BlueMiddle
commented
3 days ago After a bit of debugging, I managed to pinpoint the problem (although I have no idea how to bypass it).
The VM ends up stuck in a loop in the locore.s file (osfmk/arm64).
The check in the CHECK_EXCEPTION_STACK fails because it looks like the thread pointer has an invalid value (in my case, below the exception stack bottom).
The control flow is then redirected into the invalid_stack_label stub, which is basically a branch / nop loop.
Hello,
Thanks for your work ! I was wondering, how do you test if your kc is booting using virtualization on arm64 ? I am unable to start my custom compiled kc using vz.framework. The boot process gets stuck into a black screen right after iBoot stage 2.
I disabled SIP, also tried a combination of options using bputil. I also tried patching the iBoot modules using the guide from Steven Michaud. This allowed me to boot a development kernelcache built using a kernel present in the KDK for the 15.1 version, but I never managed to get the custom built kernel to boot. I also made sure I have the "-unsafe_kernel_text" boot-arg, but it doesn't change anything.
By using the "-v diag serial" boot-args, I am able to obtain the output of the iBoot and kernel logs, and nothing seems to be happening after iBoot stage 2.
Thanks in advance