inline_ignored_syscalls -disable_rseq -native_exec_default_list '' -no_native_exec_managed_code -no_indcall2direct >
...
Mon Dec 23 01:49:04 UTC 2024
<Stopping application /usr/bin/date (22482)>
$ echo $?
0

[abhinav92003]

Would be helpful if you can share a stack trace for that crash.

[planetA]

root@6586cc728819:/dynamorio/build# ./suite/tests/bin/linux.rseq_disable
linux.rseq_disable: /dynamorio/suite/tests/linux/rseq_disable.c:73: main: Assertion `res != 0 && errno == ENOSYS' failed.
Aborted (core dumped)
root@6586cc728819:/dynamorio/build# ./suite/tests/bin/linux.rseq_table
linux.rseq_table: /dynamorio/suite/tests/linux/rseq.cpp:167: bool register_rseq(): Assertion `res == 0 || (res == -1 && errno == ENOSYS)' failed.
Aborted (core dumped)
root@6586cc728819:/dynamorio/build# ./suite/tests/bin/linux.rseq
linux.rseq: /dynamorio/suite/tests/linux/rseq.cpp:167: bool register_rseq(): Assertion `res == 0 || (res == -1 && errno == ENOSYS)' failed.
Aborted (core dumped)
root@6586cc728819:/dynamorio/build# ./suite/tests/bin/linux.rseq_noarray
linux.rseq_noarray: /dynamorio/suite/tests/linux/rseq.cpp:167: bool register_rseq(): Assertion `res == 0 || (res == -1 && errno == ENOSYS)' failed.
Aborted (core dumped)

[planetA]

My bad. I tried also with Ubuntu 20.04, but also

22.04:

ldd --version
ldd (Ubuntu GLIBC 2.35-0ubuntu3.8) 2.35

And 24.04:

ldd --version
ldd (Ubuntu GLIBC 2.39-0ubuntu8.3) 2.39

[planetA]

I suspect that something is wrong with my container runtime or host system, because I get a very weird error, when I runt gdb date inside a container and it definitely is not connected to DynamoRIO:

gdb date
GNU gdb (Ubuntu 15.0.50.20240403-0ubuntu1) 15.0.50.20240403-git
Copyright (C) 2024 Free Software Foundation, Inc.
License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html>
This is free software: you are free to change and redistribute it.
There is NO WARRANTY, to the extent permitted by law.
Type "show copying" and "show warranty" for details.
This GDB was configured as "x86_64-linux-gnu".
Type "show configuration" for configuration details.
For bug reporting instructions, please see:
<https://www.gnu.org/software/gdb/bugs/>.
Find the GDB manual and other documentation resources online at:
    <http://www.gnu.org/software/gdb/documentation/>.

For help, type "help".
Type "apropos word" to search for commands related to "word"...
Reading symbols from date...

warning: could not find '.gnu_debugaltlink' file for /usr/bin/date
(No debugging symbols found in date)
(gdb) start
Function "main" not defined.
Make breakpoint pending on future shared library load? (y or [n]) y
Temporary breakpoint 1 (-qualified main inferior 1) pending.
...
warning: linux_ptrace_test_ret_to_nx: PC 0x7fe369e0d009 is neither near return address 0x7fe3ae07e000 nor is the return instruction 0x7fe3a9a11971!
Program received signal SIGILL, Illegal instruction.

[abhinav92003]

My bad. I tried also with Ubuntu 20.04, but also

What was the GLIBC version with Ubuntu 20.04?

22.04:

ldd --version
ldd (Ubuntu GLIBC 2.35-0ubuntu3.8) 2.35

And 24.04:

ldd --version
ldd (Ubuntu GLIBC 2.39-0ubuntu8.3) 2.39

For the above two configs (Ubuntu 22.04, GLIBC 2.35) and (Ubuntu 24.04, GLIBC 2.39), did everything work as expected?

Are the failures limited to your initially reported config only (Ubuntu 24.04, GLIBC 2.31)?

[planetA]

No. It is still broken. But even GDB broken with every version of Ubuntu I tried.