Hey there!
I just want to report that the x86 version of frida-server (both ver. 1.2x and the as of now latest ver. 1.3.x) cannot be used to attach or spawn processes.
commands like:
frida -U --no-pause -f com.android.browser
frida-trace -U -i open -f com.android.browser
will always fail and the emulator will crash the App that it was supposed to spawn or attach to.
other ABI versions such as the ARM and Frida's tools ran without a hitch. Except for frida-trace which kept crashing on x86_64, but Frida's CLI still worked perfectly on both ABIs regardless.
Kind Regards,
Disane
I'm having the same problem with the x86 Emulator (Android 6.0) and Frida 10.3.9
I also having the same problem
Hi,
since this issue looks similar to my issue, I'm going to share my experience here.
I just tried (with pip install frida==10.5.11):
For all these frida-ps -U worked, but frida-trace -U -i open com.android.browser (or any other App) did crash the App.
The next version I tried was
pip install frida==9.1.16 and Android Emulator 6.0 and then frida-trace -U -i open com.android.browser finally worked.Fixed in 10.6.12. Cheers!
Still getting the error with freshly installed emulator (Android 8.0, x86).
PS C:\Users\User> frida --version
10.6.13
PS C:\Users\User> frida-trace -U -f com.android.browser
Failed to spawn: timed out while waiting for session to establish
PS C:\Users\User> frida-ps -U
PID Name
----- ---------------------------------------------------
1412 adbd
8321 [email protected]
1564 [email protected]
1385 [email protected]
1386 [email protected]
1387 [email protected]
1388 [email protected]
1389 [email protected]
1526 [email protected]
1390 [email protected]
1391 [email protected]
1340 [email protected]
1392 [email protected]
1393 [email protected]
1383 [email protected]
9184 android.process.acore
10305 android.process.media
8317 audioserver
8318 cameraserver
10158 com.android.keychain
8731 com.android.phone
8996 com.android.printspooler
9291 com.android.providers.calendar
11137 com.android.systemui
10011 com.google.android.apps.messaging:rcs
8980 com.google.android.apps.nexuslauncher
9535 com.google.android.calendar
10282 com.google.android.deskclock
8814 com.google.android.dialer
10214 com.google.android.ext.services
9607 com.google.android.gm
9114 com.google.android.gms
9260 com.google.android.gms.feedback
8909 com.google.android.gms.persistent
9836 com.google.android.gms.ui
9765 com.google.android.gms.unstable
8945 com.google.android.googlequicksearchbox:interactor
9056 com.google.android.googlequicksearchbox:search
8483 com.google.android.inputmethod.latin
9782 com.google.android.videos
9026 com.google.process.gapps
1516 drmserver
8287 frida-helper-32
8278 frida-server
1544 gatekeeperd
1394 healthd
1336 hwservicemanager
1 init
1517 installd
8325 ip6tables-restore
8323 iptables-restore
1518 keystore
1398 lmkd
1329 logd
1527 media.codec
1520 media.extractor
1521 media.metrics
1519 mediadrmserver
8319 mediaserver
8320 netd
1396 qemu-props
1528 rild
1335 servicemanager
1409 sh
4595 sh
4598 sh
1525 storaged
1402 surfaceflinger
8390 system_server
1563 tombstoned
1042 ueventd
1337 vndservicemanager
1341 vold
1817 webview_zygote32
8316 zygote
PS C:\Users\User> adb shell getprop
[dalvik.vm.appimageformat]: [lz4]
[dalvik.vm.dex2oat-Xms]: [64m]
[dalvik.vm.dex2oat-Xmx]: [512m]
[dalvik.vm.dexopt.secondary]: [true]
[dalvik.vm.heapsize]: [384m]
[dalvik.vm.image-dex2oat-Xms]: [64m]
[dalvik.vm.image-dex2oat-Xmx]: [64m]
[dalvik.vm.isa.x86.features]: [default]
[dalvik.vm.isa.x86.variant]: [x86]
[dalvik.vm.lockprof.threshold]: [500]
[dalvik.vm.stack-trace-file]: [/data/anr/traces.txt]
[dalvik.vm.usejit]: [true]
[dalvik.vm.usejitprofiles]: [true]
[debug.atrace.tags.enableflags]: [0]
[debug.force_rtl]: [0]
[dev.bootcomplete]: [1]
[drm.service.enabled]: [true]
[gsm.current.phone-type]: [1]
[gsm.defaultpdpcontext.active]: [true]
[gsm.network.type]: [LTE]
[gsm.nitz.time]: [1508160723171]
[gsm.operator.alpha]: [Android]
[gsm.operator.iso-country]: [us]
[gsm.operator.isroaming]: [false]
[gsm.operator.numeric]: [310260]
[gsm.sim.operator.alpha]: [Android]
[gsm.sim.operator.iso-country]: [us]
[gsm.sim.operator.numeric]: [310260]
[gsm.sim.state]: [READY]
[gsm.version.ril-impl]: [android reference-ril 1.0]
[hwservicemanager.ready]: [true]
[init.svc.adbd]: [running]
[init.svc.audio-hal-2-0]: [running]
[init.svc.audioserver]: [running]
[init.svc.bootanim]: [stopped]
[init.svc.bugreport]: [stopped]
[init.svc.camera-provider-2-4]: [running]
[init.svc.cameraserver]: [running]
[init.svc.clear-bcb]: [stopped]
[init.svc.configstore-hal-1-0]: [running]
[init.svc.console]: [running]
[init.svc.drm]: [running]
[init.svc.drm-hal-1-0]: [running]
[init.svc.drm-widevine-hal-1-0]: [running]
[init.svc.dumpstate]: [stopped]
[init.svc.dumpstatez]: [stopped]
[init.svc.fingerprintd]: [stopped]
[init.svc.flash_recovery]: [stopped]
[init.svc.fps_hal]: [running]
[init.svc.gatekeeper-1-0]: [running]
[init.svc.gatekeeperd]: [running]
[init.svc.gnss_service]: [running]
[init.svc.goldfish-logcat]: [stopped]
[init.svc.gralloc-2-0]: [running]
[init.svc.healthd]: [running]
[init.svc.hidl_memory]: [running]
[init.svc.hwcomposer-2-1]: [running]
[init.svc.hwservicemanager]: [running]
[init.svc.installd]: [running]
[init.svc.keymaster-3-0]: [running]
[init.svc.keystore]: [running]
[init.svc.lmkd]: [running]
[init.svc.logcatd]: [stopped]
[init.svc.logd]: [running]
[init.svc.logd-reinit]: [stopped]
[init.svc.mdnsd]: [stopped]
[init.svc.media]: [running]
[init.svc.mediacodec]: [running]
[init.svc.mediadrm]: [running]
[init.svc.mediaextractor]: [running]
[init.svc.mediametrics]: [running]
[init.svc.mtpd]: [stopped]
[init.svc.netd]: [running]
[init.svc.perfprofd]: [stopped]
[init.svc.power-hal-1-0]: [running]
[init.svc.qemu-props]: [running]
[init.svc.racoon]: [stopped]
[init.svc.ranchu-net]: [stopped]
[init.svc.ranchu-setup]: [stopped]
[init.svc.ril-daemon]: [running]
[init.svc.sensors-hal-1-0]: [running]
[init.svc.servicemanager]: [running]
[init.svc.setup-bcb]: [stopped]
[init.svc.storaged]: [running]
[init.svc.surfaceflinger]: [running]
[init.svc.tombstoned]: [running]
[init.svc.ueventd]: [running]
[init.svc.uncrypt]: [stopped]
[init.svc.vndservicemanager]: [running]
[init.svc.vold]: [running]
[init.svc.webview_zygote32]: [running]
[init.svc.zygote]: [running]
[log.tag.WifiHAL]: [D]
[logd.logpersistd.enable]: [true]
[media.mediadrmservice.enable]: [true]
[net.bt.name]: [Android]
[net.eth0.dns1]: [10.0.2.3]
[net.eth0.gw]: [10.0.2.2]
[net.gprs.local-ip]: [10.0.2.15]
[net.qtaguid_enabled]: [1]
[net.tcp.default_init_rwnd]: [60]
[persist.sys.dalvik.vm.lib.2]: [libart.so]
[persist.sys.gps.lpp]: []
[persist.sys.profiler_ms]: [0]
[persist.sys.timezone]: [GMT]
[persist.sys.usb.config]: [adb]
[persist.sys.webview.vmsize]: [143029120]
[pm.dexopt.ab-ota]: [speed-profile]
[pm.dexopt.bg-dexopt]: [speed-profile]
[pm.dexopt.boot]: [verify]
[pm.dexopt.first-boot]: [quicken]
[pm.dexopt.install]: [quicken]
[qemu.adbd]: [start]
[qemu.gles]: [1]
[qemu.hw.mainkeys]: [0]
[qemu.sf.fake_camera]: [both]
[qemu.sf.lcd_density]: [480]
[rild.libpath]: [/vendor/lib/libreference-ril.so]
[ro.allow.mock.location]: [0]
[ro.baseband]: [unknown]
[ro.board.platform]: []
[ro.boot.android_dt_dir]: [/sys/bus/platform/devices/ANDR0001:00/properties/android/]
[ro.boot.hardware]: [ranchu]
[ro.bootimage.build.date]: [Mon Sep 11 21:08:22 UTC 2017]
[ro.bootimage.build.date.utc]: [1505164102]
[ro.bootimage.build.fingerprint]: [google/sdk_gphone_x86/generic_x86:8.0.0/OSR1.170901.008/4328566:userdebug/dev-keys]
[ro.bootloader]: [unknown]
[ro.bootmode]: [unknown]
[ro.build.characteristics]: [emulator]
[ro.build.date]: [Mon Sep 11 21:08:22 UTC 2017]
[ro.build.date.utc]: [1505164102]
[ro.build.description]: [sdk_gphone_x86-userdebug 8.0.0 OSR1.170901.008 4328566 dev-keys]
[ro.build.display.id]: [sdk_gphone_x86-userdebug 8.0.0 OSR1.170901.008 4328566 dev-keys]
[ro.build.fingerprint]: [google/sdk_gphone_x86/generic_x86:8.0.0/OSR1.170901.008/4328566:userdebug/dev-keys]
[ro.build.flavor]: [sdk_gphone_x86-userdebug]
[ro.build.host]: [wprh3.hot.corp.google.com]
[ro.build.id]: [OSR1.170901.008]
[ro.build.product]: [generic_x86]
[ro.build.tags]: [dev-keys]
[ro.build.type]: [userdebug]
[ro.build.user]: [android-build]
[ro.build.version.all_codenames]: [REL]
[ro.build.version.base_os]: []
[ro.build.version.codename]: [REL]
[ro.build.version.incremental]: [4328566]
[ro.build.version.preview_sdk]: [0]
[ro.build.version.release]: [8.0.0]
[ro.build.version.sdk]: [26]
[ro.build.version.security_patch]: [2017-09-05]
[ro.com.google.locationfeatures]: [1]
[ro.config.alarm_alert]: [Alarm_Classic.ogg]
[ro.config.nocheckin]: [yes]
[ro.config.notification_sound]: [OnTheHunt.ogg]
[ro.crypto.fs_crypto_blkdev]: [/dev/block/dm-0]
[ro.crypto.state]: [encrypted]
[ro.crypto.type]: [block]
[ro.dalvik.vm.native.bridge]: [0]
[ro.debuggable]: [1]
[ro.device_owner]: [false]
[ro.hardware]: [ranchu]
[ro.hardware.audio.primary]: [goldfish]
[ro.hwui.drop_shadow_cache_size]: [6]
[ro.hwui.gradient_cache_size]: [1]
[ro.hwui.layer_cache_size]: [48]
[ro.hwui.path_cache_size]: [32]
[ro.hwui.r_buffer_cache_size]: [8]
[ro.hwui.text_large_cache_height]: [1024]
[ro.hwui.text_large_cache_width]: [2048]
[ro.hwui.text_small_cache_height]: [1024]
[ro.hwui.text_small_cache_width]: [1024]
[ro.hwui.texture_cache_flushrate]: [0.4]
[ro.hwui.texture_cache_size]: [72]
[ro.kernel.android.checkjni]: [1]
[ro.kernel.android.qemud]: [1]
[ro.kernel.androidboot.android_dt_dir]: [/sys/bus/platform/devices/ANDR0001:00/properties/android/]
[ro.kernel.androidboot.hardware]: [ranchu]
[ro.kernel.clocksource]: [pit]
[ro.kernel.cma]: [288M]
[ro.kernel.console]: [0]
[ro.kernel.ndns]: [4]
[ro.kernel.qemu]: [1]
[ro.kernel.qemu.encrypt]: [1]
[ro.kernel.qemu.gles]: [1]
[ro.kernel.qemu.opengles.version]: [131072]
[ro.product.board]: []
[ro.product.brand]: [google]
[ro.product.cpu.abi]: [x86]
[ro.product.cpu.abilist]: [x86]
[ro.product.cpu.abilist32]: [x86]
[ro.product.cpu.abilist64]: []
[ro.product.device]: [generic_x86]
[ro.product.locale]: [en-US]
[ro.product.manufacturer]: [Google]
[ro.product.model]: [Android SDK built for x86]
[ro.product.name]: [sdk_gphone_x86]
[ro.property_service.version]: [2]
[ro.radio.use-ppp]: [no]
[ro.revision]: [0]
[ro.secure]: [1]
[ro.serialno]: []
[ro.setupwizard.mode]: [EMULATOR]
[ro.treble.enabled]: [true]
[ro.vendor.build.date]: [Mon Sep 11 21:08:22 UTC 2017]
[ro.vendor.build.date.utc]: [1505164102]
[ro.vendor.build.fingerprint]: [google/sdk_gphone_x86/generic_x86:8.0.0/OSR1.170901.008/4328566:userdebug/dev-keys]
[ro.wifi.channels]: []
[ro.zygote]: [zygote32]
[security.perf_harden]: [1]
[service.bootanim.exit]: [1]
[service.sf.present_timestamp]: [0]
[status.battery.level]: [5]
[status.battery.level_raw]: [50]
[status.battery.level_scale]: [9]
[status.battery.state]: [Slow]
[sys.boot_completed]: [1]
[sys.logbootcomplete]: [1]
[sys.rescue_boot_count]: [1]
[sys.rescue_boot_start]: [955225]
[sys.retaildemo.enabled]: [0]
[sys.sysctl.extra_free_kbytes]: [24300]
[sys.sysctl.tcp_def_init_rwnd]: [60]
[sys.usb.config]: [adb]
[sys.usb.configfs]: [0]
[sys.usb.state]: [adb]
[sys.wifitracing.started]: [1]
[vold.decrypt]: [trigger_restart_framework]
[vold.encrypt_progress]: [100]
[vold.encrypt_time_remaining]: [0]
[vold.has_adoptable]: [0]
[vold.post_fs_data_done]: [1]
[xmpp.auto-presence]: [true]
@Yeradon Did you also upgrade the device side?
@oleavr same error happening here for 10.6.13
updated in both places
@oleavr Yes i used a completely freshly installed emulator with frida 10.6.13 on client & server side.
Its happening with me too, 10.6.32. Its working fine on arm image but crashes the app on x86.
@waqarrashid33 Yeah the dlopen() hack hasn't been ported to x86 yet.
i use frida-server-12.1.1-android-arm64 in my phone(android 6.0), it is listening, but exec frida -U -f xxx --no-pause -l xxx in my ubuntu16.04 , it appared "Failed to spawn: unexpected error while attaching to process with pid 362", what's wrong??
@xuehenIT same you, the name of the process is zygote on my phone(android 7.0)
I recently had problems with spawning processes on android aswell. Setting SELinux to permissive solved the problem for me.
same error happening here,
there are my command:
H:>frida --version
12.2.25
H:>frida-ps -U
PID Name
459 ATFWD-daemon
367 adbd
383 adspd
5242 android.process.acore
3814 android.process.media
455 bridgemgrd
3729 com.android.cellbroadcastreceiver
5672 com.android.chrome
5697 com.android.chrome:sandboxed_process0
H:>frida-discover -p 5672
Failed to attach: unable to find process with pid 5672
H:>frida-trace -i "send" 5672
Failed to attach: unable to find process with pid 5672
thank you for your help!
Most helpful comment
Fixed in 10.6.12. Cheers!