[panda-users] replay records with PANDROID

Brendan Dolan-Gavitt brendandg at nyu.edu
Tue Jul 12 10:59:46 EDT 2016 

On Tue, Jul 12, 2016 at 10:18 AM, gilles B <gillusg75 at gmail.com> wrote:
> Ho sorry, I have now added the "-android" and it works, amazing !
> To be noted that the "-android" is present in the tutorial of the doc:
> https://github.com/moyix/panda/blob/master/docs/LINE_Censorship.md
> however it is not present in the command of PANDA share website:
> http://www.rrshare.org/detail/35/

Sorry about that! It's fixed now.

> It's still surprising when I run the same replay command multiple times
> consecutively, from time to time I still have the error of "log_replay2.txt"
> (see my first post), e.g.: I had to run this command 4 times to get a
> successful replay

Does the failure happen even when using the dummy qcow2s mentioned in
the tutorial? The "File exists" bug is one we know about but have not
had time to fix (most of the devs don't use the android support on a
day to day basis), but I thought I recalled that the tutorial's
workaround worked.

> Ohterwise the output log seems fine (log_replay_ok.txt enclosed) although
> there are some attempts to connect to ADB, which is strange for a replay
> mode + other errors like "qemu-system-arm: Error -22 while loading VM state"
> that don't seem to be a problem for the success of the replay.
> At least I'm able to use different plugins that work like a charm)

The replay system starts by loading a QEMU snapshot. Unless the
devices are exactly the same as during recording, there snapshot will
fail to load giving that error -22 message, but as long as it has
restored RAM & CPU state by then it usually doesn't matter.

Glad things are working for you now!

-Brendan

> 2016-07-11 13:06 GMT+01:00 Brendan Dolan-Gavitt <brendandg at nyu.edu>:
>>
>> Hi,
>>
>> It looks like you are missing the "-android" option when replaying line2.
>>
>> Also, if you are using the most recent git version of PANDA, note that
>> a recent change introduced a regression to the ARM record/replay
>> support. If you roll back to commit 38e9caf ARM record/replay will
>> work correctly. This issue is currently being tracked at
>> https://github.com/moyix/panda/issues/91 and we'll try to get it fixed
>> soon.
>>
>> -Brendan
>>
>> On Mon, Jul 11, 2016 at 7:34 AM, gilles B <gillusg75 at gmail.com> wrote:
>> > Actually in the example above, I don't use both dummy.qcow2 and
>> > dummy2.qcow2
>> > like in the tutorial, however even if I use both, I have the same issue:
>> >
>> > root at pandavm:/home/panda/Desktop/line_android_test#
>> > /home/panda/panda/qemu/arm-softmmu/qemu-system-arm -m 2048 -replay line2
>> > -M
>> > android_arm -cpu cortex-a9 -kernel /dev/null -global
>> > goldfish_mmc.sd_path=/dev/null -global
>> >
>> > goldfish_nand.system_path=/home/panda/Desktop/line_android_test/dummy2.qcow2
>> > -global
>> >
>> > goldfish_nand.user_data_path=/home/panda/Desktop/line_android_test/dummy.qcow2
>> > goldfish_add_device: goldfish_device_bus, base ff001000 1000, irq 1 1
>> > goldfish_device_bus: ff001000  30
>> > goldfish_add_device: goldfish_int, base ff000000 1000, irq 0 0
>> > goldfish_int: ff000000  38
>> > goldfish_add_device: goldfish_timer, base ff003000 1000, irq 3 1
>> > goldfish_timer: ff003000  40
>> > goldfish_add_device: goldfish_rtc, base ff010000 1000, irq 10 1
>> > goldfish_rtc: ff010000  48
>> > goldfish_add_device: goldfish_tty, base ff002000 1000, irq 4 1
>> > goldfish_tty: ff002000  50
>> > android_arm_init serial 1 0
>> > android_arm_init serial 2 0
>> > android_arm_init serial 3 0
>> > goldfish_add_device: smc91x, base ff011000 1000, irq 11 1
>> > goldfish_add_device: goldfish_fb, base ff012000 1000, irq 12 1
>> > goldfish_fb: ff012000  68
>> > goldfish_add_device: goldfish_mmc, base ff005000 1000, irq 13 1
>> > goldfish_mmc: ff005000  70
>> > goldfish_add_device: goldfish_memlog, base ff006000 1000, irq 0 0
>> > goldfish_memlog: ff006000  78
>> > goldfish_add_device: goldfish-battery, base ff013000 1000, irq 14 1
>> > goldfish-battery: ff013000  80
>> > goldfish_add_device: goldfish_events, base ff014000 1000, irq 15 1
>> > goldfish_events: ff014000  88
>> > Using event IRQ
>> > Invalid system partition size for non-QCOW image: 0emulator: geometry
>> > says
>> > there are 2048 blocks
>> >
>> > emulator: rounding devsize up to a full eraseunit, now e7000
>> >
>> > emulator: Dev size of /home/panda/Desktop/line_android_test/dummy2.qcow2
>> > is
>> > e7000
>> >
>> > Invalid data partition size for non-QCOW image: 0emulator: Dev size 0x0
>> > came
>> > from argument
>> >
>> > emulator: geometry says there are 2048 blocks
>> >
>> > emulator: rounding devsize up to a full eraseunit, now e7000
>> >
>> > emulator: Dev size of /home/panda/Desktop/line_android_test/dummy.qcow2
>> > is
>> > e7000
>> >
>> > emulator: Dev size 0x0 came from argument
>> >
>> > emulator: geometry says there are 0 blocks
>> >
>> > emulator: Dev size of /tmp/android-root/emulator-sPg44b is 0
>> >
>> > goldfish_add_device: goldfish_nand, base ff015000 1000, irq 16 1
>> > goldfish_nand: ff015000  90
>> > goldfish_add_device: qemu_pipe, base ff016000 2000, irq 17 1
>> > qemu_pipe: ff016000  98
>> > emulator: control console listening on port 5554, ADB on port 5555
>> > emulator: can't connect to ADB server: Connection refused
>> > emulator: Realistic sensor emulation is not available, since the remote
>> > controller is not accessible:
>> >  Connection refused
>> > loading snapshot
>> > qemu: warning: error while loading state for instance 0x0 of device
>> > 'qemud'
>> > qemu-system-arm: Error -5 while loading VM state
>> > ... done.
>> > opening nondet log for read : ./line2-rr-nondet.log
>> > Infinite loop detected during replay, aborting.
>> > {guest_instr_count=1 pc=0x00000000, secondary=0x00000000}
>> > line2:           1 (  0.00%) instrs.    1.64 sec.  2.04 GB ram.
>> > total_instr in replay: 10367712943
>> > ERROR: replay failed!
>> > Time taken was: 0 seconds.
>> > Stats:
>> > RR_INPUT_1 number = 0, size = 0 bytes
>> > RR_INPUT_2 number = 0, size = 0 bytes
>> > RR_INPUT_4 number = 0, size = 0 bytes
>> > RR_INPUT_8 number = 0, size = 0 bytes
>> > RR_INTERRUPT_REQUEST number = 3, size = 84 bytes
>> > RR_EXIT_REQUEST number = 0, size = 0 bytes
>> > RR_SKIPPED_CALL number = 0, size = 0 bytes
>> > RR_DEBUG number = 0, size = 0 bytes
>> > max_queue_len = 1
>> > 0 items on recycle list, 0 bytes total
>> > ERROR: replay failed!
>> > Aborted
>> > root at pandavm:/home/panda/Desktop/line_android_test#
>> >
>> >
>> > 2016-07-11 12:16 GMT+01:00 gilles B <gillusg75 at gmail.com>:
>> >>
>> >> Hello guys,
>> >>
>> >> Hope you are doing well.
>> >> I've been playing with PANDA on x86 using different plugins over the
>> >> last
>> >> months and I quite like it )
>> >> I would like now to go further and to use it with Android on ARM. I am
>> >> now
>> >> able to create some records of my Android OS running in QEMU,
>> >> unfortunately
>> >> I cannot replay any of my Android records with PANDA.
>> >> In order to see if this came from my records, I have tried to replay a
>> >> record from rrsahre.org, I have done exactly the same steps as for this
>> >> example:
>> >> https://github.com/moyix/panda/blob/master/docs/LINE_Censorship.md
>> >> When I replay the record of "line2" I have some issues: see logs
>> >> enclosed.
>> >> Surprisingly if I run twice the same replay command consecutively, I
>> >> have
>> >> either the error of log_replay.txt or the one of log_replay2.txt, but
>> >> it is
>> >> the first one most of the time...
>> >> Did anybody ever have this problem ?
>> >>
>> >> I have also been able to create my own Android records based on
>> >> https://github.com/moyix/panda/blob/master/docs/Android.md
>> >> Unfortunately I end up with the same errors.
>> >>
>> >> Regards,
>> >>
>> >> Gilles
>> >
>> >
>> >
>> > _______________________________________________
>> > panda-users mailing list
>> > panda-users at mit.edu
>> > http://mailman.mit.edu/mailman/listinfo/panda-users
>> >
>>
>>
>>
>> --
>> Brendan Dolan-Gavitt
>> Assistant Professor, Department of Computer Science and Engineering
>> NYU Tandon School of Engineering
>
>



-- 
Brendan Dolan-Gavitt
Assistant Professor, Department of Computer Science and Engineering
NYU Tandon School of Engineering

More information about the panda-users mailing list