search

illera88 / Ponce

IDA 2016 plugin contest winner! Symbolic Execution just one-click away!
https://docs.idaponce.com
Other
1.48k stars 72 forks source link

Mac OS X crash #63

Closed pjcreath closed 4 years ago

pjcreath commented 7 years ago

Running IDA 6.95 on El Cap, attempting to stop at the entry breakpoint using the local Mac OS X debugger, IDA crashes. This is running the binary checked in at 8c09c... since the latest version won't load on El Cap.

Most of the time it hangs at the choice to let IDA crash or try to continue. Once I managed to get a crash dump:

Crashed Thread: 0 Dispatch queue: com.apple.main-thread

Exception Type: EXC_BAD_ACCESS (SIGSEGV) Exception Codes: KERN_INVALID_ADDRESS at 0x00000000c05a4773 Exception Note: EXC_CORPSE_NOTIFY

VM Regions Near 0xc05a4773: Stack 00000000bf800000-00000000c0000000 [ 8192K] rw-/rwx SM=PRV
--> Submap 00000000ffff0000-00000000ffff1000 [ 4K] r--/r-- SM=PRV process-only VM submap

Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 ponce_x64_IDA69_mac.pmc64 0x19a4e5c5 std::get_terminate() + 5 1 libunwind.dylib 0x9dcf19c1 _Unwind_GetLanguageSpecificData + 24 2 libc++abi.dylib 0x90582abe cxxabiv1::scan_eh_tab(cxxabiv1::(anonymous namespace)::scan_results&, _Unwind_Action, bool, _Unwind_Exception, _Unwind_Context) + 130 3 libc++abi.dylib 0x90582997 gxx_personality_v0 + 187 4 ponce_x64_IDA69_mac.pmc64 0x19ae2290 _Unwind_RaiseException + 96 5 ponce_x64_IDA69_mac.pmc64 0x19a4e6ae cxa_throw + 94 6 ponce_x64_IDA69_mac.pmc64 0x18d3ae23 str_to_register(std::__cxx11::basic_string<char, std::char_traits, std::allocator >, triton::arch::Register&) + 35 7 ponce_x64_IDA69_mac.pmc64 0x18d28efd ah_symbolize_register_t::update(action_update_ctx_t*) + 269 8 idaq64 0x000a2ef8 0x1000 + 663288 9 ??? 0x0000001d 0 + 29

0ca commented 7 years ago

@pjcreath Thank you for the report.

Looking at the dump I see the function crashing is str_to_register, and the only way this function could crash is if the architecture is not set, and I think that was something I addresses here (after a first failed try): https://github.com/illera88/Ponce/commit/f8ba82f5dc5a1bf9d3b4abdaa1b1d41d12016642

Could you try it again with the latest version? https://github.com/illera88/Ponce/commit/a9c68a8987b7137cdb4e0a3864729f8dddd8feb7

Thank you!

pjcreath commented 7 years ago

That's what I tried first, but that later version won't load on El Capitan:

dlopen(/Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64): dlopen(/Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64, 2): Symbol not found: ZNSt7cxx1112basic_stringIcSt11char_traitsIcESaIcEED1Ev Referenced from: /Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64 (which was built for Mac OS X 10.12) Expected in: /usr/lib/libstdc++.6.dylib in /Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64 /Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64: can't load file ... dlopen(/Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64): dlopen(/Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64, 2): Symbol not found: ZNSt7cxx1112basic_stringIcSt11char_traitsIcESaIcEED1Ev Referenced from: /Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64 (which was built for Mac OS X 10.12) Expected in: /usr/lib/libstdc++.6.dylib in /Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64 /Applications/IDA Pro 6.95/idaq64.app/Contents/MacOS/plugins/ponce_x64_IDA69_mac.pmc64: can't load file

0ca commented 7 years ago

Hi,

I tried to compile the plugin with libstdc++ static to avoid these problems. I will try it again and I will tell you when it fixed.

vcarus commented 7 years ago

same libstdc++.6.dylib issue here.

arlininger commented 7 years ago

I am also getting this issue.

illera88 commented 4 years ago

Should be fixed on v0.3.

Thanks for reporting.