Syscall crashes on emulator
Opened this issue · 5 comments
It seems emulators, Memu and LDplayer does not like being syscalled. It cause crashes
It's working fine on my arm64 android 11, however it doesn't detect dump at all. GG successfully finished whole memory dump without detection
2021-05-29 12:49:41.547 11764-11764/? E/memtrack: Couldn't load memtrack module (No such file or directory)
2021-05-29 12:49:41.547 11764-11764/? E/android.os.Debug: failed to load memtrack module: -2
2021-05-29 12:49:41.551 676-676/com.android.phone E/PhoneInterfaceManager: [PhoneIntfMgr] getCarrierPackageNamesForIntent: No UICC
2021-05-29 12:49:42.735 11775-11775/? E/memtrack: Couldn't load memtrack module (No such file or directory)
2021-05-29 12:49:42.735 11775-11775/? E/android.os.Debug: failed to load memtrack module: -2
2021-05-29 12:49:42.739 676-676/com.android.phone E/PhoneInterfaceManager: [PhoneIntfMgr] getCarrierPackageNamesForIntent: No UICC
2021-05-29 12:49:42.896 11786-11786/? E/memtrack: Couldn't load memtrack module (No such file or directory)
2021-05-29 12:49:42.896 11786-11786/? E/android.os.Debug: failed to load memtrack module: -2
2021-05-29 12:49:42.916 11790-11790/? E/memtrack: Couldn't load memtrack module (No such file or directory)
2021-05-29 12:49:42.916 11790-11790/? E/android.os.Debug: failed to load memtrack module: -2
2021-05-29 12:49:42.921 676-676/com.android.phone E/PhoneInterfaceManager: [PhoneIntfMgr] getCarrierPackageNamesForIntent: No UICC
2021-05-29 12:49:43.084 11810-11810/? E/memtrack: Couldn't load memtrack module (No such file or directory)
2021-05-29 12:49:43.084 11810-11810/? E/android.os.Debug: failed to load memtrack module: -2
2021-05-29 12:49:43.209 11819-11836/com.darvin.security.detectdebugger A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 11836 (.detectdebugger)
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: Build fingerprint: 'google/google/G011A:7.1.2/20171130.376229:user/release-keys'
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: Revision: '0'
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: ABI: 'x86'
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: pid: 11819, tid: 11836, name: flush-8:0 >>> com.darvin.security.detectdebugger <<<
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: eax 0000014c ebx 00000000 ecx 0000014c edx b1db2898
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: esi 00000000 edi 9a013928
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: xcs 00000073 xds 0000007b xes 0000007b xfs 0000003b xss 0000007b
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: eip 00000000 ebp 9a00b3e8 esp 9a00b3cc flags 00010282
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: backtrace:
2021-05-29 12:49:43.214 11837-11837/? A/DEBUG: #00 pc 00000000 <unknown>
2021-05-29 12:49:43.274 92-92/? E/lowmemorykiller: Error opening /proc/11819/oom_score_adj; errno=2
2021-05-29 12:49:43.340 925-1381/com.microvirt.launcher2 E/EGL_adreno: tid 1381: eglSurfaceAttrib(1582): error 0x3009 (EGL_BAD_MATCH)
2021-05-29 12:49:43.475 520-2853/system_process E/EGL_adreno: tid 2853: eglSurfaceAttrib(1582): error 0x3009 (EGL_BAD_MATCH)
Thanks for reporting this. As of now, I don't plan to fix this, as long as it works on devices. However the concerning thing is detection not working on Android 11 device. I will check that part. Can you share some logs when GG does memory dump
Which excatly log are you looking for? I don't wanna share my whole logs here as it may contain senitive info
And anyway, this project is totally useless if you don't plan fixing for emulators because they can just go use emulators to get around anti-dump
Need just the application logs of this project
Created a new issue
Please support emulators because you already have x86 supported. i tried to target x86 only but still crash
It's an easy fix to make it work again, #include "sys/inotify.h" , remove the syscalls and replace the inotify syscalls with the inotify functions from inotify.h