search

AFLplusplus / LibAFL

Advanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std, ...
Other
2.05k stars 322 forks source link

Can't get frida_libpng to work for android #1359

Closed 7a6ac0 closed 8 months ago

7a6ac0 commented 1 year ago

I follow the step to build frida_libpng, but still get some error.

The steps:

  1. Download standalone toolchain, and run the following:
android-ndk-r25c/build/tools/make_standalone_toolchain.py --arch arm64 --api 21 --install-dir /opt/android-toolchain-arm64
  1. Add installed toolchain to PATH
export PATH=$PATH:/opt/android-toolchain-arm64/bin
  1. In the ~/.cargo/config file add a target with the correct cross-compiler toolchain name
[target.aarch64-linux-android]
linker="aarch64-linux-android-clang"
  1. CLANG_PATH=aarch64-linux-android-clang cargo -v build --release --target=aarch64-linux-android

After build , this is what I see:

       Fresh color-backtrace v0.5.1
       Fresh libafl_targets v0.10.1 (/opt/LibAFL/libafl_targets)
       Fresh mimalloc v0.1.37
       Fresh libloading v0.7.4
       Fresh libafl_frida v0.10.1 (/opt/LibAFL/libafl_frida)
warning: variable does not need to be mutable
    --> /opt/LibAFL/libafl_frida/src/asan/asan_rt.rs:1671:13
     |
1671 |         let mut map_flags = MapFlags::MAP_ANON | MapFlags::MAP_PRIVATE;
     |             ----^^^^^^^^^
     |             |
     |             help: remove this `mut`
     |
     = note: `#[warn(unused_mut)]` on by default

warning: `libafl_frida` (lib) generated 1 warning (run `cargo fix --lib -p libafl_frida` to apply 1 suggestion)
   Compiling frida_fuzzer v0.10.1 (/opt/LibAFL/fuzzers/frida_libpng)
     Running `rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=212 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=ba49c74d1f693fcc -C extra-filename=-ba49c74d1f693fcc --out-dir /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=aarch64-linux-android-clang -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-933b6cfa5717b58c.rlib --extern frida_gum=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-fa428b0b861f2aa3.rlib --extern libafl=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-1274e6c3426fc553.rlib --extern libafl_frida=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-ba28a5fcc5e10f3e.rlib --extern libafl_targets=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-86b3a0df5b236e2a.rlib --extern libloading=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-0c48db23b336eec6.rlib --extern mimalloc=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-b2af5d3d01aa1788.rlib -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out -L /root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-21aaf2b3bab8362b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out`
error: linking with `aarch64-linux-android-clang` failed: exit status: 1
  |
  = note: LC_ALL="C" PATH="/root/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/bin:/root/.cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/opt/android-toolchain-arm64/bin" VSLANG="1033" "aarch64-linux-android-clang" "/tmp/rustc8myApW/symbols.o" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-ba49c74d1f693fcc.frida_fuzzer.8663365b-cgu.0.rcgu.o" "-Wl,--as-needed" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/release/deps" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out" "-L" "/root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-21aaf2b3bab8362b/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out" "-L" "/root/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib" "-Wl,-Bstatic" "/tmp/rustc8myApW/liblibafl_frida-ba28a5fcc5e10f3e.rlib" "/tmp/rustc8myApW/liblibafl_targets-86b3a0df5b236e2a.rlib" "/tmp/rustc8myApW/libcapstone_sys-122ca0d02c4f0e71.rlib" "/tmp/rustc8myApW/libfrida_gum_sys-b2f8988d8c7b9e24.rlib" "/tmp/rustc8myApW/liblibmimalloc_sys-a68625ecab01c9f0.rlib" "/root/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib/libcompiler_builtins-e9996a2f967dd691.rlib" "-Wl,-Bdynamic" "-ldl" "-lc++" "-ldl" "-llog" "-lunwind" "-ldl" "-lm" "-lc" "-Wl,--eh-frame-hdr" "-Wl,-z,noexecstack" "-L" "/root/.rustup/toolchains/stable-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib" "-o" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-ba49c74d1f693fcc" "-Wl,--gc-sections" "-pie" "-Wl,-z,relro,-z,now" "-Wl,-O1" "-nodefaultlibs"
  = note: ld: error: undefined symbol: __clear_cache
          >>> referenced by gummemory-linux.c:120 (../../../frida-gum/gum/backend-linux/gummemory-linux.c:120)
          >>>               backend-linux_gummemory-linux.c.o:(gum_clear_cache) in archive /tmp/rustc8myApW/libfrida_gum_sys-b2f8988d8c7b9e24.rlib
          clang140: error: linker command failed with exit code 1 (use -v to see invocation)

error: could not compile `frida_fuzzer` (bin "frida_fuzzer") due to previous error

Caused by:
  process didn't exit successfully: `rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=212 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=ba49c74d1f693fcc -C extra-filename=-ba49c74d1f693fcc --out-dir /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=aarch64-linux-android-clang -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-933b6cfa5717b58c.rlib --extern frida_gum=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-fa428b0b861f2aa3.rlib --extern libafl=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-1274e6c3426fc553.rlib --extern libafl_frida=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-ba28a5fcc5e10f3e.rlib --extern libafl_targets=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-86b3a0df5b236e2a.rlib --extern libloading=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-0c48db23b336eec6.rlib --extern mimalloc=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-b2af5d3d01aa1788.rlib -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out -L /root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-21aaf2b3bab8362b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-ab6aa4634bae321a/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out` (exit status: 1)

Any idea what I might be doing wrong?

s1341 commented 1 year ago

Try an older NDK.

7a6ac0 commented 1 year ago

After trying NDK r22b, below is my error message

error: failed to run custom build command for `frida-gum-sys v0.4.1`

Caused by:
  process didn't exit successfully: `/libafl/fuzzers/frida_libpng/target/release/build/frida-gum-sys-4a9027b5aa576319/build-script-build` (exit status: 101)
  --- stdout
  cargo:rerun-if-changed=event_sink.c
  cargo:rerun-if-changed=event_sink.h
  cargo:rerun-if-changed=invocation_listener.c
  cargo:rerun-if-changed=invocation_listener.h
  cargo:rustc-link-search=/usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1
  cargo:rustc-link-search=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out
  cargo:rustc-link-lib=static=frida-gum

  --- stderr
  /usr/include/pthread.h:657:6: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:669:3: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:710:6: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:657:6: error: 'regparm' is not valid on this platform, err: true
  /usr/include/pthread.h:669:3: error: 'regparm' is not valid on this platform, err: true
  /usr/include/pthread.h:710:6: error: 'regparm' is not valid on this platform, err: true
  thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ()', /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1/build.rs:63:10
  stack backtrace:
     0:     0x55fe09c0104a - std::backtrace_rs::backtrace::libunwind::trace::h9a6b80bbf328ba5d
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
     1:     0x55fe09c0104a - std::backtrace_rs::backtrace::trace_unsynchronized::hd162ec543a11886b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
     2:     0x55fe09c0104a - std::sys_common::backtrace::_print_fmt::h78a5099be12f51a6
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:65:5
     3:     0x55fe09c0104a - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::ha1c5390454d74f71
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:44:22
     4:     0x55fe09c2b37f - core::fmt::write::h9ffde816c577717b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/fmt/mod.rs:1254:17
     5:     0x55fe09bfcce5 - std::io::Write::write_fmt::h88186074961638e4
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/io/mod.rs:1698:15
     6:     0x55fe09c00e15 - std::sys_common::backtrace::_print::h184198273ed08d59
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:47:5
     7:     0x55fe09c00e15 - std::sys_common::backtrace::print::h1b4d8e7add699453
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:34:9
     8:     0x55fe09c02d4e - std::panicking::default_hook::{{closure}}::h393bcea75423915a
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:269:22
     9:     0x55fe09c02af5 - std::panicking::default_hook::h48c64f31d8b3fd03
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:288:9
    10:     0x55fe09c032ae - std::panicking::rust_panic_with_hook::hafdc493a79370062
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:691:13
    11:     0x55fe09c031a9 - std::panicking::begin_panic_handler::{{closure}}::h0a64bc82e36bedc7
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:582:13
    12:     0x55fe09c014b6 - std::sys_common::backtrace::__rust_end_short_backtrace::hc203444fb7416a16
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:150:18
    13:     0x55fe09c02f02 - rust_begin_unwind
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:578:5
    14:     0x55fe092031c3 - core::panicking::panic_fmt::h0f6ef0178afce4f2
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/panicking.rs:67:14
    15:     0x55fe09203673 - core::result::unwrap_failed::h8090202169109f9c
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/result.rs:1687:5
    16:     0x55fe09204362 - core::result::Result<T,E>::unwrap::h71b22caa83afba05
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/result.rs:1089:23
    17:     0x55fe09204ba6 - build_script_build::main::h1a419a1ac21af5b2
                                 at /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1/build.rs:56:20
    18:     0x55fe092043bb - core::ops::function::FnOnce::call_once::h28c59ccd582ed283
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/ops/function.rs:250:5
    19:     0x55fe092044ae - std::sys_common::backtrace::__rust_begin_short_backtrace::h388c6c13c3103258
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:134:18
    20:     0x55fe09205d71 - std::rt::lang_start::{{closure}}::h00e7b8fcdc202b73
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:166:18
    21:     0x55fe09bf816e - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::hb1327dc2ef3fecdf
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/ops/function.rs:287:13
    22:     0x55fe09bf816e - std::panicking::try::do_call::h4044173225fe83dd
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:485:40
    23:     0x55fe09bf816e - std::panicking::try::hd8a722c09d156a53
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:449:19
    24:     0x55fe09bf816e - std::panic::catch_unwind::hd2ca07971cf0119b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panic.rs:140:14
    25:     0x55fe09bf816e - std::rt::lang_start_internal::{{closure}}::h26d89d595cf47b70
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:148:48
    26:     0x55fe09bf816e - std::panicking::try::do_call::hf47aa1aa005e5f1a
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:485:40
    27:     0x55fe09bf816e - std::panicking::try::h73d246b2423eaf4e
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:449:19
    28:     0x55fe09bf816e - std::panic::catch_unwind::hbaaeae8f1b2f9915
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panic.rs:140:14
    29:     0x55fe09bf816e - std::rt::lang_start_internal::h76f3e81e6b8f13f9
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:148:20
    30:     0x55fe09205d4a - std::rt::lang_start::ha550df6e149542e8
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:165:17
    31:     0x55fe09204f0e - main
    32:     0x7f0e9dbafd0a - __libc_start_main
                                 at ./csu/../csu/libc-start.c:308:16
    33:     0x55fe0920385a - _start
    34:                0x0 - <unknown>

Any idea what I might be doing wrong?

s1341 commented 1 year ago

try cleaning with cargo clean before building with r22b.

7a6ac0 commented 1 year ago

@s1341 thanks for reply. I try to cargo clean before build with r22b. But it seems to have the same error.

s1341 commented 1 year ago

you can try bumping the frida-gum/frida-gum-sys versions to the latest frida-rust version.

7a6ac0 commented 1 year ago

bumping versions with frida-gum 0.12.0 and frida-gum-sys 0.7.1 After build , this is what I see:

error: failed to run custom build command for `frida-gum-sys v0.7.1`

Caused by:
  process didn't exit successfully: `/libafl/fuzzers/frida_libpng/target/release/build/frida-gum-sys-9a425a3608f42898/build-script-build` (exit status: 101)
  --- stdout
  cargo:rerun-if-changed=event_sink.c
  cargo:rerun-if-changed=event_sink.h
  cargo:rerun-if-changed=invocation_listener.c
  cargo:rerun-if-changed=invocation_listener.h
  cargo:rerun-if-changed=probe_listener.c
  cargo:rerun-if-changed=probe_listener.h
  cargo:rustc-link-search=/usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.7.1
  cargo:rustc-link-search=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-dbaedc5d0f615134/out
  cargo:rustc-link-lib=static=frida-gum

  --- stderr
  /usr/include/pthread.h:657:6: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:669:3: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:710:6: error: 'regparm' is not valid on this platform
  thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ClangDiagnostic("/usr/include/pthread.h:657:6: error: 'regparm' is not valid on this platform\n/usr/include/pthread.h:669:3: error: 'regparm' is not valid on this platform\n/usr/include/pthread.h:710:6: error: 'regparm' is not valid on this platform\n")', /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.7.1/build.rs:81:10
  stack backtrace:
     0:     0x55bb12081c6a - std::backtrace_rs::backtrace::libunwind::trace::h9a6b80bbf328ba5d
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
     1:     0x55bb12081c6a - std::backtrace_rs::backtrace::trace_unsynchronized::hd162ec543a11886b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
     2:     0x55bb12081c6a - std::sys_common::backtrace::_print_fmt::h78a5099be12f51a6
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:65:5
     3:     0x55bb12081c6a - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::ha1c5390454d74f71
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:44:22
     4:     0x55bb120ac01f - core::fmt::write::h9ffde816c577717b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/fmt/mod.rs:1254:17
     5:     0x55bb1207d905 - std::io::Write::write_fmt::h88186074961638e4
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/io/mod.rs:1698:15
     6:     0x55bb12081a35 - std::sys_common::backtrace::_print::h184198273ed08d59
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:47:5
     7:     0x55bb12081a35 - std::sys_common::backtrace::print::h1b4d8e7add699453
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:34:9
     8:     0x55bb1208396e - std::panicking::default_hook::{{closure}}::h393bcea75423915a
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:269:22
     9:     0x55bb12083715 - std::panicking::default_hook::h48c64f31d8b3fd03
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:288:9
    10:     0x55bb12083ece - std::panicking::rust_panic_with_hook::hafdc493a79370062
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:691:13
    11:     0x55bb12083dc9 - std::panicking::begin_panic_handler::{{closure}}::h0a64bc82e36bedc7
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:582:13
    12:     0x55bb120820d6 - std::sys_common::backtrace::__rust_end_short_backtrace::hc203444fb7416a16
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:150:18
    13:     0x55bb12083b22 - rust_begin_unwind
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:578:5
    14:     0x55bb115f41c3 - core::panicking::panic_fmt::h0f6ef0178afce4f2
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/panicking.rs:67:14
    15:     0x55bb115f4673 - core::result::unwrap_failed::h8090202169109f9c
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/result.rs:1687:5
    16:     0x55bb115f53b8 - core::result::Result<T,E>::unwrap::h8cfef72685437780
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/result.rs:1089:23
    17:     0x55bb115f5dbb - build_script_build::main::h02b1603bcbbcaee3
                                 at /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.7.1/build.rs:70:20
    18:     0x55bb115f549b - core::ops::function::FnOnce::call_once::h4f27de4ea49b399b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/ops/function.rs:250:5
    19:     0x55bb115f545e - std::sys_common::backtrace::__rust_begin_short_backtrace::h7a26d2f67a869e9f
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:134:18
    20:     0x55bb115f7161 - std::rt::lang_start::{{closure}}::h0381da202d250950
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:166:18
    21:     0x55bb12078bce - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::hb1327dc2ef3fecdf
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/ops/function.rs:287:13
    22:     0x55bb12078bce - std::panicking::try::do_call::h4044173225fe83dd
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:485:40
    23:     0x55bb12078bce - std::panicking::try::hd8a722c09d156a53
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:449:19
    24:     0x55bb12078bce - std::panic::catch_unwind::hd2ca07971cf0119b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panic.rs:140:14
    25:     0x55bb12078bce - std::rt::lang_start_internal::{{closure}}::h26d89d595cf47b70
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:148:48
    26:     0x55bb12078bce - std::panicking::try::do_call::hf47aa1aa005e5f1a
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:485:40
    27:     0x55bb12078bce - std::panicking::try::h73d246b2423eaf4e
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:449:19
    28:     0x55bb12078bce - std::panic::catch_unwind::hbaaeae8f1b2f9915
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panic.rs:140:14
    29:     0x55bb12078bce - std::rt::lang_start_internal::h76f3e81e6b8f13f9
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:148:20
    30:     0x55bb115f713a - std::rt::lang_start::hfe24b61a210d4522
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:165:17
    31:     0x55bb115f62be - main
    32:     0x7f418387dd0a - __libc_start_main
                                 at ./csu/../csu/libc-start.c:308:16
    33:     0x55bb115f485a - _start
    34:                0x0 - <unknown>
s1341 commented 1 year ago

why are you trying to include /usr/include/pthread.h. You should be including an android specific header.

Did you set your linker path in a .cargo/config.toml file?

s1341 commented 1 year ago

also, please put the fully qualified path in CLANG_PATH...

7a6ac0 commented 1 year ago

@s1341 thanks for your opinion, it was very helpful for me. I revert frida-gum/frida-gum-sys versions to original version, and install the missing libunwind library. but show the error ld: error: unable to find library -lunwind

   Compiling frida_fuzzer v0.10.1 (/libafl/fuzzers/frida_libpng)
     Running `/usr/local/cargo/bin/sccache rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=210 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=fc7e7b40bf532a99 -C extra-filename=-fc7e7b40bf532a99 --out-dir /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang -L dependency=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/libafl/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-933b6cfa5717b58c.rlib --extern frida_gum=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-fbafe0067d95409d.rlib --extern libafl=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-41001bf6f08a24ea.rlib --extern libafl_frida=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-df146f822ce4157b.rlib --extern libafl_targets=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-ff1c0f44c67469ac.rlib --extern libloading=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-0c48db23b336eec6.rlib --extern mimalloc=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-b2af5d3d01aa1788.rlib -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out -L /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-e076a0c62b605cea/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out`
error: linking with `/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang` failed: exit status: 1
  |
  = note: LC_ALL="C" PATH="/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/bin:/usr/local/cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/android-toolchain-arm64/bin" VSLANG="1033" "/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang" "/tmp/rustcIEvwoc/symbols.o" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-fc7e7b40bf532a99.frida_fuzzer.385abbc0-cgu.0.rcgu.o" "-Wl,--as-needed" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps" "-L" "/libafl/fuzzers/frida_libpng/target/release/deps" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out" "-L" "/usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-e076a0c62b605cea/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out" "-L" "/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib" "-Wl,-Bstatic" "/tmp/rustcIEvwoc/liblibafl_frida-df146f822ce4157b.rlib" "/tmp/rustcIEvwoc/liblibafl_targets-ff1c0f44c67469ac.rlib" "/tmp/rustcIEvwoc/libcapstone_sys-122ca0d02c4f0e71.rlib" "/tmp/rustcIEvwoc/libfrida_gum_sys-b2f8988d8c7b9e24.rlib" "/tmp/rustcIEvwoc/liblibmimalloc_sys-a68625ecab01c9f0.rlib" "/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib/libcompiler_builtins-e9996a2f967dd691.rlib" "-Wl,-Bdynamic" "-ldl" "-lc++" "-ldl" "-llog" "-lunwind" "-ldl" "-lm" "-lc" "-Wl,--eh-frame-hdr" "-Wl,-z,noexecstack" "-L" "/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib" "-o" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-fc7e7b40bf532a99" "-Wl,--gc-sections" "-pie" "-Wl,-z,relro,-z,now" "-Wl,-O1" "-nodefaultlibs"
  = note: ld: error: unable to find library -lunwind
          clang110: error: linker command failed with exit code 1 (use -v to see invocation)

error: could not compile `frida_fuzzer` (bin "frida_fuzzer") due to previous error

Caused by:
  process didn't exit successfully: `/usr/local/cargo/bin/sccache rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=210 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=fc7e7b40bf532a99 -C extra-filename=-fc7e7b40bf532a99 --out-dir /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang -L dependency=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/libafl/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-933b6cfa5717b58c.rlib --extern frida_gum=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-fbafe0067d95409d.rlib --extern libafl=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-41001bf6f08a24ea.rlib --extern libafl_frida=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-df146f822ce4157b.rlib --extern libafl_targets=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-ff1c0f44c67469ac.rlib --extern libloading=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-0c48db23b336eec6.rlib --extern mimalloc=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-b2af5d3d01aa1788.rlib -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out -L /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-e076a0c62b605cea/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out` (exit status: 1)

Is there any step missing?

s1341 commented 1 year ago

Looks like a linker error. I don't know why clang can't find libunwind. Maybe strace the compilation to try to see where it looks for it?

7a6ac0 commented 1 year ago

The env I'm using is build from Dockerfile , Would you provide a docker image which frida_libpng can be build for android?

s1341 commented 1 year ago

I didn't use a Dockerfile. I used the anrdoid toolchain on nixos.

7a6ac0 commented 1 year ago

@s1341 also use nixos to cross compile, below is my error message,

   Compiling frida_fuzzer v0.10.1 (/opt/LibAFL/fuzzers/frida_libpng)
     Running `rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=212 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=256f8c26c19bd47e -C extra-filename=-256f8c26c19bd47e --out-dir /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=/nix/store/3p6q5129kasrar54hfq6zd4l5i0s479y-aarch64-unknown-linux-android-clang-wrapper-12.0.1/bin/aarch64-unknown-linux-android-clang -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-0699d2fc682f8710.rlib --extern frida_gum=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-ba34448253bc9f6e.rlib --extern libafl=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-a997fb1d60e441c9.rlib --extern libafl_frida=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-f646ce1fe56edc90.rlib --extern libafl_targets=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-477a934de3bef80e.rlib --extern libloading=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-430c93a9e477ab92.rlib --extern mimalloc=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-4af80d2f47befafc.rlib -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-7bed340ca6c2018e/out -L /root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-c7cf54e5244fec85/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-c5ae78eae4287da9/out`
error: linking with `/nix/store/3p6q5129kasrar54hfq6zd4l5i0s479y-aarch64-unknown-linux-android-clang-wrapper-12.0.1/bin/aarch64-unknown-linux-android-clang` failed: exit status: 1
  |
  = note: LC_ALL="C" PATH="/nix/store/d920x2bhgwzsz4nmhkg6vcm9n37y9kxs-rust-1.71.0-2023-07-12-8ede3aae2/lib/rustlib/x86_64-unknown-linux-gnu/bin:/nix/store/csy2mpgy1s9iwhdmw7pnl4kni9hl50y0-bash-interactive-5.2-p15/bin:/nix/store/vfqcpzf6a6dy1iy3f51gwfny0ks7rgld-patchelf-0.15.0/bin:/nix/store/x7n44lfys59k5ajj9w1fkxw5391cnn5v-gcc-wrapper-12.3.0/bin:/nix/store/hhhjpdd06w42prplsak9r0w2y426pdwp-gcc-12.3.0/bin:/nix/store/75vv3mli422cf9awip32v9yklhn43nz4-glibc-2.37-8-bin/bin:/nix/store/whinz9rj5h6h8zxp9bkmfzv7fkzc0cq8-coreutils-9.3/bin:/nix/store/wgnrcbdh3nq4qd00xzj1sl2ps8fx70r0-binutils-wrapper-2.40/bin:/nix/store/r5x7gyddzwml0h9g7gg7r6zlwpdzc10a-binutils-2.40/bin:/nix/store/2nx5ysmil0nk285vnvz8kvk2ld91k7yd-llvm-11.1.0-dev/bin:/nix/store/6gy6wdcwcz6d01jx7ca6amcynixplrk3-ncurses-6.4-dev/bin:/nix/store/gmx0dj8kvl7agm6azrbgv9w3k4kp844y-ncurses-6.4/bin:/nix/store/hk7acalpv0bxn8ya6ibh8z9pp32hkm18-llvm-11.1.0/bin:/nix/store/yhxfjxd2cmsllhk89axakm4z7ng49iad-llvm-binutils-wrapper-11.1.0/bin:/nix/store/hpaqjazmjrya0m4yjgcarahsa404dcqr-llvm-binutils-11.1.0/bin:/nix/store/7667qxzv2r085n0s4s3a9sk6mz8aka0a-lld-11.1.0/bin:/nix/store/s1q6ynp7zhfc7kl7wi8gh71l88kw0i35-openssl-3.0.9-bin/bin:/nix/store/d920x2bhgwzsz4nmhkg6vcm9n37y9kxs-rust-1.71.0-2023-07-12-8ede3aae2/bin:/nix/store/9c03r86hcdn43dm3hsgjirifvyzfkhwh-python3-3.10.12/bin:/nix/store/1ci6fn5jq64iqkcmhgzjxashsg8bm8p5-xz-5.4.3-bin/bin:/nix/store/3p6q5129kasrar54hfq6zd4l5i0s479y-aarch64-unknown-linux-android-clang-wrapper-12.0.1/bin:/nix/store/d83i8xcabr72qf5vn69lk05px3dgsblr-clang-12.0.1/bin:/nix/store/3xszgnwfgwj7i8hl9671wi8qynqnxhr5-aarch64-unknown-linux-android-llvm-binutils-wrapper-12.0.1/bin:/nix/store/61p5gq97pb9f8ycbahbf3hkmxrasz7sg-llvm-binutils-12.0.1/bin:/nix/store/whinz9rj5h6h8zxp9bkmfzv7fkzc0cq8-coreutils-9.3/bin:/nix/store/w8k9gfc9rkfvvgv1z2pcvpn57xs0nfvy-findutils-4.9.0/bin:/nix/store/sfzqh8clr15s9cm5876ff83ax0kfr5vj-diffutils-3.10/bin:/nix/store/yrcf918h3vz3x9b36fnm0kf8snvjff9b-gnused-4.9/bin:/nix/store/mhw4vhrz163p19afdp52disvb5l16zvs-gnugrep-3.11/bin:/nix/store/qzxlwhn71a4yx9gb1dyrr06shik3h6v3-gawk-5.2.2/bin:/nix/store/xk6lvr5w3bgxm404x8lkgcka2xx3h40q-gnutar-1.34/bin:/nix/store/pvvi5kmz97dnlkg8k5dnmv3kikv7asdl-gzip-1.12/bin:/nix/store/ylq35nr0zs7n54c96wx0vl3spwhcf3z9-bzip2-1.0.8-bin/bin:/nix/store/92alb87rz7w6yjak1yj4c2ryhsps34az-gnumake-4.4.1/bin:/nix/store/a7f7xfp9wyghf44yv6l6fv9dfw492hd3-bash-5.2-p15/bin:/nix/store/ssqd1aivzbl9gf5k6dwxh530jjwfsh2z-patch-2.7.6/bin:/nix/store/1ci6fn5jq64iqkcmhgzjxashsg8bm8p5-xz-5.4.3-bin/bin:/nix/store/6igv1bi4jxxvl22vk9k1fqwpyrx8cif7-file-5.44/bin:/root/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/root/.cargo/bin:/root/.nix-profile/bin:/nix/var/nix/profiles/default/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games:/usr/local/games:/snap/bin:/nix/store/0hbb8bwwdzx6cz1w6hhx4w7qgijqf3fq-clang-11.1.0/bin" VSLANG="1033" "/nix/store/3p6q5129kasrar54hfq6zd4l5i0s479y-aarch64-unknown-linux-android-clang-wrapper-12.0.1/bin/aarch64-unknown-linux-android-clang" "/tmp/rustc0KBB2v/symbols.o" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-256f8c26c19bd47e.frida_fuzzer.3c4814795b38cce-cgu.0.rcgu.o" "-Wl,--as-needed" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/release/deps" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-7bed340ca6c2018e/out" "-L" "/root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-c7cf54e5244fec85/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out" "-L" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-c5ae78eae4287da9/out" "-L" "/nix/store/d920x2bhgwzsz4nmhkg6vcm9n37y9kxs-rust-1.71.0-2023-07-12-8ede3aae2/lib/rustlib/aarch64-linux-android/lib" "-Wl,-Bstatic" "/tmp/rustc0KBB2v/liblibafl_frida-f646ce1fe56edc90.rlib" "/tmp/rustc0KBB2v/liblibafl_targets-477a934de3bef80e.rlib" "/tmp/rustc0KBB2v/libcapstone_sys-173356fd7525c61b.rlib" "/tmp/rustc0KBB2v/libfrida_gum_sys-f86a09d907163838.rlib" "/tmp/rustc0KBB2v/liblibmimalloc_sys-b67ab94b60fe11fa.rlib" "/nix/store/4ll49faxmq951a747n8pgjx49ala68nx-rust-std/lib/rustlib/aarch64-linux-android/lib/libcompiler_builtins-01f0855226f8e564.rlib" "-Wl,-Bdynamic" "-ldl" "-lc++" "-ldl" "-llog" "-lunwind" "-ldl" "-lm" "-lc" "-Wl,--eh-frame-hdr" "-Wl,-z,noexecstack" "-L" "/nix/store/d920x2bhgwzsz4nmhkg6vcm9n37y9kxs-rust-1.71.0-2023-07-12-8ede3aae2/lib/rustlib/aarch64-linux-android/lib" "-o" "/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-256f8c26c19bd47e" "-Wl,--gc-sections" "-pie" "-Wl,-z,relro,-z,now" "-Wl,-O1" "-nodefaultlibs"
  = note: aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/liblibafl_frida-f646ce1fe56edc90.rlib(gettls.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/liblibafl_targets-477a934de3bef80e.rlib(cmplog.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/libcapstone_sys-173356fd7525c61b.rlib(cs.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/libcapstone_sys-173356fd7525c61b.rlib(MCInst.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/libcapstone_sys-173356fd7525c61b.rlib(SStream.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/libcapstone_sys-173356fd7525c61b.rlib(utils.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/libcapstone_sys-173356fd7525c61b.rlib(AArch64Module.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /tmp/rustc0KBB2v/liblibmimalloc_sys-b67ab94b60fe11fa.rlib(static.o) is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /nix/store/f0sv6dj1i00g3d8968m4gkxh5ay8hkl9-libcxx-11.1.0/lib/libc++.so.1 is incompatible with aarch64linux
          aarch64-unknown-linux-android-ld: error: /nix/store/wpzk77qwg492kgx97gz77r41n2ja93hb-libcxxabi-11.1.0/lib/libc++abi.so is incompatible with aarch64linux
          clang-12: error: linker command failed with exit code 1 (use -v to see invocation)

error: could not compile `frida_fuzzer` (bin "frida_fuzzer") due to previous error

Caused by:
  process didn't exit successfully: `rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=212 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=256f8c26c19bd47e -C extra-filename=-256f8c26c19bd47e --out-dir /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=/nix/store/3p6q5129kasrar54hfq6zd4l5i0s479y-aarch64-unknown-linux-android-clang-wrapper-12.0.1/bin/aarch64-unknown-linux-android-clang -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/opt/LibAFL/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-0699d2fc682f8710.rlib --extern frida_gum=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-ba34448253bc9f6e.rlib --extern libafl=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-a997fb1d60e441c9.rlib --extern libafl_frida=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-f646ce1fe56edc90.rlib --extern libafl_targets=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-477a934de3bef80e.rlib --extern libloading=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-430c93a9e477ab92.rlib --extern mimalloc=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-4af80d2f47befafc.rlib -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-7bed340ca6c2018e/out -L /root/.cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-c46412a82761ff7b/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-c7cf54e5244fec85/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-8f2eab49e204fa3d/out -L native=/opt/LibAFL/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-c5ae78eae4287da9/out` (exit status: 1)

How could i fix this error ?

s1341 commented 1 year ago

I don't know what the last issue is, but the __clear_cache issue is real - it results from rust (or clang) not linking clang_rt.builtins.<arch>.o into the final bulid. I was able to fix it by adding a couple of lines to the build.rs of frida-gum, but I'm looking for a more generic solution...

s1341 commented 1 year ago

https://github.com/rust-lang/compiler-builtins/issues/468

domenukk commented 1 year ago

This may be helpful:

I have determined that some versions of NDK and Rust are incompatible. For example, such versions are non-working:

rust 1.70, NDK 25, clang*
rust 1.70, NDK 22, clang*
rust 1.70, NDK 21, clang*
rust 1.67, NDK 25, clang*
Try these versions: rust 1.67, NDK 22, clang30. This worked for me when I was building LibAFL.

https://github.com/frida/frida-rust/pull/104#issuecomment-1671963571

saruman9 commented 1 year ago

After trying NDK r22b, below is my error message

error: failed to run custom build command for `frida-gum-sys v0.4.1`

Caused by:
  process didn't exit successfully: `/libafl/fuzzers/frida_libpng/target/release/build/frida-gum-sys-4a9027b5aa576319/build-script-build` (exit status: 101)
  --- stdout
  cargo:rerun-if-changed=event_sink.c
  cargo:rerun-if-changed=event_sink.h
  cargo:rerun-if-changed=invocation_listener.c
  cargo:rerun-if-changed=invocation_listener.h
  cargo:rustc-link-search=/usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1
  cargo:rustc-link-search=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out
  cargo:rustc-link-lib=static=frida-gum

  --- stderr
  /usr/include/pthread.h:657:6: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:669:3: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:710:6: error: 'regparm' is not valid on this platform
  /usr/include/pthread.h:657:6: error: 'regparm' is not valid on this platform, err: true
  /usr/include/pthread.h:669:3: error: 'regparm' is not valid on this platform, err: true
  /usr/include/pthread.h:710:6: error: 'regparm' is not valid on this platform, err: true
  thread 'main' panicked at 'called `Result::unwrap()` on an `Err` value: ()', /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1/build.rs:63:10
  stack backtrace:
     0:     0x55fe09c0104a - std::backtrace_rs::backtrace::libunwind::trace::h9a6b80bbf328ba5d
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/../../backtrace/src/backtrace/libunwind.rs:93:5
     1:     0x55fe09c0104a - std::backtrace_rs::backtrace::trace_unsynchronized::hd162ec543a11886b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/../../backtrace/src/backtrace/mod.rs:66:5
     2:     0x55fe09c0104a - std::sys_common::backtrace::_print_fmt::h78a5099be12f51a6
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:65:5
     3:     0x55fe09c0104a - <std::sys_common::backtrace::_print::DisplayBacktrace as core::fmt::Display>::fmt::ha1c5390454d74f71
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:44:22
     4:     0x55fe09c2b37f - core::fmt::write::h9ffde816c577717b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/fmt/mod.rs:1254:17
     5:     0x55fe09bfcce5 - std::io::Write::write_fmt::h88186074961638e4
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/io/mod.rs:1698:15
     6:     0x55fe09c00e15 - std::sys_common::backtrace::_print::h184198273ed08d59
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:47:5
     7:     0x55fe09c00e15 - std::sys_common::backtrace::print::h1b4d8e7add699453
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:34:9
     8:     0x55fe09c02d4e - std::panicking::default_hook::{{closure}}::h393bcea75423915a
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:269:22
     9:     0x55fe09c02af5 - std::panicking::default_hook::h48c64f31d8b3fd03
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:288:9
    10:     0x55fe09c032ae - std::panicking::rust_panic_with_hook::hafdc493a79370062
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:691:13
    11:     0x55fe09c031a9 - std::panicking::begin_panic_handler::{{closure}}::h0a64bc82e36bedc7
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:582:13
    12:     0x55fe09c014b6 - std::sys_common::backtrace::__rust_end_short_backtrace::hc203444fb7416a16
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:150:18
    13:     0x55fe09c02f02 - rust_begin_unwind
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:578:5
    14:     0x55fe092031c3 - core::panicking::panic_fmt::h0f6ef0178afce4f2
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/panicking.rs:67:14
    15:     0x55fe09203673 - core::result::unwrap_failed::h8090202169109f9c
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/result.rs:1687:5
    16:     0x55fe09204362 - core::result::Result<T,E>::unwrap::h71b22caa83afba05
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/result.rs:1089:23
    17:     0x55fe09204ba6 - build_script_build::main::h1a419a1ac21af5b2
                                 at /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1/build.rs:56:20
    18:     0x55fe092043bb - core::ops::function::FnOnce::call_once::h28c59ccd582ed283
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/ops/function.rs:250:5
    19:     0x55fe092044ae - std::sys_common::backtrace::__rust_begin_short_backtrace::h388c6c13c3103258
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/sys_common/backtrace.rs:134:18
    20:     0x55fe09205d71 - std::rt::lang_start::{{closure}}::h00e7b8fcdc202b73
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:166:18
    21:     0x55fe09bf816e - core::ops::function::impls::<impl core::ops::function::FnOnce<A> for &F>::call_once::hb1327dc2ef3fecdf
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/core/src/ops/function.rs:287:13
    22:     0x55fe09bf816e - std::panicking::try::do_call::h4044173225fe83dd
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:485:40
    23:     0x55fe09bf816e - std::panicking::try::hd8a722c09d156a53
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:449:19
    24:     0x55fe09bf816e - std::panic::catch_unwind::hd2ca07971cf0119b
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panic.rs:140:14
    25:     0x55fe09bf816e - std::rt::lang_start_internal::{{closure}}::h26d89d595cf47b70
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:148:48
    26:     0x55fe09bf816e - std::panicking::try::do_call::hf47aa1aa005e5f1a
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:485:40
    27:     0x55fe09bf816e - std::panicking::try::h73d246b2423eaf4e
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panicking.rs:449:19
    28:     0x55fe09bf816e - std::panic::catch_unwind::hbaaeae8f1b2f9915
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/panic.rs:140:14
    29:     0x55fe09bf816e - std::rt::lang_start_internal::h76f3e81e6b8f13f9
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:148:20
    30:     0x55fe09205d4a - std::rt::lang_start::ha550df6e149542e8
                                 at /rustc/90c541806f23a127002de5b4038be731ba1458ca/library/std/src/rt.rs:165:17
    31:     0x55fe09204f0e - main
    32:     0x7f0e9dbafd0a - __libc_start_main
                                 at ./csu/../csu/libc-start.c:308:16
    33:     0x55fe0920385a - _start
    34:                0x0 - <unknown>

Any idea what I might be doing wrong?

To fix this error (only for NDK below 23), you need to specify sysroot for Frida (https://github.com/frida/frida-rust/):

diff --git a/frida-gum-sys/build.rs b/frida-gum-sys/build.rs
index eb3fedd9..da75553d 100644
--- a/frida-gum-sys/build.rs
+++ b/frida-gum-sys/build.rs
@@ -67,10 +67,12 @@ fn main() {
     let bindings = if std::env::var("DOCS_RS").is_ok() {
         bindings.clang_arg("-Iinclude")
     } else {
-        bindings
+        bindings.clang_arg("-Iinclude")
     };

     let bindings = bindings
+        .clang_arg("--sysroot=/home/user/AndroidSDK/ndk/22.1.7171670/toolchains/llvm/prebuilt/linux-x86_64/sysroot/")
         .header_contents("gum.h", "#include \"frida-gum.h\"")
         .header("event_sink.h")
         .header("invocation_listener.h")
saruman9 commented 1 year ago

@s1341 thanks for your opinion, it was very helpful for me. I revert frida-gum/frida-gum-sys versions to original version, and install the missing libunwind library. but show the error ld: error: unable to find library -lunwind

   Compiling frida_fuzzer v0.10.1 (/libafl/fuzzers/frida_libpng)
     Running `/usr/local/cargo/bin/sccache rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=210 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=fc7e7b40bf532a99 -C extra-filename=-fc7e7b40bf532a99 --out-dir /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang -L dependency=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/libafl/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-933b6cfa5717b58c.rlib --extern frida_gum=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-fbafe0067d95409d.rlib --extern libafl=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-41001bf6f08a24ea.rlib --extern libafl_frida=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-df146f822ce4157b.rlib --extern libafl_targets=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-ff1c0f44c67469ac.rlib --extern libloading=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-0c48db23b336eec6.rlib --extern mimalloc=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-b2af5d3d01aa1788.rlib -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out -L /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-e076a0c62b605cea/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out`
error: linking with `/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang` failed: exit status: 1
  |
  = note: LC_ALL="C" PATH="/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/x86_64-unknown-linux-gnu/bin:/usr/local/cargo/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/opt/android-toolchain-arm64/bin" VSLANG="1033" "/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang" "/tmp/rustcIEvwoc/symbols.o" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-fc7e7b40bf532a99.frida_fuzzer.385abbc0-cgu.0.rcgu.o" "-Wl,--as-needed" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps" "-L" "/libafl/fuzzers/frida_libpng/target/release/deps" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out" "-L" "/usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-e076a0c62b605cea/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out" "-L" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out" "-L" "/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib" "-Wl,-Bstatic" "/tmp/rustcIEvwoc/liblibafl_frida-df146f822ce4157b.rlib" "/tmp/rustcIEvwoc/liblibafl_targets-ff1c0f44c67469ac.rlib" "/tmp/rustcIEvwoc/libcapstone_sys-122ca0d02c4f0e71.rlib" "/tmp/rustcIEvwoc/libfrida_gum_sys-b2f8988d8c7b9e24.rlib" "/tmp/rustcIEvwoc/liblibmimalloc_sys-a68625ecab01c9f0.rlib" "/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib/libcompiler_builtins-e9996a2f967dd691.rlib" "-Wl,-Bdynamic" "-ldl" "-lc++" "-ldl" "-llog" "-lunwind" "-ldl" "-lm" "-lc" "-Wl,--eh-frame-hdr" "-Wl,-z,noexecstack" "-L" "/usr/local/rustup/toolchains/1.70.0-x86_64-unknown-linux-gnu/lib/rustlib/aarch64-linux-android/lib" "-o" "/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/frida_fuzzer-fc7e7b40bf532a99" "-Wl,--gc-sections" "-pie" "-Wl,-z,relro,-z,now" "-Wl,-O1" "-nodefaultlibs"
  = note: ld: error: unable to find library -lunwind
          clang110: error: linker command failed with exit code 1 (use -v to see invocation)

error: could not compile `frida_fuzzer` (bin "frida_fuzzer") due to previous error

Caused by:
  process didn't exit successfully: `/usr/local/cargo/bin/sccache rustc --crate-name frida_fuzzer --edition=2021 src/main.rs --error-format=json --json=diagnostic-rendered-ansi,artifacts,future-incompat --diagnostic-width=210 --crate-type bin --emit=dep-info,link -C opt-level=3 -C lto -C codegen-units=1 -C debuginfo=2 --cfg 'feature="default"' --cfg 'feature="std"' -C metadata=fc7e7b40bf532a99 -C extra-filename=-fc7e7b40bf532a99 --out-dir /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps --target aarch64-linux-android -C linker=/opt/android-toolchain-arm64/bin/aarch64-linux-android-clang -L dependency=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps -L dependency=/libafl/fuzzers/frida_libpng/target/release/deps --extern color_backtrace=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libcolor_backtrace-933b6cfa5717b58c.rlib --extern frida_gum=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libfrida_gum-fbafe0067d95409d.rlib --extern libafl=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl-41001bf6f08a24ea.rlib --extern libafl_frida=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_frida-df146f822ce4157b.rlib --extern libafl_targets=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibafl_targets-ff1c0f44c67469ac.rlib --extern libloading=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/liblibloading-0c48db23b336eec6.rlib --extern mimalloc=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/deps/libmimalloc-b2af5d3d01aa1788.rlib -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/capstone-sys-134738c58aa04621/out -L /usr/local/cargo/registry/src/index.crates.io-6f17d22bba15001f/frida-gum-sys-0.4.1 -L /libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/frida-gum-sys-6724fdf991355945/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_frida-e076a0c62b605cea/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libafl_targets-baf612b21ec09e1d/out -L native=/libafl/fuzzers/frida_libpng/target/aarch64-linux-android/release/build/libmimalloc-sys-25472505475483b3/out` (exit status: 1)

Is there any step missing?

To fix this problem, try workaround from here: https://github.com/rust-lang/rust/pull/85806#issuecomment-1096266946.

saruman9 commented 1 year ago

My workaround for __clear_cache issue is build.rs file:

use std::env;

/// Adds a temporary workaround for an issue with the Rust compiler and Android
/// in x86_64/aarch64 devices: https://github.com/rust-lang/rust/issues/109717.
/// The workaround comes from: https://github.com/mozilla/application-services/pull/5442
fn setup_android_workaround() {
    let target_os = env::var("CARGO_CFG_TARGET_OS").expect("CARGO_CFG_TARGET_OS not set");
    let target_arch = env::var("CARGO_CFG_TARGET_ARCH").expect("CARGO_CFG_TARGET_ARCH not set");
    if (target_arch == "x86_64" || target_arch == "aarch64") && target_os == "android" {
        let android_ndk_home = env::var("ANDROID_NDK_HOME").expect("ANDROID_NDK_HOME not set");
        let build_os = match env::consts::OS {
            "linux" => "linux",
            "macos" => "darwin",
            "windows" => "windows",
            _ => panic!(
                "Unsupported OS. You must use either Linux, MacOS or Windows to build the crate."
            ),
        };
        const DEFAULT_CLANG_VERSION: &str = "14.0.7";
        let clang_version =
            env::var("NDK_CLANG_VERSION").unwrap_or_else(|_| DEFAULT_CLANG_VERSION.to_owned());
        let linux_x86_64_lib_dir = format!(
            "toolchains/llvm/prebuilt/{build_os}-x86_64/lib64/clang/{clang_version}/lib/linux/"
        );
        println!("cargo:rustc-link-search={android_ndk_home}/{linux_x86_64_lib_dir}");
        println!("cargo:rustc-link-lib=static=clang_rt.builtins-{target_arch}-android");
    }
}

fn main() {
    setup_android_workaround();
}
domenukk commented 1 year ago

Want to propse that as PR in the frida bindings (https://github.com/frida/frida-rust/) ?

saruman9 commented 1 year ago

Want to propse that as PR in the frida bindings (https://github.com/frida/frida-rust/) ?

https://github.com/frida/frida-rust/pull/112

domenukk commented 8 months ago

Think this was fixed in the meantime