Closed hooki closed 5 years ago
The -d option does not seem to work.
[ TEST ]
# echo 7/47 | /root/.virtualenvs/angr/lib/python3.5/site-packages/shellphish_qemu/bin/shellphish-qemu-linux-x86_64 -C log1 -E LD_BIND_NOW=1 -d exec,nochain,page -D log2 --trace ./buggy
Log items (comma separated):
out_asm show generated host assembly code for each compiled TB
in_asm show target assembly code for each compiled TB
op show micro ops for each compiled TB
op_opt show micro ops (x86 only: before eflags optimization) and
after liveness analysis
int show interrupts/exceptions in short format
exec show trace before each executed TB (lots of logs)
cpu show CPU state before block translation
mmu log MMU-related activities
pcall x86 only: show protected mode far calls/returns/exceptions
cpu_reset show CPU state before CPU resets
ioport show all i/o ports accesses
unimp log unimplemented functionality
guest_errors log when the guest OS does something invalid (eg accessing a
non-existent register)
The shellphish-qemu from pypi is a little old. You should try using the one from https://github.com/angr/wheels. I’ll close this issue when I update it on pypi.
On Thu, Jun 27, 2019 at 8:21 AM jeongun.baek notifications@github.com wrote:
The -d option does not seem to work.
[ TEST ]
echo 7/47 | /root/.virtualenvs/angr/lib/python3.5/site-packages/shellphish_qemu/bin/shellphish-qemu-linux-x86_64 -C log1 -E LD_BIND_NOW=1 -d exec,nochain,page -D log2 --trace ./buggy
Log items (comma separated): out_asm show generated host assembly code for each compiled TB in_asm show target assembly code for each compiled TB op show micro ops for each compiled TB op_opt show micro ops (x86 only: before eflags optimization) and after liveness analysis int show interrupts/exceptions in short format exec show trace before each executed TB (lots of logs) cpu show CPU state before block translation mmu log MMU-related activities pcall x86 only: show protected mode far calls/returns/exceptions cpu_reset show CPU state before CPU resets ioport show all i/o ports accesses unimp log unimplemented functionality guest_errors log when the guest OS does something invalid (eg accessing a non-existent register)
— You are receiving this because you are subscribed to this thread. Reply to this email directly, view it on GitHub https://github.com/angr/tracer/issues/75?email_source=notifications&email_token=AATCB5MOEZY2ZHNY6B2QUATP4TLINA5CNFSM4H34A6L2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODYXO2JI#issuecomment-506391845, or mute the thread https://github.com/notifications/unsubscribe-auth/AATCB5KY5WFIFXCQLNZSOMLP4TLINANCNFSM4H34A6LQ .
Updated.
When running the example below, I found that the shellphish-qemu-linux-x86_64 doesn't print any trace logs.
[ buggy.c ]
[ TEST ]