Connect to luma3ds gdb stub with "GNU gdb local agent via GADP/TCP"

[SirEnder125]

Hey. Someone recently told me:

If 3ds includes a gdb stub compatible with 7.0 or greater, you can use the "GNU gdb over GADP" interface.

I'm not sure if it is compatible. But Luma3ds does have a gdb stub. But the debugger gives me this error:

java.util.concurrent.CompletionException: java.lang.RuntimeException: agent terminated unexpectedly.

[d-millar]

Can you connect to the stub via gdb?

[d-millar]

Actually, I think I'm confused - the error you sent implies the agent died, but the command I suggested you run shouldn't be running an agent. Did you connect using "GNU gdb over GADP"?

[d-millar]

Hmmm, not sure that's right either - hold off, let me consult tomorrow, maybe give you better advice

[SirEnder125]

Actually, I think I'm confused - the error you sent implies the agent died, but the command I suggested you run shouldn't be running an agent. Did you connect using "GNU gdb over GADP"?

There isn't actually something called that. Only GNU gdb local agent via GADP/TCP.

Can you connect to the stub via gdb?

Yes.

Hmmm, not sure that's right either - hold off, let me consult tomorrow, maybe give you better advice

Okay.

[SirEnder125]

Okay, this is where I am so far:
I thought my 2DS was freezing because something went wrong. But, someone told me that
that is supposed to happen.
If it is, then, GADP connection over TCP is working fine. ALTHOUGH, it does not let me view
anything. If I connect to it via gdb (arm-none-eabi-gdb.exe) it does nothing until I type continue,
or c. Whereas in ghidra there is no continue option. What can I do?

[d-millar]

I keep forgetting you're on a Windows box....OK, right, so you're doing the right thing, but I probably haven't provided enough detail again. Either the "GNU gdb local agent over GADP/TCP" or the "IN-VM gdb local debugger" options should work as long as you specify the correct command in the "GDB launch command" parameter (in your case /path/to/arm-none-eabi-gdb.exe") . I would recommend the latter as it will give you more info if it dies and is easier to debug if we have to go that route.

When you connect, the device may or may not be running. If it has broken, you'll be in the same state as you were with gdb.exe, and, when you select the process/inferior in the Objects Provider, the green resume/continue button should be enabled. If it's not (i.e. it's running), selecting the same object should enable the interrupt/pause button. If neither of those are true, you'll probably need to do something else in the Interpreter Console. The Interpreter Console is basically (more or less) the same environment as the gdb shell. If you are entering something like "target remote host:port" in gdb, you will have to do the same in the Interpreter. (If the Interpreter isn't visible, launch it from the Objects Provider.) You may also want to read a bit of the help - most of the windows don't display useful info until you are tracing the target.

[d-millar]

Oh, and to clarify "GADP connection over TCP" won't work. That's really only for talking to a remote Ghidra agent running on a different box (potentially connected to a client). If you were using that, the stub was probably extremely confused because we were talking GADP to it and it only speaks RSP. Am guessing you may get the agent died message again, but, if you run from Eclipse, you may get a stack trace that'll help us figure out why. Does that all make sense?

[SirEnder125]

I don't really get it. On my 2ds, I have Luma3ds and I turn on the debugger and
it gives me my 2ds' IP address. I go to the process list, enable the game I am playing
and it gives me port 4000 (Usually). IN-VM gdb local debugger does not let me
connect to and IP/port. But, as I said, GADP connection over TCP works fine, it
does what GDB does. GDB seems to work fine after I enter continue, though, it
does not have a GUI. So I want to use Ghidra. Ghidra does not allow a continue
as far as I've seen. Where can it be found?

[SirEnder125]

Sorry for the giant image, but this is what Ghidra looks like:

The IP and port are what luma3ds gives me.
When I try to connect, it says "connecting...", yet never un-greys out the buttons.
ALL the buttons, "pause"/"resume" are greyed out.

[d-millar]

Yeah, this is definitely confusing - I appreciate your hanging in there and giving it a try! So, what I think is happening in the "GADP connection" case is you're telling it the host and port, it's doing the TCP handshake and connection, but the underlying protocol is not what it's expecting - so it hangs. Admittedly, this looks like it connected but probably not.

Try this: specify your version of gdb in the IN-VM GDB pane. I think you MAY be able to also add the host:port as arguments in the same field, but I'm not sure about that. If you don't, you'll need to open that Interpreter window and enter "target remote 192.168.2.3:4000". Let me know if you get that far!

[SirEnder125]

I'll try.

[SirEnder125]

Is this where I am supposed to enter the stuff?

[d-millar]

Yes, looks good -fire away!

[d-millar]

hit "Details"

[SirEnder125]

The specified procedure could not be found.

java.lang.UnsatisfiedLinkError: The specified procedure could not be found.

	at jnr.ffi.provider.jffi.NativeLibrary.loadNativeLibraries(NativeLibrary.java:87)
	at jnr.ffi.provider.jffi.NativeLibrary.getNativeLibraries(NativeLibrary.java:70)
	at jnr.ffi.provider.jffi.NativeLibrary.getSymbolAddress(NativeLibrary.java:49)
	at jnr.ffi.provider.jffi.NativeLibrary.findSymbolAddress(NativeLibrary.java:59)
	at jnr.ffi.provider.jffi.AsmLibraryLoader.generateInterfaceImpl(AsmLibraryLoader.java:158)
	at jnr.ffi.provider.jffi.AsmLibraryLoader.loadLibrary(AsmLibraryLoader.java:89)
	at jnr.ffi.provider.jffi.NativeLibraryLoader.loadLibrary(NativeLibraryLoader.java:44)
	at jnr.ffi.LibraryLoader.load(LibraryLoader.java:325)
	at jnr.ffi.LibraryLoader.load(LibraryLoader.java:304)
	at agent.gdb.ffi.linux.Util.<clinit>(Util.java:27)
	at agent.gdb.ffi.linux.Pty.openpty(Pty.java:95)
	at agent.gdb.manager.impl.GdbManagerImpl.start(GdbManagerImpl.java:555)
	at agent.gdb.model.impl.GdbModelImpl.startGDB(GdbModelImpl.java:125)
	at agent.gdb.GdbInJvmDebuggerModelFactory.build(GdbInJvmDebuggerModelFactory.java:52)
	at ghidra.app.plugin.core.debug.gui.target.DebuggerConnectDialog.connect(DebuggerConnectDialog.java:231)
	at java.desktop/javax.swing.AbstractButton.fireActionPerformed(AbstractButton.java:1967)
	at java.desktop/javax.swing.AbstractButton$Handler.actionPerformed(AbstractButton.java:2308)
	at java.desktop/javax.swing.DefaultButtonModel.fireActionPerformed(DefaultButtonModel.java:405)
	at java.desktop/javax.swing.DefaultButtonModel.setPressed(DefaultButtonModel.java:262)
	at java.desktop/javax.swing.plaf.basic.BasicButtonListener.mouseReleased(BasicButtonListener.java:279)
	at java.desktop/java.awt.Component.processMouseEvent(Component.java:6635)
	at java.desktop/javax.swing.JComponent.processMouseEvent(JComponent.java:3342)
	at java.desktop/java.awt.Component.processEvent(Component.java:6400)
	at java.desktop/java.awt.Container.processEvent(Container.java:2263)
	at java.desktop/java.awt.Component.dispatchEventImpl(Component.java:5011)
	at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2321)
	at java.desktop/java.awt.Component.dispatchEvent(Component.java:4843)
	at java.desktop/java.awt.LightweightDispatcher.retargetMouseEvent(Container.java:4918)
	at java.desktop/java.awt.LightweightDispatcher.processMouseEvent(Container.java:4547)
	at java.desktop/java.awt.LightweightDispatcher.dispatchEvent(Container.java:4488)
	at java.desktop/java.awt.Container.dispatchEventImpl(Container.java:2307)
	at java.desktop/java.awt.Window.dispatchEventImpl(Window.java:2772)
	at java.desktop/java.awt.Component.dispatchEvent(Component.java:4843)
	at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:772)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:721)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:715)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:95)
	at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:745)
	at java.desktop/java.awt.EventQueue$5.run(EventQueue.java:743)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
	at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:742)
	at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:117)
	at java.desktop/java.awt.WaitDispatchSupport$2.run(WaitDispatchSupport.java:190)
	at java.desktop/java.awt.WaitDispatchSupport$4.run(WaitDispatchSupport.java:235)
	at java.desktop/java.awt.WaitDispatchSupport$4.run(WaitDispatchSupport.java:233)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.desktop/java.awt.WaitDispatchSupport.enter(WaitDispatchSupport.java:233)
	at java.desktop/java.awt.Dialog.show(Dialog.java:1070)
	at java.desktop/java.awt.Component.show(Component.java:1716)
	at java.desktop/java.awt.Component.setVisible(Component.java:1663)
	at java.desktop/java.awt.Window.setVisible(Window.java:1031)
	at java.desktop/java.awt.Dialog.setVisible(Dialog.java:1005)
	at docking.DockingDialog.setVisible(DockingDialog.java:354)
	at docking.DockingWindowManager.lambda$doShowDialog$6(DockingWindowManager.java:1709)
	at ghidra.util.Swing.doRun(Swing.java:292)
	at ghidra.util.Swing.runNow(Swing.java:208)
	at ghidra.util.Swing.runNow(Swing.java:163)
	at docking.DockingWindowManager.doShowDialog(DockingWindowManager.java:1713)
	at docking.DockingWindowManager.showDialog(DockingWindowManager.java:1734)
	at docking.AbstractDockingTool.showDialog(AbstractDockingTool.java:154)
	at ghidra.app.plugin.core.debug.gui.target.DebuggerTargetsProvider$ConnectAction.actionPerformed(DebuggerTargetsProvider.java:109)
	at docking.menu.ToolBarItemManager.lambda$actionPerformed$0(ToolBarItemManager.java:128)
	at java.desktop/java.awt.event.InvocationEvent.dispatch(InvocationEvent.java:313)
	at java.desktop/java.awt.EventQueue.dispatchEventImpl(EventQueue.java:770)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:721)
	at java.desktop/java.awt.EventQueue$4.run(EventQueue.java:715)
	at java.base/java.security.AccessController.doPrivileged(Native Method)
	at java.base/java.security.ProtectionDomain$JavaSecurityAccessImpl.doIntersectionPrivilege(ProtectionDomain.java:85)
	at java.desktop/java.awt.EventQueue.dispatchEvent(EventQueue.java:740)
	at java.desktop/java.awt.EventDispatchThread.pumpOneEventForFilters(EventDispatchThread.java:203)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForFilter(EventDispatchThread.java:124)
	at java.desktop/java.awt.EventDispatchThread.pumpEventsForHierarchy(EventDispatchThread.java:113)
	at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:109)
	at java.desktop/java.awt.EventDispatchThread.pumpEvents(EventDispatchThread.java:101)
	at java.desktop/java.awt.EventDispatchThread.run(EventDispatchThread.java:90)

---------------------------------------------------
Build Date: 2021-Feb-02 1555 CST
Ghidra Version: 9.3
Java Home: C:\Program Files\Amazon Corretto\jdk11.0.10_9
JVM Version: Amazon.com Inc. 11.0.10
OS: Windows 10 10.0 amd64
Workstation: 192.168.2.16

[d-millar]

Ah, that's very helpful, but it may be where my expertise ends - I will grab one of the other guys tomorrow who understands the Pty implementation. Sorry, it wasn't an immediate win!

[SirEnder125]

Okay, thanks. Don't worry about it, it's okay.

[SirEnder125]

Oh, by the way, how do I open the interpreter?

[d-millar]

(I say "immediate" although I realize you've been working at this for weeks!)

[d-millar]

If it connected, it would be the little console-shaped icon in the Objects Provider at the far left of the toolbar

[SirEnder125]

Ohhhhh, okay. Thanks a lot.

[nsadeveloper789]

Sorry, I'm entering the conversation a little late. Several things to point out. First, as of now, the GDB connector (whether IN-VM or via GADP/TCP) is only supported on Linux. We use openpty() to interact with GDB's CLI, so that we can interrupt by simulating Ctrl-C on the terminal. This can't (to my knowledge) be done using just stdin. That said, openpty is not available on Windows, and I haven't taken the time to find its equivalent.

So, the simplest, though perhaps disappointing answer, is to just build and run Ghidra on Linux. Then you can use all the GDB stuff "out-of-the-box." If you insist on using Ghidra for Windows, and/or your like a good adventure, then proceed:

You can use a Linux VM to host GDB, then connect to it from Ghidra on Windows. While I've not tested this myself, you might be able to forego the Linux VM for WSL. It'll probably work for WSL2, since that is essentially a Linux VM. I'm not as confident for WSL1, but it could.

Note that the GADP connection over TCP cannot connect directly to a GDB stub. GADP is Ghidra's in-house protocol for communicating with its connectors. (GDB stubs use RSP, which we don't connect to directly.) We often run the actual connector in a separate "agent" process, because they are more prone to crash. Should they crash, we don't want it to take all of Ghidra with it. (the IN-VM variants loads the connector in Ghidra's process, the via GADP/TCP variants launch the agent and automatically connect via GADP). The "GADP connection over TCP" connector is used when you've already launched an agent, which is a less-common use case, but applies here. In a sense, the agent just wraps GDB as a means of translating GADP to RSP.

Thus, you must build and launch the agent manually on Linux, and connect to it from your Windows Ghidra. In your ghidra repo (presumably on Windows), run:

gradle nodepJar

This will generate Ghidra/Debug/Debugger-agent-gdb/build/libs/Debugger-agent-gdb-nodep.jar. Copy that into your Linux VM, and ensure you have an OpenJDK-11 installed as the default JVM. Run it to get its command-line options:

java -jar Debugger-agent-gdb-nodep.jar -h`

You will probably need the --gadp-args, -H and -g parts. For HOST, put the IP of your VM's virtual adapter. (Leave it localhost under WSL.) For GDB put the full path to GDB. Note that when you run it, it'll present a (gdb) prompt. Ignore that, it does nothing anymore. It'll pop up a graphical window so that it's obvious it's running. Please consider the security implications: Do not listen on an adapter/port that is connected to a real network. There is no authentication or encryption applied, and it's a debug port.

Now, from Ghidra on Windows, hit the connect button and select "GADP connection over TCP". Set the network address to your VM's virtual adapter's IP (again, localhost for WSL.) Set the port to 12345, and click connect. You should eventually receive the GDB prompt in Ghidra. You can then proceed as you normally would to connect GDB to your stub.

[SirEnder125]

I guess I could try Linux VM, but it may take up too much ram.
Just to clear up one thing, I can interrupt gdb with CTRL-C on Windows,
too. I don't know if you said that couldn't be done but that's kinda what
I got. I'll try the linux vm some time I guess, I'll let you know if it works.

[nsadeveloper789]

Ctrl-C is surprisingly complicated on Linux. Again, I'm not sure the nuances on Windows. It might turn out to be simpler there, but we've not done it yet.

Simply sending Cltr-C (character 3) down stdin does not interrupt the process. It has to be interpreted by a private/pseudo terminal (pty), which then signals the appropriate process with the interrupt. We also can't just interrupt the process ourselves, because it might be a remote target. GDB takes care of these nuances for us, if we can properly emulate a terminal and send Ctrl-C.

[SirEnder125]

Well, when I open gdb (in tui mode, at least) it lets me interrupt my 2ds.
Hmm if only gdb could talk to ghidra... 🤔

[DrChat]

@nsadeveloper789 Windows offers an equivalent API to openpty() called ConPTY.

They've also written a detailed blog post on the new API.
For brevity, this is a direct link to a usage example of the new API as part of the blog post.
The following is an excerpt of their usage example:

    HANDLE hOut, hIn;
    HANDLE outPipeOurSide, inPipeOurSide;
    HANDLE outPipePseudoConsoleSide, inPipePseudoConsoleSide;
    HPCON hPC = 0;

    // Create the in/out pipes:
    CreatePipe(&inPipePseudoConsoleSide, &inPipeOurSide, NULL, 0);
    CreatePipe(&outPipeOurSide, &outPipePseudoConsoleSide, NULL, 0);

    // Create the Pseudo Console, using the pipes
    CreatePseudoConsole(
        {80, 32}, 
        inPipePseudoConsoleSide, 
        outPipePseudoConsoleSide, 
        0, 
        &hPC);

    // Prepare the StartupInfoEx structure attached to the ConPTY.
    // This function is defined in the blog post, definition omitted in this code block for brevity.
    STARTUPINFOEX siEx{};
    InitializeStartupInfoAttachedToConPTY(&siEx, hPC);

    // Create the client application, using startup info containing ConPTY info
    wchar_t* commandline = L"c:\\windows\\system32\\cmd.exe";
    PROCESS_INFORMATION piClient{};
    fSuccess = CreateProcessW(
                    nullptr,
                    commandline,
                    nullptr,
                    nullptr,
                    TRUE,
                    EXTENDED_STARTUPINFO_PRESENT,
                    nullptr,
                    nullptr,
                    &siEx->StartupInfo,
                    &piClient);

[SirEnder125]

What does this mean?
What can be done with this in Ghidra to debug my 2DS?

[SirEnder125]

To emulate Linux, will I need Hyper-V?

[nsadeveloper789]

Yes.

[SirEnder125]

I do not have it.

[SirEnder125]

Which version of Linux would Ghidra's debugger work well on?

[SirEnder125]

Will the debugger ever work properly on windows? Or if it does now, to connect to 3ds-like devices?

[d-millar]

"Ever" is potentially a very long time, so hard to say. Unfortunately, as indicated in the documentation, your use case is really not high on our priority list. Our primary main goals are support for user-mode debugging of Windows' targets on Windows platforms and Linux targets on Linux platforms. Happy to keep you abreast, though, of changes that might make your use case more tenable.

[SirEnder125]

Thanks for your help.

[d-millar]

@SirEnder125 yes, the post by @DrChat means there is hope - we're looking into to it!

[SirEnder125]

Hey, that's great!! Please let me know if anyone gets that working.
Thanks a lot for replying after all this time. 👍🏻

[DrChat]

I opened an issue for this @ #2908.

[SirEnder125]

Hey, sorry to bother you guys again, but do you think that
the next Ghidra release will include the ConPTY support and
Luma3ds gdb stub debugging support?

[nsadeveloper789]

It is not likely. That said, we've added SSH support, which brings up 3 potentially useful points:

1. You can try installing an OpenSSH server for Windows (e.g., using Cygwin) and connecting to it via "localhost". However, we've only tested SSH support when the remote system is Linux or UNIX-like. Windows is not, so I don't know about it. Also try adding the "-i mi2" option, since that may reduce dependency on certain UNIX-like Pty features.
2. You can connect to a Linux VM (or WSL distro) with gdb and openssh installed very easily. Start the VM, launch Ghidra on Windows and point the GDB/SSH connector at its IP. (You don't need Hyper-V for WSL2)
3. We refactored the GDB connector to use a PtyFactory. If you're up to it, you can try implementing ConPTY support as a new PtyFactory.

Honestly, option 2 via WSL2 is probably your best option:
https://docs.microsoft.com/en-us/windows/wsl/install-win10
You don't need Hyper-V, just VirtualMachinePlatform.

[SirEnder125]

It is not likely. That said, we've added SSH support, which brings up 3 potentially useful points: ...

Oh. Well, I can wait until they get it working, if it's a planned feature. If not, fine.
But, I've tried option 2 and I can't seem to get it to work. Also, what version of
Ghidra has SSH support?

I have no idea what to do with this ubuntu thingy.

[nsadeveloper789]

This will install the SSH service and GDB in your Ubuntu distro on WSL.

sudo apt install openssh-server gdb

There may be some additional setup to get it working in WSL, but there are plenty of how-tos, e.g. https://superuser.com/questions/1123552/how-to-ssh-into-wsl
Once you have it working with a plain SSH client, like PuTTY, then you can try connecting with Ghidra. The debugger is not in any release, yet. You'll need to build from the latest source. Click the connect button, select "GDB over SSH" then use the same hostname/username as you did for PuTTY. Assuming you get connected, you should get a (gdb) prompt on screen, which you can use more or less like any (gdb) prompt. If/when Ghdira recognizes a target, it'll populate the UI.

[SirEnder125]

I installed openssh-server and gdb. How do I open openssh-server?

[SirEnder125]

Okay. I connected with PuTTY. I am about to connect with Ghidra.

[d-millar]

Hey,

Going to weigh in here just to make sure we're all on the same page - if I say anything wrong, feel free to jump in because I'm not sure I have the complete picture myself.

So, as I understand your scenario, you have Ghidra running on Windows (effectively the client) and the gdbstub on luma3ds (effectively the server). The gdbstub "speaks" the RSP protocol, so to communicate with it we need something that speaks RSP on the client side.

Because we do not have an RSP client for, well, anything, we typically rely on a middleman. On Linux, this is gdb, which we wrap as a gdb agent. In that scenario, Ghidra launches gdb and speaks GADP to it. Gdb translates those requests to RSP and talks to the target (in your case luma3ds). On Linux, we can also create an SSH connection to GDB, issue the commands directly, and get the same result.

For Windows, gdb running under Windows proper is basically a non-starter, so your options are either (a) gdb running on WSL, or (b) gdb running on a different machine. If luma3ds had an SSH server, you could talk directly to that, but I don't think it does. (Correct me if I'm wrong on this.)

So, let's say we're going WSL. I know exactly nothing about WSL so again correct me if I say something stupid, but, in this case (or even in the second machine) case, you'll want to install the openssh server and gdb on the middleman. Sounds like you have already done this. When you launch the openssh server, you can, I believe, specify a host and a port for clients to talk to it. If you don't specify, the host is localhost and the port is 22. If the server is running under WSL, can the main windows account access it as localhost? I don't know the answer to this, actually.

If it can, you'll want to (a) launch the openssh server, and (b) connect from Ghidra using "GDB over SSH" with the parameters set to /path/to/gdb, localhost, 22, and your username for WSL. On a good day, this will launch gdb in the WSL environment. From there, though, you'll still have to connect to the luma3ds. Probably, easiest to do this from the Interpreter using "target remote" etc.

Yell if this is unclear (or, of course, incorrect) :/
D

[SirEnder125]

Thanks, that cleared up a lot. Uh, I got this error:

[nsadeveloper789]

FWIW, some technical clarification: GADP is not involved when you use GDB over SSH. Ghidra talks SSH to the SSH server, commands it to run GDB in a pseudo-terminal, and then speaks GDB/MI to GDB over that SSH channel. When new-ui is supported, it'll command the SSH server to open a second pseudo-terminal, so that Ghidra can acces both the console and mi2 interpreters.

[d-millar]

OK, so am guessing you've already done this, but the first thing I would try is opening a Windows cmd window and issuing the command "ssh user125@172.28.57.51:2222". There are two reasons for doing this: (1) ssh does some set-up on the very first connection that's hard to get right any other way, and (2) it might give you some insight if the ssh connection itself is failing. Assuming you've already done this, my guess is one of two things is going wrong - either gdb is not actually at /usr/bin/gdb ("which gdb" should tell you the actual path) or the path is a link. For reasons I don't quite understand, various tools are not happy with links. If so, "ls -l" the ostensible path, get the real path, and replace the first argument with that.

[d-millar]

OK, so is that IP address for the WSL client or a separate machine? Guessing you can't ping it either?

[nsadeveloper789]

Looking at the screenshots, I see two potential problems.

1. I think you forgot a / at the begging /usr/bin/gdb. Honestly, that could probably just be gdb anyway, since it should be on the system PATH.
2. The version of GDB (7.11.1) you're using could be problematic. It's about 4 years old and doesn't support the new-ui command. You can try your version, but you'll need to use gdb -i mi2 (or /usr/bin/gdb -i mi2) for the Launch command. I'd recommend you upgrade to the latest LTS version of Ubuntu (20.04), though. We've tested with GDB 7 on occasion, but we primarily work with versions 8 and 9, sometimes 10. With version 8 or later, you should not use -i mi2.

[SirEnder125]

OK, so is that IP address for the WSL client or a separate machine? Guessing you can't ping it either?

It is for a WSL client. No, I cannot ping it either.

[SirEnder125]

Looking at the screenshots, I see two potential problems.

1. I think you forgot a / at the begging /usr/bin/gdb. Honestly, that could probably just be gdb anyway, since it should be on the system PATH.
2. The version of GDB (7.11.1) you're using could be problematic. It's about 4 years old and doesn't support the new-ui command. You can try your version, but you'll need to use gdb -i mi2 (or /usr/bin/gdb -i mi2) for the Launch command. I'd recommend you upgrade to the latest LTS version of Ubuntu (20.04), though. We've tested with GDB 7 on occasion, but we primarily work with versions 8 and 9, sometimes 10. With version 8 or later, you should not use -i mi2.

Well, I installed that GDB by running sudo apt-get install gdb. And I don't know how else to get GDB.
Where can I get version 8 or 9?

[SirEnder125]

I downloaded GDB again and got GNU gdb (Ubuntu 9.1-0ubuntu) 9.1
and I connected in Ghidra and it still shows v7.11.1. PuTTY is showing
9.1, as well.

[d-millar]

OK, hmmmm, well that's some progress. I think I need to think more about the Dynamic window issue.

[nsadeveloper789]

I mean close a trace. A "trace" is the recording of a live target. They can be saved for offline analysis. The red dot indicates the trace is "live" or online. Without the dot, it means it's offline, i.e., no longer associated with a live target.

[nsadeveloper789]

OK. I was able to get the full logs from your posts. GitHub's markdown is chewing up GDB's responses, but if I grab the raw post, I can see the whole thing. I'll take a moment to examine them.

[nsadeveloper789]

OK, so in the second log (where you get a successful step), there are 18 =thread-created events. In the first, there are 454 created and 436 exited (net 18), but the interesting bit is they all come in groups of 18, except the first which was a group of 22. When trying the first step, It announces those 22 thread exited, followed by 18 threads created, then exited and created, then repeat and repeat and repeat and.... until things get overwhelmed and die.

I did want to point out an error I saw in the log: Cannot insert breakpoint 0: Reply contains invalid hex digit 83. This immediately precedes the bad behavior. The fact that GDB is producing these messages would seem to indicate the issue is somewhere between GDB and your target. Granted, we might be issuing queries that cause them to react poorly. I worry about the repeated thread creation and destruction. Is that normal behavior for your target? Maybe try without Ghdira again: Get connected to your target. Do info threads, then stepi, then info threads again, and see if the IDs are incrementing. Maybe repeat stepi and info threads a few times, just to get a handle on consistency....

[SirEnder125]

Okay, I followed those steps 3 times and the output was the same all 3 times.

[SirEnder125]

Since the output was the same, does that mean that the error is from Ghidra (or my input)?

[SirEnder125]

I'm back at the "Record" window thing... again...

[SirEnder125]

When I try to step the current thread:

java.lang.IllegalStateException: Command completed with <GdbCommandDoneEvent {} >, not any of [class agent.gdb.manager.evt.GdbCommandRunningEvent]
java.util.concurrent.CompletionException: java.lang.IllegalStateException: Command completed with <GdbCommandDoneEvent {} >, not any of [class agent.gdb.manager.evt.GdbCommandRunningEvent]
	at java.base/java.util.concurrent.CompletableFuture.encodeThrowable(CompletableFuture.java:331)
	at java.base/java.util.concurrent.CompletableFuture.completeThrowable(CompletableFuture.java:346)
	at java.base/java.util.concurrent.CompletableFuture.biApply(CompletableFuture.java:1226)
	at java.base/java.util.concurrent.CompletableFuture$BiApply.tryFire(CompletableFuture.java:1205)
	at java.base/java.util.concurrent.CompletableFuture$CoCompletion.tryFire(CompletableFuture.java:1144)
	at java.base/java.util.concurrent.CompletableFuture.postComplete(CompletableFuture.java:506)
	at java.base/java.util.concurrent.CompletableFuture.completeExceptionally(CompletableFuture.java:2088)
	at agent.gdb.manager.impl.GdbPendingCommand.finish(GdbPendingCommand.java:75)
	at java.base/java.util.concurrent.CompletableFuture$AsyncRun.run(CompletableFuture.java:1736)
	at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1128)
	at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:628)
	at java.base/java.lang.Thread.run(Thread.java:829)
Caused by: java.lang.IllegalStateException: Command completed with <GdbCommandDoneEvent {} >, not any of [class agent.gdb.manager.evt.GdbCommandRunningEvent]
	at agent.gdb.manager.impl.GdbPendingCommand.checkCompletion(GdbPendingCommand.java:234)
	at agent.gdb.manager.impl.cmd.MixinResumeInCliGdbCommand.completeOnRunning(MixinResumeInCliGdbCommand.java:59)
	at agent.gdb.manager.impl.cmd.GdbStepCommand.complete(GdbStepCommand.java:56)
	at agent.gdb.manager.impl.cmd.GdbStepCommand.complete(GdbStepCommand.java:26)
	at agent.gdb.manager.impl.GdbPendingCommand.finish(GdbPendingCommand.java:71)
	... 4 more

[SirEnder125]

Does this mean anything?

/build/gdb-OxeNvS/gdb-9.2/gdb/infrun.c:5292: internal-error: int finish_step_over(execution_control_state*): Assertion `ecs->event_thread->control.trap_expected' failed.
 A problem internal to GDB has been detected,
 further debugging may prove unreliable.
 Quit this debugging session? (y or n) 
 Please answer y or n.
 /build/gdb-OxeNvS/gdb-9.2/gdb/infrun.c:5292: internal-error: int finish_step_over(execution_control_state*): Assertion `ecs->event_thread->control.trap_expected' failed.
 A problem internal to GDB has been detected,
 further debugging may prove unreliable.

[d-millar]

When you get one of those error dialog boxes with the "Detail" button on the right, if you could click that and send the stack trace, it would really help us diagnose the problem.

[nsadeveloper789]

The finish_step_over thing, as GDB notes, is internal to GDB. Other than "it didn't work" I don't really know what it means. When you see these, it's helpful to try to reproduce it without Ghidra. Just run gdb-multiarch straight from WSL, connect it to your target, and try the equivalent command sequence. This is another case where seeing GDB.log can be helpful. On one hand, the problem is in GDB. On the other, we might be issuing an odd sequence of commands that's triggering the condition.

[SirEnder125]

The objects list shows one thread while the Threads list shows 20.

[d-millar]

A couple quick comments (apologies dug in on a different problem):
(1) For the decompilation to work, you need to have defined a function. Typically, this is done in the static listing, but obviously in your case, you don't have source, so you'd have to define it in the dynamic view.
(2) Re threads, if you look at the third column, you'll note those threads are dead. Does the 3ds have a watchdog timer? I think it's spinning up threads in response to being stopped.

[SirEnder125]

I got a ton of error messages saying "Ignoring packet error, continuing..."

``` . . MI2: -interpreter-exec console "show version" \nThis is free software: you are free to change and redistribute it.\nThere is NO WARRANTY, to the extent permitted by law." .\n" ." MI2: -interpreter-exec console "show architecture" MI2: -interpreter-exec console "show os" MI2: -interpreter-exec console "show endian" MI2: -list-thread-groups MI2: -list-thread-groups MI2: -interpreter-exec console "source /mnt/c/Users/*/Downloads/ghidra-master/ghidra-master/Ghidra/Debug/Debugger/src/main/resources/define_info_proc_mappings" MI2: -interpreter-exec console "set arch arm" MI2: -interpreter-exec console "set endian little" MI2: -interpreter-exec console "target remote 192.168.2.89:4000" MI2: -interpreter-exec console "maintenance info sections ALLOBJ nosections" MI2: -interpreter-exec console "show architecture" MI2: -interpreter-exec console "show os" MI2: -interpreter-exec console "show endian" MI2: -list-thread-groups MI2: -thread-info 1 MI2: -thread-info 2 MI2: -thread-info 3 MI2: -thread-info 4 MI2: -thread-info 5 MI2: -thread-info 6 >MI2: -thread-info 7 MI2: -thread-info 8 MI2: -thread-info 9 MI2: -thread-info 10 MI2: -thread-info 11 >MI2: -thread-info 12 MI2: -thread-info 13 >MI2: -thread-info 14 MI2: -thread-info 15 MI2: -thread-info 16 MI2: -thread-info 17 >MI2: -thread-info 18 MI2: -thread-info 19 >MI2: -thread-info 20 MI2: -thread-info 21 MI2: -thread-info 22 MI2: -thread-info 1 >MI2: -stack-list-frames --thread 1 MI2: -thread-info 2 MI2: -stack-list-frames --thread 2 MI2: -thread-info 3 MI2: -stack-list-frames --thread 3 >MI2: -thread-info 4 MI2: -thread-info 5 >MI2: -stack-list-frames --thread 4 MI2: -stack-list-frames --thread 5 MI2: -thread-info 6 MI2: -stack-list-frames --thread 6 >MI2: -thread-info 7 MI2: -stack-list-frames --thread 7 >MI2: -thread-info 8 MI2: -thread-info 9 >MI2: -stack-list-frames --thread 8 MI2: -stack-list-frames --thread 9 >MI2: -thread-info 10 MI2: -stack-list-frames --thread 10 >MI2: -thread-info 11 MI2: -stack-list-frames --thread 11 >MI2: -thread-info 12 MI2: -stack-list-frames --thread 12 MI2: -thread-info 13 MI2: -stack-list-frames --thread 13 >MI2: -thread-info 14 MI2: -stack-list-frames --thread 14 >MI2: -thread-info 15 MI2: -thread-info 16 >MI2: -stack-list-frames --thread 15 MI2: -stack-list-frames --thread 16 >MI2: -thread-info 17 MI2: -stack-list-frames --thread 17 >MI2: -thread-info 18 MI2: -stack-list-frames --thread 18 >MI2: -thread-info 19 MI2: -stack-list-frames --thread 19 MI2: -thread-info 20 MI2: -stack-list-frames --thread 20 MI2: -thread-info 21 MI2: -thread-info 22 >MI2: -stack-list-frames --thread 21 MI2: -stack-list-frames --thread 22 MI2: -interpreter-exec console "info proc mappings" MI2: -list-thread-groups i1 MI2: -thread-select --thread 9 9 MI2: -list-thread-groups MI2: -list-thread-groups

[nsadeveloper789]

That's an error printed by GDB. It seems luma3ds is sending a packet that GDB does not understand. Above the spam, there's a message about an unexpected byte 109. It's unclear if the error is associated with a particular command. If so, we might avoid sending it, but it could also just be an incompatibility between GDB 9.2 and your version of luma3ds. If they recommend a particular version of GDB, that might be useful information. Hopefully, they list a supported version that Ghidra also supports.... If not, then maybe the error can be ignored. If that's not the case, then I'm afraid I'm out of ideas at the moment.

[SirEnder125]

I can't find anything specifying a GDB version. I tried to ask via an issue, but it said that I can't at this time. Do you think that GDB could be the problem here? I guess it would be pretty hard to say.

[marsfan]

I just came over here from #3102 that I opened about this issue. I have only skimmed through the the thread, so I am not 100% sure how you are connecting GDB to your device, but I know that WSL does not really work well with USB devices, so if you are using a USB debugger, that might be part of the problem. A possible alternative is to use a Raspberry Pi with the USB debugger plugged into it, and run the GDB server on the Raspberry Pi, then connect Ghidra to that.

I'm going to be trying setting that up with a SEGGER J-Link in the next few days, and will add a comment here if that works.

[marsfan]

For anyone reading this, it is possible to use a Raspberry Pi as a GDB server. However there seems to be some issue with Ghidra parsing the data from the session, as nothing is being populated. I am probably going to wait until Ghidra 10 leaves beta before pursuing this more.

[d-millar]

@marsfan When you say "nothing" is that "nothing" nothing? In particular, is there anything in the Objects window? Do you have an Objects window?

[marsfan]

@d-millar I mean completely nothing. No registers, no live view, nothing, though there is a bit of something in the objects window. I switched to using a virtual machine since I can run everything locally with that method, and much more seems to work. I still have a couple of issues, but I am going to create a new discussion for those, since I did not realize that this discussion was almost a month old when I posted here.

[d-millar]

@marsfan Sorry to be a pest, but my questions are relevant to the solution of your problem: do you have the Objects view visible and does that have anything in it? All of the other windows depend on the trace. If the trace isn't active, all of those will be blank. There are a number of reasons why this might be - many of the discussed above - but, if the Objects view is empty, it's a whole different set of problems.

[d-millar]

The fourth number is the initial fill, i.e. the default value (I think, if I remember correctly). The failure to track between the static and dynamic listings is tied to the fact that you have no module list. The debugger needs to know where the dynamic version of your static listing is based on memory. In your case, this means faking out the “maintenance info sections” command, similar to what you’ve done for “info proc mappings”. Arm/thumb is a little trickier - may need to talk to some folks about that and get back to you.

[d-millar]

Correction: fourth number is offset (oops) - generally, you’ll want this to be zero.

[d-millar]

Oh, and, wrt write-up, the Github pages are definitely best for us, either the wiki or the Discussions pages are a good spot! Thanks!

[d-millar]

@marsfan ARM/THUMB should depend on the trace's recorded cpsr register. Make sure that register is listed in the Registers window and/or the Interpeter, and checked (i.e. being read) in the Registers window. Also, check to make sure the endianness is not incorrect, which might cause the wrong bit in the register to be used to track ARM/THUMB.

[marsfan]

@d-millar I'm still looking into this, but I am going to be really busy for the next week or two, so it might be a bit little bit before I can update you on if I got the modules view working.

[SirEnder125]

In a pre-built distribution of Ghidra 10.0.1, how would I go about changing the define_info_proc_mappings script? (Is this possible?)

[d-millar]

@SirEnder125 The script should be in Ghidra/Debug/Debugger-agent-gdb/data/scripts in the new release. That said, as pointed out by @marsfan, you could just write it yourself. It doesn't need to reside in any particular location, as you probably know, because you're just executing it in gdb. As long as you know the path, you should be good.

Re the contents, apologies if I didn't explain the contents! The basic idea is to replace the normal gdb "info proc mappings" command for systems that don't support that command, so the first line basically says use what's between the "define xxx" and "end" lines as the return for xxx. The two "echo" lines are just regurgitating information that says, in essenc, "everywhere is defined" in the format used by most Linux gdb implementations, i.e. "start_address stop_address size offset objfile". Objfile is basically just a name for our purposes, so the default script uses "lomem" and "himem". You may be wondering why we need two regions, and the answer is technically we don't, but Java doesn't represent 64-bit unsigned numbers as longs, which is what we're using. (Probably could fix that, but...)

Would also make sens for us just to give the defaults if "info proc mappings" isn't defined. Maybe I'll fix that today. :)

[SirEnder125]

Ah, alright. Then echo 0x0 0xFFFFFFFF 0x100000000 0x0 allmem is correct for my (old) 2ds?

[d-millar]

yes, I believe so!

[d-millar]

oh, and, by the by, I added the fix to 10.0.2, so, whenever that goes out, you should be able to skip the script

[SirEnder125]

Oh, nice. Thanks!

[SirEnder125]

Any fixes lately to any problems that may have caused the issues with using Ghidra and ssh as debugger for the 3ds?
I've not tried lately, nor have I downloaded the new Ghidra release. I don't even remember what exactly the problems were, except for a thread creation spammer.

This is a very old discussion, but I was wondering if it may not be too far gone?

[d-millar]

Hey @SirEnder125,

Good to hear from you! I too am not sure where exactly we left things on the 3ds front. I think you were trying to connect from wsl, had it mostly working, but were trying to get the define_info_proc_mappings script set up? Maybe? 10.0.3 should be in better shape from a number of perspectives, but @serby2000 did ID a bug in our handling of the protocol if you try connecting to a Linux target from a Windows box using "GDB over ssh". If you want to try that out, let me know - I can probably talk you through the build. If not, it should be in 10.0.4 and in the GitHub repo before that (maybe next week?). If you're sticking with the wsl->3ds solution, that may not be a problem. Let me know what you're up for!

D

[SirEnder125]

I'm pretty sure I had define_info_proc_mappings working a while ago. I just thought it looked confusing, that's why I asked about it.
I would like to see if we can get farther than last time I tried debugging my 3ds. Should I try building the master branch, or what? Where are the building instructions?

[d-millar]

I might try it first without going through the build process - unless you’re feeling bored/adventurous. :) If you do decide to try building, the instructions are in the DevGuide and DebuggerDevGuide (mostly the first), which are at the top level on the Ghidra install dir.

[SirEnder125]

Oh, alright. I'll just use my current installation of Ghidra? I believe the version is 10.0.1. Will that work?

[d-millar]

Probably, although we definitely made some debugger-specific fixes in 10.0.3

[SirEnder125]

Ah, well I think the problem may have been Ghidra, but maybe not. I don't remember what happened when I opened GDB directly from Ubuntu, if the problem did not arise such as it did in Ghidra when trying to run the stepi command, it was probably caused by Ghidra, so if Ghidra changed it may be a good idea to update? I'm not sure.

[SirEnder125]

So I got some things working again. WSL finally booted up, after a PC reboot. And Ghidra connects successfully. The interpreter is filled with newline characters, and no threads are showing up. Clicking 'record' on the process opens this window:

The "Debug Console" shows this:

<html>
<body>


jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not connect: ghidra.dbg.error.DebuggerModelTerminatingException: Error while starting GDB | [] | Mon Sep 20 00:34:06 CDT 2021
-- | -- | -- | --
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Framework/Docking/lib/Docking.jar!/images/dialog-warning.png | Error processing GDB output | [] | Mon Sep 20 00:39:49 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Framework/Docking/lib/Docking.jar!/images/dialog-warning.png | Error processing GDB output | [] | Mon Sep 20 00:41:50 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Listener ghidra.app.plugin.core.debug.gui.objects.DebuggerObjectsProvider$MyObjectListener@57a58094 caused exception processing attributesChanged | [] | Mon Sep 20 00:43:38 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not initialize thread info | [] | Mon Sep 20 00:43:39 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not initialize thread info | [] | Mon Sep 20 00:43:40 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not initialize thread info | [] | Mon Sep 20 00:43:42 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not initialize thread info | [] | Mon Sep 20 00:43:43 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:45 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:46 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:46 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:46 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:47 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:48 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:49 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:50 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:51 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:52 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:52 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:54 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:54 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:55 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update stack  on STOPPED | [] | Mon Sep 20 00:43:58 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Framework/Docking/lib/Docking.jar!/images/dialog-warning.png | java.util.concurrent.ExecutionException: java.lang.NullPointerException | [] | Mon Sep 20 00:43:58 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Trouble updating registers on state change | [] | Mon Sep 20 00:43:59 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Trouble updating registers on state change | [] | Mon Sep 20 00:43:59 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Trouble updating registers on state change | [] | Mon Sep 20 00:43:59 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Could not update threads  on STOPPED | [] | Mon Sep 20 00:43:59 CDT 2021
jar:file:/C:/Users/Mihai/Documents/Alex/Ghidra/ghidra-10.0.3/ghidra_10.0.3_PUBLIC/Ghidra/Features/Base/lib/Base.jar!/images/dialog-warning_red.png | Can't determine the current process's PID: you must name one. | [] | Mon Sep 20 00:44:05 CDT 2021


</body>
</html>

[d-millar]

So, when you say "Ghidra connects successfully", what do you mean, i.e. what steps exactly did you take to launch the debugger and connect to the 3ds? The stack trace just says, basically, GDB failed, so I need more to go on.

[SirEnder125]

Sorry for the lack of clarity on my part. Ghidra connected to WSL, and I was able to type in the interpreter. I typed in a few commands:

1. set arch arm
2. target remote 192.168.2.89:4000

Then I believe I pressed record, and the "Record" window popped up.

[d-millar]

OK, that helps - suggests the "Error while starting GDB" message is a red herring and you're considerably further along than I thought. I'll look through the code and try to remember how the Record menu could come up empty.

[SirEnder125]

@d-millar Hey! This is just me checking back foreverrrr later... I haven't been debugging 3ds for a long time, but I want to try maybe today, and I was wondering, do I still have to connect to WSL first? Or can I run gdb directly on windows yet? 🤔

[d-millar]

@SirEnder125 Long time! I think the issue may still be the version of gdb you need. In other words, if you need gdb-multiarch or something similar, I’m not sure Windows proper has an equivalent. That said, doesn’t hurt to try. I would use the “gdb over ssh” connector and see how you fare.

[SirEnder125]

I see that, in my msys64 installation, there is a gdb-multiarch executable. This is the same name as the one I use on WSL. I'm going to try that.

[SirEnder125]

[SirEnder125]

Wait... Are you sure you meant "gdb over ssh?" That's what I've been using to connect to Linux. 🤔

[d-millar]

Ah, that's interesting - didn't realize Windows had a version of gdb-multiarch. Is that built to link against the WSL libraries or the native Windows API? In any case, I don't think that will work. We haven't implemented a version using ConPTY or any othe Windows Pseudo Console, primarily because the "GDB over SSH" option seems to fill that need. Are there shortcomings in the "GDB over SSH" solution that you feel merit time spent on a ConPTY solution?

[SirEnder125]

didn't realize Windows had a version of gdb-multiarch. Is that built to link against the WSL libraries or the native Windows API?
Hmm.. not too sure.

Are there shortcomings in the "GDB over SSH" solution that you feel merit time spent on a ConPTY solution?
Not exactly... it's just not preferrable, as far as I am concerned, to run have to check WSL SSH running state, or the IP of the WSL all the time. I can probably do this, but at times it seems a huge ordeal for something that might just make the game I'm debugging crash anyway.

[d-millar]

How often do you have to check the state and the IP? What’s the driving cause for them changing? I.e. do they change when the game crashes?

[SirEnder125]

I think the problem is that I debug like once a month and the IP changes... 😅 Today I debugged for a while and the only errors I got were my own fault I think? Also I found that the only version of Ghidra that works well with my method is 10.0.4. Later versions as for a "ssh file" and previous versions are... dated. The point is, my previous reply was written after I had not used ghidra successfully for a while. I think I got the hang of it this time. Thanks for alllllllll of your help @nsadeveloper789 @d-millar :)