Open Proteas opened 7 months ago
This is likely due to a symbol already exists at the address, and DWARF parser is shy of adding another one. This is a known problem and is tracked by an internal issue.
The good news is we actually support multiple symbols at the same address, we just need some UI changes to support presenting the info to the user
Between 0xFFFFFE00072A8548
and 0xFFFFFE00072ACF20
, there should be 10 functions. However, only 3 are shown by Binary Ninja
. Do you mean that Binary Ninja
has identified all the 10 functions but not shown them?
Between
0xFFFFFE00072A8548
and0xFFFFFE00072ACF20
, there should be 10 functions. However, only 3 are shown byBinary Ninja
. Do you mean thatBinary Ninja
has identified all the 10 functions but not shown them?
It seems like the dwarf importer missed these functions. I just looked at the two functions you highlighted and saw they already have a name, so I kinda think existing symbols is the problem.
I installed the DMG you linked, but I cannot seem to find the kernel.release.t8103.dSYM
in /System/Library/Kernels
. Is the path correct?
I forgot to mention a step: install the .pkg
file inside the DMG.
I forgot to mention a step: install the
.pkg
file inside the DMG.
Yeah I have installed that. However, for some reason, the file is not there. Could you please send the dSYM
to binaryninja@vector35.com, or join our slack (https://slack.binary.ninja/) and share the file with us?
The file is large. Please check the directory: /Library/Developer/KDKs/KDK_14.4_23E214.kdk/System/Library/Kernels
.
If you want to uninstall it, delete /Library/Developer/KDKs/KDK_14.4_23E214.kdk
.
I find the files, thx for the path! I see there are some DWARD related messages being printed out when I open the file:
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000001 (`bool`) with `unsigned long`
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0xfffffe000701fe20 (`char[0x11]`) with `char const[0x11]`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0xfffffe000701fe20 (`char const[0x11]`) with `char[0x11]`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000001 (`unsigned long`) with `bool`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000001 (`bool`) with `unsigned long`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0xfffffe000701fe20 (`char[0x11]`) with `char const[0x11]`
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF information is invalid (infinite abstract origin reference cycle). Debug information may be incomplete.
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0xfffffe0007026680 (`char[0x5]`) with `char const[0x5]`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000001 (`unsigned long`) with `bool`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000001 (`bool`) with `bool`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000000 (`bool`) with `bool`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0xfffffe000703c15e (`char[0x5]`) with `char const[0x5]`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000001 (`bool`) with `int`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0x00000000 (`bool`) with `bool`
[Default] DWARF info contains duplicate data variable definition. Overwriting data variable at 0xfffffe000703c154 (`char[0x2]`) with `char const[0x2]`
There might be some issues with our DWARF parsing. We will look into this
V35 folks should search for lose which by route title
to find the relevant files
Version and Platform (required):
Bug Description:
Binary Ninja
not get function names fromDWARF
. 2.Binary Ninja
not to get function boundary info fromDWARF
.Steps To Reproduce:
https://github.com/dortania/KdkSupportPkg/releases/download/23E214/Kernel_Debug_Kit_14.4_build_23E214.dmg
.kernel.release.t8103
andkernel.release.t8103.dSYM
are in dir/System/Library/Kernels
, copy them to other place.kernel.release.t8103.dSYM
tokernel.release.t8103_dSYM
.kernel.release.t8103
External Debug Info File
:kernel.release.t8103_dSYM/Contents/Resources/DWARF/kernel.release.t8103
Expected Behavior:
DWARF
.Screenshots:
Additional Information:
DWARF
has a low priority by design.