8000 Segfault in `DeviceManager` `stop_service` · Issue #1161 · frida/frida-core · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content
Segfault in DeviceManager stop_service #1161
New issue
New issue
Open
Open
Segfault in DeviceManager stop_service#1161
@WorksButNotTested

Description

@WorksButNotTested
WorksButNotTested
opened on Apr 17, 2025

Looks like service is null here. Adding a guard seems to alleviate the problem, though this may not be the correct fix.

To reproduce clone frida-core. Then...

  1. Start a container with the build tools:
$ docker run -ti --name armb64be --rm -v .:/home/share ghcr.io/frida/x-tools-linux-arm64be
  1. Inside the container build frida-core
$ cd /home/share/
$ ./configure --host=$XTOOLS_HOST --without-prebuilds=sdk:host --enable-tests --enable-symbols
$ make
  1. Start a container with the emulator target
$ docker run -ti --rm --name be-target  -v .:/home/share ghcr.io/frida/x-tools-linux-be-target
  1. Inside the container run the tests
$ cd /home/share/build/tests/
$ ./frida-tests

Adding a printf (and guard) near the offending line...

stdout.printf("service %p\n", (void*) service);

And running the tests gives the following output...

ok 5 /Agent/Script/load-and-receive-messages
<got 11165696 bytes or 2726 messages in 1.056801 seconds> ok 6 /Agent/Script/performance
# End of Script tests
# End of Agent tests
# Start of Gadget tests
# Start of Standalone tests
<skipping, test only available on i/macOS for now> ok 7 /Gadget/Standalone/load-script
# End of Standalone tests
# End of Gadget tests
# Start of HostSession tests


***************************
UH-OH, RESOURCE LEAK FOUND!
***************************

TYPE    BEFORE  AFTER
memory  1880064 2007040

service 0xffff7c027f70
ok 8 /HostSession/resource-leaks
service (nil)
ok 9 /HostSession/start-stop-fast
# Start of Service tests
ok 10 /HostSession/Service/provider-available
ok 11 /HostSession/Service/provider-unavailable
# End of Service tests
# Start of Manual tests

...

# Start of ChildGating tests
service 0xf291be58
ok 19 /HostSession/Linux/ChildGating/fork
service 0xf2938aa0
ok 20 /HostSession/Linux/ChildGating/fork+execl
service 0xf2938728
ok 21 /HostSession/Linux/ChildGating/fork+execlp
service 0xf2913c28
ok 22 /HostSession/Linux/ChildGating/fork+execle
service 0xf4f02308
ok 23 /HostSession/Linux/ChildGating/fork+execv
service 0x3c88528
ok 24 /HostSession/Linux/ChildGating/fork+execvp
service 0xf2938908
ok 25 /HostSession/Linux/ChildGating/fork+execve
service 0xf29065c8
ok 26 /HostSession/Linux/ChildGating/fork+execvpe
service 0xf29067b8
ok 27 /HostSession/Linux/ChildGating/vfork+execl
service 0x3c4d480
ok 28 /HostSession/Linux/ChildGating/vfork+execlp
service 0xf29063b8
ok 29 /HostSession/Linux/ChildGating/vfork+execle
service 0x3c88110
ok 30 /HostSession/Linux/ChildGating/vfork+execv
service 0xf2913788
ok 31 /HostSession/Linux/ChildGating/vfork+execvp
service 0xf2913a50
ok 32 /HostSession/Linux/ChildGating/vfork+execve
service 0xf29137d0
ok 33 /HostSession/Linux/ChildGating/vfork+execvpe
service 0xf2913e38
ok 34 /HostSession/Linux/ChildGating/bad-exec
service 0xf4f01c70

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions
      0