SGSG
测试命令是这样的/stackplz_arm64 -p 18882 --jstack --kill SIGSTOP -s write --auto 目标测试程序是每隔5s依次打印test func3 test func2 test func1 在使用--jstack的时候程序被挂起后不会往下执行,而是会尝试重新执行上次被打断的wrtie syscall,然后就会再次被捕获并打断,陷入死循环 查阅了资料后发现是因为syscall执行到一半时中断的话会被当做错误直接丢弃掉,那这里感觉对于一些实现的不是很健壮的svc情况会导致目标程序直接错误 想探讨下这个问题如何解决
纯技术讨论,比较好奇除了使用定制的perf_event还有没有获取栈数据的方式,尝试了获取当前sp和当前线程的栈基址(从map中解析得到)后直接用bpf_probe_read_user从sp开始读取栈数据,在安卓上每次大概能读8k~30k字节左右的数据,但是在追踪大型app时还是出现栈回溯截断现象,想了想可能是栈数据有错误,还是说这是个无解的问题,替代方案只有下中断然后用remote_unwinder回溯
### Please check before submitting an issue | 在提交 Issue 前请检查 - [x] I searched the issues and didn't found anything relevant | 我已经搜索了 Issues 列表,没有发现于本问题相关内容 - [ ] If...
**Version and Platform (required):** - Binary Ninja Version: 5.2.8722, c75356aa - OS: windows - OS Version: 10 - CPU Architecture: x86_64 **Bug Description:** stack variable in some function become sp+offset...
**What is the feature you'd like to have?** request chained calls of complex struct **Is your feature request related to a problem?** i encounter with a smart ptr wraped JNIEnv...
**What is the feature you'd like to have?** add a clear user value buttom in "ASSERT" line **Is your feature request related to a problem?** when define a var as...
**What is the feature you'd like to have?** add python workflow api to add label in mlil like llil.add_label_for_address **Is your feature request related to a problem?** when solve indirect...
**Description of the problem** some MemoryAccessCB run into access violation accessing error but some not **Compilation or execution log** part of error message ``` {"string":"0.12.0","integer":3072,"major":0,"minor":12,"patch":0} Not a send type Message...