qiling
qiling copied to clipboard
Attempting to simulate Android so load failed
When I tried to load a shared Android so file, I saw that in a section of the assembly code, the x17 register was actually jumping to an address in libc.so. However, it couldn't find this address, causing the loading to fail.
Then I tried several other shared so files, and it seems they have similar issues. Is it that it doesn't automatically load the required dynamic libraries?
code
from qiling import Qiling
from qiling.const import QL_OS, QL_ARCH, QL_VERBOSE, QL_ENDIAN
def my_test():
target_so = "./my_project/env/so_files/libloader.so"
rootfs = "./examples/rootfs/arm64_android6.0"
env = {
'ANDROID_DATA': r'/data',
'ANDROID_ROOT': r'/system',
}
ql = Qiling([target_so],
rootfs,
env,
profile="./my_project/env/qiling_config.ql",
ostype=QL_OS.LINUX,
archtype=QL_ARCH.ARM64,
verbose=QL_VERBOSE.DISASM,
multithread=False,
endian=QL_ENDIAN.EL)
ql.run()
if __name__ == "__main__":
my_test()
logfile
[+] Profile: /home/ubuntu/qiling/my_project/env/qiling_config.ql
[+] Mapped 0xe7f818e01000-0xe7f8196cd000
[+] Mapped 0xe7f8196dd000-0xe7f81a3c5000
[+] mem_start : 0xe7f818e01000
[+] mem_end : 0xe7f81a3c5000
[+] mmap_address is : 0xe7f818e01000
[+] rel name b'getentropy'
[+] rel name b'pthread_create'
[+] rel name b'malloc'
[+] rel name b'free'
[+] rel name b'__sF'
[+] rel name b'_ctype_'
[+] rel name b'strcmp'
[+] rel name b'strcasecmp'
[+] rel name b'dlsym'
[+] rel name b'wcswidth'
[+] rel name b'environ'
[+] rel name b'realloc'
[+] rel name b'pthread_self'
[+] rel name b'pthread_rwlock_wrlock'
[+] rel name b'android_gethostbynamefornet'
[+] rel name b'mmap'
[+] rel name b'remove'
[+] rel name b'dl_iterate_phdr'
[+] rel name b'__strchr_chk'
[+] rel name b'tempnam'
[+] rel name b'inet_aton'
[+] rel name b'getauxval'
[+] rel name b'pthread_mutexattr_setpshared'
[+] rel name b'strnlen'
[+] rel name b'getpid'
[+] rel name b'ungetc'
[+] rel name b'fork'
[+] rel name b'strncpy'
[+] rel name b'inflateReset'
[+] rel name b'lseek'
[+] rel name b'send'
[+] rel name b'__memmove_chk'
[+] rel name b'gmtime'
[+] rel name b'flistxattr'
[+] rel name b'sigismember'
[+] rel name b'wmemcmp'
[+] rel name b'strtok'
[+] rel name b'pthread_rwlock_destroy'
[+] rel name b'towlower'
[+] rel name b'select'
[+] rel name b'sqlite3_open16'
[+] rel name b'pthread_getspecific'
[+] rel name b'pipe'
[+] rel name b'strtod'
[+] rel name b'pthread_rwlock_rdlock'
[+] rel name b'inflateEnd'
[+] rel name b'getentropy'
[+] rel name b'creat'
[+] rel name b'__cxa_atexit'
[+] rel name b'sigsetjmp'
[+] rel name b'qsort'
[+] rel name b'kill'
[+] rel name b'stat'
[+] rel name b'_ZdaPv'
[+] rel name b'lstat64'
[+] rel name b'wctype'
[+] rel name b'memcmp'
[+] rel name b'pthread_rwlock_init'
[+] rel name b'pthread_create'
[+] rel name b'ftruncate'
[+] rel name b'_Znwm'
[+] rel name b'access'
[+] rel name b'__strncpy_chk'
[+] rel name b'pthread_join'
[+] rel name b'fgetxattr'
[+] rel name b'pthread_atfork'
[+] rel name b'fgets'
[+] rel name b'fputs'
[+] rel name b'fread'
[+] rel name b'epoll_wait'
[+] rel name b'gethostbyname2'
[+] rel name b'fdopen'
[+] rel name b'malloc'
[+] rel name b'rename'
[+] rel name b'fseek'
[+] rel name b'pthread_once'
[+] rel name b'memmem'
[+] rel name b'sqlite3_open_v2'
[+] rel name b'_exit'
[+] rel name b'__stack_chk_fail'
[+] rel name b'vfprintf'
[+] rel name b'pthread_rwlock_tryrdlock'
[+] rel name b'fwrite'
[+] rel name b'calloc'
[+] rel name b'fstatat'
[+] rel name b'wmemmove'
[+] rel name b'shutdown'
[+] rel name b'wmemset'
[+] rel name b'strcpy'
[+] rel name b'sigaction'
[+] rel name b'strxfrm'
[+] rel name b'mkdir'
[+] rel name b'sigaddset'
[+] rel name b'bind'
[+] rel name b'isdigit'
[+] rel name b'btowc'
[+] rel name b'__cxa_guard_release'
[+] rel name b'readdir'
[+] rel name b'listen'
[+] rel name b'_ZdlPv'
[+] rel name b'__snprintf_chk'
[+] rel name b'getaddrinfo'
[+] rel name b'__openat'
[+] rel name b'pthread_cond_wait'
[+] rel name b'lstat'
[+] rel name b'read'
[+] rel name b'__sprintf_chk'
[+] rel name b'__ctype_get_mb_cur_max'
[+] rel name b'close'
[+] rel name b'chmod'
[+] rel name b'getcwd'
[+] rel name b'__FD_SET_chk'
[+] rel name b'lseek64'
[+] rel name b'getc'
[+] rel name b'wcsftime'
[+] rel name b'pthread_cond_signal'
[+] rel name b'ungetwc'
[+] rel name b'nftw'
[+] rel name b'strndup'
[+] rel name b'isprint'
[+] rel name b'fstatat64'
[+] rel name b'inflateInit2_'
[+] rel name b'getppid'
[+] rel name b'_Znam'
[+] rel name b'pthread_mutexattr_settype'
[+] rel name b'__cxa_pure_virtual'
[+] rel name b'tcgetattr'
[+] rel name b'pthread_mutexattr_init'
[+] rel name b'readv'
[+] rel name b'free'
[+] rel name b'__strrchr_chk'
[+] rel name b'vsscanf'
[+] rel name b'inflate'
[+] rel name b'fputc'
[+] rel name b'setxattr'
[+] rel name b'setsockopt'
[+] rel name b'pthread_rwlock_unlock'
[+] rel name b'ceil'
[+] rel name b'getrlimit'
[+] rel name b'toupper'
[+] rel name b'mmap64'
[+] rel name b'__errno'
[+] rel name b'pthread_rwlock_timedrdlock'
[+] rel name b'__strncpy_chk2'
[+] rel name b'fflush'
[+] rel name b'closedir'
[+] rel name b'strchr'
[+] rel name b'open'
[+] rel name b'epoll_ctl'
[+] rel name b'poll'
[+] rel name b'strdup'
[+] rel name b'strcmp'
[+] rel name b'sysconf'
[+] rel name b'mremap'
[+] rel name b'sigprocmask'
[+] rel name b'getenv'
[+] rel name b'putc'
[+] rel name b'pthread_condattr_setpshared'
[+] rel name b'inet_ntop'
[+] rel name b'wcscoll'
[+] rel name b'strcasecmp'
[+] rel name b'pthread_mutex_trylock'
[+] rel name b'dup2'
[+] rel name b'pread'
[+] rel name b'__system_property_get'
[+] rel name b'pthread_setspecific'
[+] rel name b'AAsset_read'
[+] rel name b'inet_pton'
[+] rel name b'__strlen_chk'
[+] rel name b'sleep'
[+] rel name b'ctime'
[+] rel name b'strftime'
[+] rel name b'__open'
[+] rel name b'__loader_dlsym'
[+] rel name b'dlsym'
[+] rel name b'sigemptyset'
[+] rel name b'regexec'
[+] rel name b'mbrtowc'
[+] rel name b'pthread_mutex_unlock'
[+] rel name b'memmove'
[+] rel name b'wcsxfrm'
[+] rel name b'memset'
[+] rel name b'setlocale'
[+] rel name b'pthread_rwlock_trywrlock'
[+] rel name b'clock'
[+] rel name b'__FD_ISSET_chk'
[+] rel name b'geteuid'
[+] rel name b'time'
[+] rel name b'ftell'
[+] rel name b'inet_addr'
[+] rel name b'strrchr'
[+] rel name b'fsetxattr'
[+] rel name b'strstr'
[+] rel name b'pread64'
[+] rel name b'__cxa_finalize'
[+] rel name b'android_getaddrinfofornet'
[+] rel name b'fstat64'
[+] rel name b'siglongjmp'
[+] rel name b'strtok_r'
[+] rel name b'ftruncate64'
[+] rel name b'gettimeofday'
[+] rel name b'regfree'
[+] rel name b'strcat'
[+] rel name b'__cxa_guard_acquire'
[+] rel name b'getsockopt'
[+] rel name b'epoll_create1'
[+] rel name b'freeaddrinfo'
[+] rel name b'pthread_mutex_init'
[+] rel name b'towupper'
[+] rel name b'dlerror'
[+] rel name b'fclose'
[+] rel name b'strtoull'
[+] rel name b'getxattr'
[+] rel name b'listxattr'
[+] rel name b'fprintf'
[+] rel name b'pthread_cond_destroy'
[+] rel name b'ferror'
[+] rel name b'ioctl'
[+] rel name b'munmap'
[+] rel name b'fnmatch'
[+] rel name b'__strcpy_chk'
[+] rel name b'abort'
[+] rel name b'dlclose'
[+] rel name b'android_dlopen_ext'
[+] rel name b'msync'
[+] rel name b'getnameinfo'
[+] rel name b'tcsetattr'
[+] rel name b'pthread_cond_timedwait'
[+] rel name b'usleep'
[+] rel name b'pthread_cond_init'
[+] rel name b'setvbuf'
[+] rel name b'write'
[+] rel name b'stat64'
[+] rel name b'__recvfrom_chk'
[+] rel name b'pthread_sigmask'
[+] rel name b'mktime'
[+] rel name b'strtold'
[+] rel name b'strtol'
[+] rel name b'pthread_condattr_init'
[+] rel name b'readlink'
[+] rel name b'nanosleep'
[+] rel name b'regcomp'
[+] rel name b'__vsnprintf_chk'
[+] rel name b'mlock'
[+] rel name b'dladdr'
[+] rel name b'removexattr'
[+] rel name b'pthread_mutex_lock'
[+] rel name b'getpagesize'
[+] rel name b'gethostbyname'
[+] rel name b'iswctype'
[+] rel name b'pthread_rwlockattr_setpshared'
[+] rel name b'pwrite'
[+] rel name b'getwc'
[+] rel name b'pthread_mutex_destroy'
[+] rel name b'prctl'
[+] rel name b'fcntl'
[+] rel name b'fstat'
[+] rel name b'flock'
[+] rel name b'pthread_mutexattr_destroy'
[+] rel name b'sscanf'
[+] rel name b'isspace'
[+] rel name b'strspn'
[+] rel name b'wmemchr'
[+] rel name b'pthread_rwlock_timedwrlock'
[+] rel name b'strtof'
[+] rel name b'writev'
[+] rel name b'realloc'
[+] rel name b'strcspn'
[+] rel name b'localtime'
[+] rel name b'AAsset_seek'
[+] rel name b'strcoll'
[+] rel name b'socket'
[+] rel name b'dup3'
[+] rel name b'__strncat_chk'
[+] rel name b'pthread_key_delete'
[+] rel name b'uname'
[+] rel name b'strncmp'
[+] rel name b'fopen'
[+] rel name b'gmtime_r'
[+] rel name b'signal'
[+] rel name b'vsprintf'
[+] rel name b'dup'
[+] rel name b'wctob'
[+] rel name b'strtoul'
[+] rel name b'memcpy'
[+] rel name b'getsockname'
[+] rel name b'gai_strerror'
[+] rel name b'vsnprintf'
[+] rel name b'strsep'
[+] rel name b'pthread_mutex_timedlock'
[+] rel name b'madvise'
[+] rel name b'sigdelset'
[+] rel name b'rmdir'
[+] rel name b'tolower'
[+] rel name b'syscall'
[+] rel name b'asprintf'
[+] rel name b'openat'
[+] rel name b'feof'
[+] rel name b'unlink'
[+] rel name b'sigfillset'
[+] rel name b'rand'
[+] rel name b'vfork'
[+] rel name b'getdents'
[+] rel name b'fileno'
[+] rel name b'pthread_equal'
[+] rel name b'wcslen'
[+] rel name b'memchr'
[+] rel name b'pthread_rwlockattr_init'
[+] rel name b'connect'
[+] rel name b'__strcat_chk'
[+] rel name b'strerror'
[+] rel name b'atoi'
[+] rel name b'strlen'
[+] rel name b'sprintf'
[+] rel name b'accept'
[+] rel name b'wcrtomb'
[+] rel name b'random'
[+] rel name b'pthread_key_create'
[+] rel name b'sqlite3_open'
[+] rel name b'realpath'
[+] rel name b'pthread_detach'
[+] rel name b'__read_chk'
[+] rel name b'pwrite64'
[+] rel name b'strncasecmp'
[+] rel name b'putwc'
[+] rel name b'opendir'
[+] rel name b'fremovexattr'
[+] rel name b'clock_gettime'
[+] rel name b'wmemcpy'
[+] rel name b'mprotect'
[+] rel name b'__memcpy_chk'
[=] 0000e7f818e5c000 [libloader.so + 0x05b000] fd 7b bc a9 stp x29, x30, [sp, #-0x40]!
[=] 0000e7f818e5c004 [libloader.so + 0x05b004] fd 03 00 91 mov x29, sp
[=] 0000e7f818e5c008 [libloader.so + 0x05b008] f3 53 01 a9 stp x19, x20, [sp, #0x10]
[=] 0000e7f818e5c00c [libloader.so + 0x05b00c] f5 5b 02 a9 stp x21, x22, [sp, #0x20]
[=] 0000e7f818e5c010 [libloader.so + 0x05b010] f7 1b 00 f9 str x23, [sp, #0x30]
[=] 0000e7f818e5c014 [libloader.so + 0x05b014] f6 03 01 aa mov x22, x1
[=] 0000e7f818e5c018 [libloader.so + 0x05b018] f7 03 00 aa mov x23, x0
[=] 0000e7f818e5c01c [libloader.so + 0x05b01c] f4 03 02 aa mov x20, x2
[=] 0000e7f818e5c020 [libloader.so + 0x05b020] 5a 85 17 94 bl #0xe7f81943d588
[=] 0000e7f81943d588 [libloader.so + 0x63c588] fd 7b bf a9 stp x29, x30, [sp, #-0x10]!
[=] 0000e7f81943d58c [libloader.so + 0x63c58c] 01 0f 00 f0 adrp x1, #0xe7f819620000
[=] 0000e7f81943d590 [libloader.so + 0x63c590] 00 03 80 d2 movz x0, #0x18
[=] 0000e7f81943d594 [libloader.so + 0x63c594] fd 03 00 91 mov x29, sp
[=] 0000e7f81943d598 [libloader.so + 0x63c598] 21 20 1e 91 add x1, x1, #0x788
[=] 0000e7f81943d59c [libloader.so + 0x63c59c] c2 1e 80 52 movz w2, #0xf6
[=] 0000e7f81943d5a0 [libloader.so + 0x63c5a0] fa f5 00 94 bl #0xe7f81947ad88
[=] 0000e7f81947ad88 [libloader.so + 0x679d88] fd 7b be a9 stp x29, x30, [sp, #-0x20]!
[=] 0000e7f81947ad8c [libloader.so + 0x679d8c] fd 03 00 91 mov x29, sp
[=] 0000e7f81947ad90 [libloader.so + 0x679d90] f3 53 01 a9 stp x19, x20, [sp, #0x10]
[=] 0000e7f81947ad94 [libloader.so + 0x679d94] f4 03 00 aa mov x20, x0
[=] 0000e7f81947ad98 [libloader.so + 0x679d98] a1 ff ff 97 bl #0xe7f81947ac1c
[=] 0000e7f81947ac1c [libloader.so + 0x679c1c] 03 19 00 d0 adrp x3, #0xe7f81979c000
[=] 0000e7f81947ac20 [libloader.so + 0x679c20] e5 03 00 aa mov x5, x0
[=] 0000e7f81947ac24 [libloader.so + 0x679c24] fd 7b bf a9 stp x29, x30, [sp, #-0x10]!
[=] 0000e7f81947ac28 [libloader.so + 0x679c28] fd 03 00 91 mov x29, sp
[=] 0000e7f81947ac2c [libloader.so + 0x679c2c] 63 d4 46 f9 ldr x3, [x3, #0xda8]
[=] 0000e7f81947ac30 [libloader.so + 0x679c30] 03 01 00 b4 cbz x3, #0xe7f81947ac50
[=] 0000e7f81947ac50 [libloader.so + 0x679c50] 05 01 00 b4 cbz x5, #0xe7f81947ac70
[=] 0000e7f81947ac54 [libloader.so + 0x679c54] 00 19 00 d0 adrp x0, #0xe7f81979c000
[=] 0000e7f81947ac58 [libloader.so + 0x679c58] 01 98 4d b9 ldr w1, [x0, #0xd98]
[=] 0000e7f81947ac5c [libloader.so + 0x679c5c] 41 00 00 34 cbz w1, #0xe7f81947ac64
[=] 0000e7f81947ac60 [libloader.so + 0x679c60] 1f 98 0d b9 str wzr, [x0, #0xd98]
[=] 0000e7f81947ac64 [libloader.so + 0x679c64] fd 7b c1 a8 ldp x29, x30, [sp], #0x10
[=] 0000e7f81947ac68 [libloader.so + 0x679c68] e0 03 05 aa mov x0, x5
[=] 0000e7f81947ac6c [libloader.so + 0x679c6c] 29 7f e7 17 b #0xe7f818e5a910
[=] 0000e7f818e5a910 [libloader.so + 0x059910] 70 45 00 d0 adrp x16, #0xe7f819708000
[=] 0000e7f818e5a914 [libloader.so + 0x059914] 11 f2 40 f9 ldr x17, [x16, #0x1e0]
[=] 0000e7f818e5a918 [libloader.so + 0x059918] 10 82 07 91 add x16, x16, #0x1e0
[=] 0000e7f818e5a91c [libloader.so + 0x05991c] 20 02 1f d6 br x17
[x] CPU Context:
[x] x0 : 0x18
[x] x1 : 0x1
[x] x2 : 0xf6
[x] x3 : 0x0
[x] x4 : 0x0
[x] x5 : 0x18
[x] x6 : 0x0
[x] x7 : 0x0
[x] x8 : 0x0
[x] x9 : 0x0
[x] x10 : 0x0
[x] x11 : 0x0
[x] x12 : 0x0
[x] x13 : 0x0
[x] x14 : 0x0
[x] x15 : 0x0
[x] x16 : 0xe7f8197081e0
[x] x17 : 0x59530
[x] x18 : 0x0
[x] x19 : 0x0
[x] x20 : 0x18
[x] x21 : 0x0
[x] x22 : 0x0
[x] x23 : 0x0
[x] x24 : 0x0
[x] x25 : 0x0
[x] x26 : 0x0
[x] x27 : 0x0
[x] x28 : 0x0
[x] x29 : 0x7ffffffffd30
[x] x30 : 0xe7f81947ad9c
[x] sp : 0x7ffffffffd30
[x] pc : 0x59530
[x] lr : 0xe7f81947ad9c
[x] cpacr_el1 : 0x300000
[x] tpidr_el0 : 0x0
[x] pstate : 0x400003c5
[x] b0 : 0x0
[x] b1 : 0x0
[x] b2 : 0x0
[x] b3 : 0x0
[x] b4 : 0x0
[x] b5 : 0x0
[x] b6 : 0x0
[x] b7 : 0x0
[x] b8 : 0x0
[x] b9 : 0x0
[x] b10 : 0x0
[x] b11 : 0x0
[x] b12 : 0x0
[x] b13 : 0x0
[x] b14 : 0x0
[x] b15 : 0x0
[x] b16 : 0x0
[x] b17 : 0x0
[x] b18 : 0x0
[x] b19 : 0x0
[x] b20 : 0x0
[x] b21 : 0x0
[x] b22 : 0x0
[x] b23 : 0x0
[x] b24 : 0x0
[x] b25 : 0x0
[x] b26 : 0x0
[x] b27 : 0x0
[x] b28 : 0x0
[x] b29 : 0x0
[x] b30 : 0x0
[x] b31 : 0x0
[x] d0 : 0x0
[x] d1 : 0x0
[x] d2 : 0x0
[x] d3 : 0x0
[x] d4 : 0x0
[x] d5 : 0x0
[x] d6 : 0x0
[x] d7 : 0x0
[x] d8 : 0x0
[x] d9 : 0x0
[x] d10 : 0x0
[x] d11 : 0x0
[x] d12 : 0x0
[x] d13 : 0x0
[x] d14 : 0x0
[x] d15 : 0x0
[x] d16 : 0x0
[x] d17 : 0x0
[x] d18 : 0x0
[x] d19 : 0x0
[x] d20 : 0x0
[x] d21 : 0x0
[x] d22 : 0x0
[x] d23 : 0x0
[x] d24 : 0x0
[x] d25 : 0x0
[x] d26 : 0x0
[x] d27 : 0x0
[x] d28 : 0x0
[x] d29 : 0x0
[x] d30 : 0x0
[x] d31 : 0x0
[x] h0 : 0x0
[x] h1 : 0x0
[x] h2 : 0x0
[x] h3 : 0x0
[x] h4 : 0x0
[x] h5 : 0x0
[x] h6 : 0x0
[x] h7 : 0x0
[x] h8 : 0x0
[x] h9 : 0x0
[x] h10 : 0x0
[x] h11 : 0x0
[x] h12 : 0x0
[x] h13 : 0x0
[x] h14 : 0x0
[x] h15 : 0x0
[x] h16 : 0x0
[x] h17 : 0x0
[x] h18 : 0x0
[x] h19 : 0x0
[x] h20 : 0x0
[x] h21 : 0x0
[x] h22 : 0x0
[x] h23 : 0x0
[x] h24 : 0x0
[x] h25 : 0x0
[x] h26 : 0x0
[x] h27 : 0x0
[x] h28 : 0x0
[x] h29 : 0x0
[x] h30 : 0x0
[x] h31 : 0x0
[x] q0 : 0x0
[x] q1 : 0x0
[x] q2 : 0x0
[x] q3 : 0x0
[x] q4 : 0x0
[x] q5 : 0x0
[x] q6 : 0x0
[x] q7 : 0x0
[x] q8 : 0x0
[x] q9 : 0x0
[x] q10 : 0x0
[x] q11 : 0x0
[x] q12 : 0x0
[x] q13 : 0x0
[x] q14 : 0x0
[x] q15 : 0x0
[x] q16 : 0x0
[x] q17 : 0x0
[x] q18 : 0x0
[x] q19 : 0x0
[x] q20 : 0x0
[x] q21 : 0x0
[x] q22 : 0x0
[x] q23 : 0x0
[x] q24 : 0x0
[x] q25 : 0x0
[x] q26 : 0x0
[x] q27 : 0x0
[x] q28 : 0x0
[x] q29 : 0x0
[x] q30 : 0x0
[x] q31 : 0x0
[x] s0 : 0x0
[x] s1 : 0x0
[x] s2 : 0x0
[x] s3 : 0x0
[x] s4 : 0x0
[x] s5 : 0x0
[x] s6 : 0x0
[x] s7 : 0x0
[x] s8 : 0x0
[x] s9 : 0x0
[x] s10 : 0x0
[x] s11 : 0x0
[x] s12 : 0x0
[x] s13 : 0x0
[x] s14 : 0x0
[x] s15 : 0x0
[x] s16 : 0x0
[x] s17 : 0x0
[x] s18 : 0x0
[x] s19 : 0x0
[x] s20 : 0x0
[x] s21 : 0x0
[x] s22 : 0x0
[x] s23 : 0x0
[x] s24 : 0x0
[x] s25 : 0x0
[x] s26 : 0x0
[x] s27 : 0x0
[x] s28 : 0x0
[x] s29 : 0x0
[x] s30 : 0x0
[x] s31 : 0x0
[x] w0 : 0x18
[x] w1 : 0x1
[x] w2 : 0xf6
[x] w3 : 0x0
[x] w4 : 0x0
[x] w5 : 0x18
[x] w6 : 0x0
[x] w7 : 0x0
[x] w8 : 0x0
[x] w9 : 0x0
[x] w10 : 0x0
[x] w11 : 0x0
[x] w12 : 0x0
[x] w13 : 0x0
[x] w14 : 0x0
[x] w15 : 0x0
[x] w16 : 0x197081e0
[x] w17 : 0x59530
[x] w18 : 0x0
[x] w19 : 0x0
[x] w20 : 0x18
[x] w21 : 0x0
[x] w22 : 0x0
[x] w23 : 0x0
[x] w24 : 0x0
[x] w25 : 0x0
[x] w26 : 0x0
[x] w27 : 0x0
[x] w28 : 0x0
[x] w29 : 0xfffffd30
[x] w30 : 0x1947ad9c
[x] v0 : 0x0
[x] v1 : 0x0
[x] v2 : 0x0
[x] v3 : 0x0
[x] v4 : 0x0
[x] v5 : 0x0
[x] v6 : 0x0
[x] v7 : 0x0
[x] v8 : 0x0
[x] v9 : 0x0
[x] v10 : 0x0
[x] v11 : 0x0
[x] v12 : 0x0
[x] v13 : 0x0
[x] v14 : 0x0
[x] v15 : 0x0
[x] v16 : 0x0
[x] v17 : 0x0
[x] v18 : 0x0
[x] v19 : 0x0
[x] v20 : 0x0
[x] v21 : 0x0
[x] v22 : 0x0
[x] v23 : 0x0
[x] v24 : 0x0
[x] v25 : 0x0
[x] v26 : 0x0
[x] v27 : 0x0
[x] v28 : 0x0
[x] v29 : 0x0
[x] v30 : 0x0
[x] v31 : 0x0
[x] PC = 0x0000000000059530 (unreachable)
[x] Memory map:
[x] Start End Perm Label Image
[x] 007ffffffd0000 - 00800000000000 rwx [stack]
[x] 00e7f818e01000 - 00e7f8196cd000 r-x libloader.so /home/ubuntu/qiling/my_project/env/so_files/libloader.so
[x] 00e7f8196dd000 - 00e7f81a3c5000 rw- libloader.so /home/ubuntu/qiling/my_project/env/so_files/libloader.so
[x] 00e7f81a3c5000 - 00e7f81a3c7000 rwx [hook_mem]
Traceback (most recent call last):
File "/home/ubuntu/qiling/qiling/os/linux/linux.py", line 184, in run
self.ql.emu_start(self.ql.loader.elf_entry, self.exit_point, self.ql.timeout, self.ql.count)
File "/home/ubuntu/qiling/qiling/core.py", line 762, in emu_start
self.uc.emu_start(begin, end, timeout, count)
File "/home/ubuntu/.pyenv/versions/qilingenv/lib/python3.10/site-packages/unicorn/unicorn.py", line 547, in emu_start
raise UcError(status)
unicorn.unicorn.UcError: Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)
Process finished with exit code 1