运行多线程程序时,未按照多线程方式运行
readermall opened this issue · comments
*Describe the bug
我写了个多线程程序,想用qiling跑起来,做一些实验,但发现qiling不是用多线程的方式跑的,只展示了主线程。
目标程序的源代码
#include <stdio.h>
#include <stdlib.h>
#include <memory.h>
#include <pthread.h>
int money = 100;
int apple = 80;
int banana = 50;
void *buy_banana(void *arg)
{
int i = (int)arg;
if(money > banana){
sleep(1);
money -= banana;
printf("\nbuy a banana ok, rest = %d\n", money);
}
return NULL;
}
void *buy_apple(void *arg)
{
int i = (int)arg;
if(money > apple){
sleep(1);
money -= apple;
printf("\nbuy a apple ok, rest = %d\n", money);
}
return NULL;
}
int main(int argc, char *argv[])
{
pthread_t thread1, thread2;
pthread_create(&thread1, NULL, buy_banana, NULL);
pthread_create(&thread2, NULL, buy_apple, NULL);
getchar();
return 0;
}使用qiling跑目标程序的加载代码
if __name__ == "__main__":
ql = Qiling([r"/home/ubuntu/qiling/awesome-mcu/test"], "/usr/arm-linux-gnueabi", multithread=True)
ql.run()qiling输出的结果:
[=] [Thread 2000] brk(inp = 0x0) = 0x24000
[=] [Thread 2000] uname(buf = 0x7ff3cae0) = 0x0
[=] [Thread 2000] access(path = 0x47d8a6c, mode = 0x4) = -0x1 (EPERM)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x47da824, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = -0x1 (EPERM)
[=] [Thread 2000] stat64(path = 0x7ff3c2a8, buf_ptr = 0x7ff3c320) = -0x2 (ENOENT)
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a8, flags = 0xa0000, mode = 0x0) = 0x3
[=] [Thread 2000] read(fd = 0x3, buf = 0x7ff3c3f0, length = 0x200) = 0x200
[=] [Thread 2000] fstat64(fd = 0x3, buf_ptr = 0x7ff3c320) = 0x0
[=] [Thread 2000] mmap2(addr = 0x0, length = 0x2000, prot = 0x3, flags = 0x22, fd = 0xffffffff, pgoffset = 0x0) = 0x90000000
[=] [Thread 2000] mmap2(addr = 0x0, length = 0x2c258, prot = 0x5, flags = 0x802, fd = 0x3, pgoffset = 0x0) = 0x90002000
[=] [Thread 2000] mprotect(start = 0x9001c000, mlen = 0xf000, prot = 0x0) = 0x0
[=] [Thread 2000] mmap2(addr = 0x9002b000, length = 0x2000, prot = 0x3, flags = 0x812, fd = 0x3, pgoffset = 0x19) = 0x9002b000
[=] [Thread 2000] mmap2(addr = 0x9002d000, length = 0x1258, prot = 0x3, flags = 0x32, fd = 0xffffffff, pgoffset = 0x0) = 0x9002d000
[=] [Thread 2000] close(fd = 0x3) = 0x0
[=] [Thread 2000] openat(fd = 0xffffff9c, path = 0x7ff3c2a0, flags = 0xa0000, mode = 0x0) = 0x3
[=] [Thread 2000] read(fd = 0x3, buf = 0x7ff3c3e0, length = 0x200) = 0x200
[=] [Thread 2000] fstat64(fd = 0x3, buf_ptr = 0x7ff3c310) = 0x0
[=] [Thread 2000] mmap2(addr = 0x0, length = 0x159250, prot = 0x5, flags = 0x802, fd = 0x3, pgoffset = 0x0) = 0x9002f000
[=] [Thread 2000] mprotect(start = 0x90173000, mlen = 0x10000, prot = 0x0) = 0x0
[=] [Thread 2000] mmap2(addr = 0x90183000, length = 0x3000, prot = 0x3, flags = 0x812, fd = 0x3, pgoffset = 0x144) = 0x90183000
[=] [Thread 2000] mmap2(addr = 0x90186000, length = 0x2250, prot = 0x3, flags = 0x32, fd = 0xffffffff, pgoffset = 0x0) = 0x90186000
[=] [Thread 2000] close(fd = 0x3) = 0x0
[=] [Thread 2000] set_tls(address = 0x90000fc0) = ?
[=] [Thread 2000] mprotect(start = 0x90183000, mlen = 0x2000, prot = 0x1) = 0x0
[=] [Thread 2000] mprotect(start = 0x9002b000, mlen = 0x1000, prot = 0x1) = 0x0
[=] [Thread 2000] mprotect(start = 0x20000, mlen = 0x1000, prot = 0x1) = 0x0
[=] [Thread 2000] mprotect(start = 0x47eb000, mlen = 0x1000, prot = 0x1) = 0x0
[=] [Thread 2000] set_tid_address(tidptr = 0x90000b68) = 0x7d0
[=] [Thread 2000] set_robust_list(head_ptr = 0x90000b70, head_len = 0xc) = 0x0
[=] [Thread 2000] rt_sigaction(signum = 0x20, act = 0x7ff3cca4, oldact = 0x0) = 0x0
[=] [Thread 2000] rt_sigaction(signum = 0x21, act = 0x7ff3cca4, oldact = 0x0) = 0x0
[=] [Thread 2000] rt_sigprocmask(how = 0x1, nset = 0x7ff3cdf4, oset = 0x0, sigsetsize = 0x8) = 0x0
[=] [Thread 2000] ugetrlimit(res = 0x3, rlim = 0x7ff3cde8) = 0x0
[=] [Thread 2000] mmap2(addr = 0x0, length = 0x31000, prot = 0x0, flags = 0x20022, fd = 0xffffffff, pgoffset = 0x0) = 0x90189000
[=] [Thread 2000] mprotect(start = 0x9018a000, mlen = 0x30000, prot = 0x3) = 0x0
[=] [Thread 2000] brk(inp = 0x0) = 0x24000
[=] [Thread 2000] brk(inp = 0x45000) = 0x45000
[=] [Thread 2000] clone(flags = 0x3d0f00, child_stack = 0x901b8f98, parent_tidptr = 0x901b94c8, newtls = 0x901b9920, child_tidptr = 0x901b94c8) = 0x7d1
[=] [Thread 2000] mmap2(addr = 0x0, length = 0x31000, prot = 0x0, flags = 0x20022, fd = 0xffffffff, pgoffset = 0x0) = 0x901ba000
[=] [Thread 2000] mprotect(start = 0x901bb000, mlen = 0x30000, prot = 0x3) = 0x0
[=] [Thread 2000] clone(flags = 0x3d0f00, child_stack = 0x901e9f98, parent_tidptr = 0x901ea4c8, newtls = 0x901ea920, child_tidptr = 0x901ea4c8) = 0x7d2
[=] [Thread 2000] fstat64(fd = 0x0, buf_ptr = 0x7ff3cc98) = 0x0
[=] [Thread 2000] read(fd = 0x0, buf = 0x242b0, length = 0x400) = 0x1
[=] [Thread 2000] exit_group(code = 0x0) = ?