qiling icon indicating copy to clipboard operation
qiling copied to clipboard

Published 20 hours ago verified publisher icon qilingframework

Report memory mapping to GDB client

Open ttimasdf opened this issue 5 years ago • 6 comments

Is your feature request related to a problem? Please describe.

gdb command info proc mapping returns empty.

图片

Describe the solution you'd like

There seems to be a stub here that may make it easier to implement this feature. maybe make a little bit change to ql.mem.show_mapinfo() could emulate a procmaps file?

https://github.com/qilingframework/qiling/blob/67d35579a78390cf975d81a96c08e361f086ba9e/qiling/debugger/gdbserver/gdbserver.py#L631-L632

I've never played with gdb protocol. I'll send a PR if I figure it out 😅

ttimasdf avatar Jun 09 '20 02:06 ttimasdf

the thing is we dont have /proc in qiling. To be honest, i still not too sure if we need to emulate that.

or we should figure out why do we need /proc and how we can emulate it.

xwings avatar Jun 09 '20 03:06 xwings

At least providing memory mapping information is friendly to debuggers.

I have a hacky solution here, https://github.com/ttimasdf/qiling/commit/5142844d9715328462f4917b4e80e40a35938711 . But I'm not sure it's good enough for PR. This patch should be used along with #325 or gdb will crash because of that bug.

Test case:

qltool run -f examples/rootfs/arm_linux/bin/arm_hello_static \
  --rootfs examples/rootfs/arm_linux --gdb 127.0.0.1:9999

Before:

图片

图片

After:

图片

图片

PS: I'm trying to add this feature because it's essential for a gdb plugin(ret-sync) to work (also stops gef from complaining), very personal...

ttimasdf avatar Jun 09 '20 06:06 ttimasdf

i guess u should just parse show_mapinfo. and rearrange in gdb.

this way u dont have to touch ql.os.memory?

maybe u can update and trow in a PR ?

xwings avatar Jun 09 '20 12:06 xwings

I'm getting to update this fix. There's a problem. How to get the return value of show_mapinfo? It's printed to console/log file. So one way or another it seems we need to modify ql.os.memory. IMHO i'd prefer to add another method to make it reusable.

https://github.com/qilingframework/qiling/blob/078996ce2dbe61c3da0b9b352634876d0e38be0f/qiling/os/memory.py#L119-L136

ttimasdf avatar Jul 21 '20 10:07 ttimasdf

If you look at the code, show_mapinfo() just parse ql.mem.map_info()

So you can just parse ql.mem.map_info()

xwings avatar Aug 13 '20 04:08 xwings

@ttimasdf a PR would be super nice 💯.

zi0Black avatar Dec 24 '20 10:12 zi0Black

Will you be able to try the latest version of Qiling and see if you still face same issue. There is lots of rework since 2020. Feel free to open a new issue if you have any similar problem.

xwings avatar Oct 06 '22 03:10 xwings