Mark non-returning Go runtime functions #6
Comments
|
I think we can use this approach to find place where we fail and check if we got bad instruction: smth like that: pfn = ida_funcs.func_t() |
|
Should there be a new button in the UI for this, or should it just be part of the 'Rename functions' functionality? FYI, here is an ARM sample: https://detux.org/report.php?sha256=8d9dd4f611e7d66769f44877b95f4b387c093bc58d701b1695e2b75fc5ce178b |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Feature request:
For Go runtime functions that don't return (Ex: panic) it looks like the compiler inserts an illegal instruction after the call as a sanity checking mechanism in case the function did return. This stackexchange post has more details:
https://reverseengineering.stackexchange.com/questions/17665/undefined-instruction-in-go-binary-compiled-for-arm
In the case of ARM binaries, these instructions cause function creation in IDA Pro to fail with the following error message: The function has undefined instruction/data at the specified address. (and the address referenced is that of the 0xF7FABCFD instruction.)
Talking with IDA Pro support, the solution is to mark the non-returning function as such in IDA. IDA will stop looking for instructions after this function call, and function creation will succeed.
I'm not sure of the best way to implement this, but one approach would be to search for the undefined instruction for each architecture, look for a function call right above that, and mark that function as non-returning (maybe with some sanity checks.) I'll aim to implement this approach when I have a chance, and will submit a pull request once finished.
The text was updated successfully, but these errors were encountered: