Uncaught exception crash with iOS 16 beta 1 binaries

Question

Uncaught exception crash with iOS 16 beta 1 binaries

chrisvasselli opened this issue 2 years ago · comments

Attempting to dump the UIKitCore binary in Xcode 14 beta 1 leads to a crash. The same command used against the latest version of Xcode 13 outputs successfully.

Been a while since I've used this tool so I can't say for sure it's not a problem with my particular incantation. But I tried minimizing the options I was using, and couldn't get anything working.

➜  dsdump_beta ./dsdump --objc -a arm64 --verbose=5 /Applications/Xcode-beta.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/UIKitCore.framework/UIKitCore --defined > ~/Desktop/UIKitCore.txt

2022-06-12 16:26:44.286 dsdump[51927:10158746] *** Terminating app due to uncaught exception 'NSRangeException', reason: '*** -[__NSArrayM objectAtIndexedSubscript:]: index 0 beyond bounds for empty array'
*** First throw call stack:
(
	0   CoreFoundation                      0x00000001b1bcd198 __exceptionPreprocess + 240
	1   libobjc.A.dylib                     0x00000001b1917e04 objc_exception_throw + 60
	2   CoreFoundation                      0x00000001b1c9f16c -[__NSCFString characterAtIndex:].cold.1 + 0
	3   CoreFoundation                      0x00000001b1b38bd4 -[__NSArrayM objectAtIndexedSubscript:] + 188
	4   dsdump                              0x0000000104b2787c __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke_2 + 748
	5   dsdump                              0x0000000104b31ef4 _ZNK5dyld311MachOLoaded9walkChainER11DiagnosticsPNS0_25ChainedFixupPointerOnDiskEtbjU13block_pointerFvS4_RbE + 96
	6   dsdump                              0x0000000104b32148 _ZNK5dyld311MachOLoaded27forEachFixupInSegmentChainsER11DiagnosticsPK30dyld_chained_starts_in_segmentbU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskES5_RbE + 180
	7   dsdump                              0x0000000104b31d78 _ZNK5dyld311MachOLoaded23forEachFixupInAllChainsER11DiagnosticsPK28dyld_chained_starts_in_imagebU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskEPK30dyld_chained_starts_in_segmentRbE + 92
	8   dsdump                              0x0000000104b27560 __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke + 124
	9   dsdump                              0x0000000104b400a4 _ZNK5dyld313MachOAnalyzer15withChainStartsER11DiagnosticsyU13block_pointerFvPK28dyld_chained_starts_in_imageE + 140
	10  dsdump                              0x0000000104b27400 -[XRMachOLibrary(Opcode) printChainDetails:callback:] + 284
	11  dsdump                              0x0000000104b1ddb0 -[XRMachOLibrary handleLoadCommand:] + 368
	12  dsdump                              0x0000000104b33a40 _ZNK5dyld39MachOFile18forEachLoadCommandER11DiagnosticsU13block_pointerFvPK12load_commandRbE + 160
	13  dsdump                              0x0000000104b1d6a0 -[XRMachOLibrary initWithPath:] + 956
	14  dsdump                              0x0000000104b2a954 main + 1588
	15  dyld                                0x00000001053d108c start + 520
)
libc++abi: terminating with uncaught exception of type NSException

Chris Vasselli · Answer 1 · Thu Aug 18 2022 15:58:52 GMT+0800 (China Standard Time)

Still seems to be the case beta 5.

Malcolm Hall · Answer 2 · Thu Dec 15 2022 18:56:31 GMT+0800 (China Standard Time)

Same problem with Xcode 14.2 Simulator binaries (iOS 16.2). Fyi this is the current dsdump_beta.zip in compiled folder.

% dsdump
Version: 0.8.3 Built: (14:20:17, Jun 20 2022), Usage: dsdump [option..] <mach-o-file>, use -h for help

% sysctl -n machdep.cpu.brand_string
Apple M1

% dsdump -a arm64 --objc /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/NotesShared.framework/NotesShared
2022-12-15 10:53:32.615 dsdump[71061:1715844] *** Terminating app due to uncaught exception 'NSRangeException', reason: '*** -[__NSArrayM objectAtIndexedSubscript:]: index 0 beyond bounds for empty array'
*** First throw call stack:
(
	0   CoreFoundation                      0x000000018e03b3f8 __exceptionPreprocess + 176
	1   libobjc.A.dylib                     0x000000018db86ea8 objc_exception_throw + 60
	2   CoreFoundation                      0x000000018e120ca4 -[__NSCFString characterAtIndex:].cold.1 + 0
	3   CoreFoundation                      0x000000018dfacfa8 -[__NSArrayM objectAtIndexedSubscript:] + 188
	4   dsdump                              0x00000001025203b8 __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke_2 + 748
	5   dsdump                              0x000000010252a774 _ZNK5dyld311MachOLoaded9walkChainER11DiagnosticsPNS0_25ChainedFixupPointerOnDiskEtbjU13block_pointerFvS4_RbE + 96
	6   dsdump                              0x000000010252a9c8 _ZNK5dyld311MachOLoaded27forEachFixupInSegmentChainsER11DiagnosticsPK30dyld_chained_starts_in_segmentbU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskES5_RbE + 180
	7   dsdump                              0x000000010252a5f8 _ZNK5dyld311MachOLoaded23forEachFixupInAllChainsER11DiagnosticsPK28dyld_chained_starts_in_imagebU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskEPK30dyld_chained_starts_in_segmentRbE + 92
	8   dsdump                              0x000000010252009c __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke + 124
	9   dsdump                              0x0000000102538860 _ZNK5dyld313MachOAnalyzer15withChainStartsER11DiagnosticsyU13block_pointerFvPK28dyld_chained_starts_in_imageE + 140
	10  dsdump                              0x000000010251ff3c -[XRMachOLibrary(Opcode) printChainDetails:callback:] + 284
	11  dsdump                              0x00000001025167b4 -[XRMachOLibrary handleLoadCommand:] + 368
	12  dsdump                              0x000000010252c2c0 _ZNK5dyld39MachOFile18forEachLoadCommandER11DiagnosticsU13block_pointerFvPK12load_commandRbE + 160
	13  dsdump                              0x0000000102516038 -[XRMachOLibrary initWithPath:] + 1456
	14  dsdump                              0x0000000102515a40 -[XRMachOLibrary initWithCPath:] + 144
	15  dsdump                              0x00000001025234ac main + 1912
	16  dyld                                0x000000018dbb7e50 start + 2544
)
libc++abi: terminating with uncaught exception of type NSException
zsh: abort      dsdump -a arm64 --objc

% dsdump -a x86_64 --objc /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/NotesShared.framework/NotesShared 
zsh: segmentation fault  dsdump -a x86_64 --objc

Chris Vasselli · Answer 3 · Thu Dec 15 2022 19:25:39 GMT+0800 (China Standard Time)

Hey @DerekSelander, curious if you are still planning on maintaining this project. It's been a huge help in maintaining https://github.com/shinydevelopment/SimulatorStatusMagic. Thank you for all the work you've put into it! I'm blocked on this issue from using it going forward though, since it seems to not work with the latest iOS binaries, and I haven't found a good alternative.

Derek · Answer 4 · Fri Dec 16 2022 07:26:46 GMT+0800 (China Standard Time)

@chrisvasselli hey, I'll have some time over the holidays... that sweet spot of kids in school while I'm not working.

I've been planning a couple updates to it for a while and will look at issues then.

Cheers

Chris Vasselli · Answer 5 · Fri Dec 16 2022 08:37:24 GMT+0800 (China Standard Time)

@DerekSelander Ah, I'm looking forward to that sweet spot too haha. Thanks, appreciate it!

Helloyunho · Answer 6 · Wed Nov 01 2023 13:34:24 GMT+0800 (China Standard Time)

so it's been over a year and I'm still getting the same issue...