[panda-users] taint segmentation fault
xiaojuan Li
xiaotan6666 at gmail.com
Fri Apr 17 04:21:20 EDT 2015
i try to locate the function where it stopped:
and it stopped in this switch-case :
i do not know why?
Thanks a lot!
2015-04-17 2:31 GMT-04:00 xiaojuan Li <xiaotan6666 at gmail.com>:
> the question is this:
>
> it will call this method:
> [image: 内嵌图片 1]
>
> the segfault occurs when it labels the phys addr in memory?
> does it have no access to operate that mem?
>
> Thanks a lot?
>
>
> 2015-04-16 21:04 GMT-04:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>
> i do not know which step is wrong:
>> i use the avd to create the img:
>> and the use pandaConvert.py to convert them to qcow2;
>> then i use runpandroid.py(-m 512) to record and -m 512 to replay.
>> the size of my host system is :
>>
>> why segfault while applying taint labels?it shouldn't.
>>
>>
>> 2015-04-16 20:12 GMT-04:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>>
>> thanks first.
>>> the segfault again...
>>>
>>> 2015-04-16 17:10 GMT-04:00 Brendan Dolan-Gavitt <mooyix at gmail.com>:
>>>
>>> The message about Hugetlb can be ignored -- it is just an optimization
>>>> if HugeTLB is available on your system [1].
>>>>
>>>> In general, the taint system uses 16 times as much RAM as the guest
>>>> system has, because it is trying to store two 64-bit pointers per byte of
>>>> guest memory in order to keep track of the labels that a byte of memory
>>>> has. This tends to make the taint system a lot faster, since many taint
>>>> operations simply become copies from one place to another.
>>>>
>>>> Is the taint analysis working now?
>>>>
>>>> -Brendan
>>>>
>>>> [1] http://linuxgazette.net/155/krishnakumar.html
>>>>
>>>> On Thu, Apr 16, 2015 at 5:19 AM, xiaojuan Li <xiaotan6666 at gmail.com>
>>>> wrote:
>>>>
>>>>> sorry about the repeat question of "record -m 512"..i am just in a
>>>>> short circuit...
>>>>> now the thing is:
>>>>> the guest mem size is 512 when i record,mu host mem is large enough.
>>>>>
>>>>>
>>>>> when replay,it just try to allocate so large size,but why?
>>>>>
>>>>>
>>>>> thanks a lot!
>>>>>
>>>>>
>>>>> 2015-04-15 23:25 GMT-04:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>>>>>
>>>>> Hi,Brendan,
>>>>>> i have tried it and segfault again.
>>>>>> my host is 16G which is large enough.
>>>>>> I think maybe this is not caused by size of mem.
>>>>>> Please correct me!
>>>>>> Thanks a lot!
>>>>>>
>>>>>> 2015-04-15 22:54 GMT-04:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>>>>>>
>>>>>> i see. i am going to try.
>>>>>>> Thanks very much for your great patience!
>>>>>>>
>>>>>>> 2015-04-15 22:49 GMT-04:00 Brendan Dolan-Gavitt <mooyix at gmail.com>:
>>>>>>>
>>>>>>> Find the place in runandroid.py where it sets the amount of RAM. The
>>>>>>>> line looks like:
>>>>>>>>
>>>>>>>> panda_cli.extend(["-kernel", kernel, "-initrd", initrd,
>>>>>>>> '-global', 'goldfish_nand.system_path={0}'.format(system),
>>>>>>>> '-global', 'goldfish_nand.user_data_path={0}'.format(data),
>>>>>>>> '-global', 'goldfish_nand.cache_path={0}'.format(cache),
>>>>>>>> '-append', KERNEL_CL,
>>>>>>>> '-m', '2G', '-no-reboot', '-monitor',
>>>>>>>> 'telnet:localhost:4321,server,nowait',
>>>>>>>> '-show-cursor', '-serial', 'stdio', '-serial',
>>>>>>>> 'telnet:localhost:4421,server,nowait',
>>>>>>>> '-display', 'sdl', '-global',
>>>>>>>> 'goldfish_mmc.sd_path={0}'.format(sdcard), '-android', '-S'])
>>>>>>>>
>>>>>>>> And change the 2G to 512. Then recreate the recording using
>>>>>>>> "begin_record recordingname", and run the replay with -m 512 on the
>>>>>>>> command line.
>>>>>>>>
>>>>>>>> For a recording where the guest OS uses 512M RAM, you will need 8GB
>>>>>>>> on
>>>>>>>> the host to replay with taint. If that is too much, you can try
>>>>>>>> changing from 512 to 256 or lower, but you may run into trouble
>>>>>>>> getting Android apps to run correctly.
>>>>>>>>
>>>>>>>> Hope this helps,
>>>>>>>> Brendan
>>>>>>>>
>>>>>>>> On Wed, Apr 15, 2015 at 10:45 PM, xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com> wrote:
>>>>>>>> > i have a question that:i set the mem of img created by avd is
>>>>>>>> 8G?and then
>>>>>>>> > when i boot the emulator i modify the runpandroid.py with -m 512
>>>>>>>> to
>>>>>>>> > begin_record?
>>>>>>>> > (i tried to use "begin_record name -m 512", it seems not right.)
>>>>>>>> > i do not clear enough that "record with -m 512"
>>>>>>>> > Thanks a lot
>>>>>>>> >
>>>>>>>> > 2015-04-15 22:39 GMT-04:00 xiaojuan Li <xiaotan6666 at gmail.com>:
>>>>>>>> >
>>>>>>>> >> i use the runpandroid.py to create, and the mem is 2G.
>>>>>>>> >> I am going to set the required mem to do and thanks a lot.
>>>>>>>> >>
>>>>>>>> >> 2015-04-15 22:28 GMT-04:00 Brendan Dolan-Gavitt <
>>>>>>>> mooyix at gmail.com>:
>>>>>>>> >>
>>>>>>>> >>> How much RAM is installed on the system you're trying to use to
>>>>>>>> replay? A
>>>>>>>> >>> recording with 512M will need at least 8GB of RAM to replay
>>>>>>>> with taint.
>>>>>>>> >>>
>>>>>>>> >>> -Brendan
>>>>>>>> >>>
>>>>>>>> >>> On Wed, Apr 15, 2015 at 10:27 PM, xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com>
>>>>>>>> >>> wrote:
>>>>>>>> >>>>
>>>>>>>> >>>> it seems does not work.
>>>>>>>> >>>> i set the -m 512 before record,when replay it still shows
>>>>>>>> segmentation
>>>>>>>> >>>> fault.
>>>>>>>> >>>>
>>>>>>>> >>>> 2015-04-15 22:09 GMT-04:00 Brendan Dolan-Gavitt <
>>>>>>>> mooyix at gmail.com>:
>>>>>>>> >>>>
>>>>>>>> >>>>> Yes, you need to record with -m 512. Just trying to replay
>>>>>>>> the existing
>>>>>>>> >>>>> recording with -m 512 will not work.
>>>>>>>> >>>>>
>>>>>>>> >>>>> -Brendan
>>>>>>>> >>>>>
>>>>>>>> >>>>> On Wed, Apr 15, 2015 at 10:08 PM, xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com>
>>>>>>>> >>>>> wrote:
>>>>>>>> >>>>>>
>>>>>>>> >>>>>> the question is can begin_record with "-m 512" args?
>>>>>>>> >>>>>> I just set the img's ram size is 512.and if i replay it with
>>>>>>>> "-m
>>>>>>>> >>>>>> 512",it just be aborted
>>>>>>>> >>>>>>
>>>>>>>> >>>>>> Thanks
>>>>>>>> >>>>>>
>>>>>>>> >>>>>> 2015-04-15 22:01 GMT-04:00 Brendan Dolan-Gavitt <
>>>>>>>> mooyix at gmail.com>:
>>>>>>>> >>>>>>
>>>>>>>> >>>>>>> The problem is that you are giving the system too much RAM
>>>>>>>> – you need
>>>>>>>> >>>>>>> to remake the recording with -m 512. Currently the taint
>>>>>>>> system tries to
>>>>>>>> >>>>>>> reserve 16x as much RAM as the guest system for taint, so
>>>>>>>> for 2GB of guest
>>>>>>>> >>>>>>> RAM it's trying to reserve 32GB.
>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>> -Brendan
>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>> On Wed, Apr 15, 2015 at 9:08 PM, xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>> wrote:
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>> Hi,Brendan,
>>>>>>>> >>>>>>>> I have done it from the begin(convert img to qcow2),then i
>>>>>>>> replay it
>>>>>>>> >>>>>>>> with taint2 plugin,
>>>>>>>> >>>>>>>> when it tstringsearch the maching, it just shows
>>>>>>>> "segmentation
>>>>>>>> >>>>>>>> fault",but i notice that it also tstringsearch the
>>>>>>>> unmatching and there is
>>>>>>>> >>>>>>>> no segfault.
>>>>>>>> >>>>>>>> here is, my test string is "passwordisqemua":
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>> Thanks!
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>> 2015-04-15 13:05 GMT-04:00 Brendan Dolan-Gavitt <
>>>>>>>> mooyix at gmail.com>:
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>> Hi,
>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>> It looks like the problem is that it's trying to allocate
>>>>>>>> much more
>>>>>>>> >>>>>>>>> RAM than you are likely to have available: 34359738368
>>>>>>>> bytes, or 32 GiB.
>>>>>>>> >>>>>>>>> This may be because you are using a fairly large amount
>>>>>>>> of RAM for the
>>>>>>>> >>>>>>>>> Android system; could you try reducing that to 512M and
>>>>>>>> seeing if that fixes
>>>>>>>> >>>>>>>>> the problem?
>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>> -Brendan
>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>> On Wed, Apr 15, 2015 at 4:26 AM, xiaojuan Li
>>>>>>>> >>>>>>>>> <xiaotan6666 at gmail.com> wrote:
>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>> could you share any ways how do you do with it?even
>>>>>>>> though now
>>>>>>>> >>>>>>>>>> the bug is not fixed?
>>>>>>>> >>>>>>>>>> Thanks a lot!
>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>> 2015-04-13 22:05 GMT-04:00 Brendan Dolan-Gavitt
>>>>>>>> >>>>>>>>>> <mooyix at gmail.com>:
>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>> Yes, I downloaded the .rr and have reproduced your
>>>>>>>> issue. I will
>>>>>>>> >>>>>>>>>>> look into it and see if I can get the bug fixed!
>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>> -Brendan
>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>> On Mon, Apr 13, 2015 at 10:04 PM, xiaojuan Li
>>>>>>>> >>>>>>>>>>> <xiaotan6666 at gmail.com> wrote:
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>> could you download that .rr correctly?
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>> 2015-04-13 10:05 GMT-04:00 xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>> yeah,i did not get seg fault when i reproduce the
>>>>>>>> tainted
>>>>>>>> >>>>>>>>>>>>> instructions tutorial.
>>>>>>>> >>>>>>>>>>>>> Thanks for your patience very much!
>>>>>>>> >>>>>>>>>>>>> your guys' work is great! do not say sorry.
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>> my command line is:(in /qemu/arm-softmmu
>>>>>>>> >>>>>>>>>>>>> directory)./qemu-system-arm -m 2G -replay ime4-13 -M
>>>>>>>> android_arm -kernel
>>>>>>>> >>>>>>>>>>>>> /dev/null -android -panda
>>>>>>>> "stringsearch:name=1;tstringsearch;tainted_instr";
>>>>>>>> >>>>>>>>>>>>> the content of 1_search_strings.txt is: "cipher";
>>>>>>>> >>>>>>>>>>>>> here is my .rr file:
>>>>>>>> >>>>>>>>>>>>> http://pan.baidu.com/s/1gdCfTSn
>>>>>>>> >>>>>>>>>>>>> (sorry for taking so long time to upload .rr)
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>> Thanks again!
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>> 2015-04-13 8:58 GMT-04:00 Leek, Timothy - 0559 - MITLL
>>>>>>>> >>>>>>>>>>>>> <tleek at ll.mit.edu>:
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> Uninit taint plugin *should* display at the end of
>>>>>>>> the run.
>>>>>>>> >>>>>>>>>>>>>> That is not an error. It is just a message. You
>>>>>>>> aren't getting a seg fault
>>>>>>>> >>>>>>>>>>>>>> when you reproduce the tainted instructions
>>>>>>>> tutorial, though. Right?
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> I don't know what's wrong with your android run. We
>>>>>>>> could try
>>>>>>>> >>>>>>>>>>>>>> to reproduce and debug. Can you give us your
>>>>>>>> replay? Package it up with
>>>>>>>> >>>>>>>>>>>>>> scripts/rrpack.py. Stick the .rr file somewhere we
>>>>>>>> can get it. And give us
>>>>>>>> >>>>>>>>>>>>>> your complete command line. And the string search
>>>>>>>> file.
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> That said -- we are fairly swamped right now. So
>>>>>>>> might take a
>>>>>>>> >>>>>>>>>>>>>> bit. Sorry!
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> Cheers.
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> Tim
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> ________________________________
>>>>>>>> >>>>>>>>>>>>>> From: xiaojuan Li [xiaotan6666 at gmail.com]
>>>>>>>> >>>>>>>>>>>>>> Sent: Monday, April 13, 2015 8:27 AM
>>>>>>>> >>>>>>>>>>>>>> To: Leek, Timothy - 0559 - MITLL;
>>>>>>>> panda-users at mit.edu; Brendan
>>>>>>>> >>>>>>>>>>>>>> Dolan-Gavitt
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> Subject: Re: [panda-users] taint segmentation fault
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> let me describe how can i get my test snp:
>>>>>>>> >>>>>>>>>>>>>> first i boot android emulator,begin_record, do some
>>>>>>>> operations
>>>>>>>> >>>>>>>>>>>>>> in emulator,end_record. then i use it to replay to
>>>>>>>> taint the data i input
>>>>>>>> >>>>>>>>>>>>>> before.
>>>>>>>> >>>>>>>>>>>>>> (by the way, though i can get the result of the
>>>>>>>> tutorial,it
>>>>>>>> >>>>>>>>>>>>>> shows "uninit taint plugin" end of the result).
>>>>>>>> >>>>>>>>>>>>>> Thanks!
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> 2015-04-13 8:14 GMT-04:00 xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>> Thanks first.
>>>>>>>> >>>>>>>>>>>>>>> I tried it before and can get the result described
>>>>>>>> in the
>>>>>>>> >>>>>>>>>>>>>>> tutorial,but when turn to my snp, it still shows
>>>>>>>> "segfault".
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>> 2015-04-13 7:26 GMT-04:00 Leek, Timothy - 0559 -
>>>>>>>> MITLL
>>>>>>>> >>>>>>>>>>>>>>> <tleek at ll.mit.edu>:
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>> Maybe try git pull. Then make distclean in qemu
>>>>>>>> dir. Then
>>>>>>>> >>>>>>>>>>>>>>>> make. Then try the tutorial. Should work.
>>>>>>>> >>>>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>> Tim Leek
>>>>>>>> >>>>>>>>>>>>>>>> Technical Staff
>>>>>>>> >>>>>>>>>>>>>>>> Cyber System Assessments
>>>>>>>> >>>>>>>>>>>>>>>> MIT Lincoln Laboratory
>>>>>>>> >>>>>>>>>>>>>>>> 781-981-2975
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>> From: xiaojuan Li <xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>>>>>>>>>>> Date: Sunday, April 12, 2015 at 11:41 PM
>>>>>>>> >>>>>>>>>>>>>>>> To: Brendan Dolan-Gavitt <brendandg at gatech.edu>,
>>>>>>>> >>>>>>>>>>>>>>>> "panda-users at mit.edu" <panda-users at mit.edu>
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>> Subject: Re: [panda-users] taint segmentation fault
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>> yeah.i fail to taint both in using sshkeygen and
>>>>>>>> my test
>>>>>>>> >>>>>>>>>>>>>>>> snp.
>>>>>>>> >>>>>>>>>>>>>>>> here is the result of following the steps in the
>>>>>>>> tutorial:
>>>>>>>> >>>>>>>>>>>>>>>> Thanks!
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>> 2015-04-13 11:34 GMT+08:00 Brendan Dolan-Gavitt
>>>>>>>> >>>>>>>>>>>>>>>> <brendandg at gatech.edu>:
>>>>>>>> >>>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> Are you able to follow the steps in the tutorial
>>>>>>>> (using the
>>>>>>>> >>>>>>>>>>>>>>>>> sshkeygen
>>>>>>>> >>>>>>>>>>>>>>>>> replay)? Or does that fail as well?
>>>>>>>> >>>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> -Brendan
>>>>>>>> >>>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> On Sun, Apr 12, 2015 at 11:27 PM, xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> <xiaotan6666 at gmail.com> wrote:
>>>>>>>> >>>>>>>>>>>>>>>>> > thanks first. i cannot either.
>>>>>>>> >>>>>>>>>>>>>>>>> > just segfault while tainting.
>>>>>>>> >>>>>>>>>>>>>>>>> >
>>>>>>>> >>>>>>>>>>>>>>>>> >
>>>>>>>> >>>>>>>>>>>>>>>>> > 2015-04-13 4:52 GMT+08:00 Leek, Timothy - 0559
>>>>>>>> - MITLL
>>>>>>>> >>>>>>>>>>>>>>>>> > <tleek at ll.mit.edu>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> Also, just a check. Are you able to reproduce
>>>>>>>> the
>>>>>>>> >>>>>>>>>>>>>>>>> >> results here?
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> https://github.com/moyix/panda/blob/master/docs/tainted_instructions.md
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> --
>>>>>>>> >>>>>>>>>>>>>>>>> >> Tim Leek
>>>>>>>> >>>>>>>>>>>>>>>>> >> Technical Staff
>>>>>>>> >>>>>>>>>>>>>>>>> >> Cyber System Assessments
>>>>>>>> >>>>>>>>>>>>>>>>> >> MIT Lincoln Laboratory
>>>>>>>> >>>>>>>>>>>>>>>>> >> 781-981-2975
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> From: Brendan Dolan-Gavitt <
>>>>>>>> brendandg at gatech.edu>
>>>>>>>> >>>>>>>>>>>>>>>>> >> Date: Sunday, April 12, 2015 at 4:04 PM
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> To: xiaojuan Li <xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>>>>>>>>>>>> >> Cc: "panda-users at mit.edu" <panda-users at mit.edu
>>>>>>>> >
>>>>>>>> >>>>>>>>>>>>>>>>> >> Subject: Re: [panda-users] taint segmentation
>>>>>>>> fault
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> A few things:
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> 1. Did you make sure to do a make clean and
>>>>>>>> then re-run
>>>>>>>> >>>>>>>>>>>>>>>>> >> build.sh after
>>>>>>>> >>>>>>>>>>>>>>>>> >> updating? I got a segfault just after taint
>>>>>>>> was turned
>>>>>>>> >>>>>>>>>>>>>>>>> >> on as well until I
>>>>>>>> >>>>>>>>>>>>>>>>> >> did a make clean and re-ran build.sh.
>>>>>>>> >>>>>>>>>>>>>>>>> >> 2. Are you running this on a 64-bit system?
>>>>>>>> What kernel
>>>>>>>> >>>>>>>>>>>>>>>>> >> version?
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> -Brendan
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >> On Sun, Apr 12, 2015 at 9:16 AM, xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >> <xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>>>>>>>>>>>> >> wrote:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>> any suggestions? about segmentation fault?
>>>>>>>> >>>>>>>>>>>>>>>>> >>> and after my test,I make sure it is not
>>>>>>>> caused by
>>>>>>>> >>>>>>>>>>>>>>>>> >>> insufficient memory.
>>>>>>>> >>>>>>>>>>>>>>>>> >>> Thanks a lot!
>>>>>>>> >>>>>>>>>>>>>>>>> >>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>> 2015-04-11 11:59 GMT+08:00 xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>> <xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> excuse me:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> I try to fix the segmentation error:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> and find this piece of code:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> do you mean that it doesn't support so
>>>>>>>> large byte?or
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> it doesn't support
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> for android arm?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> in the doc I noticed that network tainting
>>>>>>>> is not
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> supported for arm
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> architecture,and the string I tainted was
>>>>>>>> something
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> may go through the
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> network.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> Thanks!
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> 2015-04-09 21:30 GMT+08:00 xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> <xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> Now that the panda taint.md is not
>>>>>>>> fresh,can you guys
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> give me some
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> help?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> I use the replay plugin,here is my command
>>>>>>>> and the
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> result.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> the content of pk_search_strings.txt is
>>>>>>>> :"sdt"
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> I am confused here:in the paper— Repeatable
>>>>>>>> reverse
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> with panda:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> :
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> it is clear that:if I use the stringsearch
>>>>>>>> and taint
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> plugin,when it
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> matches, the taint label will be put and
>>>>>>>> then taint
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> action will start.but
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> when I use it, it seems wrong(the picture
>>>>>>>> showed
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> before):no taint action
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> execute,and i am confused about the
>>>>>>>> tstringsearch's
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> result.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> how can i use it to analysis?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> Thanks a lot!
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> 2015-04-08 10:14 GMT+08:00 xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> <xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> I get the replay file by running
>>>>>>>> runandroid script.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> and i use
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> qemu-system-arm command just to do some
>>>>>>>> replay work.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> I may not understand you at all in this
>>>>>>>> emal.do you
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> mean that i should
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> gdb the original program rather than the
>>>>>>>> record
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> file?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> Thansk
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> 2015-04-08 9:52 GMT+08:00 Brendan
>>>>>>>> Dolan-Gavitt
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> <brendandg at gatech.edu>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> Hmm. gdb should normally stop when you
>>>>>>>> get a
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> segfault.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> Are you by any chance running PANDA using
>>>>>>>> the
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> runandroid script? If
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> so, you will need to instead invoke PANDA
>>>>>>>> manually,
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> i.e.:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> gdb --args arm-softmmu/qemu-system-arm
>>>>>>>> [...]
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> And then once it crashes, type "bt" at
>>>>>>>> the gdb
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> prompt to get a
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> backtrace.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> -Brendan
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> On Tue, Apr 7, 2015 at 9:47 PM, xiaojuan
>>>>>>>> Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> <xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>> wrote:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>> when gdb,it shows:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>> and then i see the log:it shows segfault:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>> 2015-04-08 9:03 GMT+08:00 xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>> <xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> maybe i am wrong.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> i use the command
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> line:"taint2:label_mode=binary,query_outgoing_network=1"and I found that
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> when i use taint2, after it loads
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> panda_taint2.so,it
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> shows:"taint2:instructed not to inline
>>>>>>>> taint ops
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> .success".
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> 2015-04-08 8:54 GMT+08:00 xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> <xiaotan6666 at gmail.com>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> ok.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> 1.I want to use taint plugin to get
>>>>>>>> information
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> about some
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> functions(of course, it is
>>>>>>>> closed-source),so I
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> think I can stringsearch
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> potential data and then taint them and
>>>>>>>> next I
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> can locate the functions which
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> solves these data.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> 2.the command line I used is :
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> stringsearch:name=***;taint2:tainted_instructions=1.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> thanks
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> 2015-04-08 8:40 GMT+08:00 Brendan
>>>>>>>> Dolan-Gavitt
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> <brendandg at gatech.edu>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> Could you provide:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> 1. What information you're trying to
>>>>>>>> get
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> 2. The command line you're using to
>>>>>>>> run PANDA
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> with the taint2
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> plugin
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> ?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> Right now I believe taint2 does not
>>>>>>>> produce
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> very much output by
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> default. Instead you use the -pandalog
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> <filename> command line option, and
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> taint2 will write its results there
>>>>>>>> in pandalog
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> format; you can then read
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> them using pandalog_reader (see
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> panda/pandalog_reader.c for details
>>>>>>>> on that
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> tool).
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> -Brendan
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> On Tue, Apr 7, 2015 at 8:32 PM,
>>>>>>>> xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>> <xiaotan6666 at gmail.com> wrote:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> when I tried taint2,it showed the
>>>>>>>> same error
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> with taint1, the
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> olny difference is that taint2 has
>>>>>>>> no segfault
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> error,just uninit taint
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> plugin.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> 2015-04-08 8:28 GMT+08:00 Brendan
>>>>>>>> Dolan-Gavitt
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> <brendandg at gatech.edu>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>> Could you be a little more
>>>>>>>> descriptive about
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>> how it failed?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>> Segfault? Error message? Incorrect
>>>>>>>> output?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>> -Brendan
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>> On Tue, Apr 7, 2015 at 8:27 PM,
>>>>>>>> xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>> <xiaotan6666 at gmail.com> wrote:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> i tried taint2 too,it failed.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> 2015-04-07 5:20 GMT+08:00 Leek,
>>>>>>>> Timothy -
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> 0559 - MITLL
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> <tleek at ll.mit.edu>:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Also note that the “taint” plugin
>>>>>>>> is
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> somewhat defunct.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> “taint2” is the one we are
>>>>>>>> actively using
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> and developing.
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Tim Leek
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Technical Staff
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Cyber System Assessments
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> MIT Lincoln Laboratory
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> 781-981-2975
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> From: Brendan Dolan-Gavitt
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> <brendandg at gatech.edu>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Date: Monday, April 6, 2015 at
>>>>>>>> 5:18 PM
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> To: xiaojuan Li <
>>>>>>>> xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Cc: "panda-users at mit.edu"
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> <panda-users at mit.edu>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Subject: Re: [panda-users] taint
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> segmentation fault
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> Could you run that under gdb and
>>>>>>>> provide us
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> with a backtrace
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> when it crashes?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> -Brendan
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> On Sunday, April 5, 2015,
>>>>>>>> xiaojuan Li
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> <xiaotan6666 at gmail.com>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>> wrote:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Hi,
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> excuse me,i have a question
>>>>>>>> about taint
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> plugin:(stringsearch:name=***;taint:tainted_instructions=1)
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> when I started it showed success:
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> but when it finished search,it
>>>>>>>> showd
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> "uninit taint plugin
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> segementation fault"
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> how can I fix it?
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> Thanks a lot!
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> panda-users mailing list
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>> panda-users at mit.edu
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> http://mailman.mit.edu/mailman/listinfo/panda-users
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>>
>>>>>>>> >>>>>>>>>>>>>>>>> >>> --
>>>>>>>> >>>>>>>>>>>>>>>>> >>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >>
>>>>>>>> >>>>>>>>>>>>>>>>> >
>>>>>>>> >>>>>>>>>>>>>>>>> >
>>>>>>>> >>>>>>>>>>>>>>>>> >
>>>>>>>> >>>>>>>>>>>>>>>>> > --
>>>>>>>> >>>>>>>>>>>>>>>>> > wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>> --
>>>>>>>> >>>>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>>
>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>>
>>>>>>>> >>>>>>>>>> --
>>>>>>>> >>>>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>>
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>>
>>>>>>>> >>>>>>>> --
>>>>>>>> >>>>>>>> wait and hope~~
>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>>
>>>>>>>> >>>>>>
>>>>>>>> >>>>>>
>>>>>>>> >>>>>>
>>>>>>>> >>>>>> --
>>>>>>>> >>>>>> wait and hope~~
>>>>>>>> >>>>>
>>>>>>>> >>>>>
>>>>>>>> >>>>
>>>>>>>> >>>>
>>>>>>>> >>>>
>>>>>>>> >>>> --
>>>>>>>> >>>> wait and hope~~
>>>>>>>> >>>
>>>>>>>> >>>
>>>>>>>> >>
>>>>>>>> >>
>>>>>>>> >>
>>>>>>>> >> --
>>>>>>>> >> wait and hope~~
>>>>>>>> >
>>>>>>>> >
>>>>>>>> >
>>>>>>>> >
>>>>>>>> > --
>>>>>>>> > wait and hope~~
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> wait and hope~~
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> wait and hope~~
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> wait and hope~~
>>>>>
>>>>
>>>>
>>>
>>>
>>> --
>>> wait and hope~~
>>>
>>
>>
>>
>> --
>> wait and hope~~
>>
>
>
>
> --
> wait and hope~~
>
--
wait and hope~~
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0001.htm
-------------- next part --------------
A non-text attachment was scrubbed...
Name: step114.png
Type: image/png
Size: 3468 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0008.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: step113.png
Type: image/png
Size: 11292 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0009.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tstring9992.png
Type: image/png
Size: 7433 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0010.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: memory1.png
Type: image/png
Size: 10131 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0011.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tstring9991.png
Type: image/png
Size: 28871 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0012.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: memory.png
Type: image/png
Size: 17898 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0013.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tstring9994.png
Type: image/png
Size: 75160 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0014.png
-------------- next part --------------
A non-text attachment was scrubbed...
Name: tstring9993.png
Type: image/png
Size: 18787 bytes
Desc: not available
Url : http://mailman.mit.edu/pipermail/panda-users/attachments/20150417/0ba755e1/attachment-0015.png
More information about the panda-users
mailing list