MSHookFunction does not work yet? #180
Comments
seeskyline
changed the title
|
do you see any logs why crashing? |
seeskyline
changed the title
|
@liuxuan30 Crash logs have been added to the original post. Could you look into it for me? |
Have no idea, maybe time to involve @coolstar, as it's start crashing from libsubstitute after dyld. |
|
i think it crashed in MSFindSymbol #178, try to use |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
In my tweak, when I use MSHookFunction to hook sysctl, uname, or sysctlbyname, my device always show "SpringBoard ran into a problem and is now in safe mode....Restart SpringBoard" alert, as shown in the screenshot below.
Below is my hook code in MSHookFunction way:
int (*orig_sysctl)(int *, u_int, void *, size_t *, void *, size_t);
int repl_sysctl(int name, u_int namelen,struct kinfo_proc info, size_t * info_len, void newp, size_t newlen){
return orig_sysctl(name,namelen,info, info_len, newp,newlen);
}
%ctor
{
MSHookFunction(((void)MSFindSymbol(NULL, "_sysctl")),(void *)repl_sysctl,(void **) &orig_sysctl);
}
Am I doing wrong? Or, is there any other way to hook these methods? Is this a bug of electra's substrate, and if so, any plans to fix it?
Crash logs when using MSHookFunction is below:
Incident Identifier: 0951FD60-1748-4038-AE51-82F5C06D8CBD
CrashReporter Key: 0aebd97973d338aadf6b452e5c49defbbbbda4b5
Hardware Model: iPhone10,1
Process: SpringBoard [667]
Path: /System/Library/CoreServices/SpringBoard.app/SpringBoard
Identifier: com.apple.springboard
Version: 50 (1.0)
Code Type: ARM-64 (Native)
Role: Foreground
Parent Process: launchd [1]
Coalition: com.apple.springboard [71]
Date/Time: 2018-03-02 09:34:13.9750 +0800
Launch Time: 2018-03-02 09:34:13.6182 +0800
OS Version: iPhone OS 11.0 (15A372)
Baseband Version: 1.00.03
Report Version: 104
Exception Type: EXC_CRASH (SIGABRT)
Exception Codes: 0x0000000000000000, 0x0000000000000000
Exception Note: EXC_CORPSE_NOTIFY
Triggered by Thread: 0
Application Specific Information:
abort() called
Filtered syslog:
None found
Thread 0 name: Dispatch queue: com.apple.main-thread
Thread 0 Crashed:
0 libsystem_kernel.dylib 0x000000018632d348 __pthread_kill + 8
1 libsystem_pthread.dylib 0x00000001864457a4 pthread_kill$VARIANT$armv81 + 360
2 libsystem_c.dylib 0x000000018629cfd8 abort + 140
3 libsubstitute.0.dylib 0x0000000103a286b4 0x103a18000 + 67252
4 dyld 0x0000000103aafa64 ImageLoaderMachO::doModInitFunctions+ 96868 (ImageLoader::LinkContext const&) + 408
5 dyld 0x0000000103aafca8 ImageLoaderMachO::doInitialization+ 97448 (ImageLoader::LinkContext const&) + 36
6 dyld 0x0000000103aaad00 ImageLoader::recursiveInitialization+ 77056 (ImageLoader::LinkContext const&, unsigned int, char const*, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 372
7 dyld 0x0000000103aa9d40 ImageLoader::processInitializers+ 73024 (ImageLoader::LinkContext const&, unsigned int, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 136
8 dyld 0x0000000103aa9dfc ImageLoader::runInitializers+ 73212 (ImageLoader::LinkContext const&, ImageLoader::InitializerTimingList&) + 84
9 dyld 0x0000000103a9d79c dyld::runInitializers+ 22428 (ImageLoader*) + 88
10 dyld 0x0000000103aa4324 dlopen + 976
11 libdyld.dylib 0x00000001861ff4d4 dlopen + 116
12 TweakInject.dylib 0x0000000103923528 0x10391c000 + 29992
13 dyld 0x0000000103aafa64 ImageLoaderMachO::doModInitFunctions+ 96868 (ImageLoader::LinkContext const&) + 408
14 dyld 0x0000000103aafca8 ImageLoaderMachO::doInitialization+ 97448 (ImageLoader::LinkContext const&) + 36
15 dyld 0x0000000103aaad00 ImageLoader::recursiveInitialization+ 77056 (ImageLoader::LinkContext const&, unsigned int, char const*, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 372
16 dyld 0x0000000103aa9d40 ImageLoader::processInitializers+ 73024 (ImageLoader::LinkContext const&, unsigned int, ImageLoader::InitializerTimingList&, ImageLoader::UninitedUpwards&) + 136
17 dyld 0x0000000103aa9dfc ImageLoader::runInitializers+ 73212 (ImageLoader::LinkContext const&, ImageLoader::InitializerTimingList&) + 84
18 dyld 0x0000000103a9a594 dyld::initializeMainExecutable+ 9620 () + 140
19 dyld 0x0000000103a9f320 dyld::_main+ 29472 (macho_header const*, unsigned long, int, char const**, char const**, char const**, unsigned long*) + 6364
20 dyld 0x0000000103a9921c _dyld_start + 68
Thread 1:
0 libsystem_pthread.dylib 0x000000018643ec2c start_wqthread + 0
Thread 2:
0 libsystem_pthread.dylib 0x000000018643ec2c start_wqthread + 0
Thread 0 crashed with ARM Thread State (64-bit):
x0: 0x0000000000000000 x1: 0x0000000000000000 x2: 0x0000000000000000 x3: 0x000000016cf3aa68
x4: 0x0000000103a2bae1 x5: 0x000000016cf3afb0 x6: 0x000000000000000a x7: 0x000000000000014f
x8: 0x0000000008000000 x9: 0x0000000004000000 x10: 0x000000018644563c x11: 0x00000001b94e8d9c
x12: 0x00000001b94e8d9c x13: 0x0000000000000018 x14: 0x0000000000000001 x15: 0x0000000000000881
x16: 0x0000000000000148 x17: 0x0000000000000080 x18: 0x0000000000000000 x19: 0x0000000000000006
x20: 0x00000001b71bab80 x21: 0x00000001b5945f80 x22: 0x0000000000000303 x23: 0x00000001b71bac60
x24: 0x0000000000000000 x25: 0x0000000103ea43a0 x26: 0x0000000103e00470 x27: 0x0000000103ada458
x28: 0x0000000103ada0d0 fp: 0x000000016cf3af60 lr: 0x00000001864457a4
sp: 0x000000016cf3af30 pc: 0x000000018632d348 cpsr: 0x00000000
The text was updated successfully, but these errors were encountered: