Last active
June 5, 2025 13:11
-
-
Save defanator/1f9c2136b84035cd25cad7bdaacf2300 to your computer and use it in GitHub Desktop.
watchmaker on 5.15.0-1083-aws aarch64 (abi.ptrauth_disabled=1), AWS t4g.medium
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ gdb ./clock_gettime /tmp/3472.core | |
| GNU gdb (Ubuntu 9.2-0ubuntu1~20.04.2) 9.2 | |
| Copyright (C) 2020 Free Software Foundation, Inc. | |
| License GPLv3+: GNU GPL version 3 or later <http://gnu.org/licenses/gpl.html> | |
| This is free software: you are free to change and redistribute it. | |
| There is NO WARRANTY, to the extent permitted by law. | |
| Type "show copying" and "show warranty" for details. | |
| This GDB was configured as "aarch64-linux-gnu". | |
| Type "show configuration" for configuration details. | |
| For bug reporting instructions, please see: | |
| <http://www.gnu.org/software/gdb/bugs/>. | |
| Find the GDB manual and other documentation resources online at: | |
| <http://www.gnu.org/software/gdb/documentation/>. | |
| For help, type "help". | |
| Type "apropos word" to search for commands related to "word"... | |
| Reading symbols from ./clock_gettime... | |
| (No debugging symbols found in ./clock_gettime) | |
| [New LWP 3472] | |
| Core was generated by `./clock_gettime'. | |
| Program terminated with signal SIGSEGV, Segmentation fault. | |
| #0 0x0000ffff9c3c401c in ?? () | |
| (gdb) bt | |
| #0 0x0000ffff9c3c401c in ?? () | |
| Backtrace stopped: previous frame identical to this frame (corrupt stack?) | |
| (gdb) x/10x 0x0000ffff9c3c401c | |
| 0xffff9c3c401c: 0xf9000521 0x93407c42 0xf9400021 0xea01005f | |
| 0xffff9c3c402c: 0x54000400 0x90000502 0x90000561 0xf94004e6 | |
| 0xffff9c3c403c: 0xd2994005 0xf9000582 | |
| (gdb) |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ cat /proc/cpuinfo | |
| processor : 0 | |
| BogoMIPS : 243.75 | |
| Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp | |
| CPU implementer : 0x41 | |
| CPU architecture: 8 | |
| CPU variant : 0x3 | |
| CPU part : 0xd0c | |
| CPU revision : 1 | |
| processor : 1 | |
| BogoMIPS : 243.75 | |
| Features : fp asimd evtstrm aes pmull sha1 sha2 crc32 atomics fphp asimdhp cpuid asimdrdm lrcpc dcpop asimddp | |
| CPU implementer : 0x41 | |
| CPU architecture: 8 | |
| CPU variant : 0x3 | |
| CPU part : 0xd0c | |
| CPU revision : 1 |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ sudo ./bin/watchmaker_linux_arm64 --pid 3472 --faketime +300 | |
| 2025/06/05 12:45:54 watchmaker.go:44: pid: 3472 faketime: +300 clockids: CLOCK_REALTIME | |
| 2025/06/05 12:45:54 watchmaker.go:60: modifying time, pid: 3472 | |
| 2025/06/05 12:45:54 time_skew_linux.go:114: [INJECT DEBUG] Starting injection for PID 3472 with delta: 0s, 300000000000ns, clockMask: 0x1 | |
| 2025/06/05 12:45:54 time_skew_linux.go:117: [INJECT DEBUG] Injecting time() function... | |
| 2025/06/05 12:45:54 fake_image_linux.go:38: [DEBUG] AttachToProcess: Starting for time, PID: 3472, variables: 2, offsets: 2 | |
| 2025/06/05 12:45:54 fake_image_linux.go:39: [DEBUG] AttachToProcess: Variables requested: map[TV_NSEC_DELTA:300000000000 TV_SEC_DELTA:0] | |
| 2025/06/05 12:45:54 fake_image_linux.go:40: [DEBUG] AttachToProcess: Offsets available: map[TV_NSEC_DELTA:156 TV_SEC_DELTA:172] | |
| 2025/06/05 12:45:54 fake_image_linux.go:74: [DEBUG] AttachToProcess: No existing injection found, injecting new fake image for time | |
| 2025/06/05 12:45:54 ptrace_linux.go:211: [MMAP DEBUG] Attempting mmap: length=188, fd=0, syscall_nr=222 | |
| 2025/06/05 12:45:54 ptrace_linux.go:216: [MMAP DEBUG] Using aligned length: 4096 (original: 188) | |
| 2025/06/05 12:45:54 ptrace_linux.go:224: [MMAP DEBUG] Strategy 1 failed: mmap returned NULL address, result=0x0 | |
| 2025/06/05 12:45:54 ptrace_linux.go:233: [MMAP DEBUG] Strategy 2 (larger allocation) succeeded: address=0xffff9c3c6000, allocated=8192 | |
| 2025/06/05 12:45:54 fake_image_linux.go:173: [INJECT DEBUG] Flushing instruction cache for fake image at 0xffff9c3c6000, size: 188 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c6000, size=188 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c6000, 188) -> aligned(0xffff9c3c6000, 192) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux.go:456: [SYMBOL DEBUG] Looking for symbol 'time', trying variants: [time __kernel_time] | |
| 2025/06/05 12:45:54 ptrace_linux.go:470: [SYMBOL DEBUG] Symbol 'time' not found. Available symbols: | |
| 2025/06/05 12:45:54 ptrace_linux.go:473: [SYMBOL DEBUG] - LINUX_2.6.39 | |
| 2025/06/05 12:45:54 ptrace_linux.go:473: [SYMBOL DEBUG] - __kernel_clock_getres | |
| 2025/06/05 12:45:54 ptrace_linux.go:473: [SYMBOL DEBUG] - __kernel_rt_sigreturn | |
| 2025/06/05 12:45:54 ptrace_linux.go:473: [SYMBOL DEBUG] - __kernel_gettimeofday | |
| 2025/06/05 12:45:54 ptrace_linux.go:473: [SYMBOL DEBUG] - __kernel_clock_gettime | |
| 2025/06/05 12:45:54 fake_image_linux.go:77: [DEBUG] AttachToProcess: InjectFakeImage failed for time: cannot find symbol find origin time in vdso | |
| 2025/06/05 12:45:54 time_skew_linux.go:126: [INJECT DEBUG] time() injection successful | |
| 2025/06/05 12:45:54 time_skew_linux.go:128: [INJECT DEBUG] Injecting clock_gettime() function... | |
| 2025/06/05 12:45:54 fake_image_linux.go:38: [DEBUG] AttachToProcess: Starting for clock_gettime, PID: 3472, variables: 3, offsets: 3 | |
| 2025/06/05 12:45:54 fake_image_linux.go:39: [DEBUG] AttachToProcess: Variables requested: map[CLOCK_IDS_MASK:1 TV_NSEC_DELTA:300000000000 TV_SEC_DELTA:0] | |
| 2025/06/05 12:45:54 fake_image_linux.go:40: [DEBUG] AttachToProcess: Offsets available: map[CLOCK_IDS_MASK:192 TV_NSEC_DELTA:240 TV_SEC_DELTA:256] | |
| 2025/06/05 12:45:54 fake_image_linux.go:74: [DEBUG] AttachToProcess: No existing injection found, injecting new fake image for clock_gettime | |
| 2025/06/05 12:45:54 ptrace_linux.go:211: [MMAP DEBUG] Attempting mmap: length=272, fd=0, syscall_nr=222 | |
| 2025/06/05 12:45:54 ptrace_linux.go:216: [MMAP DEBUG] Using aligned length: 4096 (original: 272) | |
| 2025/06/05 12:45:54 ptrace_linux.go:224: [MMAP DEBUG] Strategy 1 failed: mmap returned NULL address, result=0x0 | |
| 2025/06/05 12:45:54 ptrace_linux.go:233: [MMAP DEBUG] Strategy 2 (larger allocation) succeeded: address=0xffff9c3c4000, allocated=8192 | |
| 2025/06/05 12:45:54 fake_image_linux.go:173: [INJECT DEBUG] Flushing instruction cache for fake image at 0xffff9c3c4000, size: 272 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c4000, size=272 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c4000, 272) -> aligned(0xffff9c3c4000, 320) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux.go:456: [SYMBOL DEBUG] Looking for symbol 'clock_gettime', trying variants: [clock_gettime __kernel_clock_gettime] | |
| 2025/06/05 12:45:54 ptrace_linux.go:463: [SYMBOL DEBUG] Found symbol 'clock_gettime' as '__kernel_clock_gettime' at offset 0x2c0 | |
| 2025/06/05 12:45:54 fake_image_linux.go:187: [INJECT DEBUG] About to overwrite function at 0xffff9c3ca2c0 (size: 664) with jump to 0xffff9c3c4000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:390: [BTI DEBUG] Creating simple replacement patch from 0xffff9c3ca2c0 to 0xffff9c3c4000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:284: [BTI DEBUG] Making VDSO page writable at 0xffff9c3ca000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:293: [BTI DEBUG] Successfully made VDSO page writable | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:405: [BTI DEBUG] Original bytes: 1f3c0071e80500542200805263108152 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:427: [BTI DEBUG] First instruction: 0x71003c1f, BTI: false, PAC: false | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:176: [BTI DEBUG] Allocating trampoline near 0xffff9c3ca2c0, size=32 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:189: [BTI DEBUG] Allocated trampoline at 0xffff9c3c3000, distance=0 MB | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:249: [BTI DEBUG] Creating simple replacement trampoline to fake at 0xffff9c3c4000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:255: [BTI DEBUG] Added BTI c instruction for landing pad safety | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:273: [BTI DEBUG] Simple replacement trampoline created, total size: 24 bytes | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:274: [BTI DEBUG] Layout: BTI c + LDR+BR+NOP (16 bytes) + address (8 bytes) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:461: [BTI DEBUG] Branch distance: -29376 bytes (-0.03 MB) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:482: [BTI DEBUG] Using simple patch: | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:483: [BTI DEBUG] 0x17ffe350 (b #-7344) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:484: [BTI DEBUG] 0xd503201f (nop) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:485: [BTI DEBUG] Patch instructions (8 bytes): 50e3ff171f2003d5 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:494: [BTI DEBUG] Flushing instruction cache for patched vDSO function | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3ca2c0, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3ca2c0, 8) -> aligned(0xffff9c3ca2c0, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c3000, size=24 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c3000, 24) -> aligned(0xffff9c3c3000, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:302: [BTI DEBUG] Restoring VDSO page to read-execute only at 0xffff9c3ca000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:311: [BTI DEBUG] Successfully restored VDSO page protection (W^X) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:513: [BTI DEBUG] Simple function replacement completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:209: [INJECT DEBUG] Successfully overwrote function with jump instruction | |
| 2025/06/05 12:45:54 fake_image_linux.go:80: [DEBUG] AttachToProcess: InjectFakeImage succeeded for clock_gettime | |
| 2025/06/05 12:45:54 fake_image_linux.go:95: [DEBUG] AttachToProcess: About to set variables - fakeEntry: true | |
| 2025/06/05 12:45:54 fake_image_linux.go:101: [DEBUG] AttachToProcess: Setting 3 variables for symbol clock_gettime, PID: 3472 | |
| 2025/06/05 12:45:54 fake_image_linux.go:102: [DEBUG] AttachToProcess: Fake entry at 0xffff9c3c4000-0xffff9c3c4110, size: 272 | |
| 2025/06/05 12:45:54 fake_image_linux.go:103: [DEBUG] AttachToProcess: Available offsets: map[CLOCK_IDS_MASK:192 TV_NSEC_DELTA:240 TV_SEC_DELTA:256] | |
| 2025/06/05 12:45:54 fake_image_linux.go:106: [DEBUG] AttachToProcess: About to set CLOCK_IDS_MASK=1 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:24: [ARM64 DEBUG] Setting CLOCK_IDS_MASK: value=1, offset=192, base=0xffff9c3c4000, ptr_addr=0xffff9c3c40c0, val_addr=0xffff9c3c40c8 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:28: [ARM64 DEBUG] Memory layout - Entry: 0xffff9c3c4000-0xffff9c3c4110 (size: 272), ptr_addr within entry: true, val_addr within entry: true | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:34: [ARM64 DEBUG] Step 1: Writing pointer 0xffff9c3c40c8 to address 0xffff9c3c40c0 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:40: [ARM64 DEBUG] Step 1: Successfully wrote pointer | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:43: [ARM64 DEBUG] Step 2: Writing value 1 to address 0xffff9c3c40c8 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:48: [ARM64 DEBUG] Successfully set CLOCK_IDS_MASK=1 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c40c8, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c40c8, 8) -> aligned(0xffff9c3c40c0, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:113: [DEBUG] AttachToProcess: Successfully set CLOCK_IDS_MASK=1 | |
| 2025/06/05 12:45:54 fake_image_linux.go:106: [DEBUG] AttachToProcess: About to set TV_SEC_DELTA=0 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:24: [ARM64 DEBUG] Setting TV_SEC_DELTA: value=0, offset=256, base=0xffff9c3c4000, ptr_addr=0xffff9c3c4100, val_addr=0xffff9c3c4108 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:28: [ARM64 DEBUG] Memory layout - Entry: 0xffff9c3c4000-0xffff9c3c4110 (size: 272), ptr_addr within entry: true, val_addr within entry: true | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:34: [ARM64 DEBUG] Step 1: Writing pointer 0xffff9c3c4108 to address 0xffff9c3c4100 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:40: [ARM64 DEBUG] Step 1: Successfully wrote pointer | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:43: [ARM64 DEBUG] Step 2: Writing value 0 to address 0xffff9c3c4108 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:48: [ARM64 DEBUG] Successfully set TV_SEC_DELTA=0 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c4108, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c4108, 8) -> aligned(0xffff9c3c4100, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:113: [DEBUG] AttachToProcess: Successfully set TV_SEC_DELTA=0 | |
| 2025/06/05 12:45:54 fake_image_linux.go:106: [DEBUG] AttachToProcess: About to set TV_NSEC_DELTA=300000000000 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:24: [ARM64 DEBUG] Setting TV_NSEC_DELTA: value=300000000000, offset=240, base=0xffff9c3c4000, ptr_addr=0xffff9c3c40f0, val_addr=0xffff9c3c40f8 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:28: [ARM64 DEBUG] Memory layout - Entry: 0xffff9c3c4000-0xffff9c3c4110 (size: 272), ptr_addr within entry: true, val_addr within entry: true | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:34: [ARM64 DEBUG] Step 1: Writing pointer 0xffff9c3c40f8 to address 0xffff9c3c40f0 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:40: [ARM64 DEBUG] Step 1: Successfully wrote pointer | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:43: [ARM64 DEBUG] Step 2: Writing value 300000000000 to address 0xffff9c3c40f8 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:48: [ARM64 DEBUG] Successfully set TV_NSEC_DELTA=300000000000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c40f8, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c40f8, 8) -> aligned(0xffff9c3c40c0, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:113: [DEBUG] AttachToProcess: Successfully set TV_NSEC_DELTA=300000000000 | |
| 2025/06/05 12:45:54 time_skew_linux.go:138: [INJECT DEBUG] clock_gettime() injection successful | |
| 2025/06/05 12:45:54 time_skew_linux.go:140: [INJECT DEBUG] Injecting gettimeofday() function... | |
| 2025/06/05 12:45:54 fake_image_linux.go:38: [DEBUG] AttachToProcess: Starting for gettimeofday, PID: 3472, variables: 2, offsets: 2 | |
| 2025/06/05 12:45:54 fake_image_linux.go:39: [DEBUG] AttachToProcess: Variables requested: map[TV_NSEC_DELTA:300000000000 TV_SEC_DELTA:0] | |
| 2025/06/05 12:45:54 fake_image_linux.go:40: [DEBUG] AttachToProcess: Offsets available: map[TV_NSEC_DELTA:276 TV_SEC_DELTA:292] | |
| 2025/06/05 12:45:54 fake_image_linux.go:74: [DEBUG] AttachToProcess: No existing injection found, injecting new fake image for gettimeofday | |
| 2025/06/05 12:45:54 ptrace_linux.go:211: [MMAP DEBUG] Attempting mmap: length=308, fd=0, syscall_nr=222 | |
| 2025/06/05 12:45:54 ptrace_linux.go:216: [MMAP DEBUG] Using aligned length: 4096 (original: 308) | |
| 2025/06/05 12:45:54 ptrace_linux.go:224: [MMAP DEBUG] Strategy 1 failed: mmap returned NULL address, result=0x0 | |
| 2025/06/05 12:45:54 ptrace_linux.go:233: [MMAP DEBUG] Strategy 2 (larger allocation) succeeded: address=0xffff9c3c1000, allocated=8192 | |
| 2025/06/05 12:45:54 fake_image_linux.go:173: [INJECT DEBUG] Flushing instruction cache for fake image at 0xffff9c3c1000, size: 308 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c1000, size=308 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c1000, 308) -> aligned(0xffff9c3c1000, 320) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux.go:456: [SYMBOL DEBUG] Looking for symbol 'gettimeofday', trying variants: [gettimeofday __kernel_gettimeofday] | |
| 2025/06/05 12:45:54 ptrace_linux.go:463: [SYMBOL DEBUG] Found symbol 'gettimeofday' as '__kernel_gettimeofday' at offset 0x558 | |
| 2025/06/05 12:45:54 fake_image_linux.go:187: [INJECT DEBUG] About to overwrite function at 0xffff9c3ca558 (size: 424) with jump to 0xffff9c3c1000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:390: [BTI DEBUG] Creating simple replacement patch from 0xffff9c3ca558 to 0xffff9c3c1000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:284: [BTI DEBUG] Making VDSO page writable at 0xffff9c3ca000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:293: [BTI DEBUG] Successfully made VDSO page writable | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:405: [BTI DEBUG] Original bytes: 44d5fe100c00b012000500b4870040b9 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:427: [BTI DEBUG] First instruction: 0x10fed544, BTI: false, PAC: false | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:176: [BTI DEBUG] Allocating trampoline near 0xffff9c3ca558, size=32 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:189: [BTI DEBUG] Allocated trampoline at 0xffff9c3c0000, distance=0 MB | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:249: [BTI DEBUG] Creating simple replacement trampoline to fake at 0xffff9c3c1000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:255: [BTI DEBUG] Added BTI c instruction for landing pad safety | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:273: [BTI DEBUG] Simple replacement trampoline created, total size: 24 bytes | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:274: [BTI DEBUG] Layout: BTI c + LDR+BR+NOP (16 bytes) + address (8 bytes) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:461: [BTI DEBUG] Branch distance: -42328 bytes (-0.04 MB) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:482: [BTI DEBUG] Using simple patch: | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:483: [BTI DEBUG] 0x17ffd6aa (b #-10582) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:484: [BTI DEBUG] 0xd503201f (nop) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:485: [BTI DEBUG] Patch instructions (8 bytes): aad6ff171f2003d5 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:494: [BTI DEBUG] Flushing instruction cache for patched vDSO function | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3ca558, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3ca558, 8) -> aligned(0xffff9c3ca540, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c0000, size=24 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c0000, 24) -> aligned(0xffff9c3c0000, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:302: [BTI DEBUG] Restoring VDSO page to read-execute only at 0xffff9c3ca000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:311: [BTI DEBUG] Successfully restored VDSO page protection (W^X) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:513: [BTI DEBUG] Simple function replacement completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:209: [INJECT DEBUG] Successfully overwrote function with jump instruction | |
| 2025/06/05 12:45:54 fake_image_linux.go:80: [DEBUG] AttachToProcess: InjectFakeImage succeeded for gettimeofday | |
| 2025/06/05 12:45:54 fake_image_linux.go:95: [DEBUG] AttachToProcess: About to set variables - fakeEntry: true | |
| 2025/06/05 12:45:54 fake_image_linux.go:101: [DEBUG] AttachToProcess: Setting 2 variables for symbol gettimeofday, PID: 3472 | |
| 2025/06/05 12:45:54 fake_image_linux.go:102: [DEBUG] AttachToProcess: Fake entry at 0xffff9c3c1000-0xffff9c3c1134, size: 308 | |
| 2025/06/05 12:45:54 fake_image_linux.go:103: [DEBUG] AttachToProcess: Available offsets: map[TV_NSEC_DELTA:276 TV_SEC_DELTA:292] | |
| 2025/06/05 12:45:54 fake_image_linux.go:106: [DEBUG] AttachToProcess: About to set TV_SEC_DELTA=0 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:24: [ARM64 DEBUG] Setting TV_SEC_DELTA: value=0, offset=292, base=0xffff9c3c1000, ptr_addr=0xffff9c3c1124, val_addr=0xffff9c3c112c | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:28: [ARM64 DEBUG] Memory layout - Entry: 0xffff9c3c1000-0xffff9c3c1134 (size: 308), ptr_addr within entry: true, val_addr within entry: true | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:34: [ARM64 DEBUG] Step 1: Writing pointer 0xffff9c3c112c to address 0xffff9c3c1124 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:40: [ARM64 DEBUG] Step 1: Successfully wrote pointer | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:43: [ARM64 DEBUG] Step 2: Writing value 0 to address 0xffff9c3c112c | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:48: [ARM64 DEBUG] Successfully set TV_SEC_DELTA=0 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c112c, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c112c, 8) -> aligned(0xffff9c3c1100, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:113: [DEBUG] AttachToProcess: Successfully set TV_SEC_DELTA=0 | |
| 2025/06/05 12:45:54 fake_image_linux.go:106: [DEBUG] AttachToProcess: About to set TV_NSEC_DELTA=300000000000 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:24: [ARM64 DEBUG] Setting TV_NSEC_DELTA: value=300000000000, offset=276, base=0xffff9c3c1000, ptr_addr=0xffff9c3c1114, val_addr=0xffff9c3c111c | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:28: [ARM64 DEBUG] Memory layout - Entry: 0xffff9c3c1000-0xffff9c3c1134 (size: 308), ptr_addr within entry: true, val_addr within entry: true | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:34: [ARM64 DEBUG] Step 1: Writing pointer 0xffff9c3c111c to address 0xffff9c3c1114 | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:40: [ARM64 DEBUG] Step 1: Successfully wrote pointer | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:43: [ARM64 DEBUG] Step 2: Writing value 300000000000 to address 0xffff9c3c111c | |
| 2025/06/05 12:45:54 fake_image_linux_arm64.go:48: [ARM64 DEBUG] Successfully set TV_NSEC_DELTA=300000000000 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:97: [CACHE DEBUG] Flushing ARM64 instruction cache for addr=0xffff9c3c111c, size=8 | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:117: [CACHE DEBUG] Cache flush: original(0xffff9c3c111c, 8) -> aligned(0xffff9c3c1100, 64) | |
| 2025/06/05 12:45:54 ptrace_linux_arm64.go:151: [CACHE DEBUG] ARM64 instruction cache flush completed successfully | |
| 2025/06/05 12:45:54 fake_image_linux.go:113: [DEBUG] AttachToProcess: Successfully set TV_NSEC_DELTA=300000000000 | |
| 2025/06/05 12:45:54 time_skew_linux.go:149: [INJECT DEBUG] gettimeofday() injection successful | |
| 2025/06/05 12:45:54 time_skew_linux.go:151: [INJECT DEBUG] All injections completed successfully for PID 3472 | |
| 2025/06/05 12:45:54 watchmaker.go:65: modifying time success |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment