Macbook M3 Pro crash
tosbaha opened this issue · comments
Describe the bug
It crashes even if I try to run the example code from the examples folder.
Sample Code
python3 -m venv qilingenv
source qilingenv/bin/activate
git clone -b dev https://github.com/qilingframework/qiling.git
cd qiling && git submodule update --init --recursive
pip3 install .
cd examples
python3 crackme_x86_linux.py
Expected behavior
It shouldn't crash.
Screenshots
Process: Python [22947]
Path: /opt/homebrew/*/Python.framework/Versions/3.12/Resources/Python.app/Contents/MacOS/Python
Identifier: org.python.python
Version: 3.12.6 (3.12.6)
Code Type: ARM-64 (Native)
Parent Process: zsh [16274]
Responsible: iTerm2 [635]
User ID: 501
Date/Time: 2024-09-30 11:03:59.6001 +0300
OS Version: macOS 15.0 (24A335)
Report Version: 12
Anonymous UUID: DB2F57AC-C0A2-D812-A756-42B2828B2065
Time Awake Since Boot: 1300 seconds
System Integrity Protection: enabled
Crashed Thread: 0 Dispatch queue: com.apple.main-thread
Exception Type: EXC_BAD_ACCESS (SIGBUS)
Exception Codes: KERN_PROTECTION_FAILURE at 0x0000000300000000
Exception Codes: 0x0000000000000002, 0x0000000300000000
Termination Reason: Namespace SIGNAL, Code 10 Bus error: 10
Terminating Process: exc handler [22947]
VM Region Info: 0x300000000 is in 0x300000000-0x340000000; bytes after start: 0 bytes before end: 1073741823
REGION TYPE START - END [ VSIZE] PRT/MAX SHRMOD REGION DETAIL
unused __TEXT 29e908000-29e90c000 [ 16K] r--/r-- SM=COW unused unknown system shared lib __TEXT
GAP OF 0x616f4000 BYTES
---> VM_ALLOCATE 300000000-340000000 [ 1.0G] rwx/rwx SM=PRV
GAP OF 0xc80000000 BYTES
commpage (reserved) fc0000000-1000000000 [ 1.0G] ---/--- SM=NUL reserved VM address space (unallocated)
Thread 0 Crashed:: Dispatch queue: com.apple.main-thread
0 libunicorn.2.dylib 0x102befdac tcg_prologue_init_x86_64 + 88
1 libunicorn.2.dylib 0x102c22c24 tcg_exec_init_x86_64 + 236
2 libunicorn.2.dylib 0x102bc56d0 machine_initialize + 88
3 libunicorn.2.dylib 0x102bc136c uc_init_engine + 164
4 libunicorn.2.dylib 0x102bc295c uc_mem_map + 536
5 libffi.dylib 0x196be0050 ffi_call_SYSV + 80
6 libffi.dylib 0x196be8b04 ffi_call_int + 1208
7 _ctypes.cpython-312-darwin.so 0x101c47a00 _ctypes_callproc + 776
8 _ctypes.cpython-312-darwin.so 0x101c40a44 PyCFuncPtr_call + 220
Additional context
I also tried installing unicorn via brew and changing the binaries but it didn't help either.
The latest Unicorn release is not stable enough for Qiling. Try reverting Unicorn to 2.0.1-post
How can I do that? Qiling’s pip version didn’t work as well. It’s puzzling that default installation via pip just doesn’t work. I will appreciate if you can write a detailed explanation.
As seen on your first message, it looks like you are using Qiling's dev branch, which is the best option. If you pip install-ed Qiling in parallel make sure to remove that installation and use the cloned version you downloaded at first.
When in the pyenv, use pip to enumerate all available versions of Unicorn:
pip index versions unicorn
Then locate the 2.0.1-post version and use it in the following command (replace the_version_goes_here with the actual version string you saw on the list):
pip install --force-reinstall -v "unicorn==the_version_goes_here"
That will revert Unicorn to the latest version that was compatible with Qiling.
but now it crashes with
➜ python crackme_x86_linux.py
[x] ialiSyscall ERROR: ql_syscall_openat DEBUG: flags were not defined for hosting ARM64 MACOS