4

Trying to run a compiled binary I've extracted from a firmware on qemu, however I encounter this error:

root@ubuntu14:~# qemu-arm -L /usr/arm-linux-gnueabi ~/x
/system/bin/linker: No such file or directory

root@ubuntu14:~# file ./x
./x: ELF 32-bit LSB  shared object, ARM, EABI5 version 1 (SYSV), dynamically linked (uses shared libs), stripped

I'm using the "-L" flag, as suggested in: qemu-arm can't run arm compiled binary

However, this flag doesn't seem to make a different for me, neither does setting QEMU_LD_PREFIX

Could it be some missing dependencies?

larsks
  • 277,717
  • 41
  • 399
  • 399
Jack
  • 53
  • 1
  • 4
  • 1
    by the way, it seems to work when I'm compiling a simple "Hello World" without the "-static" flag: arm-linux-gnueabi-gcc -ohello-nostatic hello.c – Jack Dec 03 '17 at 14:02

2 Answers2

7

It looks like the system is not able to find the dynamic linker (which in your case appears to be /system/bin/linker, rather than the the normal /lib/ld-linux-armhf.so.3 or similar.

Since I don't have access to your code, I've tried to reproduce this by mounting a Raspberry Pi "Raspbian" image on /mnt on my system. If I try to run /mnt/bin/echo hello, like this:

qemu-arm  /mnt/bin/echo hello

I get a similar error:

/lib/ld-linux-armhf.so.3: No such file or directory

I can provide an explicit path to the dynamic linker like this:

qemu-arm  /mnt/lib/ld-linux-armhf.so.3 /mnt/bin/echo hello

Now I get a different error:

/mnt/bin/echo: error while loading shared libraries: libc.so.6: cannot open shared object file: No such file or directory

That's actually great, because that is a normal "I can't find my shared libraries" error, and the solution is to use LD_LIBRARY_PATH. Rather than setting this in our environment, we can set this in the environment created by qemu-arm with the -E flag:

qemu-arm -E LD_LIBRARY_PATH=/mnt/lib/arm-linux-gnueabihf/  /mnt/lib/ld-linux-armhf.so.3 /mnt/bin/echo hello

Which gets me the output:

hello

I suspect that these same two techniques -- providing an explicit path to the linker, and providing an explicit library search path in LD_LIBRARY_PATH -- may help you out. Let me know how it works!

larsks
  • 277,717
  • 41
  • 399
  • 399
  • Sounds very promising, will try this. As Peter said, I probably need to extract the linker from the filesystem as well. – Jack Dec 06 '17 at 15:01
  • From this line: `qemu-arm /mnt/lib/ld-linux-armhf.so.3 /mnt/bin/echo hello`, did you omit a flag specifier there? This seems to be interpreted as attempting to run /mnt/lib/ld-linux-armhf.so.3 on the emulator. Looking at the help for qemu, I don't see the flag that was intended here. – dsharlet Sep 05 '19 at 20:37
  • @dsharlet no, that was completely intentional. That was explicitly calling the dynamic linker, rather than letting the system find it dynamically. You can try that on your local system: `/lib64/ld-linux-x86-64.so.2 /bin/ls` – larsks Sep 05 '19 at 21:23
2

/system/bin/linker is the Android dynamic linker, so you need a directory with the Android dynamic linker and dynamic libraries, not one for Linux (which is what /usr/arm-linux-gnueabi will be). You should be able to pull the relevant files out of your firmware image, I expect.

Peter Maydell
  • 9,707
  • 1
  • 19
  • 25