Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to print 'context' when debugging MIPS64 target #1097

Open
Jackyxty opened this issue Aug 24, 2022 · 5 comments
Open

Failed to print 'context' when debugging MIPS64 target #1097

Jackyxty opened this issue Aug 24, 2022 · 5 comments
Labels
bug mips

Comments

@Jackyxty
Copy link

Jackyxty commented Aug 24, 2022
edited

Description

When debugging qemu-user mips64 target, pwndbg fails to print the 'context' and the exception backtrace is:

'context': Print out the current register, instruction, and stack context.
Traceback (most recent call last):
  File "/home/ubuntu/pwndbg/pwndbg/commands/__init__.py", line 129, in __call__
    return self.function(*args, **kwargs)
  File "/home/ubuntu/pwndbg/pwndbg/commands/__init__.py", line 223, in _OnlyWhenRunning
    return function(*a, **kw)
  File "/home/ubuntu/pwndbg/pwndbg/commands/context.py", line 272, in context
    result[target].extend(func(target=out,
  File "/home/ubuntu/pwndbg/pwndbg/commands/context.py", line 364, in context_regs
    regs = get_regs()
  File "/home/ubuntu/pwndbg/pwndbg/commands/context.py", line 419, in get_regs
    desc = pwndbg.chain.format(value)
  File "/home/ubuntu/pwndbg/pwndbg/chain.py", line 89, in format
    chain = get(value, limit, offset, hard_stop, hard_end, safe_linking=safe_linking)
  File "/home/ubuntu/pwndbg/pwndbg/chain.py", line 44, in get
    address = address + offset
TypeError: unsupported operand type(s) for +: 'NoneType' and 'int'

After a few simple debugging, it looks like the value of register 't4' is 'None', which is due to the lack of support for MIPS64 (n64&n32 ABI) RegisterSet.
The register names are different in n64 and o32 ABI. The only support RegisterSet in regs.py for MIPS is the o32(maybe also o64) ABI.
You may inspect the current MIPS ABI through show mips abi gdb command.

Steps to reproduce

Gdb session history:
set exception-verbose on
context regs

My setup

Platform: Linux-5.15.0-46-generic-x86_64-with-glibc2.35
Gdb: 12.0.90
Python: 3.10.4 (main, Jun 29 2022, 12:14:53) [GCC 11.2.0]
Pwndbg: 1.1.0 build: 5d35858
Capstone: 4.0.1024
Unicorn: 2.0.0
This GDB was configured as follows:
configure --host=x86_64-linux-gnu --target=x86_64-linux-gnu
--with-auto-load-dir=$debugdir:$datadir/auto-load
--with-auto-load-safe-path=$debugdir:$datadir/auto-load
--with-expat
--with-gdb-datadir=/usr/share/gdb (relocatable)
--with-jit-reader-dir=/usr/lib/gdb (relocatable)
--without-libunwind-ia64
--with-lzma
--with-babeltrace
--with-intel-pt
--with-mpfr
--with-xxhash
--with-python=/usr (relocatable)
--with-python-libdir=/usr/lib (relocatable)
--with-debuginfod
--without-guile
--enable-source-highlight
--with-separate-debug-dir=/usr/lib/debug (relocatable)
--with-system-gdbinit=/etc/gdb/gdbinit
--with-system-gdbinit-dir=/etc/gdb/gdbinit.d
@Jackyxty Jackyxty added the bug label Aug 24, 2022
@disconnect3d
Copy link
Member

Hi, mind sharing an example binary for this?

@Jackyxty
Copy link
Author

Sure no problem. It's just a simple HelloWorld compiled to MIPS64 and run by qemu-mips64.
helloworld.zip

As mentioned, this problem is caused by the different register names between MIPS o32 and n64 ABI. The defined RegisterSet in regs.py works for o32 but not n64 & n32.

@disconnect3d
Copy link
Member

Btw what does show arch in GDB show for u?

Is mips:isa64 it? Or is it different one?

pwndbg> set architecture mips
mips                 mips:4100            mips:5900            mips:isa32r2         mips:loongson_2f
mips:10000           mips:4111            mips:6000            mips:isa32r3         mips:micromips
mips:12000           mips:4120            mips:7000            mips:isa32r5         mips:mips5
mips:14000           mips:4300            mips:8000            mips:isa32r6         mips:octeon
mips:16              mips:4400            mips:9000            mips:isa64           mips:octeon+
mips:16000           mips:4600            mips:gs264e          mips:isa64r2         mips:octeon2
mips:3000            mips:4650            mips:gs464           mips:isa64r3         mips:octeon3
mips:3900            mips:5000            mips:gs464e          mips:isa64r5         mips:sb1
mips:4000            mips:5400            mips:interaptiv-mr2  mips:isa64r6         mips:xlr
mips:4010            mips:5500            mips:isa32           mips:loongson_2e

@disconnect3d
Copy link
Member

disconnect3d commented Aug 30, 2022
edited

Fwiw i had to compile my own binary, via mips64-linux-gnuabi64-gcc a.c and ran it via qemu-mips64 -L /usr/mips64-linux-gnuabi64/ -g 1234 ./a.out but I am getting a totally different error (which should be improved as well).

@Jackyxty
Copy link
Author

Jackyxty commented Sep 6, 2022

I got this one mips:isa64r2

pwndbg> show architecture 
The target architecture is set to "auto" (currently "mips:isa64r2").

I used this same compiler and qemu-user as yours, and debugging with gdb-multiarch as well.

@gsingh93 gsingh93 added the mips label Jan 4, 2023
@mat-pr mat-pr mentioned this issue May 8, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug mips
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gsingh93 @Jackyxty @disconnect3d