Comments (2)
I think the root cause of the issue lies in the ctx
address selected by mmap
. When the system allocates in a crowded address space, this significantly reduces the likelihood of successfully allocating near the ctx address.
near_address
at:
frida-gum/gum/backend-arm64/gumstalker-arm64.c
Line 2318 in ffda5fc
ctx
at:
frida-gum/gum/backend-arm64/gumstalker-arm64.c
Line 2155 in ffda5fc
A possible solution is requesting a large block of memory to ensure ample free address space, then unmap that area and use its address to request memory. This approach might introduce some race condition issues. A more comprehensive solution is to mmap
a large block of memory and then allocate new memory within it using remap / fixed mmap, involving considerable modifications. Let me give it a try.
from frida-gum.
This is a modification I tested that is available but not complete.
gum_exec_ctx_new (GumStalker * stalker,
GumThreadId thread_id,
GumStalkerTransformer * transformer,
GumEventSink * sink)
{
GumExecCtx * ctx;
guint8 * base;
GumCodeSlab * code_slab;
GumSlowSlab * slow_slab;
GumDataSlab * data_slab;
base = gum_memory_allocate (NULL, INT32_MAX, stalker->page_size, GUM_PAGE_RW);
g_warning("Alloc big memory at base %p:",base);
gum_memory_free(base,INT32_MAX);
base = gum_memory_allocate (base + INT32_MAX / 2, stalker->ctx_size, stalker->page_size,
stalker->is_rwx_supported ? GUM_PAGE_RWX : GUM_PAGE_RW);
g_warning("target base: %p, real base %p:",base + INT32_MAX / 2,base);
ctx = (GumExecCtx *) base;
It can temporarily solve the problem, but I think that parts of the memory allocation mechanism should be refactored.
from frida-gum.
Related Issues (20)
- Injected code resolves symbols from target binary, not from libc
- Diet version of Frida-gum doesn't build on Android ARM64 HOT 1
- Can't find Go binary symbols when running in Linux using Docker + Virtiofs + macOS host HOT 3
- gum-js-loop (20): EXC_BAD_ACCESS (code=1, address=0x0)
- gum_memory_patch_code causes EXC_BAD_ACCESS (code=2) on jailbroken iOS 16.5 HOT 1
- gum_stalker_new() Crash!!!!!!!!!! HOT 1
- Regression(?) in Module.enumerateExports and Module.enumerateSymbols HOT 1
- Under certain cases, `_gum_interceptor_backend_create_trampoline` does not relocate instructions properly on aarch64 for the `on_invoke_trampoline` HOT 1
- Signal handling on macOS
- Frida capstone's version is too older
- iterator.context is undefined
- Windows 11 Build Error
- `Module.enumerateSymbols` missed lots of local symbols from iOS dyld_shared_cache
- Fatal signal 11 (SIGSEGV), code 1, fault addr 0x38 in tid 16884 HOT 3
- module.enumerateExports().length == 0 HOT 2
- TypeError: cannot read property 'objc_lookUpClass' of null
- NativeCallback unable to leave thread's last error unchanged
- Don't lose track of the stalker follow when a windows C++/SEH exception is thrown
- Diet Build fails
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from frida-gum.