I try to execute bash script file but failed, it seems --args is not working for bash. #1556
Description
root@debian:/qiling# ./qltool run -f examples/rootfs/x8664_linux/bin/bash --rootfs examples/rootfs/x8664_linux/ --args examples/rootfs/x8664_linux/bin/script.sh
[=] brk(inp = 0x0) = 0x55555568f000
[=] uname(buf = 0x7ffffffff958) = 0x0
[=] access(path = 0x7ffff7df6082, mode = 0x0) = -0x2 (ENOENT)
[=] access(path = 0x7ffff7df8dd0, mode = 0x4) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffff7df6428, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff2f0, buf_ptr = 0x7ffffffff3a8) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2f0, flags = 0x80000, mode = 0x0) = 0x3
[=] read(fd = 0x3, buf = 0x7ffffffff510, length = 0x340) = 0x340
[=] fstat(fd = 0x3, buf = 0x7ffffffff3a8) = 0x0
[=] mmap(addr = 0x0, length = 0x2e9a0, prot = 0x1, flags = 0x802, fd = 0x3, pgoffset = 0x0) = 0x7fffb7dd6000
[=] mmap(addr = 0x7fffb7de4000, length = 0xe000, prot = 0x5, flags = 0x812, fd = 0x3, pgoffset = 0xe000) = 0x7fffb7de4000
[=] mmap(addr = 0x7fffb7df2000, length = 0xe000, prot = 0x1, flags = 0x812, fd = 0x3, pgoffset = 0x1c000) = 0x7fffb7df2000
[=] mmap(addr = 0x7fffb7e00000, length = 0x5000, prot = 0x3, flags = 0x812, fd = 0x3, pgoffset = 0x29000) = 0x7fffb7e00000
[=] close(fd = 0x3) = 0x0
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff2c0, flags = 0x80000, mode = 0x0) = 0x3
[=] read(fd = 0x3, buf = 0x7ffffffff4e0, length = 0x340) = 0x340
[=] fstat(fd = 0x3, buf = 0x7ffffffff378) = 0x0
[=] mmap(addr = 0x0, length = 0x2000, prot = 0x3, flags = 0x22, fd = 0xffffffff, pgoffset = 0x0) = 0x7fffb7e05000
[=] mmap(addr = 0x0, length = 0x5110, prot = 0x1, flags = 0x802, fd = 0x3, pgoffset = 0x0) = 0x7fffb7e07000
[=] mmap(addr = 0x7fffb7e08000, length = 0x2000, prot = 0x5, flags = 0x812, fd = 0x3, pgoffset = 0x1000) = 0x7fffb7e08000
[=] mmap(addr = 0x7fffb7e0a000, length = 0x1000, prot = 0x1, flags = 0x812, fd = 0x3, pgoffset = 0x3000) = 0x7fffb7e0a000
[=] mmap(addr = 0x7fffb7e0b000, length = 0x2000, prot = 0x3, flags = 0x812, fd = 0x3, pgoffset = 0x3000) = 0x7fffb7e0b000
[=] close(fd = 0x3) = 0x0
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = -0x2 (ENOENT)
[=] stat(path = 0x7ffffffff290, buf_ptr = 0x7ffffffff348) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7ffffffff290, flags = 0x80000, mode = 0x0) = 0x3
[=] read(fd = 0x3, buf = 0x7ffffffff4b0, length = 0x340) = 0x340
[=] fstat(fd = 0x3, buf = 0x7ffffffff348) = 0x0
[=] mmap(addr = 0x0, length = 0x3f0ae0, prot = 0x5, flags = 0x802, fd = 0x3, pgoffset = 0x0) = 0x7fffb7e0d000
[=] mprotect(start = 0x7fffb7ff4000, mlen = 0x200000, prot = 0x0) = 0x0
[=] mmap(addr = 0x7fffb81f4000, length = 0x6000, prot = 0x3, flags = 0x812, fd = 0x3, pgoffset = 0x1e7000) = 0x7fffb81f4000
[=] mmap(addr = 0x7fffb81fa000, length = 0x3ae0, prot = 0x3, flags = 0x32, fd = 0xffffffff, pgoffset = 0x0) = 0x7fffb81fa000
[=] close(fd = 0x3) = 0x0
[=] mmap(addr = 0x0, length = 0x3000, prot = 0x3, flags = 0x22, fd = 0xffffffff, pgoffset = 0x0) = 0x7fffb81fe000
[=] arch_prctl(code = 0x1002, addr = 0x7fffb81fe740) = 0x0
[=] mprotect(start = 0x7fffb81f4000, mlen = 0x4000, prot = 0x1) = 0x0
[=] mprotect(start = 0x7fffb7e0b000, mlen = 0x1000, prot = 0x1) = 0x0
[=] mprotect(start = 0x7fffb7e00000, mlen = 0x4000, prot = 0x1) = 0x0
[=] mprotect(start = 0x555555676000, mlen = 0x3000, prot = 0x1) = 0x0
[=] mprotect(start = 0x7ffff7ffc000, mlen = 0x1000, prot = 0x1) = 0x0
[=] openat(fd = 0xffffff9c, path = 0x55555563f2df, flags = 0x802, mode = 0x0) = -0x2 (ENOENT)
[=] ioctl(fd = 0x0, cmd = 0x5401, arg = 0x7ffffffff9b0) = 0x0
[=] fstat(fd = 0x0, buf = 0x7ffffffffa40) = 0x0
[=] brk(inp = 0x0) = 0x55555568f000
[=] brk(inp = 0x5555556b0000) = 0x5555556b0000
[=] readlink(pathname = 0x7ffffffffb60, buf = 0x55555568f260, bufsize = 0xfff) = -0x2 (ENOENT)
[=] stat(path = 0x7fffb7fc2800, buf_ptr = 0x7ffffffffad0) = -0x2 (ENOENT)
[=] openat(fd = 0xffffff9c, path = 0x7fffb7fc2809, flags = 0x90800, mode = 0x0) = -0x2 (ENOENT)
[=] getuid() = 0x3e8
[=] getgid() = 0x3e8
[=] geteuid() = 0x3e8
[=] getegid() = 0x3e8
[=] rt_sigprocmask(how = 0x0, nset = 0x0, oset = 0x555555681e68, sigsetsize = 0x8) = 0x0
[=] gettimeofday(tv = 0x555555681f10, tz = 0x0) = 0x0
[x] Syscall ERROR: ql_syscall_ioctl DEBUG: list index out of range
Traceback (most recent call last):
File "/qiling/qiling/os/posix/posix.py", line 213, in load_syscall
retval = syscall_hook(self.ql, *params)
File "/qiling/qiling/os/posix/syscall/ioctl.py", line 81, in ql_syscall_ioctl
if isinstance(ql.os.fd[fd], ql_socket) and cmd in (SIOCGIFADDR, SIOCGIFNETMASK):
File "/qiling/qiling/os/posix/posix.py", line 30, in getitem
return self.__fds[idx]
IndexError: list index out of range
Traceback (most recent call last):
File "/qiling/./qltool", line 324, in
run()
File "/qiling/./qltool", line 310, in run
ql.run(timeout=options.timeout)
File "/qiling/qiling/core.py", line 588, in run
self.os.run()
File "/qiling/qiling/os/linux/linux.py", line 184, in run
self.ql.emu_start(self.ql.loader.elf_entry, self.exit_point, self.ql.timeout, self.ql.count)
File "/qiling/qiling/core.py", line 774, in emu_start
raise self.internal_exception
File "/qiling/qiling/core_hooks.py", line 141, in wrapper
return callback(*args, **kwargs)
File "/qiling/qiling/core_hooks.py", line 204, in _hook_insn_cb
ret = hook.call(ql, *hook_args)
File "/qiling/qiling/core_hooks_types.py", line 25, in call
return self.callback(ql, *args)
File "/qiling/qiling/os/linux/linux.py", line 138, in hook_syscall
return self.load_syscall()
File "/qiling/qiling/os/posix/posix.py", line 231, in load_syscall
raise e
File "/qiling/qiling/os/posix/posix.py", line 213, in load_syscall
retval = syscall_hook(self.ql, *params)
File "/qiling/qiling/os/posix/syscall/ioctl.py", line 81, in ql_syscall_ioctl
if isinstance(ql.os.fd[fd], ql_socket) and cmd in (SIOCGIFADDR, SIOCGIFNETMASK):
File "/qiling/qiling/os/posix/posix.py", line 30, in getitem
return self.__fds[idx]
IndexError: list index out of range
root@debian:/qiling#