Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Ghidra Debugger GDB IN VM and GDB via GADB #5766

Closed
MinhPham123456789 opened this issue Sep 10, 2023 · 4 comments
Closed

Ghidra Debugger GDB IN VM and GDB via GADB #5766

MinhPham123456789 opened this issue Sep 10, 2023 · 4 comments
Assignees
@d-millar
Labels
Feature: Debugger Reason: OBE This has been "overcome by events."

Comments

@MinhPham123456789
Copy link

MinhPham123456789 commented Sep 10, 2023
edited
Loading

I am trying to run a program in Ghidra debugger using GDB via IN VM or GADB.
At first, there is an error like this:

Program received signal SIGTTIN, Stopped (tty input).
26	../sysdeps/unix/sysv/linux/read.c: No such file or directory.
0x00007ffff7915a2d in __GI___libc_read (fd=0, buf=0x555555575d20, nbytes=1024)
    at ../sysdeps/unix/sysv/linux/read.c:26
26	in ../sysdeps/unix/sysv/linux/read.c
#0  0x00007ffff7915a2d in __GI___libc_read (fd=0, buf=0x555555575d20, nbytes=1024) at ../sysdeps/unix/sysv/linux/read.c:26
26	in ../sysdeps/unix/sysv/linux/read.c

Then I use the dir command in "gdb" to add the path to glibc source code I installed separately on my computer so it can go to the read.c. However, there is another error appears

Program received signal SIGTTIN, Stopped (tty input).
0x00007ffff7915a2d in __GI___libc_read (fd=0, buf=0x555555575d20, nbytes=1024)
    at ../sysdeps/unix/sysv/linux/read.c:26
26	  return SYSCALL_CANCEL (read, fd, buf, nbytes);
#0  0x00007ffff7915a2d in __GI___libc_read (fd=0, buf=0x555555575d20, nbytes=1024) at ../sysdeps/unix/sysv/linux/read.c:26
26	  return SYSCALL_CANCEL (read, fd, buf, nbytes);

I thought this may be because the program being drugged so I ran gdb directly in the terminal and launch the program but it works normally
I am using Kali Linux 2022 as the OS and Ghidra is the latest one 10.3.3
Does anyone know how to resolve this one?
Thank you very much
@d-millar
Copy link
Collaborator

@MinhPham123456789 We might need a little more context on this one.... You said running gdb directly in the terminal works - am assuming you're doing something like "gdb"/"file mytarget"/"run", yes? When you run your target in Ghidra, how are you doing it? Are you launching from the main toolbar or from Objects? Is the target launching? Where are you seeing that error - DebugConsole, Interpreter window, terminal where Ghidra is executing? Does the error terminate the process, the debugging session, etc.? Have you tried starting the IN-VM version and then doing "file mytarget"/"run" from thr Interpreter?

@MinhPham123456789
Copy link
Author

MinhPham123456789 commented Sep 11, 2023
edited
Loading

When I debug the program directly using GDB via a terminal, it works normally so yes the commands were

gdb [program_name]
r

When I switched to Ghidra, I imported the program and opened it in Debugger mode. Then I tried both GDB IN VM and via GADB, and they gave the same error as mentioned earlier. The error was in the Interpreter window, where the gdb displayed the result. The target program was launched and printed out some output before the error. The error terminates the process in gdb in the interpreter window.
One important thing I did not mention is that the error happens when the program requires the user to provide an input value.
In the terminal using gdb, I can provide the input normally and continue the program. In Ghidra, when the program comes to asking for input, the error happens as mentioned earlier and terminates the process in gdb in the interpreter window.

@ryanmkurtz ryanmkurtz added Feature: Debugger Status: Triage Information is being gathered labels Sep 11, 2023
@d-millar
Copy link
Collaborator

@MinhPham123456789 Ah, you hit the nail on the head. The Pty used by the Interpreter doesn't really share well with others. So, several approaches:

First, @nsadeveloper789 recommends reading the Debugger Course, Section B1, for what is definitely a better description of the debugger workings than I am about to provide. He also recommends the following options in order of preference/ease-of-use/lack-of-hackiness.

Option 1: Use the debugger to attach to the process, rather than launch it directly. The benefits here are probably obvious, and, given the target waits for input, attaching shouldn't be difficult.

Option 2: Use the "new-ui" feature of gdb.

  • Start gdb in, e.g., xterm
  • Tell Ghidra to connect and check the "use existing session" box
  • While it's connecting, look for it to print out the pty name (probably in the Debug Console)
  • Isue new-ui mi2 [TTY] in your already-running gdb

Option 3: Run your target using gdbserver and "target remote" to connect to the server. This may result in duplicate modules in the GUI, so it's less than ideal.

Let us know if you need more details on any of these options or are having trouble getting them to work!

@MinhPham123456789
Copy link
Author

Thank you very much @d-millar

@d-millar d-millar added Reason: OBE This has been "overcome by events." and removed Status: Triage Information is being gathered labels Jul 8, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@d-millar d-millar

Labels
Feature: Debugger Reason: OBE This has been "overcome by events."
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@ryanmkurtz @d-millar @MinhPham123456789 @nsadeveloper789