grokeus
commented
6 years ago I think we can use this approach to find place where we fail and check if we got bad instruction: https://reverseengineering.stackexchange.com/questions/13884/how-to-get-address-where-makefunction-failed-in-ida-pro
smth like that:
pfn = ida_funcs.func_t() pfn.start_ea = addr ida_funcs.find_func_bounds(pfn, ida_funcs.FIND_FUNC_NORMAL) pfn.endEA - in my test binary I get addr of 0xf7fabcfd
recvfrom
Feature request:
For Go runtime functions that don't return (Ex: panic) it looks like the compiler inserts an illegal instruction after the call as a sanity checking mechanism in case the function did return. This stackexchange post has more details:
https://reverseengineering.stackexchange.com/questions/17665/undefined-instruction-in-go-binary-compiled-for-arm
In the case of ARM binaries, these instructions cause function creation in IDA Pro to fail with the following error message: The function has undefined instruction/data at the specified address. (and the address referenced is that of the 0xF7FABCFD instruction.)
Talking with IDA Pro support, the solution is to mark the non-returning function as such in IDA. IDA will stop looking for instructions after this function call, and function creation will succeed.
I'm not sure of the best way to implement this, but one approach would be to search for the undefined instruction for each architecture, look for a function call right above that, and mark that function as non-returning (maybe with some sanity checks.) I'll aim to implement this approach when I have a chance, and will submit a pull request once finished.