Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Invalid type for pointer element! when obfuscating hello world on debug build #6

Open
peperunas opened this issue Dec 14, 2021 · 1 comment
Open

Invalid type for pointer element! when obfuscating hello world on debug build #6

peperunas opened this issue Dec 14, 2021 · 1 comment
Labels
bug Something isn't working

Comments

@peperunas
Copy link
Contributor 

$ clang test.c 
[*] Extracting gadgets from: /nix/store/624na6gh6kmarknkd3l7swvj96hnr72n-librop-1.0.0/lib/librop.so
[*] Extracting gadgets from: /nix/store/624na6gh6kmarknkd3l7swvj96hnr72n-librop-1.0.0/lib/librop.so SHA1=571b46036b6383e007ab2f9d9a8e9123f77f006a
[LivenessAnalysis]	Register liveness analysis performed on basic block 0
    $eax = XOR32rr undef $eax(tied-def 0), undef $eax, implicit-def dead $eflags
[LivenessAnalysis] Available scratch registers:	22 25 27 
Exchanging back...
	✓ Replaced
    RETL killed $eax
[LivenessAnalysis] Available scratch registers:	25 27 
	✗ Unsupported instruction
clang-10: /build/lib/IR/Type.cpp:639: static llvm::PointerType* llvm::PointerType::get(llvm::Type*, unsigned int): Assertion `isValidElementType(EltTy) && "Invalid type for pointer element!"' failed.
Stack dump:
0.	Program arguments: /nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10 -cc1 -triple i686-unknown-linux-gnu -emit-obj -disable-free -main-file-name test.c -mrelocation-model pic -pic-level 2 -mthread-model posix -mframe-pointer=none -fmath-errno -fno-rounding-math -masm-verbose -mconstructor-aliases -target-cpu pentium4 -dwarf-column-info -fno-split-dwarf-inlining -debugger-tuning=gdb -resource-dir /nix/store/yvr0kpzck6qmdkpskadcf98pzmqmw3b8-ropfuscator-wrapper-0.1.0/resource-root -idirafter /nix/store/nd5vf7a5xahfia7vashv4aq7qp37ki24-glibc-2.33-56-dev/include -isystem /nix/store/dh7jn7ra2jmvaran3bbpin3qxcdpv9nj-compiler-rt-libc-10.0.1-dev/include -isystem /nix/store/dh7jn7ra2jmvaran3bbpin3qxcdpv9nj-compiler-rt-libc-10.0.1-dev/include -D _FORTIFY_SOURCE=2 -internal-isystem /usr/local/include -internal-isystem /nix/store/yvr0kpzck6qmdkpskadcf98pzmqmw3b8-ropfuscator-wrapper-0.1.0/resource-root/include -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wformat -Wformat-security -Werror=format-security -fdebug-compilation-dir /home/giulio/dev/ropfuscator/ropfuscator -ferror-limit 19 -fmessage-length 0 -fwrapv -stack-protector 2 -stack-protector-buffer-size 4 -fgnuc-version=4.2.1 -fobjc-runtime=gcc -fdiagnostics-show-option -fcolor-diagnostics -vectorize-loops -vectorize-slp -mllvm --ropfuscator-library=/nix/store/624na6gh6kmarknkd3l7swvj96hnr72n-librop-1.0.0/lib/librop.so -mllvm -debug-only=xchg_chains,ropchains,processed_instr,liveness_analysis -faddrsig -o /tmp/nix-shell.D6RxYw/test-c544d9.o -x c test.c 
1.	<eof> parser at end of file
2.	Code generation
3.	Running pass 'Function Pass Manager' on module 'test.c'.
4.	Running pass 'x86-ropfuscator' on function '@main'
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm3sys15PrintStackTraceERNS_11raw_ostreamE+0x35)[0x962e9f5]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x962eadd]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm3sys17RunSignalHandlersEv+0x39)[0x962ce19]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x962cfa5]
linux-gate.so.1(__kernel_sigreturn+0x0)[0xf7f625e0]
linux-gate.so.1(__kernel_vsyscall+0x9)[0xf7f625c9]
/nix/store/j6gabyswcdzwhfyqjnqx5nsp35wywxld-glibc-i686-unknown-linux-gnu-2.33-56/lib/libc.so.6(gsignal+0xb5)[0xf7a571a5]
/nix/store/j6gabyswcdzwhfyqjnqx5nsp35wywxld-glibc-i686-unknown-linux-gnu-2.33-56/lib/libc.so.6(abort+0x110)[0xf7a402fd]
/nix/store/j6gabyswcdzwhfyqjnqx5nsp35wywxld-glibc-i686-unknown-linux-gnu-2.33-56/lib/libc.so.6(+0x1a1e1)[0xf7a401e1]
/nix/store/j6gabyswcdzwhfyqjnqx5nsp35wywxld-glibc-i686-unknown-linux-gnu-2.33-56/lib/libc.so.6(+0x293c9)[0xf7a4f3c9]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm11PointerType3getEPNS_4TypeEj+0x4e1)[0x9011f81]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm14GlobalVariableC1ERNS_6ModuleEPNS_4TypeEbNS_11GlobalValue12LinkageTypesEPNS_8ConstantERKNS_5TwineEPS0_NS5_15ThreadLocalModeEjb+0x38)[0x8f87328]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x8754fd4]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x87578a2]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x875990b]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x8529c79]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x8b72e74]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm13FPPassManager13runOnFunctionERNS_8FunctionE+0x337)[0x8fccfc7]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm13FPPassManager11runOnModuleERNS_6ModuleE+0x3e)[0x8fcd61e]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm6legacy15PassManagerImpl3runERNS_6ModuleE+0x3ce)[0x8fcda2e]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN4llvm6legacy11PassManager3runERNS_6ModuleE+0x1f)[0x8fcdd3f]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x9861f88]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang17EmitBackendOutputERNS_17DiagnosticsEngineERKNS_19HeaderSearchOptionsERKNS_14CodeGenOptionsERKNS_13TargetOptionsERKNS_11LangOptionsERKN4llvm10DataLayoutEPNSE_6ModuleENS_13BackendActionESt10unique_ptrINSE_17raw_pwrite_streamESt14default_deleteISM_EE+0x35b)[0x986388b]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0xa49a11e]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang8ParseASTERNS_4SemaEbb+0x4a5)[0xaf27ee5]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang17ASTFrontendAction13ExecuteActionEv+0x6a)[0x9e2a7ba]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang13CodeGenAction13ExecuteActionEv+0xb1)[0xa497a71]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang14FrontendAction7ExecuteEv+0xc9)[0x9e2fb49]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang16CompilerInstance13ExecuteActionERNS_14FrontendActionE+0x1f6)[0x9de9ab6]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_ZN5clang25ExecuteCompilerInvocationEPNS_16CompilerInstanceE+0x860)[0x9ee8500]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_Z8cc1_mainN4llvm8ArrayRefIPKcEES2_Pv+0x4ff)[0x84dc49f]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10[0x84d980e]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(main+0x628)[0x846ec28]
/nix/store/j6gabyswcdzwhfyqjnqx5nsp35wywxld-glibc-i686-unknown-linux-gnu-2.33-56/lib/libc.so.6(__libc_start_main+0xe5)[0xf7a41905]
/nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin/clang-10(_start+0x32)[0x84d8a12]
clang-10: error: unable to execute command: Aborted (core dumped)
clang-10: error: clang frontend command failed due to signal (use -v to see invocation)
clang version 10.0.1 
Target: i686-unknown-linux-gnu
Thread model: posix
InstalledDir: /nix/store/ly8qpm2rf8ylm25wwpn85dhgi2pqa5r1-ropfuscator-i686-unknown-linux-gnu-0.1.0/bin
clang-10: note: diagnostic msg: PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace, preprocessed source, and associated run script.
clang-10: note: diagnostic msg: 
********************

PLEASE ATTACH THE FOLLOWING FILES TO THE BUG REPORT:
Preprocessed source(s) and associated run script(s) are located at:
clang-10: note: diagnostic msg: /tmp/nix-shell.D6RxYw/test-24c4e6.c
clang-10: note: diagnostic msg: /tmp/nix-shell.D6RxYw/test-24c4e6.sh
clang-10: note: diagnostic msg: 

********************

Source file:

#include <stdio.h>

int main () {}
@peperunas peperunas added the bug Something isn't working label Dec 14, 2021
@peperunas
Copy link
Contributor Author

@fnaka, I have tried to compile the hello world with ROPfuscator on LLVM 7 (see branch llvm7), same issue.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@peperunas