Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Assertion `guestDataSize == m_commandSize' failed in state 0: Invalid command size 60 != 84 from pagedir=0xf3c2000 pc=0xffffffffa00020eb #20

Open
BlackHat-S opened this issue Oct 5, 2023 · 2 comments
Open

Assertion `guestDataSize == m_commandSize' failed in state 0: Invalid command size 60 != 84 from pagedir=0xf3c2000 pc=0xffffffffa00020eb #20

BlackHat-S opened this issue Oct 5, 2023 · 2 comments

Comments

@BlackHat-S
Copy link

I built CRAX++ on a VMware Ubuntu 20.04 environment following the BUILD.md instructions. I used debian-9.2.1-x86_64. I made the following modifications to ~/s2e/projects/sym_stdin/bootstrap.sh
(我在VMware Ubuntu20.04环境下按照BUILD.md构建CRAX++,使用debian-9.2.1-x86_64,对~/s2e/projects/sym_stdin/bootstrap.sh做了如下修改 ):

- COMMON_TOOLS="s2ecmd s2eget s2eput"
+ COMMON_TOOLS="s2ecmd"

I encounted the error blow when running launch-cran.sh(在运行launch-crax.sh的时候遇到了如下错误):
/home/alter/s2e/source/s2e/libs2eplugins/src/s2e/Plugins/OSMonitors/Linux/BaseLinuxMonitor.cpp:37: bool s2e::plugins::BaseLinuxMonitor::verifyLinuxCommand(s2e::S2EExecutionState *, uint64_t, uint64_t, uint8_t *): Assertion `guestDataSize == m_commandSize' failed in state 0: Invalid command size 60 != 84 from pagedir=0xf3c2000 pc=0xffffffffa00020eb。

What should I do to solve the problem(我应该如何解决这个问题,具体错误信息如下):

./launch-crax.sh 
Starting libs2e...
Opening /dev/kvm
Initializing qemu64-s2e cpu
Using module /home/alter/s2e/install/share/libs2e/op_helper.bc.x86_64
S2E: output directory = "./s2e-out-2"
Revision: 571ac0e4be7f8253e115a338a4d3c9cfcfff0a3b
Config date: Wed 04 Oct 2023 08:26:50 PM PDT

Current data layout: e-m:e-p270:32:32-p271:32:32-p272:64:64-i64:64-f80:128-n8:16:32:64-S128
Current target triple: x86_64-unknown-linux-gnu
KLEE: WARNING: unsupported intrinsic llvm.rint.f64
KLEE: WARNING: unsupported intrinsic llvm.fmuladd.f64
Using log level override 'info'
Setting console level to 'info'
Creating plugin CorePlugin
Creating plugin BaseInstructions
Creating plugin HostFiles
Creating plugin Vmi
Creating plugin MemUtils
Creating plugin WebServiceInterface
Creating plugin ExecutionTracer
Creating plugin ModuleTracer
Creating plugin KeyValueStore
Creating plugin TranslationBlockCoverage
Creating plugin ModuleExecutionDetector
Creating plugin ForkLimiter
Creating plugin ProcessExecutionDetector
Creating plugin ModuleMap
Creating plugin MemoryMap
Creating plugin MultiSearcher
Creating plugin CUPASearcher
Creating plugin FunctionModels
Creating plugin LinuxMonitor
Creating plugin LuaBindings
Creating plugin LuaCoreEvents
Creating plugin CRAX
Initializing LuaBindings
Initializing LuaCoreEvents
LuaCoreEvents: Registering instrumentation for core signals
Initializing MultiSearcher
Initializing ForkLimiter
Initializing KeyValueStore
Initializing ExecutionTracer
Initializing WebServiceInterface
WebServiceInterface: SeedSearcher not present, seed statistics will not be available
WebServiceInterface: Recipe plugin not present, recipe statistics will not be available
Initializing Vmi
Initializing HostFiles
Initializing BaseInstructions
Initializing LinuxMonitor
Initializing ModuleMap
Initializing ProcessExecutionDetector
Initializing MemoryMap
Initializing CRAX
CRAX: Creating module: GuestOutput
CRAX: Creating module: IOStates
CRAX: Creating module: DynamicRop
CRAX: Creating technique: Ret2csu
CRAX: Creating technique: BasicStackPivoting
CRAX: Creating technique: Ret2syscall
Initializing MemUtils
Initializing FunctionModels
Initializing ModuleExecutionDetector
Initializing CUPASearcher
CUPASearcher: CUPASearcher is now active
Initializing TranslationBlockCoverage
Initializing ModuleTracer
Initializing CorePlugin
[Z3] Initializing
4 [State 0] Created initial state
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.40000001H:EAX.kvm-nopiodelay [bit 1]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.40000001H:EAX.kvmclock [bit 3]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.40000001H:EAX.kvm-asyncpf [bit 4]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.40000001H:EAX.kvm-steal-time [bit 5]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.40000001H:EAX.kvm-pv-eoi [bit 6]
qemu-system-x86_64: warning: host doesn't support requested feature: CPUID.40000001H:EAX.kvmclock-stable-bit [bit 24]
Adding CPU (addr = 0x7f006c00a750, size = 0x36ea0)
qemu-system-x86_64: warning: hub 0 is not connected to host network
s2e-block: dirty sectors on close:0
s2e-block: dirty after restore: 336 (ro=1)
s2e-block: wasted sectors: 0
/home/alter/s2e/source/s2e/libs2eplugins/src/s2e/Plugins/OSMonitors/Linux/BaseLinuxMonitor.cpp:37: bool s2e::plugins::BaseLinuxMonitor::verifyLinuxCommand(s2e::S2EExecutionState *, uint64_t, uint64_t, uint8_t *): Assertion `guestDataSize == m_commandSize' failed in state 0: Invalid command size 60 != 84 from pagedir=0xf3c2000 pc=0xffffffffa00020eb

Printing stack trace (state assertion failed)
  [0x7f009dec7be8] /home/alter/s2e/install/share/libs2e/libs2e-x86_64-s2e.so : ???()+0x386be8
  [0x7f009deca16c] /home/alter/s2e/install/share/libs2e/libs2e-x86_64-s2e.so : ???()+0x38916c
  [0x7f009de906af] /home/alter/s2e/install/share/libs2e/libs2e-x86_64-s2e.so : ???()+0x34f6af
  [0x7f009e085086] /home/alter/s2e/install/share/libs2e/libs2e-x86_64-s2e.so : ???()+0x544086
  [0x7f007a375c79]
26 [State 0] Terminating state: state assertion failed
All states were terminated
qemu-system-x86_64: terminating on signal 15 from pid 2702 (/home/alter/s2e/install/bin/qemu-system-x86_64)
s2e-block: dirty sectors on close:336
Terminating node id 0 (instance slot 0)

顺便一提,我按照BUILD.md构建CRAX++时,CRAX++插件并没有参与编译,项目中没有对应的CMakeList.txt,需要自己添加
@crazycars
Copy link

运行时遇到了同样的问题。而且我在编译时,同样是在setup.sh中的git apply出现了异常,手动进行合并后,才编译成功。

@HienLeWw
Copy link

HienLeWw commented Jan 1, 2024

Try using debian-11.3-x86_64

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@crazycars @BlackHat-S @HienLeWw