A question about infinite loop in mipsel
Closed this issue · 15 comments
When I check the assembly code of mipsel/busybox in IDA,I find a infinite loop in _ftext
And when I execute it in angr,I will always fall into this loop.
I'm a beginner. I dont know what this loop means and how to jump out. Can someone help me?
I think that's the equivalent to hlt on X86 and should never be met during execution. Is the call above it __libc_start_main()?
And furthermore, in the angr state trapped in the infinite loop, what is the state.history.descriptions.hardcopy?
And furthermore, in the angr state trapped in the infinite loop, what is the
state.history.descriptions.hardcopy?
'<IRSB from 0x407010: 1 sat>',
'<IRSB from 0x40701c: 1 sat>',
'<SimProcedure __uClibc_main (stub) from 0x10003e8: 1 sat>',
'<IRSB from 0x407064: 1 sat>',
'<IRSB from 0x407064: 1 sat>'
You can just use angr’s libc_start_main() instead.
Actually, it seems we already have a _uClibc_main which is just a copy of __libc_start_main. Why wasn't it inserted already?
Can you print project.loader.all_objects and project.loader.requested_names?
I loaded libc.so.0. But simgr got error in libc.so.0 after several steps. Error message was <State errored with "No bytes in memory for block starting at 0x0.">. I dont know what's wrong......
So what's the state.history.descriptions.hardcopy for the errored state?
<IRSB from 0x4011f0: 1 sat>
<IRSB from 0x4011fc: 1 sat>
<IRSB from 0x402d3ac: 1 sat 1 unsat>
<IRSB from 0x402d428: 1 sat>
<SimProcedure memset from 0x401d420: 1 sat>
<IRSB from 0x402d43c: 1 sat>
<IRSB from 0x402d44c: 1 sat 1 unsat>
<IRSB from 0x402d458: 1 sat>
<IRSB from 0x402d488: 1 sat 1 unsat>
<IRSB from 0x402d464: 1 sat 1 unsat>
<IRSB from 0x402d484: 1 sat 1 unsat>
<IRSB from 0x402d494: 1 sat>
<IRSB from 0x4037080: 1 sat>
<IRSB from 0x402d4a0: 1 sat>
<IRSB from 0x402d344: 1 sat 1 unsat>
<IRSB from 0x402d36c: 1 sat 1 unsat>
<IRSB from 0x402d388: 1 sat 1 unsat>
<IRSB from 0x402d394: 1 sat>
<IRSB from 0x4019bc0: 1 sat>
<SimProcedure __errno_location from 0x400d0e0: 1 sat>
<IRSB from 0x4019bfc: 1 sat>
<IRSB from 0x401f050: 1 sat>
<IRSB from 0x401f220: 1 sat>
<IRSB from 0x4008990: 1 sat>
<SimProcedure ioctl (syscall) (stub) from 0x40089c4: 1 sat>
<IRSB from 0x40089c4: 1 sat 1 unsat>
<IRSB from 0x40089cc: 1 sat>
<SimProcedure __errno_location from 0x400d0e0: 1 sat>
<IRSB from 0x40089d8: 1 sat>
<IRSB from 0x401f254: 1 sat 1 unsat>
<IRSB from 0x401f2b8: 1 sat>
<IRSB from 0x401f074: 1 sat>
<IRSB from 0x4019c18: 1 sat>
<IRSB from 0x401f050: 1 sat>
<IRSB from 0x401f220: 1 sat>
<IRSB from 0x4008990: 1 sat>
<SimProcedure ioctl (syscall) (stub) from 0x40089c4: 1 sat>
<IRSB from 0x40089c4: 1 sat 1 unsat>
<IRSB from 0x40089cc: 1 sat>
<SimProcedure __errno_location from 0x400d0e0: 1 sat>
<IRSB from 0x40089d8: 1 sat>
<IRSB from 0x401f254: 1 sat 1 unsat>
<IRSB from 0x401f2b8: 1 sat>
<IRSB from 0x401f074: 1 sat>
<IRSB from 0x4019c40: 1 sat>
<IRSB from 0x402d4b0: 1 sat 1 unsat>
<IRSB from 0x402d520: 1 sat 1 unsat>
<IRSB from 0x402d528: 1 sat 1 unsat>
<IRSB from 0x402d530: 1 sat 1 unsat>
<IRSB from 0x402d580: 1 sat 1 unsat>
<IRSB from 0x402d5cc: 1 sat>
<IRSB from 0x402d608: 1 sat 1 unsat>
<IRSB from 0x402d5f4: 1 sat>
Excuse me, do you have a solution now?
The solution is sitting on a computer I am away from and do not have access to at the moment. Please have some faith that I have not forgotten you.
I've pushed something which should be a fix. There may be any number of things which still don't work. Please let me know.
This issue has been marked as stale because it has no recent activity. Please comment or add the pinned tag to prevent this issue from being closed.
This issue has been closed due to inactivity.