xwings
commented
4 years ago we are facing some issue with arm, x86, arm64 in Windows and suspect this is Windows issue.
again , these log is not enuf for the issue. will you be able to try on linux ?
Closed Hho-hyj closed 4 years ago
xwings
commented
4 years ago we are facing some issue with arm, x86, arm64 in Windows and suspect this is Windows issue.
again , these log is not enuf for the issue. will you be able to try on linux ?
Hho-hyj
commented
4 years ago Here is the whole log , can this can help me slove the issue?
[+] Enable ARM VFP
[+] Set init_kernel_get_tls
[+] load 0x56555000 - 0x5656e000
[+] load 0x5656e000 - 0x56571000
[+] mem_start: 0x0 mem_end: 0x1c000
[+] mmap_address is : 0x774bf000
[+] rel name b'__stack_chk_guard'
[+] rel name b'__sF'
[+] rel name b'_ZNSt12length_errorD1Ev'
[+] rel name b'__cxa_new_handler'
[+] rel name b'_ZNSt13bad_exceptionD1Ev'
[+] rel name b'_ZTISt12length_error'
[+] rel name b'_ZTVSt9bad_alloc'
[+] rel name b'_ZTVSt8bad_cast'
[+] rel name b'_ZTIv'
[+] rel name b'_ZTVSt12length_error'
[+] rel name b'_ZTISt13bad_exception'
[+] rel name b'_ZTIN10__cxxabiv117__pbase_type_infoE'
[+] rel name b'_ZTIN10__cxxabiv116__shim_type_infoE'
[+] rel name b'_ZTIDn'
[+] rel name b'_ZTVSt10bad_typeid'
[+] rel name b'_ZTIN10__cxxabiv119__pointer_type_infoE'
[+] rel name b'__cxa_unexpected_handler'
[+] rel name b'_ZTISt9exception'
[+] rel name b'__cxa_terminate_handler'
[+] rel name b'_ZTIN10__cxxabiv120__function_type_infoE'
[+] rel name b'_ZNSt9bad_allocD1Ev'
[+] rel name b'_ZTISt9bad_alloc'
[+] rel name b'_ZTIN10__cxxabiv129__pointer_to_member_type_infoE'
[+] rel name b'_ZTVSt13bad_exception'
[+] rel name b'_ZTIN10__cxxabiv117__class_type_infoE'
[+] rel name b'_ZTVSt20bad_array_new_length'
[+] rel name b'_ZTVSt11logic_error'
[+] rel name b'_ZTVSt13runtime_error'
[+] rel name b'__cxa_finalize'
[+] rel name b'__cxa_atexit'
[+] rel name b'_ZN7_JNIEnv12NewStringUTFEPKc'
[+] rel name b'_ZNSt6__ndk112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEED2Ev'
[+] rel name b'__stack_chk_fail'
[+] rel name b'__gxx_personality_v0'
[+] rel name b'_ZNSt6__ndk117__compressed_pairINS_12basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE5__repES5_EC2ILb1EvEEv'
[+] rel name b'_ZNSt6__ndk111char_traitsIcE6lengthEPKc'
[+] rel name b'_ZNSt6__ndk112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE6__initEPKcj'
[+] rel name b'__cxa_begin_catch'
[+] rel name b'_ZSt9terminatev'
[+] rel name b'_ZNSt6__ndk117_DeallocateCaller27__do_deallocate_handle_sizeEPvj'
[+] rel name b'_ZNSt6__ndk117_DeallocateCaller9__do_callEPv'
[+] rel name b'_ZdlPv'
[+] rel name b'_ZNKSt6__ndk121__basic_string_commonILb1EE20__throw_length_errorEv'
[+] rel name b'_ZNSt6__ndk111char_traitsIcE4copyEPcPKcj'
[+] rel name b'_ZNSt6__ndk111char_traitsIcE6assignERcRKc'
[+] rel name b'strlen'
[+] rel name b'_ZNSt6__ndk112basic_stringIcNS_11char_traitsIcEENS_9allocatorIcEEE10__align_itILj16EEEjj'
[+] rel name b'__aeabi_memcpy'
[+] rel name b'__cxa_allocate_exception'
[+] rel name b'__cxa_throw'
[+] rel name b'__cxa_free_exception'
[+] rel name b'_ZNSt11logic_errorC2EPKc'
[+] rel name b'_Znwj'
[+] rel name b'_ZNSt9bad_allocC1Ev'
[+] rel name b'_ZSt15get_new_handlerv'
[+] rel name b'malloc'
[+] rel name b'__cxa_end_catch'
[+] rel name b'_Znaj'
[+] rel name b'free'
[+] rel name b'_ZdaPv'
[+] rel name b'_ZnwjSt11align_val_t'
[+] rel name b'_ZnajSt11align_val_t'
[+] rel name b'_ZdlPvSt11align_val_t'
[+] rel name b'_ZdaPvSt11align_val_t'
[+] rel name b'_ZNSt9exceptionD2Ev'
[+] rel name b'abort'
[+] rel name b'__aeabi_memclr8'
[+] rel name b'__cxa_call_unexpected'
[+] rel name b'__aeabi_memclr'
[+] rel name b'__cxa_get_globals'
[+] rel name b'_ZSt14get_unexpectedv'
[+] rel name b'_ZSt13get_terminatev'
[+] rel name b'__cxa_decrement_exception_refcount'
[+] rel name b'__cxa_get_globals_fast'
[+] rel name b'__cxa_allocate_dependent_exception'
[+] rel name b'__cxa_uncaught_exceptions'
[+] rel name b'pthread_setspecific'
[+] rel name b'pthread_once'
[+] rel name b'pthread_getspecific'
[+] rel name b'pthread_key_create'
[+] rel name b'_ZN10__cxxabiv121__isOurExceptionClassEPK21_Unwind_Control_Block'
[+] rel name b'__cxa_begin_cleanup'
[+] rel name b'_ZN10__cxxabiv119__getExceptionClassEPK21_Unwind_Control_Block'
[+] rel name b'_ZNSt13bad_exceptionD1Ev'
[+] rel name b'__cxa_rethrow'
[+] rel name b'pthread_mutex_lock'
[+] rel name b'calloc'
[+] rel name b'pthread_mutex_unlock'
[+] rel name b'_ZNSt9bad_allocD0Ev'
[+] rel name b'_ZNKSt9bad_alloc4whatEv'
[+] rel name b'_ZNSt20bad_array_new_lengthD0Ev'
[+] rel name b'_ZNKSt20bad_array_new_length4whatEv'
[+] rel name b'_ZNSt9exceptionD0Ev'
[+] rel name b'_ZNKSt9exception4whatEv'
[+] rel name b'_ZNSt13bad_exceptionD0Ev'
[+] rel name b'_ZNKSt13bad_exception4whatEv'
[+] rel name b'_ZNSt11logic_errorD2Ev'
[+] rel name b'_ZNSt13runtime_errorD2Ev'
[+] rel name b'_ZNSt11logic_errorD0Ev'
[+] rel name b'_ZNKSt11logic_error4whatEv'
[+] rel name b'_ZNSt13runtime_errorD0Ev'
[+] rel name b'_ZNKSt13runtime_error4whatEv'
[+] rel name b'_ZNSt12domain_errorD0Ev'
[+] rel name b'_ZNSt16invalid_argumentD0Ev'
[+] rel name b'_ZNSt12length_errorD0Ev'
[+] rel name b'_ZNSt12out_of_rangeD0Ev'
[+] rel name b'_ZNSt11range_errorD0Ev'
[+] rel name b'_ZNSt14overflow_errorD0Ev'
[+] rel name b'_ZNSt15underflow_errorD0Ev'
[+] rel name b'vfprintf'
[+] rel name b'fputc'
[+] rel name b'vasprintf'
[+] rel name b'__assert2'
[+] rel name b'__cxa_demangle'
[+] rel name b'realloc'
[+] rel name b'__aeabi_memmove4'
[+] rel name b'__aeabi_memmove'
[+] rel name b'islower'
[+] rel name b'__aeabi_memcpy4'
[+] rel name b'isxdigit'
[+] rel name b'snprintf'
[+] rel name b'_ZNSt9type_infoD2Ev'
[+] rel name b'strcmp'
[+] rel name b'__dynamic_cast'
[+] rel name b'__cxa_pure_virtual'
[+] rel name b'_ZNSt8bad_castD2Ev'
[+] rel name b'_ZNSt8bad_castD0Ev'
[+] rel name b'_ZNKSt8bad_cast4whatEv'
[+] rel name b'_ZNSt10bad_typeidD2Ev'
[+] rel name b'_ZNSt10bad_typeidD0Ev'
[+] rel name b'_ZNKSt10bad_typeid4whatEv'
[+] rel name b'_ZNSt9type_infoD0Ev'
[+] rel name b'memalign'
[+] rel name b'__errno'
[+] rel name b'fprintf'
[+] rel name b'fflush'
[+] rel name b'dladdr'
[+] rel name b'__gnu_Unwind_Find_exidx'
[!] Emulation Error
[-] r0 : 0x0
[-] r1 : 0x0
[-] r2 : 0x0
[-] r3 : 0x0
[-] r4 : 0x0
[-] r5 : 0x0
[-] r6 : 0x0
[-] r7 : 0x0
[-] r8 : 0x0
[-] r9 : 0x0
[-] r10 : 0x0
[-] r11 : 0x0
[-] r12 : 0x0
[-] sp : 0x7ff3cf08
[-] lr : 0x0
[-] pc : 0x56555004
[-] cpsr : 0x400001d3
[-] c1_c0_2 : 0xf00000
[-] c13_c0_3 : 0x0
[-] fpexc : 0x40000000
[+] PC = 0x56555004 (E:\my_project\qiling\examples\rootfs\arm_linux\bin\libnative-lib.so+0x4)
[+] Start End Perm. Path
[+] 56555000 - 5656e000 - r-x E:\my_project\qiling\examples\rootfs\arm_linux\bin\libnative-lib.so (E:\my_project\qiling\examples\rootfs\arm_linux\bin\libnative-lib.so)
[+] 5656e000 - 56571000 - rw- E:\my_project\qiling\examples\rootfs\arm_linux\bin\libnative-lib.so (E:\my_project\qiling\examples\rootfs\arm_linux\bin\libnative-lib.so)
[+] 56571000 - 56573000 - rwx [hook_mem] (E:\my_project\qiling\examples\rootfs\arm_linux\bin\libnative-lib.so)
[+] 7ff0d000 - 7ff3d000 - rwx [stack]
[+] ffff0000 - ffff1000 - rwx [arm_tls]
[+] ['0x1', '0x1', '0x1', '0x0', '0x0', '0x0', '0x0', '0x0']
[+] 0x56555004 01 01 01 00 00 00 00 00 00 00 00 00 03 00 28 00 01 00 00 00 00 00 00 00 34 00 00 00 58 0e 0e 00 00 02 00 05 34 00 20 00 08 00 28 00 26 00 25 00 06 00 00 00 34 00 00 00 34 00 00 00 34 00 00 00 andeq r0, r1, r1, lsl #2
andeq r0, r0, r0
andeq r0, r0, r0
eoreq r0, r8, r3
andeq r0, r0, r1
andeq r0, r0, r0
andeq r0, r0, r4, lsr r0
andeq r0, lr, r8, asr lr
streq r0, [r0, #-0x200]
eoreq r0, r0, r4, lsr r0
eoreq r0, r8, r8
eoreq r0, r5, r6, lsr #32
andeq r0, r0, r6
andeq r0, r0, r4, lsr r0
andeq r0, r0, r4, lsr r0
andeq r0, r0, r4, lsr r0
Traceback (most recent call last):
File "E:/test/mytest.py", line 16, in <module>
run_sandbox(["E:/my_project/qiling/examples/rootfs/arm_linux/bin/libnative-lib.so"], "E:/my_project/qiling/examples/rootfs/arm_linux", "dubug")
File "E:/test/mytest.py", line 10, in run_sandbox
ql.run()
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python36\lib\site-packages\qiling-1.2.dev0-py3.6.egg\qiling\core.py", line 199, in run
self.os.run()
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python36\lib\site-packages\qiling-1.2.dev0-py3.6.egg\qiling\os\linux\linux.py", line 126, in run
self.ql.emu_start(self.ql.loader.elf_entry, self.exit_point, self.ql.timeout, self.ql.count)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python36\lib\site-packages\qiling-1.2.dev0-py3.6.egg\qiling\core.py", line 258, in emu_start
self.uc.emu_start(begin, end, timeout, count)
File "C:\Users\Administrator\AppData\Local\Programs\Python\Python36\lib\site-packages\unicorn\unicorn.py", line 317, in emu_start
raise UcError(status)
unicorn.unicorn.UcError: Invalid memory write (UC_ERR_WRITE_UNMAPPED)are u on dev branch? and turn on debug ?
Hho-hyj
commented
4 years ago Yes, I'm on dev branch and turn on debug.
xwings
commented
4 years ago Ok, saw it.
Yes, that was an issue with Unicorn in Windows and I guess we need to find a solutions.
One suggestion is, u can try to run Qiling with WSL2. Work like magic !
Hho-hyj
commented
4 years ago Ok, I'll try it.
xwings
commented
4 years ago @Hho-hyj any updates ?
Hho-hyj
commented
4 years ago I try in WSL2 ,but it still have error
unicorn.unicorn.UcError: Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)
Ihere is my code
#!/usr/bin/env python
from qiling import *
import sys
sys.path.append("..")
def run_sandbox(path, rootfs, output):
ql = Qiling(path, rootfs, output = output)
ql.debug = True
ql.debug_stop = True
ql.run()
if __name__ == "__main__":
run_sandbox(["/mnt/c/Users/Administrator/learnqiling/libhello.so"],"/mnt/d/my_project/qiling/examples/rootfs/arm_linux","debug")here is the log
[+] load 0x555555554000 - 0x555555555000
[+] load 0x555555754000 - 0x555555756000
[+] mem_start: 0x0 mem_end: 0x202000
[+] mmap_address is : 0x7fffb7dd6000
[+] rel name b'__cxa_finalize'
[+] rel name b'_ITM_registerTMCloneTable'
[+] rel name b'_ITM_deregisterTMCloneTable'
[+] rel name b'__gmon_start__'
[!] Emulation Error
[-] ah : 0x50
[-] al : 0x20
[-] ch : 0x0
[-] cl : 0x0
[-] dh : 0x0
[-] dl : 0x0
[-] bh : 0x0
[-] bl : 0x0
[-] ax : 0x5020
[-] cx : 0x0
[-] dx : 0x0
[-] bx : 0x0
[-] sp : 0xde88
[-] bp : 0x0
[-] si : 0x0
[-] di : 0x5020
[-] ip : 0x1
[-] eax : 0x55755020
[-] ecx : 0x0
[-] edx : 0x0
[-] ebx : 0x0
[-] esp : 0xde88
[-] ebp : 0x0
[-] esi : 0x0
[-] edi : 0x55755020
[-] eip : 0x1
[-] rax : 0x555555755020
[-] rbx : 0x0
[-] rcx : 0x0
[-] rdx : 0x0
[-] rsi : 0x0
[-] rdi : 0x555555755020
[-] rbp : 0x0
[-] rsp : 0x80000000de88
[-] r8 : 0x0
[-] r9 : 0x0
[-] r10 : 0x0
[-] r11 : 0x0
[-] r12 : 0x0
[-] r13 : 0x0
[-] r14 : 0x0
[-] r15 : 0x0
[-] rip : 0x1
[-] cr0 : 0x11
[-] cr1 : 0x0
[-] cr2 : 0x0
[-] cr3 : 0x0
[-] cr4 : 0x0
[-] cr5 : 0x0
[-] cr6 : 0x0
[-] cr7 : 0x0
[-] cr8 : 0x0
[-] cr9 : 0x0
[-] cr10 : 0x0
[-] cr11 : 0x0
[-] cr12 : 0x0
[-] cr13 : 0x0
[-] cr14 : 0x0
[-] cr15 : 0x0
[-] st0 : 0x0
[-] st1 : 0x0
[-] st2 : 0x0
[-] st3 : 0x0
[-] st4 : 0x0
[-] st5 : 0x0
[-] st6 : 0x0
[-] st7 : 0x0
[-] ef : 0x44
[-] cs : 0x1b
[-] ss : 0x28
[-] ds : 0x28
[-] es : 0x28
[-] fs : 0x0
[-] gs : 0x0
[+] PC = 0x1
[+] Start End Perm. Path
[+] 00003000 - 00004000 - rwx [GDT]
[+] 555555554000 - 555555555000 - r-x /mnt/c/Users/Administrator/learnqiling/libhello.so (/mnt/c/Users/Administrator/learnqiling/libhello.so)
[+] 555555754000 - 555555756000 - rw- /mnt/c/Users/Administrator/learnqiling/libhello.so (/mnt/c/Users/Administrator/learnqiling/libhello.so)
[+] 555555756000 - 555555758000 - rwx [hook_mem] (/mnt/c/Users/Administrator/learnqiling/libhello.so)
[+] 7ffffffde000 - 80000000e000 - rwx [stack]
[+] ffffffffff600000 - ffffffffff601000 - rwx [vsyscall]
[!] Error: PC(0x1) Unreachable
Traceback (most recent call last):
File "test.py", line 15, in <module>
run_sandbox(["/mnt/c/Users/Administrator/learnqiling/libhello.so"],"/mnt/d/my_project/qiling/examples/rootfs/arm_linux","debug")
File "test.py", line 13, in run_sandbox
ql.run()
File "/usr/local/lib/python3.6/dist-packages/qiling/core.py", line 197, in run
self.os.run()
File "/usr/local/lib/python3.6/dist-packages/qiling/os/linux/linux.py", line 124, in run
self.ql.emu_start(self.ql.loader.elf_entry, self.exit_point, self.ql.timeout, self.ql.count)
File "/usr/local/lib/python3.6/dist-packages/qiling/core.py", line 256, in emu_start
self.uc.emu_start(begin, end, timeout, count)
File "/usr/local/lib/python3.6/dist-packages/unicorn/unicorn.py", line 317, in emu_start
raise UcError(status)
unicorn.unicorn.UcError: Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)Is it a same issue like this?
alan717
commented
4 years ago You try run a shared library with qiling thoughtly, it's wrong .Try use a execute link shared library and run with qiling.
Hho-hyj
commented
4 years ago Yes, that`s right. Thank you for your answer.
I use qilingframwork emulate linux and run a .so, then appear an UC_ERR_WRITE_UNMAPPED error.
Is there a problem with my programming or I ignore other problems?