Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

ql.os.stop() not work for Linux when multithread=True #884

Closed
cq674350529 opened this issue Aug 12, 2021 · 7 comments
Closed

ql.os.stop() not work for Linux when multithread=True #884

cq674350529 opened this issue Aug 12, 2021 · 7 comments

Comments

@cq674350529
Copy link
Contributor

cq674350529 commented Aug 12, 2021
edited

Describe the bug
When emulating a linux binary with multithread=True, calling ql.os.stop() to stop emulation didn't work as expected.

After a simple analysis, it seems that the self.threads of QlLinuxThreadManagement is always empty. No threads are added to it according to the code. As a result, when calling ql.os.stop(), no threads will be killed.

qiling/qiling/os/linux/thread.py

Lines 585 to 590 in 272a3da

def stop(self):
self.ql.log.debug("[Thread Manager] Stop the world.")
self.ql.emu_stop()
for t in self.threads:
gevent.kill(t)

A possible fix this is to add self.cur_thread into self.threads, maybe in QlLinuxThreadManagement.run() method. Or there is a better place to do it?

By the way, ql.emu_stop() is used for this purpose when multithread=False, and ql.os.stop() is used when multithread=True. Of course, calling ql.os.stop() work well in both cases. To make it consistent, maybe it's better to move ql.os.stop() into ql.stop(). Then use ql.stop() in all cases.

Sample Code
Taken from the examples/hello_x8664_linux_part_debug.py, and make minor changes. In this case, the function dump() will be called multiple times.

def dump(ql, *args, **kw):
    ql.save(reg=False, cpu_context=True, snapshot="/tmp/snapshot.bin")
    ql.log.info("here")
    ql.os.stop()

if __name__ == "__main__":
    ql = Qiling(["rootfs/x8664_linux/bin/sleep_hello"], "rootfs/x8664_linux", verbose=QL_VERBOSE.DEFAULT, multithread=True)
    # load base address from profile file
    X64BASE = int(ql.profile.get("OS64", "load_address"), 16)
    # take a snapshot
    ql.hook_address(dump, X64BASE + 0x1094)
    ql.run()
@xwings
Copy link
Member

xwings commented Aug 13, 2021

@wtdcode whats your thought ?

@wtdcode
Copy link
Member

wtdcode commented Aug 13, 2021 via email

@cq674350529
Copy link
Contributor Author

@wtdcode There is no ql.stop() currently if I didn't miss it, only ql.os.stop(), and it works for both cases. And my suggestion is:

To make it consistent, maybe it's better to move ql.os.stop() into ql.stop(). Then use ql.stop() in all cases.

@wtdcode
Copy link
Member

wtdcode commented Aug 13, 2021 via email

@ghost
Copy link

ghost commented Mar 3, 2022

Is this problem solved? I also encountered the problem that multithread could not stop in qiling v1.4.2.

1 similar comment
@ghost
Copy link

ghost commented Mar 3, 2022

Is this problem solved? I also encountered the problem that multithread could not stop in qiling v1.4.2.

@vhertz vhertz mentioned this issue Jun 23, 2022
Merged
15 tasks
@xwings
Copy link
Member

xwings commented Oct 6, 2022

We are still facing issue witu threadmanagement. Which is very ticky to solve. Currently we do have some idea but is not that easy. If you have any suggestion, please update in issue #333

@xwings xwings closed this as completed Oct 6, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@xwings @cq674350529 @wtdcode