Back to index

apport  2.4
test_parse_segv.py
Go to the documentation of this file.
00001 import unittest, tempfile, sys, os.path
00002 
00003 datadir = os.environ.get('APPORT_DATA_DIR', '/usr/share/apport')
00004 sys.path.insert(0, os.path.join(datadir, 'general-hooks'))
00005 
00006 import parse_segv
00007 
00008 # Default global registers, maps, and disassembly for testing
00009 regs = '''eax            0xffffffff -1
00010 ecx            0xbfc6af40   -1077498048
00011 edx            0x1  1
00012 ebx            0x26eff4 2551796
00013 esp            0xbfc6af24   0xbfc6af24
00014 ebp            0xbfc6af28   0xbfc6af28
00015 esi            0x826bb60    136756064
00016 edi            0x8083480    134755456
00017 eip            0x808354e    0x808354e <main+14>
00018 eflags         0x200286 [ PF SF IF ID ]
00019 cs             0x73 115
00020 ss             0x7b 123
00021 ds             0x7b 123
00022 es             0x7b 123
00023 fs             0x4  4
00024 gs             0x33 51
00025 '''
00026 regs64 = '''rax            0xffffffffffffffff   -1
00027 rbx            0x26eff4 2551796
00028 rcx            0xffffffffffffffff   -1
00029 rdx            0xffffffffff600180   -10485376
00030 rsi            0x0  0
00031 rdi            0x7fffffffe3b0   140737488348080
00032 rbp            0x0  0x0
00033 rsp            0x0000bfc6af24   0x0000bfc6af24
00034 r8             0x0  0
00035 r9             0x0  0
00036 r10            0x7fffffffe140   140737488347456
00037 r11            0x246    582
00038 r12            0x7fffffffe400   140737488348160
00039 r13            0x7fffffffe468   140737488348264
00040 r14            0x1  1
00041 r15            0x7fffffffe460   140737488348256
00042 rip            0x7ffff790be10   0x7ffff790be10 <nanosleep+16>
00043 eflags         0x246    [ PF ZF IF ]
00044 cs             0x33 51
00045 ss             0x2b 43
00046 ds             0x0  0
00047 es             0x0  0
00048 fs             0x0  0
00049 gs             0x0  0
00050 fctrl          0x37f    895
00051 fstat          0x0  0
00052 ftag           0xffff   65535
00053 fiseg          0x0  0
00054 fioff          0x40303a 4206650
00055 foseg          0x0  0
00056 fooff          0x0  0
00057 fop            0x5d8    1496
00058 mxcsr          0x1f80   [ IM DM ZM OM UM PM ]
00059 '''
00060 maps = '''00110000-0026c000 r-xp 00000000 08:06 375131     /lib/tls/i686/cmov/libc-2.9.so
00061 0026c000-0026d000 ---p 0015c000 08:06 375131     /lib/tls/i686/cmov/libc-2.9.so
00062 0026d000-0026f000 r--p 0015c000 08:06 375131     /lib/tls/i686/cmov/libc-2.9.so
00063 0026f000-00270000 rw-p 0015e000 08:06 375131     /lib/tls/i686/cmov/libc-2.9.so
00064 00270000-00273000 rw-p 00000000 00:00 0
00065 002c1000-002e5000 r-xp 00000000 08:06 375135     /lib/tls/i686/cmov/libm-2.9.so
00066 002e5000-002e6000 r--p 00023000 08:06 375135     /lib/tls/i686/cmov/libm-2.9.so
00067 002e6000-002e7000 rw-p 00024000 08:06 375135     /lib/tls/i686/cmov/libm-2.9.so
00068 00318000-00334000 r-xp 00000000 08:06 977846     /lib/ld-2.9.so
00069 00334000-00335000 r--p 0001b000 08:06 977846     /lib/ld-2.9.so
00070 00335000-00336000 rw-p 0001c000 08:06 977846     /lib/ld-2.9.so
00071 0056e000-005a1000 r-xp 00000000 08:06 65575      /lib/libncurses.so.5.7
00072 005a1000-005a3000 r--p 00033000 08:06 65575      /lib/libncurses.so.5.7
00073 005a3000-005a4000 rw-p 00035000 08:06 65575      /lib/libncurses.so.5.7
00074 00b67000-00b68000 r-xp 00000000 00:00 0          [vdso]
00075 00bb6000-00bcb000 r-xp 00000000 08:06 375202     /lib/tls/i686/cmov/libpthread-2.9.so
00076 00bcb000-00bcc000 r--p 00014000 08:06 375202     /lib/tls/i686/cmov/libpthread-2.9.so
00077 00bcc000-00bcd000 rw-p 00015000 08:06 375202     /lib/tls/i686/cmov/libpthread-2.9.so
00078 00bcd000-00bcf000 rw-p 00000000 00:00 0
00079 00beb000-00bed000 r-xp 00000000 08:06 375134     /lib/tls/i686/cmov/libdl-2.9.so
00080 00bed000-00bee000 r--p 00001000 08:06 375134     /lib/tls/i686/cmov/libdl-2.9.so
00081 00bee000-00bef000 rw-p 00002000 08:06 375134     /lib/tls/i686/cmov/libdl-2.9.so
00082 00c56000-00c7a000 r-xp 00000000 08:06 1140420    /usr/lib/libexpat.so.1.5.2
00083 00c7a000-00c7c000 r--p 00023000 08:06 1140420    /usr/lib/libexpat.so.1.5.2
00084 00c7c000-00c7d000 rw-p 00025000 08:06 1140420    /usr/lib/libexpat.so.1.5.2
00085 00dce000-00dfa000 r-xp 00000000 08:06 65612      /lib/libreadline.so.5.2
00086 00dfa000-00dfb000 ---p 0002c000 08:06 65612      /lib/libreadline.so.5.2
00087 00dfb000-00dfc000 r--p 0002c000 08:06 65612      /lib/libreadline.so.5.2
00088 00dfc000-00dff000 rw-p 0002d000 08:06 65612      /lib/libreadline.so.5.2
00089 00dff000-00e00000 rw-p 00000000 00:00 0
00090 08048000-0831c000 r-xp 00000000 08:06 1140349    /usr/bin/gdb
00091 0831c000-0831d000 r--p 002d3000 08:06 1140349    /usr/bin/gdb
00092 0831d000-08325000 rw-p 002d4000 08:06 1140349    /usr/bin/gdb
00093 08325000-0833f000 rw-p 00000000 00:00 0
00094 b8077000-b807a000 rw-p 00000000 00:00 0
00095 b8096000-b8098000 rw-p 00000000 00:00 0
00096 bfc57000-bfc6c000 rw-p 00000000 00:00 0          [stack]
00097 '''
00098 disasm = '''0x08083540 <main+0>:    lea    0x4(%esp),%ecx
00099 0x08083544 <main+4>:    and    $0xfffffff0,%esp
00100 0x08083547 <main+7>:    pushl  -0x4(%ecx)
00101 0x0808354a <main+10>:   push   %ebp
00102 0x0808354b <main+11>:   mov    %esp,%ebp
00103 0x0808354d <main+13>:   push   %ecx
00104 0x0808354e <main+14>:   sub    $0x14,%esp
00105 0x08083551 <main+17>:   mov    (%ecx),%eax
00106 0x08083553 <main+19>:   mov    0x4(%ecx),%edx
00107 0x08083556 <main+22>:   lea    -0x14(%ebp),%ecx
00108 0x08083559 <main+25>:   movl   $0x0,-0xc(%ebp)
00109 0x08083560 <main+32>:   movl   $0x826bc68,-0x8(%ebp)
00110 0x08083567 <main+39>:   mov    %eax,-0x14(%ebp)
00111 0x0808356a <main+42>:   mov    %edx,-0x10(%ebp)
00112 0x0808356d <main+45>:   mov    %ecx,(%esp)
00113 0x08083570 <main+48>:   call   0x8083580 <gdb_main>
00114 0x08083575 <main+53>:   add    $0x14,%esp
00115 0x08083578 <main+56>:   pop    %ecx
00116 0x08083579 <main+57>:   pop    %ebp
00117 0x0808357a <main+58>:   lea    -0x4(%ecx),%esp
00118 0x0808357d <main+61>:   ret
00119 '''
00120 
00121 
00122 class T(unittest.TestCase):
00123     '''Test Segfault Parser'''
00124 
00125     def test_invalid_00_registers(self):
00126         '''Require valid registers'''
00127 
00128         regs = 'a 0x10\nb !!!\n'
00129         self.assertRaises(ValueError, parse_segv.ParseSegv, regs, '', '')
00130         try:
00131             segv = parse_segv.ParseSegv(regs, '', '')
00132         except ValueError as e:
00133             self.assertTrue('invalid literal for int()' in str(e), str(e))
00134 
00135         regs = 'a 0x10'
00136         disasm = '0x08083540 <main+0>:    lea    0x4(%esp),%ecx\n'
00137         segv = parse_segv.ParseSegv(regs, disasm, '')
00138         self.assertEqual(segv.regs['a'], 0x10, segv)
00139 
00140         segv.regs = None
00141         self.assertRaises(ValueError, segv.parse_disassembly, '')
00142 
00143     def test_invalid_01_disassembly(self):
00144         '''Require valid disassembly'''
00145         regs = 'a 0x10'
00146 
00147         disasm = ''
00148         self.assertRaises(ValueError, parse_segv.ParseSegv, regs, disasm, '')
00149 
00150         disasm = 'Dump ...'
00151         self.assertRaises(ValueError, parse_segv.ParseSegv, regs, disasm, '')
00152 
00153         disasm = 'Dump ...\nmonkey'
00154         self.assertRaises(ValueError, parse_segv.ParseSegv, regs, disasm, '')
00155 
00156         disasm = 'monkey'
00157         self.assertRaises(ValueError, parse_segv.ParseSegv, regs, disasm, '')
00158 
00159         disasm = '0x1111111111: Cannot access memory at address 0x1111111111\n'
00160         segv = parse_segv.ParseSegv(regs, disasm, '')
00161         self.assertEqual(segv.pc, 0x1111111111, segv.pc)
00162         self.assertEqual(segv.insn, None, segv.insn)
00163         self.assertEqual(segv.src, None, segv.src)
00164         self.assertEqual(segv.dest, None, segv.dest)
00165 
00166         disasm = '0x2111111111: \n'
00167         segv = parse_segv.ParseSegv(regs, disasm, '')
00168         self.assertEqual(segv.pc, 0x2111111111, segv.pc)
00169         self.assertEqual(segv.insn, None, segv.insn)
00170         self.assertEqual(segv.src, None, segv.src)
00171         self.assertEqual(segv.dest, None, segv.dest)
00172 
00173         disasm = '0x8069ff0 <fopen@plt+132220>: cmpb   $0x0,(%eax,%ebx,1)\n'
00174         segv = parse_segv.ParseSegv(regs, disasm, '')
00175         self.assertEqual(segv.pc, 0x8069ff0, segv.pc)
00176         self.assertEqual(segv.insn, 'cmpb', segv.insn)
00177         self.assertEqual(segv.src, '$0x0', segv.src)
00178         self.assertEqual(segv.dest, '(%eax,%ebx,1)', segv.dest)
00179 
00180         disasm = '0xb765bb48 <_XSend+440>:  call   *0x40(%edi)\n'
00181         segv = parse_segv.ParseSegv(regs, disasm, '')
00182         self.assertEqual(segv.pc, 0xb765bb48, segv.pc)
00183         self.assertEqual(segv.insn, 'call', segv.insn)
00184         self.assertEqual(segv.src, '*0x40(%edi)', segv.src)
00185         self.assertEqual(segv.dest, None, segv.dest)
00186 
00187         disasm = '0xb7aae5a0:   call   0xb7a805af <_Unwind_Find_FDE@plt+111>\n'
00188         segv = parse_segv.ParseSegv(regs, disasm, '')
00189         self.assertEqual(segv.pc, 0xb7aae5a0, segv.pc)
00190         self.assertEqual(segv.insn, 'call', segv.insn)
00191         self.assertEqual(segv.src, '0xb7a805af', segv.src)
00192         self.assertEqual(segv.dest, None, segv.dest)
00193 
00194         disasm = '0x09083540:    mov    0x4(%esp),%es:%ecx\n'
00195         segv = parse_segv.ParseSegv(regs, disasm, '')
00196         self.assertEqual(segv.pc, 0x09083540, segv.pc)
00197         self.assertEqual(segv.insn, 'mov', segv.insn)
00198         self.assertEqual(segv.src, '0x4(%esp)', segv.src)
00199         self.assertEqual(segv.dest, '%es:%ecx', segv.dest)
00200 
00201         disasm = '0x08083540 <main+0>:    lea    0x4(%esp),%ecx\n'
00202         segv = parse_segv.ParseSegv(regs, disasm, '')
00203         self.assertEqual(segv.pc, 0x08083540, segv.pc)
00204         self.assertEqual(segv.insn, 'lea', segv.insn)
00205         self.assertEqual(segv.src, '0x4(%esp)', segv.src)
00206         self.assertEqual(segv.dest, '%ecx', segv.dest)
00207 
00208         disasm = '''0x404127 <exo_mount_hal_device_mount+167>:
00209     repz cmpsb %es:(%rdi),%ds:(%rsi)\n'''
00210         segv = parse_segv.ParseSegv(regs, disasm, '')
00211         self.assertEqual(segv.pc, 0x0404127, segv.pc)
00212         self.assertEqual(segv.insn, 'repz cmpsb', segv.insn)
00213         self.assertEqual(segv.src, '%es:(%rdi)', segv.src)
00214         self.assertEqual(segv.dest, '%ds:(%rsi)', segv.dest)
00215 
00216         disasm = '0xb031765a <hufftab16+570>: add    0x3430433,%eax'
00217         segv = parse_segv.ParseSegv(regs, disasm, '')
00218         self.assertEqual(segv.pc, 0xb031765a, segv.pc)
00219         self.assertEqual(segv.insn, 'add', segv.insn)
00220         self.assertEqual(segv.src, '0x3430433', segv.src)
00221         self.assertEqual(segv.dest, '%eax', segv.dest)
00222 
00223         disasm = 'Dump ...\n0x08083540 <main+0>:    lea    0x4(%esp),%ecx\n'
00224         segv = parse_segv.ParseSegv(regs, disasm, '')
00225         self.assertEqual(segv.pc, 0x08083540, segv.pc)
00226         self.assertEqual(segv.insn, 'lea', segv.insn)
00227         self.assertEqual(segv.src, '0x4(%esp)', segv.src)
00228         self.assertEqual(segv.dest, '%ecx', segv.dest)
00229 
00230         disasm = '0x08083550 <main+0>:    nop\n'
00231         segv = parse_segv.ParseSegv(regs, disasm, '')
00232         self.assertEqual(segv.pc, 0x08083550, segv.pc)
00233         self.assertEqual(segv.insn, 'nop', segv.insn)
00234         self.assertEqual(segv.src, None, segv.src)
00235         self.assertEqual(segv.dest, None, segv.dest)
00236 
00237         regs = 'esp 0x444'
00238         disasm = '0x08083560 <main+0>:    push %ecx\n'
00239         segv = parse_segv.ParseSegv(regs, disasm, '')
00240         self.assertEqual(segv.pc, 0x08083560, segv.pc)
00241         self.assertEqual(segv.insn, 'push', segv.insn)
00242         self.assertEqual(segv.src, '%ecx', segv.src)
00243         self.assertEqual(segv.dest, '(%esp)', segv.dest)
00244 
00245         # GDB 7.1
00246         regs = 'esp 0x444'
00247         disasm = '=> 0x08083560 <main+0>:    push %ecx\n'
00248         segv = parse_segv.ParseSegv(regs, disasm, '')
00249         self.assertEqual(segv.pc, 0x08083560, segv.pc)
00250         self.assertEqual(segv.insn, 'push', segv.insn)
00251         self.assertEqual(segv.src, '%ecx', segv.src)
00252         self.assertEqual(segv.dest, '(%esp)', segv.dest)
00253 
00254     def test_ioport_operation(self):
00255         '''I/O port violations'''
00256 
00257         regs = 'rax            0x3  3'
00258         disasm = '''0x4087f1 <snd_pcm_hw_params_set_channels_near@plt+19345>:
00259     out    %al,$0xb3
00260 '''
00261         maps = '''00400000-00412000 r-xp 00000000 08:04 10371157                           /usr/sbin/pommed
00262 00611000-00614000 rw-p 00011000 08:04 10371157                           /usr/sbin/pommed
00263 00614000-00635000 rw-p 00614000 00:00 0                                  [heap]
00264 '''
00265         segv = parse_segv.ParseSegv(regs, disasm, maps)
00266         self.assertEqual(segv.pc, 0x4087f1, segv.pc)
00267         self.assertEqual(segv.insn, 'out', segv.insn)
00268         self.assertEqual(segv.src, '%al', segv.src)
00269         self.assertEqual(segv.dest, '$0xb3', segv.dest)
00270 
00271         understood, reason, details = segv.report()
00272         self.assertTrue(understood, details)
00273         self.assertTrue('disallowed I/O port operation on port 3' in reason, reason)
00274 
00275     def test_invalid_02_maps(self):
00276         '''Require valid maps'''
00277         regs = 'a 0x10'
00278         disasm = 'Dump ...\n0x08083540 <main+0>:    lea    0x4(%esp),%ecx\n'
00279 
00280         maps = 'asdlkfjaadf'
00281         self.assertRaises(ValueError, parse_segv.ParseSegv, regs, disasm, maps)
00282 
00283         maps = '''005a3000-005a4000 rw-p 00035000 08:06 65575      /lib/libncurses.so.5.7
00284 00b67000-00b68000 r-xp 00000000 00:00 0          [vdso]
00285 00c67000-00c68000 r--p 00000000 00:00 0 '''
00286         segv = parse_segv.ParseSegv(regs, disasm, maps)
00287         self.assertEqual(segv.maps[0]['start'], 0x005a3000, segv)
00288         self.assertEqual(segv.maps[0]['end'], 0x005a4000, segv)
00289         self.assertEqual(segv.maps[0]['perms'], 'rw-p', segv)
00290         self.assertEqual(segv.maps[0]['name'], '/lib/libncurses.so.5.7', segv)
00291 
00292         self.assertEqual(segv.maps[1]['start'], 0x00b67000, segv)
00293         self.assertEqual(segv.maps[1]['end'], 0x00b68000, segv)
00294         self.assertEqual(segv.maps[1]['perms'], 'r-xp', segv)
00295         self.assertEqual(segv.maps[1]['name'], '[vdso]', segv)
00296 
00297         self.assertEqual(segv.maps[2]['start'], 0x00c67000, segv)
00298         self.assertEqual(segv.maps[2]['end'], 0x00c68000, segv)
00299         self.assertEqual(segv.maps[2]['perms'], 'r--p', segv)
00300         self.assertEqual(segv.maps[2]['name'], None, segv)
00301 
00302     def test_debug(self):
00303         '''Debug mode works'''
00304 
00305         regs = 'a 0x10'
00306         disasm = 'Dump ...\n0x08083540 <main+0>:    lea    0x4(%esp),%ecx\n'
00307         maps = '''005a3000-005a4000 rw-p 00035000 08:06 65575      /lib/libncurses.so.5.7
00308 00b67000-00b68000 r-xp 00000000 00:00 0          [vdso]
00309 00c67000-00c68000 r--p 00000000 00:00 0 '''
00310 
00311         sys.stderr = tempfile.NamedTemporaryFile(prefix='parse_segv-stderr-')
00312         segv = parse_segv.ParseSegv(regs, disasm, maps, debug=True)
00313         self.assertTrue(segv is not None, segv)
00314 
00315     def test_register_values(self):
00316         '''Sub-register parsing'''
00317 
00318         disasm = '''0x08083540 <main+0>:    mov    $1,%ecx'''
00319         segv = parse_segv.ParseSegv(regs64, disasm, '')
00320 
00321         val = segv.register_value('%rdx')
00322         self.assertEqual(val, 0xffffffffff600180, hex(val))
00323         val = segv.register_value('%edx')
00324         self.assertEqual(val, 0xff600180, hex(val))
00325         val = segv.register_value('%dx')
00326         self.assertEqual(val, 0x0180, hex(val))
00327         val = segv.register_value('%dl')
00328         self.assertEqual(val, 0x80, hex(val))
00329 
00330     def test_segv_unknown(self):
00331         '''Handles unknown segfaults'''
00332 
00333         disasm = '''0x08083540 <main+0>:    mov    $1,%ecx'''
00334         segv = parse_segv.ParseSegv(regs, disasm, maps)
00335         understood, reason, details = segv.report()
00336         self.assertFalse(understood, details)
00337 
00338         # Verify calculations
00339         self.assertEqual(segv.calculate_arg('(%ecx)'), 0xbfc6af40, segv.regs['ecx'])
00340         self.assertEqual(segv.calculate_arg('0x10(%ecx)'), 0xbfc6af50, segv.regs['ecx'])
00341         self.assertEqual(segv.calculate_arg('-0x20(%ecx)'), 0xbfc6af20, segv.regs['ecx'])
00342         self.assertEqual(segv.calculate_arg('%fs:(%ecx)'), 0xbfc6af44, segv.regs['ecx'])
00343         self.assertEqual(segv.calculate_arg('0x3404403'), 0x3404403, '0x3404403')
00344         self.assertEqual(segv.calculate_arg('*0x40(%edi)'), 0x80834c0, segv.regs['edi'])
00345         self.assertEqual(segv.calculate_arg('(%edx,%ebx,1)'), 0x26eff5, segv.regs['ebx'])
00346         self.assertEqual(segv.calculate_arg('(%eax,%ebx,1)'), 0x26eff3, segv.regs['ebx'])
00347         self.assertEqual(segv.calculate_arg('0x10(,%ebx,1)'), 0x26f004, segv.regs['ebx'])
00348 
00349         # Again, but 64bit
00350         disasm = '''0x08083540 <main+0>:    mov    $1,%rcx'''
00351         segv = parse_segv.ParseSegv(regs64, disasm, maps)
00352         understood, reason, details = segv.report()
00353         self.assertFalse(understood, details)
00354 
00355         self.assertEqual(segv.calculate_arg('(%rax,%rbx,1)'), 0x26eff3, segv.regs['rbx'])
00356 
00357     def test_segv_pc_missing(self):
00358         '''Handles PC in missing VMA'''
00359 
00360         disasm = '''0x00083540 <main+0>:    lea    0x4(%esp),%ecx'''
00361         segv = parse_segv.ParseSegv(regs, disasm, maps)
00362         understood, reason, details = segv.report()
00363         self.assertTrue(understood, details)
00364         self.assertTrue('PC (0x00083540) not located in a known VMA region' in details, details)
00365         self.assertTrue('executing unknown VMA' in reason, reason)
00366 
00367         disasm = '''0x00083544:'''
00368         segv = parse_segv.ParseSegv(regs, disasm, maps)
00369         understood, reason, details = segv.report()
00370         self.assertTrue(understood, details)
00371         self.assertTrue('PC (0x00083544) not located in a known VMA region' in details, details)
00372         self.assertTrue('executing unknown VMA' in reason, reason)
00373 
00374     def test_segv_pc_null(self):
00375         '''Handles PC in NULL VMA'''
00376 
00377         disasm = '''0x00000540 <main+0>:    lea    0x4(%esp),%ecx'''
00378         segv = parse_segv.ParseSegv(regs, disasm, maps)
00379         understood, reason, details = segv.report()
00380         self.assertTrue(understood, details)
00381         self.assertTrue('PC (0x00000540) not located in a known VMA region' in details, details)
00382         self.assertTrue('executing NULL VMA' in reason, reason)
00383 
00384     def test_segv_pc_nx_writable(self):
00385         '''Handles PC in writable NX VMA'''
00386 
00387         disasm = '''0x005a3000 <main+0>:    lea    0x4(%esp),%ecx'''
00388         segv = parse_segv.ParseSegv(regs, disasm, maps)
00389         understood, reason, details = segv.report()
00390         self.assertTrue(understood, details)
00391         self.assertTrue('PC (0x005a3000) in non-executable VMA region:' in details, details)
00392         self.assertTrue('executing writable VMA /lib/libncurses.so.5.7' in reason, reason)
00393 
00394     def test_segv_pc_nx_unwritable(self):
00395         '''Handles PC in non-writable NX VMA'''
00396 
00397         disasm = '''0x00dfb000 <main+0>:    lea    0x4(%esp),%ecx'''
00398         segv = parse_segv.ParseSegv(regs, disasm, maps)
00399         understood, reason, details = segv.report()
00400         self.assertTrue(understood, details)
00401         self.assertTrue('PC (0x00dfb000) in non-executable VMA region:' in details, details)
00402         self.assertTrue('executing non-writable VMA /lib/libreadline.so.5.2' in reason, reason)
00403 
00404     def test_segv_src_missing(self):
00405         '''Handles source in missing VMA'''
00406 
00407         reg = regs + 'ecx            0x0006af24   0xbfc6af24'
00408         disasm = '0x08083547 <main+7>:    pushl  -0x4(%ecx)'
00409 
00410         # Valid crash
00411         segv = parse_segv.ParseSegv(reg, disasm, maps)
00412         understood, reason, details = segv.report()
00413         self.assertTrue(understood, details)
00414         self.assertTrue('source "-0x4(%ecx)" (0x0006af20) not located in a known VMA region' in details, details)
00415         self.assertTrue('reading unknown VMA' in reason, reason)
00416 
00417         # Valid crash
00418         disasm = '0x08083547 <main+7>:    callq  *%ecx'
00419         segv = parse_segv.ParseSegv(reg, disasm, maps)
00420         understood, reason, details = segv.report()
00421         self.assertTrue(understood, details)
00422         self.assertTrue('source "*%ecx" (0x0006af24) not located in a known VMA region' in details, details)
00423         self.assertTrue('reading unknown VMA' in reason, reason)
00424 
00425     def test_segv_src_null(self):
00426         '''Handles source in NULL VMA'''
00427 
00428         reg = regs + 'ecx            0x00000024   0xbfc6af24'
00429         disasm = '0x08083547 <main+7>:    pushl  -0x4(%ecx)'
00430 
00431         segv = parse_segv.ParseSegv(reg, disasm, maps)
00432         understood, reason, details = segv.report()
00433         self.assertTrue(understood, details)
00434         self.assertTrue('source "-0x4(%ecx)" (0x00000020) not located in a known VMA region' in details, details)
00435         self.assertTrue('reading NULL VMA' in reason, reason)
00436 
00437     def test_segv_src_not_readable(self):
00438         '''Handles source not in readable VMA'''
00439 
00440         reg = regs + 'ecx            0x0026c080   0xbfc6af24'
00441         disasm = '0x08083547 <main+7>:    pushl  -0x4(%ecx)'
00442         segv = parse_segv.ParseSegv(reg, disasm, maps)
00443         understood, reason, details = segv.report()
00444         self.assertTrue(understood, details)
00445         self.assertTrue('source "-0x4(%ecx)" (0x0026c07c) in non-readable VMA region:' in details, details)
00446         self.assertTrue('reading VMA /lib/tls/i686/cmov/libc-2.9.so' in reason, reason)
00447         self.assertFalse('Stack memory exhausted' in details, details)
00448         self.assertFalse('Stack pointer not within stack segment' in details, details)
00449 
00450     def test_segv_dest_missing(self):
00451         '''Handles destintation in missing VMA'''
00452 
00453         reg = regs + 'esp            0x0006af24   0xbfc6af24'
00454         disasm = '0x08083547 <main+7>:    pushl  -0x4(%ecx)'
00455 
00456         segv = parse_segv.ParseSegv(reg, disasm, maps)
00457         understood, reason, details = segv.report()
00458         self.assertTrue(understood, details)
00459         self.assertTrue('destination "(%esp)" (0x0006af24) not located in a known VMA region' in details, details)
00460         self.assertTrue('writing unknown VMA' in reason, reason)
00461 
00462     def test_segv_dest_null(self):
00463         '''Handles destintation in NULL VMA'''
00464 
00465         reg = regs + 'esp            0x00000024   0xbfc6af24'
00466         disasm = '0x08083547 <main+7>:    pushl  -0x4(%ecx)'
00467 
00468         segv = parse_segv.ParseSegv(reg, disasm, maps)
00469         understood, reason, details = segv.report()
00470         self.assertTrue(understood, details)
00471         self.assertTrue('destination "(%esp)" (0x00000024) not located in a known VMA region' in details, details)
00472         self.assertTrue('writing NULL VMA' in reason, reason)
00473 
00474     def test_segv_dest_not_writable(self):
00475         '''Handles destination not in writable VMA'''
00476 
00477         reg = regs + 'esp            0x08048080   0xbfc6af24'
00478         disasm = '0x08083547 <main+7>:    pushl  -0x4(%ecx)'
00479         segv = parse_segv.ParseSegv(reg, disasm, maps)
00480         understood, reason, details = segv.report()
00481         self.assertTrue(understood, details)
00482         self.assertTrue('destination "(%esp)" (0x08048080) in non-writable VMA region:' in details, details)
00483         self.assertTrue('writing VMA /usr/bin/gdb' in reason, reason)
00484 
00485     def test_segv_crackful_disasm(self):
00486         '''Rejects insane disassemblies'''
00487 
00488         disasm = '0x08083547 <main+7>:    pushl  -0x4(blah)'
00489         segv = parse_segv.ParseSegv(regs, disasm, maps)
00490         self.assertRaises(ValueError, segv.report)
00491 
00492         disasm = '0x08083547 <main+7>:    pushl  -04(%ecx)'
00493         segv = parse_segv.ParseSegv(regs, disasm, maps)
00494         self.assertRaises(ValueError, segv.report)
00495 
00496     def test_segv_stack_failure(self):
00497         '''Handles walking off the stack'''
00498 
00499         # Triggered via "push"
00500         reg = regs + 'esp            0xbfc56ff0   0xbfc56ff0'
00501         disasm = '0x08083547 <main+7>:    push  %eax'
00502         segv = parse_segv.ParseSegv(reg, disasm, maps)
00503         understood, reason, details = segv.report()
00504         self.assertTrue(understood, details)
00505         self.assertTrue('destination "(%esp)" (0xbfc56ff0) not located in a known VMA region (needed writable region)!' in details, details)
00506 
00507         # Triggered via "call"
00508         reg = regs + 'esp            0xbfc56fff   0xbfc56fff'
00509         disasm = '0x08083547 <main+7>:    callq  0x08083540'
00510         segv = parse_segv.ParseSegv(reg, disasm, maps)
00511         understood, reason, details = segv.report()
00512         self.assertTrue(understood, details)
00513         self.assertTrue('destination "(%esp)" (0xbfc56fff) not located in a known VMA region (needed writable region)!' in details, details)
00514         self.assertTrue('Stack memory exhausted' in details, details)
00515 
00516         # Triggered via unknown reason
00517         reg = regs + 'esp            0xdfc56000   0xdfc56000'
00518         disasm = '''0x08083540 <main+0>:    mov    $1,%rcx'''
00519         segv = parse_segv.ParseSegv(reg, disasm, maps)
00520         understood, reason, details = segv.report()
00521         self.assertTrue(understood, details)
00522         self.assertTrue('SP (0xdfc56000) not located in a known VMA region (needed readable region)!' in details, details)
00523         self.assertTrue('Stack pointer not within stack segment' in details, details)
00524 
00525     def test_segv_stack_kernel_segfault(self):
00526         '''Handles unknown segfaults in kernel'''
00527 
00528         # Crash in valid code path
00529         disasm = '''0x0056e010: ret'''
00530         segv = parse_segv.ParseSegv(regs, disasm, maps)
00531         understood, reason, details = segv.report()
00532         self.assertFalse(understood, details)
00533         self.assertTrue('Reason could not be automatically determined.' in details, details)
00534         self.assertFalse('(Unhandled exception in kernel code?)' in details, details)
00535 
00536         # Crash from kernel code path
00537         disasm = '''0x00b67422 <__kernel_vsyscall+2>: ret'''
00538         segv = parse_segv.ParseSegv(regs, disasm, maps)
00539         understood, reason, details = segv.report()
00540         self.assertFalse(understood, details)
00541         self.assertTrue('Reason could not be automatically determined. (Unhandled exception in kernel code?)' in details, details)
00542 
00543 
00544 unittest.main()