Exetools

Exetools (https://forum.exetools.com/index.php)
-   General Discussion (https://forum.exetools.com/forumdisplay.php?f=2)
-   -   IDA and bochs (https://forum.exetools.com/showthread.php?t=15069)

deepzero 06-11-2013 15:35

IDA and bochs
 
Hi,

i am trying to setup IDA PRO to run with Bochs, but no luck.

OS: xp sp3 x86 VM
IDA: IDA PRO 6.1 (leaked version, no way i can afford the real deal...yet)
Bochs: latest 2.6.2 (but i also tried some older versions)

When i select IDB mode and try to run it anyways, i get two error messages ("failed to run bochs...", see screenshot). IDA freezes for several settings, dumps below text to the output and presents me with debugger settings (screenshot).
Ida output:


Quote:

Starting emulation at 40102E ending emulation at 40104E
00000000000i[ ] reading configuration from C:\Documents and Settings\admin\Desktop\custom.bochsrc
00000000000p[CTRL ] >>PANIC<< optional plugin 'vga_update_interval' not found
00000000000e[CTRL ] notify called, but no bxevent_callback function is registered
========================================================================
Bochs is exiting with the following message:
[CTRL ] optional plugin 'vga_update_interval' not found
========================================================================
00000000000i[CPU0 ] CPU is in real mode (active)
00000000000i[CPU0 ] CS.mode = 16 bit
00000000000i[CPU0 ] SS.mode = 16 bit
00000000000i[CPU0 ] EFER = 0x00000000
00000000000i[CPU0 ] | EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000000
00000000000i[CPU0 ] | ESP=00000000 EBP=00000000 ESI=00000000 EDI=00000000
00000000000i[CPU0 ] | IOPL=0 id vip vif ac vm rf nt of df if tf sf ZF af PF cf
00000000000i[CPU0 ] | SEG sltr(index|ti|rpl) base limit G D
00000000000i[CPU0 ] | CS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | DS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | SS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | ES:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | FS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | GS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | EIP=00000000 (00000000)
00000000000i[CPU0 ] | CR0=0x00000000 CR2=0x00000000
00000000000i[CPU0 ] | CR3=0x00000000 CR4=0x00000000
00000000000i[CTRL ] quit_sim called with exit code 1
Screenshot:

http://i.imgur.com/vUhess1.png

What do i do wrong? Wrong Bochs version?
As i said, ai tried a couple of older ones, too. Which version is advised for 6.1 use?

Running bochs 2.6 gives a slightly different error output:


Quote:

Starting emulation at 409540 ending emulation at 40955D
00000000000i[ ] reading configuration from C:\\protection_id.bochsrc
00000000000e[ ] C:\\protection_id.bochsrc:22: 'vga_update_interval' will be replaced by new 'vga: update_freq' option.
00000000000e[ ] C:\\protection_id.bochsrc:24: 'keyboard_serial_delay' will be replaced by new 'keyboard' option.
00000000000e[ ] C:\\protection_id.bochsrc:25: 'keyboard_paste_delay' will be replaced by new 'keyboard' option.
00000000000p[CTRL ] >>PANIC<< optional plugin 'pnic' not found
00000000000e[CTRL ] notify called, but no bxevent_callback function is registered
========================================================================
Bochs is exiting with the following message:
[CTRL ] optional plugin 'pnic' not found
========================================================================
00000000000i[CPU0 ] CPU is in real mode (active)
00000000000i[CPU0 ] CS.mode = 16 bit
00000000000i[CPU0 ] SS.mode = 16 bit
00000000000i[CPU0 ] EFER = 0x00000000
00000000000i[CPU0 ] | EAX=00000000 EBX=00000000 ECX=00000000 EDX=00000000
00000000000i[CPU0 ] | ESP=00000000 EBP=00000000 ESI=00000000 EDI=00000000
00000000000i[CPU0 ] | IOPL=0 id vip vif ac vm rf nt of df if tf sf ZF af PF cf
00000000000i[CPU0 ] | SEG sltr(index|ti|rpl) base limit G D
00000000000i[CPU0 ] | CS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | DS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | SS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | ES:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | FS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | GS:0000( 0000| 0| 0) 00000000 00000000 0 0
00000000000i[CPU0 ] | EIP=00000000 (00000000)
00000000000i[CPU0 ] | CR0=0x00000000 CR2=0x00000000
00000000000i[CPU0 ] | CR3=0x00000000 CR4=0x00000000
00000000000i[CTRL ] quit_sim called with exit code 1


Hope someone can help me out here!

d.


p.s.
Also see my increasingly desperate thread at woody:
http://www.woodmann.com/forum/showthread.php?15209-IDA-6-1-and-Bochs

sendersu 06-11-2013 15:50

Hi deepzero
I've recently doing same task and you know what?
IDA (6.1) is not compatible with latest bochs editions!
I was able to run the one mentioned in ida bochs page (find for IDA_debugging_bochs.pdf)
Once you succeed with thta old version, try to setup each newer one (by the major build)
good luck

deepzero 06-11-2013 15:55

Which version are you using?
I tried 262, 260, 252, 251...no luck.

sendersu 06-11-2013 17:07

try from mentioned one - 2.3.7 (it worked for me)
and I've tried one more major - 2.4.6 was also fine

deepzero 06-11-2013 17:40

Indeed, 246 works fine!
I should have tried more older versions.

Thanks!

chants 06-02-2017 09:15

Bochs 2.6.9 was released on April 9th, 2017 and is now available at https://sourceforge.net/projects/boc...d?source=files in case anyone is still interested in experimenting with it and IDA Pro.

nuemga2000 06-07-2017 00:21

Quote:

Originally Posted by chants (Post 109441)
Bochs 2.6.9 was released on April 9th, 2017 and is now available at https://sourceforge.net/projects/boc...d?source=files in case anyone is still interested in experimenting with it and IDA Pro.

Did not work for me :mad:

sendersu 06-07-2017 02:38

Put details, errors, screens, what was done, etc
otehrwise you say 0 info

SinaDiR 06-08-2017 04:51

Several months ago I have the same problem with debugging kernel image, Bochs confused me a lot and my friend suggest me VirtualKD with windbg debugger which implemented in IDA and it was my key to solved the problem with some clicks and add 2 lines in vmx(VMWare) file, that was my experience and I know it's not your (specific)question but I thought it could be useful in current thread

chants 07-11-2020 02:42

Bochs 2.6.11 is released January 5th, 2020

Quote:

https://sourceforge.net/projects/bochs/files/bochs/2.6.11/
Changelog:
Quote:

Latest release: Bochs 2.6.11

Bochs 2.6.11 is a bugfix release. Here is the summary of changes :
General
Added 64-bit support to the NSIS installer script
Several fixes in the build system based on Debian patches
CPU / CPUDB
Bugfixes for CPU emulation correctness
Many critical bugfixes for Protection Keys, AVX512*, VMX/SVM, SHA, GFNI emulation
! Implemented CET (Control Flow Enforcement Technology) emulation according to Intel SDM rev071
I/O Devices
Added missing Cirrus SVGA bitblt feature "transparent color compare"
Some fixes in HPET emulation (patch by Oleg)
Fixed disk image lock mechanism in the USB MSD case
BIOS / VGABIOS
LGPL'd VGABIOS updated to version 0.7b (Fixed VESA extension 'read EDID' for Bochs VBE and Cirrus)
Updated SeaBIOS ROM image to current version 1.13.0
Added SeaVGABIOS ROM image for the Cirrus adapter
Bochs BIOS built to work with CPU level 5 again
The binary packages for Linux and Windows are built with these features :
x86-64 emulation with all optimizations enabled
devices:
chipset: PCI (i430FX / i440FX / i440BX), ACPI
video: Bochs VBE, Cirrus SVGA and 4 Voodoo models
sound: SB16 (ISA) and ES1370 (PCI)
network: NE2000 (ISA/PCI) and E1000 (PCI)
USB: OHCI, UHCI, EHCI, xHCI and 8 pluggable device types
other: game port, bus mouse
Display libraries:
Linux: nogui, rfb, sdl2, term, vncsrv, wx, x
Windows: nogui, rfb, win32
Details on what has changed since version 2.6.10


Previous release: Bochs 2.6.10

Bochs 2.6.10 is an intermediate (bugfix+) release. Here is the summary of changes :
CPU: Bugfixes for CPU emulation correctness (critical bugfixes for PCID, ADCX/ADOX, MOVBE, AVX/AVX-512 and VMX emulation)
CPU: implemented AVX-512 VBMI2/VNNI/BITALG, VAES, VPCLMULQDQ / GFNI instructions emulation
VMX: Implement EPT-Based Sub-Page Protection
CPUID: Added new CPU models Skylake-X, Cannonlake and Icelake-U
CPUID: Implemented side-channel attack prevention reporting and corresponding MSR registers, enabled for Icelake-U
Added basic support for the i440BX PCI/AGP chipset
Added basic Voodoo Banshee / Voodoo3 emulation support
Added basic DDC support for the VGA-compatible adapters
Implemented HPET emulation (ported from Qemu)


All times are GMT +8. The time now is 09:08.

Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2024, vBulletin Solutions, Inc.
Always Your Best Friend: Aaron, JMI, ahmadmansoor, ZeNiX