search

frida / frida

Clone this repo to build Frida
https://frida.re
Other
16.36k stars 1.68k forks source link

Frida Server 12.5.0 Broken/Crashes on Android with " Unsupported Android Linker" - previous ver. frida-server-12.4.8-android-arm works #876

Closed CeruleanSky closed 5 years ago

CeruleanSky commented 5 years ago

Using the previous frida-server, frida-server-12.4.8-android-arm I can run frida-ps and get a listing.

frida-server-12.5.0-android-arm crashes when launching with the below unsupported linker message on Android 4.4.2 and thus I am unable to use it.

If there are any commands I can run or anything else I can do that would be helpful let me know.


F/Frida   ( 4667): Unsupported Android linker; please file a bug
F/libc    ( 4667): Fatal signal 5 (???) at 0x0000123b (code=-6), thread 4667 (frida-server-12)
W/NativeCrashListener(32099): Couldn't find ProcessRecord for pid 4667
I/DEBUG   (  230): *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
I/DEBUG   (  230): AM write failure (32 / Broken pipe)
I/DEBUG   (  230): Build fingerprint: 'motorola/ghost_att/ghost:4.4.2/KXA20.16-1.31.1/1:user/bldacfg,release-keys'
I/DEBUG   (  230): Revision: 'p300'
I/DEBUG   (  230): pid: 4667, tid: 4667, name: frida-server-12  >>> ./frida-server-12.5.0-android-arm <<<
I/DEBUG   (  230): signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
I/DEBUG   (  230):     r0 00000000  r1 0000123b  r2 00000006  r3 00000000
I/DEBUG   (  230):     r4 00000006  r5 00000002  r6 0000123b  r7 0000010c
I/DEBUG   (  230):     r8 00000000  r9 00007d63  sl b5f305b0  fp 40087b85
I/DEBUG   (  230):     ip bedcd310  sp bedcd2b0  lr b5fd90bd  pc b5fe8068  cpsr 000f0010
I/DEBUG   (  230):     d0  726f707075736e55  d1  72646e4120646574
I/DEBUG   (  230):     d2  6b6e696c2064696f  d3  61656c70203b7265
I/DEBUG   (  230):     d4  622d303030393330  d5  2030303061333036
I/DEBUG   (  230):     d6  30303020702d2d72  d7  3031203030306530
I/DEBUG   (  230):     d8  0000000000000000  d9  0000000000000000
I/DEBUG   (  230):     d10 0000000000000000  d11 0000000000000000
I/DEBUG   (  230):     d12 0000000000000000  d13 0000000000000000
I/DEBUG   (  230):     d14 0000000000000000  d15 0000000000000000
I/DEBUG   (  230):     d16 2f6d65747379732f  d17 6b6e696c2f6e6962
I/DEBUG   (  230):     d18 b6e8f5e5b6e8f581  d19 b6e8f669b6e8f61d
I/DEBUG   (  230):     d20 b6e8f51b00000000  d21 0000000000000002
I/DEBUG   (  230):     d22 0000000000000000  d23 0000000000000000
I/DEBUG   (  230):     d24 0000000000000000  d25 0000000000000000
I/DEBUG   (  230):     d26 0000000000000000  d27 0000000000000000
I/DEBUG   (  230):     d28 0000000000000000  d29 0000000000000000
I/DEBUG   (  230):     d30 0000000000000000  d31 0000000000000000
I/DEBUG   (  230):     scr 00000010
I/DEBUG   (  230):
I/DEBUG   (  230): backtrace:
I/DEBUG   (  230):     #00  pc 00022068  /system/lib/libc.so (tgkill+12)
I/DEBUG   (  230):     #01  pc 000130b9  /system/lib/libc.so (pthread_kill+48)
I/DEBUG   (  230):     #02  pc 000132cd  /system/lib/libc.so (raise+10)
I/DEBUG   (  230):     #03  pc 00012003  /system/lib/libc.so
I/DEBUG   (  230):     #04  pc 0002191c  /system/lib/libc.so (abort+4)
I/DEBUG   (  230):     #05  pc 00ebcb51  /data/local/tmp/frida-server-12.5.0-android-arm
I/DEBUG   (  230):
I/DEBUG   (  230): stack:
I/DEBUG   (  230):          bedcd270  b8f5d348  [heap]
I/DEBUG   (  230):          bedcd274  b6f16e55  /data/local/tmp/frida-server-12.5.0-android-arm
I/DEBUG   (  230):          bedcd278  00000008
I/DEBUG   (  230):          bedcd27c  b5f305b0
I/DEBUG   (  230):          bedcd280  40087b85
I/DEBUG   (  230):          bedcd284  b8f5d168  [heap]
I/DEBUG   (  230):          bedcd288  b8f52138  [heap]
I/DEBUG   (  230):          bedcd28c  b8f5d2d0  [heap]
I/DEBUG   (  230):          bedcd290  bedcd2d0  [stack]
I/DEBUG   (  230):          bedcd294  b6e958c9  /data/local/tmp/frida-server-12.5.0-android-arm
I/DEBUG   (  230):          bedcd298  b6fe1f28
I/DEBUG   (  230):          bedcd29c  00000001
I/DEBUG   (  230):          bedcd2a0  b8f52140  [heap]
I/DEBUG   (  230):          bedcd2a4  b8f5213c  [heap]
I/DEBUG   (  230):          bedcd2a8  bedcd2d0  [stack]
I/DEBUG   (  230):          bedcd2ac  b6e8deb9  /data/local/tmp/frida-server-12.5.0-android-arm
I/DEBUG   (  230):     #00  bedcd2b0  00000006
I/DEBUG   (  230):          bedcd2b4  00000002
I/DEBUG   (  230):          bedcd2b8  0000123b
I/DEBUG   (  230):          bedcd2bc  bedcd310  [stack]
I/DEBUG   (  230):          bedcd2c0  bedcd310  [stack]
I/DEBUG   (  230):          bedcd2c4  b5fd90bd  /system/lib/libc.so (pthread_kill+52)
I/DEBUG   (  230):     #01  bedcd2c8  00000006
I/DEBUG   (  230):          bedcd2cc  00000000
I/DEBUG   (  230):          bedcd2d0  00000000
I/DEBUG   (  230):          bedcd2d4  b5fd92d1  /system/lib/libc.so (raise+14)
I/DEBUG   (  230):     #02  bedcd2d8  bedcd2e4  [stack]
I/DEBUG   (  230):          bedcd2dc  b5fd8007  /system/lib/libc.so
I/DEBUG   (  230):
I/DEBUG   (  230): memory near r1:
I/DEBUG   (  230):     00001218 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001228 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001238 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001248 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001258 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001268 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001278 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001288 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001298 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012a8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012b8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012c8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012d8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012e8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012f8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001308 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):
I/DEBUG   (  230): memory near r6:
I/DEBUG   (  230):     00001218 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001228 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001238 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001248 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001258 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001268 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001278 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001288 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001298 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012a8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012b8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012c8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012d8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012e8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     000012f8 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00001308 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):
I/DEBUG   (  230): memory near r9:
I/DEBUG   (  230):     00007d40 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007d50 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007d60 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007d70 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007d80 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007d90 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007da0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007db0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007dc0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007dd0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007de0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007df0 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007e00 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007e10 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007e20 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     00007e30 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):
I/DEBUG   (  230): memory near sl:
I/DEBUG   (  230):     b5f30590 b5f304f0 00007d63 b8f5d090 b8f5d0c8
I/DEBUG   (  230):     b5f305a0 b8f5d0e0 b8f5d140 00000000 00000000
I/DEBUG   (  230):     b5f305b0 00000000 00000000 b5f305f0 00000000
I/DEBUG   (  230):     b5f305c0 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f305d0 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f305e0 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f305f0 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30600 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30610 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30620 00000000 00000000 b5f30660 00000000
I/DEBUG   (  230):     b5f30630 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30640 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30650 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30660 b5f30698 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30670 00000000 00000000 00000000 00000000
I/DEBUG   (  230):     b5f30680 00000000 00000000 00000000 00000000
I/DEBUG   (  230):
I/DEBUG   (  230): memory near fp:
I/DEBUG   (  230):     40087b64 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087b74 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087b84 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087b94 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087ba4 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087bb4 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087bc4 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087bd4 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087be4 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087bf4 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087c04 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087c14 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087c24 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087c34 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087c44 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):     40087c54 ffffffff ffffffff ffffffff ffffffff
I/DEBUG   (  230):
I/DEBUG   (  230): memory near ip:
I/DEBUG   (  230):     bedcd2f0 b5f304f0 00000000 bedcd304 bedcd3c8
I/DEBUG   (  230):     bedcd300 b5f304f0 b5fe7920 00000006 b6ef8b53
I/DEBUG   (  230):     bedcd310 bedcd320 b6ef8af7 4007a468 00000000
I/DEBUG   (  230):     bedcd320 bedcd468 b6e366f3 b5f3b240 b8f5d090
I/DEBUG   (  230):     bedcd330 bedcd358 b6ea1ca5 00000000 00000000
I/DEBUG   (  230):     bedcd340 b5f313d8 b5f3b238 00000000 b5f3b238
I/DEBUG   (  230):     bedcd350 00000000 bedcd378 bedcd368 b6ea1cc9
I/DEBUG   (  230):     bedcd360 00000000 b5f3b238 bedcd3c8 b6e8e1b3
I/DEBUG   (  230):     bedcd370 bedcd388 b6e8d92f 00000078 0000000b
I/DEBUG   (  230):     bedcd380 b8f49730 b5f3b238 bedcd3c8 b6e9529b
I/DEBUG   (  230):     bedcd390 b5f3b1c0 bedcd3ac 00000000 4007c028
I/DEBUG   (  230):     bedcd3a0 00000000 b5f3b240 00000000 00000039
I/DEBUG   (  230):     bedcd3b0 40087b85 b8f5d090 b8f5d0c8 00001000
I/DEBUG   (  230):     bedcd3c0 4007a3b4 00000000 bedcd400 b6e8e6e3
I/DEBUG   (  230):     bedcd3d0 b5f3b238 b8f38e30 b8f49ad0 b8f38e30
I/DEBUG   (  230):     bedcd3e0 00000020 b8f520b0 00000000 00000000
I/DEBUG   (  230):
I/DEBUG   (  230): memory near sp:
I/DEBUG   (  230):     bedcd290 bedcd2d0 b6e958c9 b6fe1f28 00000001
I/DEBUG   (  230):     bedcd2a0 b8f52140 b8f5213c bedcd2d0 b6e8deb9
I/DEBUG   (  230):     bedcd2b0 00000006 00000002 0000123b bedcd310
I/DEBUG   (  230):     bedcd2c0 bedcd310 b5fd90bd 00000006 00000000
I/DEBUG   (  230):     bedcd2d0 00000000 b5fd92d1 bedcd2e4 b5fd8007
I/DEBUG   (  230):     bedcd2e0 00007d63 ffffffdf 40087b85 bedcd3c8
I/DEBUG   (  230):     bedcd2f0 b5f304f0 00000000 bedcd304 bedcd3c8
I/DEBUG   (  230):     bedcd300 b5f304f0 b5fe7920 00000006 b6ef8b53
I/DEBUG   (  230):     bedcd310 bedcd320 b6ef8af7 4007a468 00000000
I/DEBUG   (  230):     bedcd320 bedcd468 b6e366f3 b5f3b240 b8f5d090
I/DEBUG   (  230):     bedcd330 bedcd358 b6ea1ca5 00000000 00000000
I/DEBUG   (  230):     bedcd340 b5f313d8 b5f3b238 00000000 b5f3b238
I/DEBUG   (  230):     bedcd350 00000000 bedcd378 bedcd368 b6ea1cc9
I/DEBUG   (  230):     bedcd360 00000000 b5f3b238 bedcd3c8 b6e8e1b3
I/DEBUG   (  230):     bedcd370 bedcd388 b6e8d92f 00000078 0000000b
I/DEBUG   (  230):     bedcd380 b8f49730 b5f3b238 bedcd3c8 b6e9529b
I/DEBUG   (  230):
I/DEBUG   (  230): code around pc:
I/DEBUG   (  230):     b5fe8048 e8bd00f0 e3700a01 912fff1e e2600000
I/DEBUG   (  230):     b5fe8058 ea006e4c e92d50f0 e3a07f43 ef000000
I/DEBUG   (  230):     b5fe8068 e8bd50f0 e3700a01 912fff1e e2600000
I/DEBUG   (  230):     b5fe8078 ea006e44 e92d50f0 e3a070ee ef000000
I/DEBUG   (  230):     b5fe8088 e8bd50f0 e3700a01 912fff1e e2600000
I/DEBUG   (  230):     b5fe8098 ea006e3c f200429a bf0080b9 f040f891
I/DEBUG   (  230):     b5fe80a8 4001e92d f2c02a04 2a1080a5 8093f2c0
I/DEBUG   (  230):     b5fe80b8 f2c02a20 2a408088 ea4fdb7f f1bc1c92
I/DEBUG   (  230):     b5fe80c8 dd6c0f0a 0600e92d 0f40f1bc f500dd4a
I/DEBUG   (  230):     b5fe80d8 f5016e80 ebae7920 ea4f0e09 ea4f5e4e
I/DEBUG   (  230):     b5fe80e8 f50e5e5e ebbc7e20 dd3b1f9e f04fbfc4
I/DEBUG   (  230):     b5fe80f8 ebd9090a dd35199e 0a0eeb01 0a3ff02a
I/DEBUG   (  230):     b5fe8108 1c9eebac bfd245e1 0c09ebac f04f46e1
I/DEBUG   (  230):     b5fe8118 f8910c00 f891f240 f921f280 f921028d
I/DEBUG   (  230):     b5fe8128 f8da428d f1b93000 f9000901 f900028d
I/DEBUG   (  230):     b5fe8138 f10a428d d1ee0a40 0f00f1bc f5bcd02b
I/DEBUG   (  230):
I/DEBUG   (  230): code around lr:
I/DEBUG   (  230):     b5fd909c 447b4b13 42b3e010 6a1ed10e 44784811
I/DEBUG   (  230):     b5fd90ac ec80f7fb ea0ef00d 46224631 efd0f00e
I/DEBUG   (  230):     b5fd90bc d00a3001 e00b2400 2b00681b 480ad1eb
I/DEBUG   (  230):     b5fd90cc 44782403 ec6ef7fb f001e002 6804fa23
I/DEBUG   (  230):     b5fd90dc fa20f001 46206005 bf00bd70 0003b306
I/DEBUG   (  230):     b5fd90ec 0003b2fa 0003b2f2 0003b2ce bf7ef7ff
I/DEBUG   (  230):     b5fd90fc 4a3e4b3d e92d447b b08b43f0 4606589c
I/DEBUG   (  230):     b5fd910c 6823460d 930946a1 fa04f001 8000f8d0
I/DEBUG   (  230):     b5fd911c d0482d00 f0104628 280ff88b d8444604
I/DEBUG   (  230):     b5fd912c ffe4f7ff d1064286 4629200f e8d8f00d
I/DEBUG   (  230):     b5fd913c d03c2800 482ee02e f7fb4478 482debb2
I/DEBUG   (  230):     b5fd914c e0154478 d11342b0 482b6a06 f7fb4478
I/DEBUG   (  230):     b5fd915c 4a2aec2a 46332120 a801447a f9eef013
I/DEBUG   (  230):     b5fd916c a8012101 fd08f01a 46061c42 e011d104
I/DEBUG   (  230):     b5fd917c 28006800 e02cd1e6 46294630 f00d4622
I/DEBUG   (  230):     b5fd918c 1c43e914 d11e4607 f9c4f001 29046801
eugenekolo commented 5 years ago

Interesting crash. I do think though that supporting Android 4.4.x is a bit silly at this point. It's far too old (Approaching 6 years). An older version of Frida might work better for it.

I misunderstood the issue at first though. It seems that 12.5.0 broke your support, whereas 12.4.8 worked fine. in that case, a fix can be necessary to stop the regression.

CeruleanSky commented 5 years ago

Looks like this was a duplicate of https://github.com/frida/frida/issues/868