Coder Social home page Coder Social logo

ffri / projectchampollion Goto Github PK

View Code? Open in Web Editor NEW
340.0 19.0 21.0 6.72 MB

Reverse engineering Rosetta 2 on M1 Mac

Home Page: https://ffri.github.io/ProjectChampollion/

License: Apache License 2.0

Python 91.14% C 8.86%
macos-m1 rosetta2 reverse-engineering ghidra macos macosx

projectchampollion's Issues

issues met when debugging an x86_64 emulation process at the arm64 instruction-level

When we follow https://ffri.github.io/ProjectChampollion/appendix/ to debug at arm64 instruction-level debug, there are many strange issues, such as:

  • If a watchpoint is set, rosetta runtime will fail with "rosetta error: failed to allocate vm space for aot". An example session follows:
lisa@jjl bt % lldb -- ./runner ./float
(lldb) target create "./runner"
Current executable set to '/Users/lisa/bt/runner' (arm64).
(lldb) settings set -- target.run-args  "./float"
(lldb) r
Process 9182 launched: '/Users/lisa/bt/runner' (arm64)
Process 9182 stopped
* thread #2, stop reason = exec
    frame #0: 0x00007ffdfffbc3ec runtime`_mh_execute_header + 17388
runtime`_mh_execute_header:
->  0x7ffdfffbc3ec <+17388>: mov    x19, sp
    0x7ffdfffbc3f0 <+17392>: and    sp, x19, #0xfffffffffffffff0
    0x7ffdfffbc3f4 <+17396>: mov    x29, sp
    0x7ffdfffbc3f8 <+17400>: ldr    x20, [x19, #0x20]
Target 0: (runtime) stopped.
(lldb) watchpoint set expression 0x7ffdfffbc3f0    ====> set a watchpoint that won't hit
Watchpoint created: Watchpoint 1: addr = 0x7ffdfffbc3f0 size = 8 state = enabled ...
    new value: -7998388550590730625
(lldb) c
Process 9182 resuming
rosetta error: failed to allocate vm space for aot   =========> will cause such failure
Process 9182 stopped
* thread #2, stop reason = signal SIGTRAP
    frame #0: 0x00007ffdfffd4d38 runtime`_mh_execute_header + 118072
runtime`_mh_execute_header:
->  0x7ffdfffd4d38 <+118072>: brk    #0x1
    0x7ffdfffd4d3c <+118076>: stp    x20, x19, [sp, #-0x20]!
    0x7ffdfffd4d40 <+118080>: stp    x29, x30, [sp, #0x10]
    0x7ffdfffd4d44 <+118084>: add    x29, sp, #0x10            ; =0x10 
Target 0: (runtime) stopped.
(lldb)
  • command might struck. e.g.
isa@jjl bt % lldb -- ./runner ./lazy  ===> lazy has a dead loop in main()
(lldb) target create "./runner"
Current executable set to '/Users/lisa/bt/runner' (arm64).
(lldb) settings set -- target.run-args  "./lazy"
(lldb) r
Process 9235 launched: '/Users/lisa/bt/runner' (arm64)
Process 9235 stopped
* thread #2, stop reason = exec
    frame #0: 0x00007ffdfffbc3ec runtime`_mh_execute_header + 17388
runtime`_mh_execute_header:
->  0x7ffdfffbc3ec <+17388>: mov    x19, sp
    0x7ffdfffbc3f0 <+17392>: and    sp, x19, #0xfffffffffffffff0
    0x7ffdfffbc3f4 <+17396>: mov    x29, sp
    0x7ffdfffbc3f8 <+17400>: ldr    x20, [x19, #0x20]
Target 0: (runtime) stopped.
(lldb) c
Process 9235 resuming
Process 9235 stopped              ====> type ctrl+c to stop in the main function of lazy
* thread #2, stop reason = signal SIGSTOP
    frame #0: 0x0000000100011018
->  0x100011018: ldur   w0, [x5, #-0x8]
    0x10001101c: cmp    w0, #0x0                  ; =0x0 
    0x100011020: b.eq   0x100011028
    0x100011024: b      0x100011018
Target 0: (runtime) stopped.
(lldb) si        ========> stuck here

and so on.

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    ๐Ÿ–– Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. ๐Ÿ“Š๐Ÿ“ˆ๐ŸŽ‰

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google โค๏ธ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.