This repository was archived by the owner on Aug 23, 2022. It is now read-only.
This repository was archived by the owner on Aug 23, 2022. It is now read-only.
Unsupported architecture/OS pair: amd64 and windows #720
Description
Hello,
I'm trying to lift a Windows 64 bits PE from a Linux host (I use the trailofbits/mcsema:llvm900-ubuntu18.04-amd64 docker image). The recovery of the CFG file seems to work but when I try to use mcsema-lift-9.0 I obtain this :
mcsema-lift-9.0 --arch amd64 --os windows --cfg ./my_binary.cfg --output ./my_binary.bc --explicit_args --merge_segments
E20210106 14:03:16.212332 13 CFG.cpp:546] Calling convention of function 'main' is not supported: Unsupported architecture/OS pair: amd64 and windows
E20210106 14:03:16.217545 13 CFG.cpp:546] Calling convention of function 'exit' is not supported: Unsupported architecture/OS pair: amd64 and windows
E20210106 14:03:16.218438 13 CFG.cpp:546] Calling convention of function 'abort' is not supported: Unsupported architecture/OS pair: amd64 and windows
F20210106 14:03:16.280176 13 Callback.cpp:743] Calling convention of function 'delete_novarargs' is not supported: Unsupported architecture/OS pair: amd64 and windows
*** Check failure stack trace: ***
@ 0x85b1ec google::LogMessageFatal::~LogMessageFatal()
@ 0x462946 mcsema::GetLiftedToNativeExitPoint()
@ 0x4653b5 mcsema::DefineLiftedFunctions()
@ 0x471aa1 mcsema::LiftCodeIntoModule()
@ 0x487016 main
@ 0x7f8aad718bf7 __libc_start_main
@ 0x43884a _start
Aborted (core dumped)Is McSema able to lift x64 PE ?