ios 启动app报错 libsystem_kernel.dylib

[handeslfy]

IOS在 启动instagram 的时候。会报错 。请教如何修复这的问题？

package com.github.unidbg.ios;

import com.dd.plist.NSString; import com.github.unidbg.Emulator; import com.github.unidbg.Module; import com.github.unidbg.Symbol; import com.github.unidbg.arm.backend.dynarmic.DynarmicLoader; import com.github.unidbg.file.ios.DarwinFileIO; import com.github.unidbg.ios.classdump.ClassDumper; import com.github.unidbg.ios.classdump.IClassDumper; import com.github.unidbg.ios.ipa.EmulatorConfigurator; import com.github.unidbg.ios.ipa.IpaLoader64; import com.github.unidbg.ios.ipa.LoadedIpa; import com.github.unidbg.ios.objc.NSData; import com.github.unidbg.ios.objc.ObjC; import com.github.unidbg.ios.struct.objc.ObjcClass; import com.github.unidbg.ios.struct.objc.ObjcObject; import com.github.unidbg.pointer.UnidbgPointer; import com.sun.jna.Pointer; import org.apache.log4j.Level; import org.apache.log4j.Logger;

import java.io.File; import java.util.concurrent.Callable;

public class IpaLoaderTestwx implements EmulatorConfigurator {

static {
    DynarmicLoader.useDynarmic();
}

public void testLoader() throws Exception {
    Logger.getLogger("com.github.unidbg.AbstractEmulator").setLevel(Level.ALL);
    long start = System.currentTimeMillis();
    LoadedIpa loader = new IpaLoader64(new File("unidbg-ios/src/test/resources/app/Instagram.ipa"),

// LoadedIpa loader = new IpaLoader64(new File("unidbg-ios/src/test/resources/app/TestApp.ipa"), new File("target/rootfs/ipa")).load(this); final Emulator<?> emulator = loader.getEmulator(); System.err.println("load offset=" + (System.currentTimeMillis() - start) + "ms"); loader.callEntry(); final Module module = loader.getExecutable(); emulator.attach().run(new Callable() { @Override public Void call() {

            return null;
        }
    });
}

public static void main(String[] args) throws Exception {
    IpaLoaderTestwx test = new IpaLoaderTestwx();
    test.testLoader();
}

@Override
public void configure(Emulator<DarwinFileIO> emulator, String executableBundlePath, File rootDir, String bundleIdentifier) {
}

@Override
public void onExecutableLoaded(Emulator<DarwinFileIO> emulator, MachOModule executable) {
}

}

/Library/Java/JavaVirtualMachines/jdk-15.0.1.jdk/Contents/Home/bin/java -agentlib:jdwp=transport=dt_socket,address=127.0.0.1:53484,suspend=y,server=n -javaagent:/Users/handes/Library/Caches/JetBrains/IntelliJIdea2020.3/captureAgent/debugger-agent.jar -Dfile.encoding=UTF-8 -classpath /Users/handes/Documents/git/github/unidbg/unidbg-ios/target/test-classes:/Users/handes/Documents/git/github/unidbg/unidbg-ios/target/classes:/Users/handes/Documents/git/github/unidbg/unidbg-api/target/classes:/Users/handes/.m2/repository/com/github/zhkl0228/unicorn/1.0.10/unicorn-1.0.10.jar:/Users/handes/.m2/repository/org/scijava/native-lib-loader/2.3.5/native-lib-loader-2.3.5.jar:/Users/handes/.m2/repository/com/github/zhkl0228/capstone/3.0.9/capstone-3.0.9.jar:/Users/handes/.m2/repository/com/github/zhkl0228/keystone/0.9.3/keystone-0.9.3.jar:/Users/handes/.m2/repository/com/github/zhkl0228/jna_silicon/4.5.2-1/jna_silicon-4.5.2-1.jar:/Users/handes/.m2/repository/net/java/dev/jna/jna/4.5.2/jna-4.5.2.jar:/Users/handes/.m2/repository/commons-codec/commons-codec/1.6/commons-codec-1.6.jar:/Users/handes/.m2/repository/commons-io/commons-io/2.4/commons-io-2.4.jar:/Users/handes/.m2/repository/commons-logging/commons-logging/1.1.3/commons-logging-1.1.3.jar:/Users/handes/.m2/repository/com/alibaba/fastjson/1.2.60/fastjson-1.2.60.jar:/Users/handes/.m2/repository/com/github/zhkl0228/demumble/1.0.2/demumble-1.0.2.jar:/Users/handes/Documents/git/github/unidbg/unidbg-dynarmic/target/classes:/Users/handes/.m2/repository/io/kaitai/kaitai-struct-runtime/0.8/kaitai-struct-runtime-0.8.jar:/Users/handes/.m2/repository/com/googlecode/plist/dd-plist/1.23/dd-plist-1.23.jar:/Users/handes/.m2/repository/log4j/log4j/1.2.17/log4j-1.2.17.jar:/Users/handes/.m2/repository/junit/junit/4.13.1/junit-4.13.1.jar:/Users/handes/.m2/repository/org/hamcrest/hamcrest-core/1.3/hamcrest-core-1.3.jar:/Users/handes/.m2/repository/org/slf4j/slf4j-api/1.7.26/slf4j-api-1.7.26.jar:/Users/handes/.m2/repository/org/slf4j/slf4j-log4j12/1.7.26/slf4j-log4j12-1.7.26.jar:/Users/handes/Library/Application Support/JetBrains/Toolbox/apps/IDEA-U/ch-0/203.6682.168/IntelliJ IDEA.app/Contents/lib/idea_rt.jar com.github.unidbg.ios.IpaLoaderTestwx Connected to the target VM, address: '127.0.0.1:53484', transport: 'socket' Java HotSpot(TM) 64-Bit Server VM warning: Sharing is only supported for boot loader classes because bootstrap classpath has been appended [22:40:10 670] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x103c65200[Foundation]0xe5200 started sp=unidbg@0xfbffffd90 [22:40:10 854] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x103c65200[Foundation]0xe5200 finished sp=unidbg@0xfbffffd90, offset=182ms [22:40:10 867] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - FBSharedFramework load dependency /usr/lib/libcompression.dylib failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:10 906] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - FBSharedFramework load dependency /System/Library/Frameworks/Accounts.framework/Accounts failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:10 916] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - FBSharedFramework load dependency /System/Library/Frameworks/CallKit.framework/CallKit failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:10 936] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - FBSharedFramework load dependency /System/Library/Frameworks/Intents.framework/Intents failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:10 956] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - FBSharedFramework load dependency /System/Library/Frameworks/Social.framework/Social failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:10 957] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - FBSharedFramework load dependency /System/Library/Frameworks/SpriteKit.framework/SpriteKit failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:13 345] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - Instagram load dependency /usr/lib/libcompression.dylib failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:13 345] INFO [com.github.unidbg.ios.MachOLoader] (MachOLoader:680) - Instagram load dependency /System/Library/Frameworks/Intents.framework/Intents failed: rpath=[/usr/lib/swift, @executable_path/Frameworks] [22:40:13 788] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x100157b30[libSystem.B.dylib]0x3b30 started sp=unidbg@0xfbffffd90 [22:40:20 417] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x100157b30[libSystem.B.dylib]0x3b30 finished sp=unidbg@0xfbffffd90, offset=6629ms [22:40:20 513] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1000884e8[libc++.1.dylib]0x184e8 started sp=unidbg@0xfbffffd90 [22:40:20 525] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1000884e8[libc++.1.dylib]0x184e8 finished sp=unidbg@0xfbffffd90, offset=12ms [22:40:20 525] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1039b8ab8[libobjc.A.dylib]0x14ab8 started sp=unidbg@0xfbffffd90 [22:40:20 526] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1039b8ab8[libobjc.A.dylib]0x14ab8 finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:20 527] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104034230[CoreFoundation]0xcc230 started sp=unidbg@0xfbffffd90 [22:40:20 527] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104034230[CoreFoundation]0xcc230 finished sp=unidbg@0xfbffffd90, offset=0ms [22:40:20 528] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x10460b044[Security]0x7044 started sp=unidbg@0xfbffffd90 [22:40:20 744] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x10460b044[Security]0x7044 finished sp=unidbg@0xfbffffd90, offset=216ms [22:40:20 746] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104d1418c[libswiftCore.dylib]0x27c18c started sp=unidbg@0xfbffffd90 [22:40:21 130] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104d1418c[libswiftCore.dylib]0x27c18c finished sp=unidbg@0xfbffffd90, offset=384ms [22:40:21 130] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104d34394[libswiftCore.dylib]0x29c394 started sp=unidbg@0xfbffffd90 [22:40:21 130] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104d34394[libswiftCore.dylib]0x29c394 finished sp=unidbg@0xfbffffd90, offset=0ms [22:40:21 130] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104d39274[libswiftCore.dylib]0x2a1274 started sp=unidbg@0xfbffffd90 [22:40:21 203] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104d39274[libswiftCore.dylib]0x2a1274 finished sp=unidbg@0xfbffffd90, offset=72ms [22:40:21 204] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104d63008[libswiftCore.dylib]0x2cb008 started sp=unidbg@0xfbffffd90 [22:40:21 204] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104d63008[libswiftCore.dylib]0x2cb008 finished sp=unidbg@0xfbffffd90, offset=0ms [22:40:21 204] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104d728e4[libswiftCore.dylib]0x2da8e4 started sp=unidbg@0xfbffffd90 [22:40:21 205] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104d728e4[libswiftCore.dylib]0x2da8e4 finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:21 207] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x104f26bac[libswiftDispatch.dylib]0x16bac started sp=unidbg@0xfbffffd90 [22:40:21 255] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x104f26bac[libswiftDispatch.dylib]0x16bac finished sp=unidbg@0xfbffffd90, offset=48ms [22:40:21 303] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 started sp=unidbg@0xfbffffd90 [22:40:47 734] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 finished sp=unidbg@0xfbffffd90, offset=26431ms [22:40:47 735] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1004e021c[libxpc.dylib]0x821c started sp=unidbg@0xfbffffd90 [22:40:47 743] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1004e021c[libxpc.dylib]0x821c finished sp=unidbg@0xfbffffd90, offset=8ms [22:40:47 743] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 started sp=unidbg@0xfbffffd90 [22:40:47 782] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 finished sp=unidbg@0xfbffffd90, offset=39ms [22:40:47 782] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1004e021c[libxpc.dylib]0x821c started sp=unidbg@0xfbffffd90 [22:40:47 784] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1004e021c[libxpc.dylib]0x821c finished sp=unidbg@0xfbffffd90, offset=2ms [22:40:47 784] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 started sp=unidbg@0xfbffffd90 [22:40:47 785] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:47 785] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1004e021c[libxpc.dylib]0x821c started sp=unidbg@0xfbffffd90 [22:40:47 786] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1004e021c[libxpc.dylib]0x821c finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:47 786] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 started sp=unidbg@0xfbffffd90 [22:40:47 787] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1039ae6f0[libobjc.A.dylib]0xa6f0 finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:47 787] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1004e021c[libxpc.dylib]0x821c started sp=unidbg@0xfbffffd90 [22:40:47 788] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1004e021c[libxpc.dylib]0x821c finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:48 067] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1009361bc[FBSharedFramework]0x41a1bc started sp=unidbg@0xfbffffd90 ............ [22:40:49 199] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1005238e0[FBSharedFramework]0x78e0 finished sp=unidbg@0xfbffffd90, offset=5ms [22:40:49 199] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x100524058[FBSharedFramework]0x8058 started sp=unidbg@0xfbffffd90 [22:40:49 200] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x100524058[FBSharedFramework]0x8058 finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:49 200] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x1005240ec[FBSharedFramework]0x80ec started sp=unidbg@0xfbffffd90 [22:40:49 201] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x1005240ec[FBSharedFramework]0x80ec finished sp=unidbg@0xfbffffd90, offset=1ms [22:40:49 201] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x100815c38[FBSharedFramework]0x2f9c38 started sp=unidbg@0xfbffffd90 [22:40:49 201] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:425) - emulate RX@0x100815c38[FBSharedFramework]0x2f9c38 finished sp=unidbg@0xfbffffd90, offset=0ms load offset=40403ms [22:40:49 465] DEBUG [com.github.unidbg.AbstractEmulator] (AbstractEmulator:379) - emulate RX@0x100006008[Instagram]0x100006008 started sp=unidbg@0xfbffffcc0 [22:40:49 476] WARN [com.github.unidbg.ios.ARM64SyscallHandler] (ARM64SyscallHandler:2610) - mach_msg_trap header=MachMsgHeader(unidbg@0xfbffff8e0) (24 bytes) { int msgh_bits@0x0=0x1513 int msgh_size@0x4=0x41D8040A int msgh_remote_port@0x8=0x0003 int msgh_local_port@0xC=0x0004 int msgh_voucher_port@0x10=0x3CE44C0A int msgh_id@0x14=0x0E1C }, size=24, lr=RX@0x10039db0c[libsystem_kernel.dylib]0x1b0c debugger break at: 0x10039dca0

x0=0xfbffff8e0 x1=0x3 x2=0x28 x3=0x60 x4=0x4 x5=0x0 x6=0x0 x7=0x0 x8=0xfffffbbf x9=0xe1c x10=0xffffff80001fc04c x11=0xffffff80001fc050 x12=0xffffff80001fc058 x13=0xffffff80001fc060 x14=0xffffff80001fc064 x15=0x0 x16=0xffffffffffffffe1 x17=0x102ecfc80 x18=0x0 x19=0x0 x20=0x0 x21=0x4 x22=0x60 x23=0xfbffff8e0 x24=0x3 x25=0x28 x26=0x3 x27=0x0 x28=0x0 fp=0xfbffff8d0 LR=RX@0x10039db0c[libsystem_kernel.dylib]0x1b0c SP=0xfbffff880 PC=RX@0x10039dca0[libsystem_kernel.dylib]0x1ca0 nzcv: N=1, Z=0, C=0, V=0, EL0, use SP_EL0 => [ libsystem_kernel.dylib][0x000001ca0][ c0 03 5f d6 ]0x10039dca0:*ret [ libsystem_kernel.dylib] [0x000001ca4] [ f0 03 80 92 ] 0x10039dca4: movn x16, #0x1f [ libsystem_kernel.dylib] [0x000001ca8] [ 01 10 00 d4 ] 0x10039dca8: svc #0x80 [ libsystem_kernel.dylib] [0x000001cac] [ c0 03 5f d6 ] 0x10039dcac: ret [ libsystem_kernel.dylib] [0x000001cb0] [ 10 04 80 92 ] 0x10039dcb0: movn x16, #0x20 [ libsystem_kernel.dylib] [0x000001cb4] [ 01 10 00 d4 ] 0x10039dcb4: svc #0x80 [ libsystem_kernel.dylib] [0x000001cb8] [ c0 03 5f d6 ] 0x10039dcb8: ret [ libsystem_kernel.dylib] [0x000001cbc] [ 30 04 80 92 ] 0x10039dcbc: movn x16, #0x21 [ libsystem_kernel.dylib] [0x000001cc0] [ 01 10 00 d4 ] 0x10039dcc0: svc #0x80 [ libsystem_kernel.dylib] [0x000001cc4] [ c0 03 5f d6 ] 0x10039dcc4: ret [ libsystem_kernel.dylib] [0x000001cc8] [ 50 04 80 92 ] 0x10039dcc8: movn x16, #0x22 [ libsystem_kernel.dylib] [0x000001ccc] [ 01 10 00 d4 ] 0x10039dccc: svc #0x80 [ libsystem_kernel.dylib] [0x000001cd0] [ c0 03 5f d6 ] 0x10039dcd0: ret [ libsystem_kernel.dylib] [0x000001cd4] [ 70 04 80 92 ] 0x10039dcd4: movn x16, #0x23 [ libsystem_kernel.dylib] [0x000001cd8] [ 01 10 00 d4 ] 0x10039dcd8: svc #0x80 [ libsystem_kernel.dylib] [0x000001cdc] [ c0 03 5f d6 ] 0x10039dcdc: ret

[zhkl0228]

ios属于实验性质，没有技术支持

[handeslfy]

ios属于实验性质，没有技术支持

感谢作者的回复，是否有解决思路，让我自行摸索？

[zhkl0228]

通过逆向dylib，修复或完善unidbg

[handeslfy]

通过逆向dylib，修复或完善unidbg

嗯。好的，希望大佬有时间的话，写一个文档demo。一起完善unidbg。现在无法下手，再次感谢。