Using LD_LIBRARY_PATH

Question

Using LD_LIBRARY_PATH

SweetVishnya opened this issue 4 years ago · 3 comments

Hi!

I am running symqemu on binary requiring LD_LIBRARY_PATH. Will LD_LIBRARY_PATH=lib SYMCC_INPUT_FILE=file x86_64-linux-user/symqemu-x86_64 ./a.out file work?

I am trying with and without LD_LIBRARY_PATH. It works both ways without any error messages. I cannot tell if it is working correctly.

Also, is there a way to turn off optimistic solving?

Answer 1 · 2021-01-27T19:48:30.000Z

What timeout do you use for solver?

Answer 2 · 2021-01-29T17:36:34.000Z

Hi @SweetVishnya,

Not sure about the library search path, I haven't modified anything in that regard. So whatever QEMU's user-mode emulation does applies to SymQEMU as well. I believe it respects your lookup path, and maybe it even has a command-line option to specify a custom path just for the target.

The solver timeout is 10 seconds, inherited from QSYM. As for optimistic solving, there's no switch to disable it, but you can comment out the relevant lines of code in QSYM. (SymCC pulls the QSYM code in via a Git submodule and stores it in runtime/qsym_backend/qsym.)

Hope that helps!

Answer 3 · 2021-01-29T17:44:55.000Z

Thank you for the answers, I will continue evaluating symqemu on Monday. One more question. Do u handle symbolic addresses? Do u generate multiple models for symbolic address as in qsym, they kind of try to solve switch branches that way.

P.S. Also, sent you an email.