Uncaught exception crash with iOS 16 beta 1 binaries

[clindsay3]

Attempting to dump the UIKitCore binary in Xcode 14 beta 1 leads to a crash. The same command used against the latest version of Xcode 13 outputs successfully.

Been a while since I've used this tool so I can't say for sure it's not a problem with my particular incantation. But I tried minimizing the options I was using, and couldn't get anything working.

➜  dsdump_beta ./dsdump --objc -a arm64 --verbose=5 /Applications/Xcode-beta.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/UIKitCore.framework/UIKitCore --defined > ~/Desktop/UIKitCore.txt

2022-06-12 16:26:44.286 dsdump[51927:10158746] *** Terminating app due to uncaught exception 'NSRangeException', reason: '*** -[__NSArrayM objectAtIndexedSubscript:]: index 0 beyond bounds for empty array'
*** First throw call stack:
(
	0   CoreFoundation                      0x00000001b1bcd198 __exceptionPreprocess + 240
	1   libobjc.A.dylib                     0x00000001b1917e04 objc_exception_throw + 60
	2   CoreFoundation                      0x00000001b1c9f16c -[__NSCFString characterAtIndex:].cold.1 + 0
	3   CoreFoundation                      0x00000001b1b38bd4 -[__NSArrayM objectAtIndexedSubscript:] + 188
	4   dsdump                              0x0000000104b2787c __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke_2 + 748
	5   dsdump                              0x0000000104b31ef4 _ZNK5dyld311MachOLoaded9walkChainER11DiagnosticsPNS0_25ChainedFixupPointerOnDiskEtbjU13block_pointerFvS4_RbE + 96
	6   dsdump                              0x0000000104b32148 _ZNK5dyld311MachOLoaded27forEachFixupInSegmentChainsER11DiagnosticsPK30dyld_chained_starts_in_segmentbU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskES5_RbE + 180
	7   dsdump                              0x0000000104b31d78 _ZNK5dyld311MachOLoaded23forEachFixupInAllChainsER11DiagnosticsPK28dyld_chained_starts_in_imagebU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskEPK30dyld_chained_starts_in_segmentRbE + 92
	8   dsdump                              0x0000000104b27560 __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke + 124
	9   dsdump                              0x0000000104b400a4 _ZNK5dyld313MachOAnalyzer15withChainStartsER11DiagnosticsyU13block_pointerFvPK28dyld_chained_starts_in_imageE + 140
	10  dsdump                              0x0000000104b27400 -[XRMachOLibrary(Opcode) printChainDetails:callback:] + 284
	11  dsdump                              0x0000000104b1ddb0 -[XRMachOLibrary handleLoadCommand:] + 368
	12  dsdump                              0x0000000104b33a40 _ZNK5dyld39MachOFile18forEachLoadCommandER11DiagnosticsU13block_pointerFvPK12load_commandRbE + 160
	13  dsdump                              0x0000000104b1d6a0 -[XRMachOLibrary initWithPath:] + 956
	14  dsdump                              0x0000000104b2a954 main + 1588
	15  dyld                                0x00000001053d108c start + 520
)
libc++abi: terminating with uncaught exception of type NSException

[clindsay3]

Still seems to be the case beta 5.

[malhal]

Same problem with Xcode 14.2 Simulator binaries (iOS 16.2). Fyi this is the current dsdump_beta.zip in compiled folder.

% dsdump
Version: 0.8.3 Built: (14:20:17, Jun 20 2022), Usage: dsdump [option..] <mach-o-file>, use -h for help

% sysctl -n machdep.cpu.brand_string
Apple M1

% dsdump -a arm64 --objc /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/NotesShared.framework/NotesShared
2022-12-15 10:53:32.615 dsdump[71061:1715844] *** Terminating app due to uncaught exception 'NSRangeException', reason: '*** -[__NSArrayM objectAtIndexedSubscript:]: index 0 beyond bounds for empty array'
*** First throw call stack:
(
	0   CoreFoundation                      0x000000018e03b3f8 __exceptionPreprocess + 176
	1   libobjc.A.dylib                     0x000000018db86ea8 objc_exception_throw + 60
	2   CoreFoundation                      0x000000018e120ca4 -[__NSCFString characterAtIndex:].cold.1 + 0
	3   CoreFoundation                      0x000000018dfacfa8 -[__NSArrayM objectAtIndexedSubscript:] + 188
	4   dsdump                              0x00000001025203b8 __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke_2 + 748
	5   dsdump                              0x000000010252a774 _ZNK5dyld311MachOLoaded9walkChainER11DiagnosticsPNS0_25ChainedFixupPointerOnDiskEtbjU13block_pointerFvS4_RbE + 96
	6   dsdump                              0x000000010252a9c8 _ZNK5dyld311MachOLoaded27forEachFixupInSegmentChainsER11DiagnosticsPK30dyld_chained_starts_in_segmentbU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskES5_RbE + 180
	7   dsdump                              0x000000010252a5f8 _ZNK5dyld311MachOLoaded23forEachFixupInAllChainsER11DiagnosticsPK28dyld_chained_starts_in_imagebU13block_pointerFvPNS0_25ChainedFixupPointerOnDiskEPK30dyld_chained_starts_in_segmentRbE + 92
	8   dsdump                              0x000000010252009c __53-[XRMachOLibrary(Opcode) printChainDetails:callback:]_block_invoke + 124
	9   dsdump                              0x0000000102538860 _ZNK5dyld313MachOAnalyzer15withChainStartsER11DiagnosticsyU13block_pointerFvPK28dyld_chained_starts_in_imageE + 140
	10  dsdump                              0x000000010251ff3c -[XRMachOLibrary(Opcode) printChainDetails:callback:] + 284
	11  dsdump                              0x00000001025167b4 -[XRMachOLibrary handleLoadCommand:] + 368
	12  dsdump                              0x000000010252c2c0 _ZNK5dyld39MachOFile18forEachLoadCommandER11DiagnosticsU13block_pointerFvPK12load_commandRbE + 160
	13  dsdump                              0x0000000102516038 -[XRMachOLibrary initWithPath:] + 1456
	14  dsdump                              0x0000000102515a40 -[XRMachOLibrary initWithCPath:] + 144
	15  dsdump                              0x00000001025234ac main + 1912
	16  dyld                                0x000000018dbb7e50 start + 2544
)
libc++abi: terminating with uncaught exception of type NSException
zsh: abort      dsdump -a arm64 --objc 

% dsdump -a x86_64 --objc /Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform/Library/Developer/CoreSimulator/Profiles/Runtimes/iOS.simruntime/Contents/Resources/RuntimeRoot/System/Library/PrivateFrameworks/NotesShared.framework/NotesShared 
zsh: segmentation fault  dsdump -a x86_64 --objc 

[clindsay3]

Hey @DerekSelander, curious if you are still planning on maintaining this project. It's been a huge help in maintaining https://github.com/shinydevelopment/SimulatorStatusMagic. Thank you for all the work you've put into it! I'm blocked on this issue from using it going forward though, since it seems to not work with the latest iOS binaries, and I haven't found a good alternative.

[DerekSelander]

@chrisvasselli hey, I'll have some time over the holidays... that sweet spot of kids in school while I'm not working.

I've been planning a couple updates to it for a while and will look at issues then.

Cheers

[clindsay3]

@DerekSelander Ah, I'm looking forward to that sweet spot too haha. Thanks, appreciate it!

[Helloyunho]

so it's been over a year and I'm still getting the same issue...