[SharedCache] Fix handling of relative selectors in macOS shared caches #6192
Conversation
|
This requires the fixes from #6172. Without those fixes a lot of the class / method data hasn't been rebased appropriately and so is impossible to correctly interpret. |
view/sharedcache/core/SharedCache.h
Outdated
| { | ||
| dyld_cache_mapping_info mapping; | ||
| auto s2 = s.GetArray(); | ||
| mapping.address = s2[0].GetUint(); |
There was a problem hiding this comment.
This line and the 2 below should be using GetUint64
bdash
force-pushed
the
dsc-relative-selectors-mac
branch
from
726d6fb to
54e33b2
Compare
plafosse
added
the
File Format: SharedCache
|
thank you for the PR, I'll be looking at getting this merged today. |
|
This is currently being stalled by an issue happening "at some point" during de-serialization that results in an uncaught exception when re-opening a bndb. The relevant part of traceback is here: It is not immediately clear to me what could trigger this issue and there doesn't appear to be a codepath between BNDSCViewGetAllImages and _ZN2VM15AddressIsMappedEy at a brief glance. This could be the result of an improperly resolved merge conflict on my end, and I'll be able to investigate it more deeply tomorrow. |
|
The backtrace is probably misleading because of the failed exception throw. I'd guess I think this can happen with the problem mentioned at #6192 (comment). If the 64-bit fields of |
bdash
force-pushed
the
dsc-relative-selectors-mac
branch
from
54e33b2 to
bf639fe
Compare
|
I rebased this PR onto |
`BackingCache` now tracks the `dyld_cache_mapping_info` for its mappings so it has access to the memory protections for the region. This means it can avoid marking some regions as containing code when they don't, reducing the amount of analysis work that has to be done. Using `dyld_cache_mapping_info` also makes references to mappings easier to understand due to its named fields vs the nested `std::pair`s that were previously in use.
Find the relative selector base address in the Objective-C optimization data pointed to by the shared cache header, rather than via `__objc_scoffs`. This is only present on iOS, and not for every iOS version that encodes selectors via direct offsets. This also includes some related improvements: 1. Direct selectors get their own pointer type so they're rendered correctly in the view. 2. Method lists encoded as lists of lists are now handled. 3. The `dyld_cache_header` type added to the view is truncated to the length in the loaded cache. This ensures it is applied to the view. 4. A couple of methods that process method IMPs and selectors are updated to check whether the address is valid before attempting to process them. They would otherwise fail by throwing an exception if they proceed, but checking for validity is quicker and makes exception breakpoints usable.
…eser, fix compilation issue on linux
0cyn
force-pushed
the
dsc-relative-selectors-mac
branch
from
bf639fe to
c7baf92
Compare
|
|
Find the relative selector base address in the Objective-C optimization data pointed to by the shared cache header, rather than via
__objc_scoffs. That section is only present on iOS, and not for every iOS version that encodes selectors via direct offsets.This also includes some related improvements:
dyld_cache_headertype added to the view is truncated to the length of the header in the loaded cache. This ensures it is correctly applied to the view.Additionally,
SharedCachenow tracks whether non-image regions are data vs code. This means it can avoid marking some regions as containing code when they don't, reducing the amount of analysis work that has to be done.