First ran:

git checkout 3.0.1`

Then built android-server:

export ANDROID_NDK_ROOT=/home/steven/bin/android-ndk/; make -f Makefile.linux.mk server-android`

Received the following error:

../../../../../frida-gum/bindings/gumpp/sampler.cpp:67: error: undefined reference to 'gum_cycle_sampler_new'
clang++: error: linker command failed with exit code 1 (use -v to see invocation)
make[3]: *** [libfrida-gumpp-1.0.la] Error 1
make[3]: Leaving directory `/home/steven/src/frida/build/tmp-android-arm/frida-gum/bindings/gumpp'
make[2]: *** [install-recursive] Error 1
make[2]: Leaving directory `/home/steven/src/frida/build/tmp-android-arm/frida-gum/bindings'
make[1]: *** [install-recursive] Error 1
make[1]: Leaving directory `/home/steven/src/frida/build/tmp-android-arm/frida-gum'
make: *** [build/frida-android-arm/lib/pkgconfig/frida-gum-1.0.pc] Error 2

Any ideas?

Hi
I have next situation. Now I analyse android application with frida, application have obfuscated strings for example
final String string4 = query.getString(query.getColumnIndex(h.a("\u4347\uf662\u2b58\uf5f5")));

decryption class h decryption function

static final String a(final String p0) {...}

I use next code but don't can call "h.a" function,

import frida,sys
def print_result(message):
print "[*] Testing PIN %s" %(message)
def on_message(message, data):
print_result(message['payload'])
jscode = """
Dalvik.perform(function () {
var h = Dalvik.use("com.adobe.cfg.h");
var ret = h.a('\ufad6!\ubb89\u2731\u11c5');
send(ret);
});
"""
session = frida.get_remote_device().attach("com.adobe.jaguar:jaguar_bf")
print session.enumerate_modules()
script = session.create_script(jscode)
script.on('message', on_message)
script.load()
sys.stdin.read()

What I do wrong ?

Are spawn() and resume() supported in the Android implementation? If so, what is the correct usage?

I have tried:
device.spawn(["com.skype.raider"]) which gives: frida.ExecutableNotFoundError
and
device.spawn(["/data/app/com.skype.raider-1.apk"]) which gives: frida.ExecutableNotSupportedError

Thanks.

• enable/disable MAPPER for gum
• strip final builds
• which arch to include in the universal bin? (avoid building everything twice for iOS)
• optimization/debug CFLAGS
• ...

I followed the basic Android tutorial, using a rooted Android tablet (Samsung GT-P7300), and after installing frida on my mac (Yosemite) with easy_install

Copied the frida-server exec, forwarded ports, executed as root on the device

Then, when I try a frida-ps -R, on my mac :

Failed to enumerate processes: unable to connect to remote frida-server: Unexpected lack of content trying to read a line

On the device, the frida server exits with SegFault.

Also, launching the frida-server gives me no output at all, is this expected ?

Thanks

What's the recommended way to perform early tracing with frida, on Android in particular. I'd like to make sure that I am tracing the functions during app startup. Currently it seems the required workflow is to hook an already running process. Is there a plan in place to support it? if there is I might be able to take a stab at implementing it.

I could find another device to test frida-server on android : galaxy tab pro 10.1 wifi, rooted with kitkat 4.4.2

I managed to make the tutorial work with the camera app, but not google chrome or other apps like snap chat : they crash instantly when I try to attach to the process.

Process listing is working fine.

Same bug when trying with locally built frida-server binary

Hi!

I was following the Android tutorial on http://www.frida.re/docs/android/ and the following error occurred:

$ frida-ps -R
Failed to enumerate processes: GDBus.Error:org.freedesktop.DBus.Error.UnknownMethod: No such interface 'org.boblycat.frida.HostSession' on object at path /org/boblycat/frida/HostSession

OS X Yosemite 10.10.2
Python 2.7
Cyanogen OS 11.0-XNPH05Q
Android 4.4.4

Hello,
I installed frida by Cydia,
ios$>frida-server --version
4.2.8
on MacOSX I installed frida by easy_install
Maxs-Mac-mini:frida alexey_perevalov$ frida-ps --version
4.2.8
Maxs-Mac-mini:frida alexey_perevalov$ frida-trace --version
4.2.8

But when I ran
$sudo frida-trace -U wifid

I got following:

Resolving functions...
Exception in thread Thread-1:
Traceback (most recent call last):
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 808, in __bootstrap_inner
self.run()
File "/System/Library/Frameworks/Python.framework/Versions/2.7/lib/python2.7/threading.py", line 761, in run
self.__target(_self.__args, *_self.__kwargs)
File "/Library/Python/2.7/site-packages/frida-4.2.8-py2.7-macosx-10.9-intel.egg/frida/application.py", line 298, in _run
work()
File "/Library/Python/2.7/site-packages/frida-4.2.8-py2.7-macosx-10.9-intel.egg/frida/application.py", line 203, in _try_start
self._start()
File "/Library/Python/2.7/site-packages/frida-4.2.8-py2.7-macosx-10.9-intel.egg/frida/tracer.py", line 1347, in _start
self._targets = self._tracer.start_trace(self._session, self)
File "/Library/Python/2.7/site-packages/frida-4.2.8-py2.7-macosx-10.9-intel.egg/frida/tracer.py", line 956, in start_trace
working_set = self._profile.resolve(session)
File "/Library/Python/2.7/site-packages/frida-4.2.8-py2.7-macosx-10.9-intel.egg/frida/tracer.py", line 70, in resolve
script = session.create_script(name="profile-resolver", source=self._create_resolver_script())
File "/Library/Python/2.7/site-packages/frida-4.2.8-py2.7-macosx-10.9-intel.egg/frida/core.py", line 174, in create_script
return self._impl.create_script(_args, *_kwargs)

TransportError: no such interface 're.frida.AgentSession1' on object at path /re/frida/AgentSession1/9

Also I have source and I able to build for MacOSX (I have a trouble with iOS build)

BTW frida-ps -U is working
and $>frida-pa -U |grep frida
shows me
526 frida-helper
468 frida-server

Looks like somebody couldn't find DBUS interface, maybe it requires some special permission.

I have check issue #8, but I have only python 2x

So distros can package it properly

The following hook crashes the target process. It only crashes when trying to use Stalker, other operations seem to work fine.

    "use strict";

    const async = require( 'generator-async' );
    const frida = require( 'frida' )

    let session, script;
    async.run( function* () {
        "use strict";
        session = yield frida.attach( 'a.exe' );
        script = yield session.createScript( '(' + agent.toString() + ').call( this );' );
        script.events.listen( 'message', message => {
            console.log( message );
        } );
        yield script.load();
    } );

    function agent() {
        "use strict";
        Stalker.follow( {
            events: { call: true },
            onReceive: function( e ) {
                send( {name:'debug', data:'onReceive'} );
            },
            onCallSummary: function( e ) {
                send( {name:'debug', data:'onCallSummary'} );
            }
        } );
    }

The build process breaks when done in parallel :

$ git pull && git submodule update --recursive && make clean && make -j4 
...
make[2]: Entering directory `/home/yoyo/projects/frida/build/tmp-linux-x86_64/frida-npapi/src'
make[2]: warning: jobserver unavailable: using -j1.  Add `+' to parent make rule.
  VALAC    ../../../../frida-npapi/src/libnpfrida_codegen_la_vala.stamp
make[2]: Leaving directory `/home/yoyo/projects/frida/build/tmp-linux-x86_64/frida-npapi/src'
make[1]: Leaving directory `/home/yoyo/projects/frida'
make: *** [all] Error 2

On Windows 8, I was trying to list and connect to a process. frida-ps doesn't list the particular process although it's listed in Windows' Task Manager. Looking at the Task Manager, I can see the PID. Using that in

import frida
s = frida.attach(9108)
print([x.name for x in s.enumerate_modules()])

Throws an error "Unexpected error while attaching to process with PID 9108 (OpenProcess returned 0x00000005)"

Let me prefix this with saying I'm totally new to frida, so I may well be doing something completely stupid or missing something obvious. However, I'd like to use frida to instrument the WindowServer process in OS X Yosemite, and when I use the command

sudo frida-trace -i "IOCon*" WindowServer

(from an ssh session) it instantly crashing the process with a NULL pointer dereference every time. Specifically, it tries to make a NULL indirect call. If I use this command with another process, e.g.

frida-trace -i "IOCon*" IORegistryExplorer

then it behaves as I'd expect.

Note that I installed frida via easy_install as documented.

To try and see what was going on, I attached lldb to the process (again via ssh) before setting frida-trace loose on it:

(lldb) process attach --pid 202
Process 202 stopped
Executable module set to "/System/Library/Frameworks/ApplicationServices.framework/Frameworks/CoreGraphics.framework/Resources/WindowServer".
Architecture set to: x86_64-apple-macosx.
(lldb) cont
Process 202 resuming

Start frida-trace, and:

Process 202 stopped
* thread #9: tid = 0x13370, 0x0000000000000000, stop reason = EXC_BAD_ACCESS (code=1,    address=0x0)
frame #0: 0x0000000000000000
error: memory read failed for 0x0
(lldb) bt
* thread #9: tid = 0x13370, 0x0000000000000000, stop reason = EXC_BAD_ACCESS (code=1, address=0x0)
 * frame #0: 0x0000000000000000
    frame #1: 0x000000014dc8723a
(lldb) frame select 1
frame #1: 0x000000014dc8723a
-> 0x14dc8723a:  movq   %rbx, %rdi
   0x14dc8723d:  callq  *0x78(%rbp)
   0x14dc87240:  popq   %rax
   0x14dc87241:  popq   %rbx

Any pointers on trying to figure out what's going on/fix this would be appreciated!

OSX's process crash report:

Process: WindowServer [3665]
Path: /System/Library/Frameworks/CoreGraphics.framework/Versions/A/Resources/WindowServer
Identifier: WindowServer
Version: 1
Code Type: X86-64 (Native)
Parent Process: launchd [1]
Responsible: WindowServer [3665]
User ID: 88

Date/Time: 2014-11-18 18:50:52.100 +0100
OS Version: Mac OS X 10.10 (14A389)
Report Version: 11
Anonymous UUID: 59DE06AE-666E-39F2-78A4-A8510D16485D

Time Awake Since Boot: 3600 seconds

Crashed Thread: 7

Exception Type: EXC_BAD_ACCESS (SIGSEGV)
Exception Codes: KERN_INVALID_ADDRESS at 0x0000000000000000

External Modification Warnings:
Thread creation by external task.

VM Regions Near 0:
-->
__TEXT 000000010f0f2000-000000010f0f3000 [ 4K] r-x/rwx SM=COW /System/Library/Frameworks/CoreGraphics.framework/Versions/A/Resources/WindowServer

Thread 0:: Dispatch queue: com.apple.main-thread
0 libsystem_kernel.dylib 0x00007fff83a3652e mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fff83a3569f mach_msg + 55
2 com.apple.CoreGraphics 0x00007fff90885e4e CGXRunOneServicesPass + 696
3 com.apple.CoreGraphics 0x00007fff9088648b CGXServer + 839
4 WindowServer 0x000000010f0f2f7e 0x10f0f2000 + 3966
5 libdyld.dylib 0x00007fff891ea5c9 start + 1

Thread 1:: Dispatch queue: com.apple.libdispatch-manager
0 libsystem_kernel.dylib 0x00007fff83a3c22e kevent64 + 10
1 libdispatch.dylib 0x00007fff930f1a6a _dispatch_mgr_thread + 52

Thread 2:
0 libsystem_kernel.dylib 0x00007fff83a3b946 __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff892e44a1 start_wqthread + 13

Thread 3:
0 libsystem_kernel.dylib 0x00007fff83a3b946 __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff892e44a1 start_wqthread + 13

Thread 4:
0 libsystem_kernel.dylib 0x00007fff83a3652e mach_msg_trap + 10
1 libsystem_kernel.dylib 0x00007fff83a3569f mach_msg + 55
2 com.apple.CoreFoundation 0x00007fff8997eb14 __CFRunLoopServiceMachPort + 212
3 com.apple.CoreFoundation 0x00007fff8997dfdb __CFRunLoopRun + 1371
4 com.apple.CoreFoundation 0x00007fff8997d838 CFRunLoopRunSpecific + 296
5 com.apple.CoreFoundation 0x00007fff89a33ed1 CFRunLoopRun + 97
6 com.apple.CoreGraphics 0x00007fff9081d34a eventThread + 218
7 libsystem_pthread.dylib 0x00007fff892e62fc _pthread_body + 131
8 libsystem_pthread.dylib 0x00007fff892e6279 _pthread_start + 176
9 libsystem_pthread.dylib 0x00007fff892e44b1 thread_start + 13

Thread 5:
0 libsystem_kernel.dylib 0x00007fff83a3b946 __workq_kernreturn + 10
1 libsystem_pthread.dylib 0x00007fff892e44a1 start_wqthread + 13

Thread 6:
0 libsystem_kernel.dylib 0x00007fff83a36612 swtch_pri + 10
1 libsystem_pthread.dylib 0x00007fff892e740e _pthread_find_thread + 81
2 libsystem_pthread.dylib 0x00007fff892e7a0c _pthread_lookup_thread + 53
3 libsystem_pthread.dylib 0x00007fff892e9a3a pthread_join + 80
4 ??? 0x0000000154a7c048 0 + 5715247176

Thread 7 Crashed:

Thread 7 crashed with X86 Thread State (64-bit):
rax: 0x0000000000000000 rbx: 0x0000000000000000 rcx: 0x0000000000008d07 rdx: 0x0000000154a7d0a8
rdi: 0x0000000154a7d0a8 rsi: 0x0000000000008d07 rbp: 0x0000000154a7d000 rsp: 0x0000000154b5bed8
r8: 0x0000000154b5be80 r9: 0x0000000154b5c000 r10: 0x00000000000000a0 r11: 0x0000000154b5be41
r12: 0x0000000000008c17 r13: 0x00000000000008ff r14: 0x0000000154a7d000 r15: 0x0000000154a7c200
rip: 0x0000000000000000 rfl: 0x0000000000010206 cr2: 0x0000000000000000

Logical CPU: 1
Error Code: 0x00000014
Trap Number: 14

Binary Images:
0x10f0f2000 - 0x10f0f2fff WindowServer (1) /System/Library/Frameworks/ApplicationServices.framework/Frameworks/CoreGraphics.framework/Resources/WindowServer
0x10f1ea000 - 0x10f1ebfff com.apple.driver.IOAccelerator2D (156.4 - 156.4) <1BEA4BB2-3462-3263-8A39-D625E3049440> /System/Library/Extensions/IOAccelerator2D.plugin/Contents/MacOS/IOAccelerator2D
0x130f50000 - 0x130f57ff7 com.apple.AmbientDisplay (1.0 - 1) <556264AD-7AAB-3F4A-881B-9C5D9E2171C8> /System/Library/PrivateFrameworks/AmbientDisplay.framework/AmbientDisplay
0x152f02000 - 0x152f12fff com.apple.AppleGVACoreFramework (8.0.74 - 8.0.74) <71D3D411-BD9A-302C-AB8C-3A51C4F8CA88> /System/Library/PrivateFrameworks/AppleGVACore.framework/AppleGVACore
0x123480000000 - 0x12348029afff com.apple.AMDRadeonX3000GLDriver (1.28.29 - 1.2.8) <80C2C15B-DE39-3CD9-AA0E-14ADBA3ED930> /System/Library/Extensions/AMDRadeonX3000GLDriver.bundle/Contents/MacOS/AMDRadeonX3000GLDriver
0x7fff6930b000 - 0x7fff69341837 dyld (353.2.1) <4696A982-1500-34EC-9777-1EF7A03E2659> /usr/lib/dyld
0x7fff837e0000 - 0x7fff837e0ff7 liblaunch.dylib (559.1.22) <8A988924-8BE7-35FE-BF7D-322E90EFE49E> /usr/lib/system/liblaunch.dylib
0x7fff837e1000 - 0x7fff837e6ff7 libmacho.dylib (862) <126CA2ED-DE91-308F-8881-B9DAEC3C63B6> /usr/lib/system/libmacho.dylib
0x7fff83828000 - 0x7fff8388fff7 com.apple.datadetectorscore (6.0 - 396.1) <5D348063-1528-3E2F-B587-9E82970506F9> /System/Library/PrivateFrameworks/DataDetectorsCore.framework/Versions/A/DataDetectorsCore
0x7fff8389e000 - 0x7fff838deff7 libGLImage.dylib (11.0.7) <7CBCEB4B-D22F-3116-8B28-D1C22D28C69D> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLImage.dylib
0x7fff838df000 - 0x7fff83946ff7 com.apple.framework.CoreWiFi (3.0 - 300.4) <19269C1D-EB29-384A-83F3-7DDDEB7D9DAD> /System/Library/PrivateFrameworks/CoreWiFi.framework/Versions/A/CoreWiFi
0x7fff83a25000 - 0x7fff83a42fff libsystem_kernel.dylib (2782.1.97) <93E0E0A9-75B6-3904-BB4E-4BC7C05F4B6B> /usr/lib/system/libsystem_kernel.dylib
0x7fff83aa9000 - 0x7fff83b03ff7 com.apple.LanguageModeling (1.0 - 1) /System/Library/PrivateFrameworks/LanguageModeling.framework/Versions/A/LanguageModeling
0x7fff83b09000 - 0x7fff83b1aff7 libsystem_coretls.dylib (35.1.2) /usr/lib/system/libsystem_coretls.dylib
0x7fff83b2c000 - 0x7fff83b3dff7 libz.1.dylib (55) <88C7C7DE-04B8-316F-8B74-ACD9F3DE1AA1> /usr/lib/libz.1.dylib
0x7fff83b3e000 - 0x7fff83b3ffff libSystem.B.dylib (1213) /usr/lib/libSystem.B.dylib
0x7fff83b40000 - 0x7fff83b42fff libCVMSPluginSupport.dylib (11.0.7) <29D775BB-A11D-3140-A478-2A0DA1A87420> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCVMSPluginSupport.dylib
0x7fff83dac000 - 0x7fff83daefff com.apple.loginsupport (1.0 - 1) <35A2A071-606C-39A5-8C11-E4CAF98D934C> /System/Library/PrivateFrameworks/login.framework/Versions/A/Frameworks/loginsupport.framework/Versions/A/loginsupport
0x7fff83daf000 - 0x7fff83e43fff com.apple.ink.framework (10.9 - 213) <8E029630-1530-3734-A446-13353F0E7AC5> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/Ink.framework/Versions/A/Ink
0x7fff83e44000 - 0x7fff84985fff com.apple.AppKit (6.9 - 1343.14) <1732C412-257B-340E-8863-B8162D4EB2E2> /System/Library/Frameworks/AppKit.framework/Versions/C/AppKit
0x7fff84989000 - 0x7fff84994ff7 libkxld.dylib (2782.1.97) /usr/lib/system/libkxld.dylib
0x7fff84ac5000 - 0x7fff84ad1ff7 com.apple.OpenDirectory (10.10 - 187) <1D0066FC-1DEB-381B-B15C-4C009E0DF850> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/OpenDirectory
0x7fff84ad2000 - 0x7fff84d3affb com.apple.security (7.0 - 57031.1.35) <96141D1F-614E-32C4-8AC2-F47481F23F43> /System/Library/Frameworks/Security.framework/Versions/A/Security
0x7fff84d7c000 - 0x7fff84d82fff com.apple.speech.recognition.framework (5.0.9 - 5.0.9) /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/SpeechRecognition.framework/Versions/A/SpeechRecognition
0x7fff84d83000 - 0x7fff84d9ffff com.apple.GenerationalStorage (2.0 - 209.11) <9FF8DD11-25FB-3047-A5BF-9415339B3EEC> /System/Library/PrivateFrameworks/GenerationalStorage.framework/Versions/A/GenerationalStorage
0x7fff84dd8000 - 0x7fff84de3ff7 com.apple.speech.synthesis.framework (5.2.6 - 5.2.6) <9434AA45-B6BD-37F7-A866-172196A7F91B> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/SpeechSynthesis.framework/Versions/A/SpeechSynthesis
0x7fff84e63000 - 0x7fff84f7bffb com.apple.CoreText (352.0 - 454.1) /System/Library/Frameworks/CoreText.framework/Versions/A/CoreText
0x7fff84f7c000 - 0x7fff84feaffb com.apple.Heimdal (4.0 - 2.0) /System/Library/PrivateFrameworks/Heimdal.framework/Versions/A/Heimdal
0x7fff84feb000 - 0x7fff84febfff com.apple.ApplicationServices (48 - 48) <5BF7910B-C328-3BF8-BA4F-CE52B574CE01> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/ApplicationServices
0x7fff850fa000 - 0x7fff85122fff libxpc.dylib (559.1.22) <9437C02E-A07B-38C8-91CB-299FAA63083D> /usr/lib/system/libxpc.dylib
0x7fff85203000 - 0x7fff8521dff7 com.apple.AppleVPAFramework (1.0.30 - 1.0.30) /System/Library/PrivateFrameworks/AppleVPA.framework/Versions/A/AppleVPA
0x7fff8521e000 - 0x7fff85226ffb libcopyfile.dylib (118.1.2) <0C68D3A6-ACDD-3EF3-991A-CC82C32AB836> /usr/lib/system/libcopyfile.dylib
0x7fff85328000 - 0x7fff8532dff7 libunwind.dylib (35.3) /usr/lib/system/libunwind.dylib
0x7fff859a8000 - 0x7fff85a17fff com.apple.SearchKit (1.4.0 - 1.4.0) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/SearchKit.framework/Versions/A/SearchKit
0x7fff85b52000 - 0x7fff85b56fff libpam.2.dylib (20) /usr/lib/libpam.2.dylib
0x7fff85c06000 - 0x7fff85c16ff7 libbsm.0.dylib (34) /usr/lib/libbsm.0.dylib
0x7fff85c1d000 - 0x7fff85c63ffb libFontRegistry.dylib (134) <01B8034A-45FD-3360-A347-A1896F591363> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontRegistry.dylib
0x7fff85c80000 - 0x7fff85c87fff com.apple.NetFS (6.0 - 4.0) <1581D25F-CC07-39B0-90E8-5D4F3CF84EBA> /System/Library/Frameworks/NetFS.framework/Versions/A/NetFS
0x7fff85c88000 - 0x7fff85df3ff7 com.apple.audio.toolbox.AudioToolbox (1.12 - 1.12) <5C6DBEB4-F2EA-3262-B9FC-AFB89404C1DA> /System/Library/Frameworks/AudioToolbox.framework/Versions/A/AudioToolbox
0x7fff85df8000 - 0x7fff85eebff7 libJP2.dylib (1231) <58849E48-9CD2-38A1-9D48-FCE630F473EB> /System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libJP2.dylib
0x7fff85eec000 - 0x7fff85eeefff libsystem_configuration.dylib (699.1.5) <9FBA1CE4-97D0-347E-A443-93ED94512E92> /usr/lib/system/libsystem_configuration.dylib
0x7fff85eef000 - 0x7fff85f3bff7 libcups.2.dylib (408) <9CECCDE3-51D7-3028-830C-F58BD36E3317> /usr/lib/libcups.2.dylib
0x7fff85f3c000 - 0x7fff85f4bfff com.apple.LangAnalysis (1.7.0 - 1.7.0) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/LangAnalysis.framework/Versions/A/LangAnalysis
0x7fff85f4c000 - 0x7fff85fc4ff7 com.apple.SystemConfiguration (1.14 - 1.14) /System/Library/Frameworks/SystemConfiguration.framework/Versions/A/SystemConfiguration
0x7fff85fc5000 - 0x7fff85ff0ff3 libarchive.2.dylib (30) <8CBB4416-EBE9-3574-8ADC-44655D245F39> /usr/lib/libarchive.2.dylib
0x7fff85ff1000 - 0x7fff85ff7fff libsystem_trace.dylib (72.1.3) /usr/lib/system/libsystem_trace.dylib
0x7fff86023000 - 0x7fff8604cffb libxslt.1.dylib (13) /usr/lib/libxslt.1.dylib
0x7fff8604d000 - 0x7fff86067ff3 com.apple.Ubiquity (1.3 - 313) /System/Library/PrivateFrameworks/Ubiquity.framework/Versions/A/Ubiquity
0x7fff86068000 - 0x7fff86093fff com.apple.DictionaryServices (1.2 - 229) <6789EC43-CADA-394D-8FE8-FC3A2DD136B9> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/DictionaryServices.framework/Versions/A/DictionaryServices
0x7fff86094000 - 0x7fff860a5fff libcmph.dylib (1) <46EC3997-DB5E-38AE-BBBB-A035A54AD3C0> /usr/lib/libcmph.dylib
0x7fff860a6000 - 0x7fff860a9fff com.apple.IOSurface (97 - 97) /System/Library/Frameworks/IOSurface.framework/Versions/A/IOSurface
0x7fff86494000 - 0x7fff864e3ff7 com.apple.opencl (2.4.2 - 2.4.2) <6AE26E08-6EFC-3E1B-B202-EFA9C3E5B9D4> /System/Library/Frameworks/OpenCL.framework/Versions/A/OpenCL
0x7fff864e4000 - 0x7fff864feff7 libextension.dylib (55) <17514AB2-C503-3D49-A725-EBC1140567A6> /usr/lib/libextension.dylib
0x7fff86595000 - 0x7fff865afff7 liblzma.5.dylib (7) <1D03E875-A7C0-3028-814C-3C27F7B7C079> /usr/lib/liblzma.5.dylib
0x7fff865b0000 - 0x7fff8675ffff GLEngine (11.0.7) <3CB7447A-1A1D-3D55-A6A4-4814B49F6678> /System/Library/Frameworks/OpenGL.framework/Versions/A/Resources/GLEngine.bundle/GLEngine
0x7fff86760000 - 0x7fff86765fff com.apple.DiskArbitration (2.6 - 2.6) <0DFF4D9B-2AC3-3B82-B5C5-30F4EFBD2DB9> /System/Library/Frameworks/DiskArbitration.framework/Versions/A/DiskArbitration
0x7fff868df000 - 0x7fff8697edf7 com.apple.AppleJPEG (1.0 - 1) <9BB3D7DF-630A-3E1C-A124-12D6C4D0DE70> /System/Library/PrivateFrameworks/AppleJPEG.framework/Versions/A/AppleJPEG
0x7fff869af000 - 0x7fff869b9ff7 com.apple.CrashReporterSupport (10.10 - 629) /System/Library/PrivateFrameworks/CrashReporterSupport.framework/Versions/A/CrashReporterSupport
0x7fff869ba000 - 0x7fff86afcfff libsqlite3.dylib (168) <7B580EB9-9260-35FE-AE2F-276A2C242BAB> /usr/lib/libsqlite3.dylib
0x7fff86afd000 - 0x7fff86b06ff7 libsystem_notify.dylib (133.1.1) <61147800-F320-3DAA-850C-BADF33855F29> /usr/lib/system/libsystem_notify.dylib
0x7fff86b38000 - 0x7fff86b53ff7 libCRFSuite.dylib (34) /usr/lib/libCRFSuite.dylib
0x7fff86d95000 - 0x7fff86d99fff com.apple.IOAccelerator (156.4 - 156.4) <56092CAF-5F0F-3DCA-9047-4F6B93425BFD> /System/Library/PrivateFrameworks/IOAccelerator.framework/Versions/A/IOAccelerator
0x7fff86e91000 - 0x7fff86f83ff7 libiconv.2.dylib (42) <2A06D02F-8B76-3864-8D96-64EF5B40BC6C> /usr/lib/libiconv.2.dylib
0x7fff87090000 - 0x7fff87090fff com.apple.Accelerate.vecLib (3.10 - vecLib 3.10) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/vecLib
0x7fff87091000 - 0x7fff87102ff7 com.apple.framework.IOKit (2.0.2 - 1050.1.21) /System/Library/Frameworks/IOKit.framework/Versions/A/IOKit
0x7fff8710a000 - 0x7fff8710cfff libRadiance.dylib (1231) <746E9989-E89C-3027-A418-5F99CE131C93> /System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libRadiance.dylib
0x7fff87125000 - 0x7fff871c3fff com.apple.Metadata (10.7.0 - 916) /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/Metadata.framework/Versions/A/Metadata
0x7fff8728a000 - 0x7fff8728bfff libsystem_secinit.dylib (18) <581DAD0F-6B63-3A48-B63B-917AF799ABAA> /usr/lib/system/libsystem_secinit.dylib
0x7fff8728c000 - 0x7fff87290ff7 com.apple.TCC (1.0 - 1) /System/Library/PrivateFrameworks/TCC.framework/Versions/A/TCC
0x7fff87333000 - 0x7fff87635fff com.apple.HIToolbox (2.1.1 - 756) <9DD121B5-B7EB-3C43-8155-61A4417F8E9A> /System/Library/Frameworks/Carbon.framework/Versions/A/Frameworks/HIToolbox.framework/Versions/A/HIToolbox
0x7fff87636000 - 0x7fff8763bffb libheimdal-asn1.dylib (398.1.2) /usr/lib/libheimdal-asn1.dylib
0x7fff876aa000 - 0x7fff876c3ff7 com.apple.CFOpenDirectory (10.10 - 187) <0ECA5D80-A045-3A2C-A60C-E1605F3AB6BD> /System/Library/Frameworks/OpenDirectory.framework/Versions/A/Frameworks/CFOpenDirectory.framework/Versions/A/CFOpenDirectory
0x7fff87bde000 - 0x7fff87bdfff7 libsystem_blocks.dylib (65) <9615D10A-FCA7-3BE4-AA1A-1B195DACE1A1> /usr/lib/system/libsystem_blocks.dylib
0x7fff88326000 - 0x7fff88326ff7 libunc.dylib (29) <5676F7EA-C1DF-329F-B006-D2C3022B7D70> /usr/lib/system/libunc.dylib
0x7fff88327000 - 0x7fff883eaff7 libvMisc.dylib (512) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvMisc.dylib
0x7fff883eb000 - 0x7fff883ecffb libremovefile.dylib (35) <3485B5F4-6CE8-3C62-8DFD-8736ED6E8531> /usr/lib/system/libremovefile.dylib
0x7fff88d56000 - 0x7fff88d5aff7 libGIF.dylib (1231) /System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libGIF.dylib
0x7fff88d9b000 - 0x7fff88dc0ff7 libJPEG.dylib (1231) <35F13BD9-AA92-3510-B5BB-420DA15AE7F2> /System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libJPEG.dylib
0x7fff88dca000 - 0x7fff890fdfff libmecabra.dylib (666) <2CE5540A-D412-3D53-9E11-86C24D61713B> /usr/lib/libmecabra.dylib
0x7fff890fe000 - 0x7fff89102fff libsystem_stats.dylib (163.1.4) <1DB04436-5974-3F16-86CC-5FF5F390339C> /usr/lib/system/libsystem_stats.dylib
0x7fff891e7000 - 0x7fff891eaff7 libdyld.dylib (353.2.1) <19FAF435-C165-3374-9DEF-D7BBA7D61DB6> /usr/lib/system/libdyld.dylib
0x7fff891eb000 - 0x7fff891effff libcache.dylib (69) <45E9A2E7-99C4-36B2-BEE3-0C4E11614AD1> /usr/lib/system/libcache.dylib
0x7fff89249000 - 0x7fff89253ff7 com.apple.NetAuth (5.0 - 5.0) /System/Library/PrivateFrameworks/NetAuth.framework/Versions/A/NetAuth
0x7fff892e3000 - 0x7fff892ecfff libsystem_pthread.dylib (105.1.4) <26B1897F-0CD3-30F3-B55A-37CB45062D73> /usr/lib/system/libsystem_pthread.dylib
0x7fff892ed000 - 0x7fff8933aff3 com.apple.print.framework.PrintCore (10.0 - 451) <3CA58254-D14F-3913-9DFB-CAC499570CC7> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/PrintCore.framework/Versions/A/PrintCore
0x7fff8933b000 - 0x7fff89748ff7 libLAPACK.dylib (1128) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLAPACK.dylib
0x7fff89749000 - 0x7fff89749fff libOpenScriptingUtil.dylib (162) /usr/lib/libOpenScriptingUtil.dylib
0x7fff8977b000 - 0x7fff89909fff libBLAS.dylib (1128) <497912C1-A98E-3281-BED7-E9C751552F61> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libBLAS.dylib
0x7fff8990c000 - 0x7fff89ca2fff com.apple.CoreFoundation (6.9 - 1151.16) /System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation
0x7fff89ca8000 - 0x7fff89cbbff7 com.apple.CoreBluetooth (1.0 - 1) /System/Library/Frameworks/CoreBluetooth.framework/Versions/A/CoreBluetooth
0x7fff8a319000 - 0x7fff8a339fff com.apple.IconServices (47.1 - 47.1) /System/Library/PrivateFrameworks/IconServices.framework/Versions/A/IconServices
0x7fff8a393000 - 0x7fff8a39cff7 com.apple.LaunchServices (644.10 - 644.10) <0CD46431-3BF4-3804-B571-7D51A9791DA6> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/LaunchServices.framework/Versions/A/LaunchServices
0x7fff8a39f000 - 0x7fff8a434ff7 com.apple.ColorSync (4.9.0 - 4.9.0) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ColorSync.framework/Versions/A/ColorSync
0x7fff8a435000 - 0x7fff8a43cff7 libcompiler_rt.dylib (35) /usr/lib/system/libcompiler_rt.dylib
0x7fff8a47a000 - 0x7fff8a485fff libcommonCrypto.dylib (60061) /usr/lib/system/libcommonCrypto.dylib
0x7fff8a62f000 - 0x7fff8a670fff libGLU.dylib (11.0.7) <8037342E-1ECD-385F-B4C3-545CE97B76AE> /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLU.dylib
0x7fff8a671000 - 0x7fff8a856ff3 libicucore.A.dylib (531.30) /usr/lib/libicucore.A.dylib
0x7fff8a857000 - 0x7fff8ab3effb com.apple.CoreServices.CarbonCore (1108.1 - 1108.1) <55A16172-ACC0-38B7-8409-3CB92AF33973> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/CarbonCore.framework/Versions/A/CarbonCore
0x7fff8ab3f000 - 0x7fff8abe1fff com.apple.Bluetooth (4.3.0 - 4.3.0f10) <70922125-2A01-37AE-9CB8-D8A9578092E4> /System/Library/Frameworks/IOBluetooth.framework/Versions/A/IOBluetooth
0x7fff8bcf7000 - 0x7fff8bcf7ff7 libkeymgr.dylib (28) <77845842-DE70-3CC5-BD01-C3D14227CED5> /usr/lib/system/libkeymgr.dylib
0x7fff8bd91000 - 0x7fff8bdb9fff libsystem_info.dylib (459) /usr/lib/system/libsystem_info.dylib
0x7fff8bdba000 - 0x7fff8bdf5fff com.apple.QD (301 - 301) /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/QD.framework/Versions/A/QD
0x7fff8bdf6000 - 0x7fff8bdf8ff7 libsystem_coreservices.dylib (9) <41B7C578-5A53-31C8-A96F-C73E030B0938> /usr/lib/system/libsystem_coreservices.dylib
0x7fff8be4c000 - 0x7fff8be57fff libGL.dylib (11.0.7) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGL.dylib
0x7fff8c58b000 - 0x7fff8c598ff7 libxar.1.dylib (254) /usr/lib/libxar.1.dylib
0x7fff8c7b0000 - 0x7fff8c824fff com.apple.ApplicationServices.ATS (360 - 375) <62828B40-231D-3F81-8067-1903143DCB6B> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/ATS
0x7fff8c8f8000 - 0x7fff8c932ffb com.apple.DebugSymbols (115 - 115) <6F03761D-7C3A-3C80-8031-AA1C1AD7C706> /System/Library/PrivateFrameworks/DebugSymbols.framework/Versions/A/DebugSymbols
0x7fff8caa7000 - 0x7fff8cac4ffb libresolv.9.dylib (57) <26B38E61-298A-3C3A-82C1-3B5E98AD5E29> /usr/lib/libresolv.9.dylib
0x7fff8cac5000 - 0x7fff8cb84fff com.apple.backup.framework (1.6 - 1.6) <5C38C168-5E9B-335D-9570-91AF8604BB10> /System/Library/PrivateFrameworks/Backup.framework/Versions/A/Backup
0x7fff8cc6f000 - 0x7fff8cca7ffb libsystem_network.dylib (411) /usr/lib/system/libsystem_network.dylib
0x7fff8cdff000 - 0x7fff8ce5afff libTIFF.dylib (1231) /System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libTIFF.dylib
0x7fff8ceb0000 - 0x7fff8cf39fff com.apple.CoreSymbolication (3.1 - 56072) <8CE81C95-49E8-389F-B989-67CC452C08D0> /System/Library/PrivateFrameworks/CoreSymbolication.framework/Versions/A/CoreSymbolication
0x7fff8cf3a000 - 0x7fff8cf3efff libCoreVMClient.dylib (79) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libCoreVMClient.dylib
0x7fff8d877000 - 0x7fff8d8bdff7 libauto.dylib (186) /usr/lib/libauto.dylib
0x7fff8d8dd000 - 0x7fff8da6cfff libGLProgrammability.dylib (11.0.7) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGLProgrammability.dylib
0x7fff8dade000 - 0x7fff8dae4ff7 libsystem_networkextension.dylib (167.1.10) <29AB225B-D7FB-30ED-9600-65D44B9A9442> /usr/lib/system/libsystem_networkextension.dylib
0x7fff8dae5000 - 0x7fff8db44ff3 com.apple.AE (681 - 681) <7F544183-A515-31A8-B45F-89A167F56216> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/AE.framework/Versions/A/AE
0x7fff8db45000 - 0x7fff8db4eff3 com.apple.CommonAuth (4.0 - 2.0) /System/Library/PrivateFrameworks/CommonAuth.framework/Versions/A/CommonAuth
0x7fff8e3d8000 - 0x7fff8e421ff3 com.apple.HIServices (1.22 - 519) <59D78E07-C3F1-3272-88F1-876B836D5517> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/HIServices.framework/Versions/A/HIServices
0x7fff8e425000 - 0x7fff8e448fff com.apple.Sharing (328.3 - 328.3) /System/Library/PrivateFrameworks/Sharing.framework/Versions/A/Sharing
0x7fff8e449000 - 0x7fff8e474fff libc++abi.dylib (125) <88A22A0F-87C6-3002-BFBA-AC0F2808B8B9> /usr/lib/libc++abi.dylib
0x7fff8e521000 - 0x7fff8e521fff com.apple.Accelerate (1.10 - Accelerate 1.10) <227E2491-1DDB-336F-BF83-773CECEC66F1> /System/Library/Frameworks/Accelerate.framework/Versions/A/Accelerate
0x7fff8e522000 - 0x7fff8e539ff7 libLinearAlgebra.dylib (1128) /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libLinearAlgebra.dylib
0x7fff8e5bb000 - 0x7fff8e5c2fff libCGCMS.A.dylib (772) /System/Library/Frameworks/CoreGraphics.framework/Versions/A/Resources/libCGCMS.A.dylib
0x7fff8e5c3000 - 0x7fff8e614ff7 com.apple.audio.CoreAudio (4.3.0 - 4.3.0) /System/Library/Frameworks/CoreAudio.framework/Versions/A/CoreAudio
0x7fff8e615000 - 0x7fff8e61efff com.apple.DisplayServicesFW (2.9 - 372.1) <30E61754-D83C-330A-AE60-533F27BEBFF5> /System/Library/PrivateFrameworks/DisplayServices.framework/Versions/A/DisplayServices
0x7fff8e61f000 - 0x7fff8e673fff libc++.1.dylib (120) <1B9530FD-989B-3174-BB1C-BDC159501710> /usr/lib/libc++.1.dylib
0x7fff8e6a6000 - 0x7fff8ead6fff com.apple.vision.FaceCore (3.1.6 - 3.1.6) /System/Library/PrivateFrameworks/FaceCore.framework/Versions/A/FaceCore
0x7fff8eb25000 - 0x7fff8ed0a267 libobjc.A.dylib (646) <3B60CD90-74A2-3A5D-9686-B0772159792A> /usr/lib/libobjc.A.dylib
0x7fff8f31b000 - 0x7fff8f356fff com.apple.Symbolication (1.4 - 56045) /System/Library/PrivateFrameworks/Symbolication.framework/Versions/A/Symbolication
0x7fff8f357000 - 0x7fff8f3c3fff com.apple.framework.CoreWLAN (5.0 - 500.35.2) /System/Library/Frameworks/CoreWLAN.framework/Versions/A/CoreWLAN
0x7fff8f3c4000 - 0x7fff8f3d1ff7 libbz2.1.0.dylib (36) <2DF83FBC-5C08-39E1-94F5-C28653791B5F> /usr/lib/libbz2.1.0.dylib
0x7fff8f56b000 - 0x7fff8f577ff7 libGPUSupportMercury.dylib (11.0.7) /System/Library/PrivateFrameworks/GPUSupport.framework/Versions/A/Libraries/libGPUSupportMercury.dylib
0x7fff8f585000 - 0x7fff8f5b5ffb com.apple.GSS (4.0 - 2.0) /System/Library/Frameworks/GSS.framework/Versions/A/GSS
0x7fff8f5b6000 - 0x7fff8fa09fc7 com.apple.vImage (8.0 - 8.0) <33BE7B31-72DB-3364-B37E-C322A32748C5> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vImage.framework/Versions/A/vImage
0x7fff8fa0a000 - 0x7fff8fa96fff libsystem_c.dylib (1044.1.2) /usr/lib/system/libsystem_c.dylib
0x7fff8fb15000 - 0x7fff8fe43ff7 com.apple.Foundation (6.9 - 1151.16) <18EDD673-A010-3E99-956E-DA594CE1FA80> /System/Library/Frameworks/Foundation.framework/Versions/C/Foundation
0x7fff8fe44000 - 0x7fff8ff6bfff com.apple.coreui (2.1 - 305) /System/Library/PrivateFrameworks/CoreUI.framework/Versions/A/CoreUI
0x7fff90236000 - 0x7fff9024aff7 com.apple.MultitouchSupport.framework (260.30 - 260.30) <28728A7D-E048-3B14-9932-839A87D381FE> /System/Library/PrivateFrameworks/MultitouchSupport.framework/Versions/A/MultitouchSupport
0x7fff904e4000 - 0x7fff9050aff7 com.apple.ChunkingLibrary (2.1 - 163.1) <3514F2A4-38BD-3849-9286-B3B991057742> /System/Library/PrivateFrameworks/ChunkingLibrary.framework/Versions/A/ChunkingLibrary
0x7fff9050b000 - 0x7fff9063bfff com.apple.UIFoundation (1.0 - 1) <8E030D93-441C-3997-9CD2-55C8DFAC8B84> /System/Library/PrivateFrameworks/UIFoundation.framework/Versions/A/UIFoundation
0x7fff90681000 - 0x7fff90ed8ff3 com.apple.CoreGraphics (1.600.0 - 772) <6364CBE3-3635-3A53-B448-9D19EF9FEA96> /System/Library/Frameworks/CoreGraphics.framework/Versions/A/CoreGraphics
0x7fff90ed9000 - 0x7fff90f4ffe7 libcorecrypto.dylib (233.1.2) /usr/lib/system/libcorecrypto.dylib
0x7fff90f50000 - 0x7fff90f66ff7 libsystem_asl.dylib (267) /usr/lib/system/libsystem_asl.dylib
0x7fff90f67000 - 0x7fff90f6ffff libsystem_platform.dylib (63) <64E34079-D712-3D66-9CE2-418624A5C040> /usr/lib/system/libsystem_platform.dylib
0x7fff91001000 - 0x7fff91031fff libsystem_m.dylib (3086.1) <1E12AB45-6D96-36D0-A226-F24D9FB0D9D6> /usr/lib/system/libsystem_m.dylib
0x7fff91359000 - 0x7fff9135afff libDiagnosticMessagesClient.dylib (100) <2EE8E436-5CDC-34C5-9959-5BA218D507FB> /usr/lib/libDiagnosticMessagesClient.dylib
0x7fff9135b000 - 0x7fff913d8fff com.apple.CoreServices.OSServices (640.3 - 640.3) <28445162-08E9-3E24-84E4-617CE5FE1367> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/OSServices.framework/Versions/A/OSServices
0x7fff913d9000 - 0x7fff914cbfff libxml2.2.dylib (26) /usr/lib/libxml2.2.dylib
0x7fff914cc000 - 0x7fff91609fff com.apple.ImageIO.framework (3.3.0 - 1038) <611BDFBA-4BAA-36A8-B7E0-3830F3375E53> /System/Library/Frameworks/ImageIO.framework/Versions/A/ImageIO
0x7fff9160a000 - 0x7fff91612ffb com.apple.CoreServices.FSEvents (1210 - 1210) <782A9C69-7A45-31A7-8960-D08A36CBD0A7> /System/Library/Frameworks/CoreServices.framework/Versions/A/Frameworks/FSEvents.framework/Versions/A/FSEvents
0x7fff91613000 - 0x7fff91616fff com.apple.xpc.ServiceManagement (1.0 - 1) <7E9E6BB7-AEE7-3F59-BAC0-59EAF105D0C8> /System/Library/Frameworks/ServiceManagement.framework/Versions/A/ServiceManagement
0x7fff91660000 - 0x7fff91863ff3 com.apple.CFNetwork (720.0.9 - 720.0.9) <78EE1B88-394F-3BB8-93A6-E068990559EC> /System/Library/Frameworks/CFNetwork.framework/Versions/A/CFNetwork
0x7fff91864000 - 0x7fff91864fff com.apple.Cocoa (6.8 - 21) /System/Library/Frameworks/Cocoa.framework/Versions/A/Cocoa
0x7fff919c4000 - 0x7fff919f1fff com.apple.CoreVideo (1.8 - 145.1) <18DB07E0-B927-3260-A234-636F298D1917> /System/Library/Frameworks/CoreVideo.framework/Versions/A/CoreVideo
0x7fff91b40000 - 0x7fff91b42ff7 libquarantine.dylib (76) /usr/lib/system/libquarantine.dylib
0x7fff91b43000 - 0x7fff91c37ff7 libFontParser.dylib (134) <506126F8-FDCE-3DE1-9DCA-E07FE658B597> /System/Library/Frameworks/ApplicationServices.framework/Versions/A/Frameworks/ATS.framework/Versions/A/Resources/libFontParser.dylib
0x7fff91c38000 - 0x7fff91de8ff7 com.apple.QuartzCore (1.10 - 361.11) <7382E4A9-10B0-3877-B9D7-FA84DC71BA55> /System/Library/Frameworks/QuartzCore.framework/Versions/A/QuartzCore
0x7fff91de9000 - 0x7fff91debff7 libsystem_sandbox.dylib (358.1.1) /usr/lib/system/libsystem_sandbox.dylib
0x7fff91dec000 - 0x7fff91e08ff7 libsystem_malloc.dylib (53.1.1) <19BCC257-5717-3502-A71F-95D65AFA861B> /usr/lib/system/libsystem_malloc.dylib
0x7fff920be000 - 0x7fff921dffff com.apple.LaunchServices (644.10 - 644.10) <0B1C68BC-0AEB-38E2-ABC8-E92728FEC475> /System/Library/Frameworks/CoreServices.framework/Frameworks/LaunchServices.framework/Versions/Apple/LaunchServices
0x7fff92213000 - 0x7fff9221cfff libGFXShared.dylib (11.0.7) /System/Library/Frameworks/OpenGL.framework/Versions/A/Libraries/libGFXShared.dylib
0x7fff9226d000 - 0x7fff9227bff7 com.apple.opengl (11.0.7 - 11.0.7) /System/Library/Frameworks/OpenGL.framework/Versions/A/OpenGL
0x7fff9227c000 - 0x7fff924f6fff com.apple.CoreData (110 - 526) /System/Library/Frameworks/CoreData.framework/Versions/A/CoreData
0x7fff924fa000 - 0x7fff92532fff com.apple.RemoteViewServices (2.0 - 99) /System/Library/PrivateFrameworks/RemoteViewServices.framework/Versions/A/RemoteViewServices
0x7fff92533000 - 0x7fff92554fff com.apple.framework.Apple80211 (10.0 - 1000.57.3) /System/Library/PrivateFrameworks/Apple80211.framework/Versions/A/Apple80211
0x7fff92555000 - 0x7fff925d7fff com.apple.PerformanceAnalysis (1.0 - 1) <2FC0F303-B672-3E64-A978-AB78EAD98395> /System/Library/PrivateFrameworks/PerformanceAnalysis.framework/Versions/A/PerformanceAnalysis
0x7fff92993000 - 0x7fff929b8ff7 libPng.dylib (1231) <2D5AC0EE-4056-3F76-97E7-BBD415F072B5> /System/Library/Frameworks/ImageIO.framework/Versions/A/Resources/libPng.dylib
0x7fff929b9000 - 0x7fff92ad0fe7 libvDSP.dylib (512) <52777555-F051-3BC2-A2D2-9645907E836D> /System/Library/Frameworks/Accelerate.framework/Versions/A/Frameworks/vecLib.framework/Versions/A/libvDSP.dylib
0x7fff92b26000 - 0x7fff92b27fff liblangid.dylib (117) /usr/lib/liblangid.dylib
0x7fff92b4c000 - 0x7fff92b4cfff com.apple.audio.units.AudioUnit (1.12 - 1.12) <76EF1C9D-DEA4-3E55-A134-4099B2FD2CF2> /System/Library/Frameworks/AudioUnit.framework/Versions/A/AudioUnit
0x7fff92b52000 - 0x7fff92b6cff7 com.apple.Kerberos (3.0 - 1) <7760E0C2-A222-3709-B2A6-B692D900CEB1> /System/Library/Frameworks/Kerberos.framework/Versions/A/Kerberos
0x7fff92ce7000 - 0x7fff92df6ffb com.apple.desktopservices (1.9 - 1.9) <6EDAC73F-C42C-3FF7-B67D-FCCA1CFC5405> /System/Library/PrivateFrameworks/DesktopServicesPriv.framework/Versions/A/DesktopServicesPriv
0x7fff92df7000 - 0x7fff930c6ff3 com.apple.CoreImage (10.0.33) <6E3DDA29-718B-3BDB-BFAF-F8C201BF93A4> /System/Library/Frameworks/QuartzCore.framework/Versions/A/Frameworks/CoreImage.framework/Versions/A/CoreImage
0x7fff930c7000 - 0x7fff930cffff libsystem_dnssd.dylib (561.1.1) <62B70ECA-E40D-3C63-896E-7F00EC386DDB> /usr/lib/system/libsystem_dnssd.dylib
0x7fff930ec000 - 0x7fff930ecfff com.apple.CoreServices (62 - 62) <9E4577CA-3FC3-300D-AB00-87ADBDDA2E37> /System/Library/Frameworks/CoreServices.framework/Versions/A/CoreServices
0x7fff930ed000 - 0x7fff93117ff7 libdispatch.dylib (442.1.4) <502CF32B-669B-3709-8862-08188225E4F0> /usr/lib/system/libdispatch.dylib
0x7fff93118000 - 0x7fff9318cff3 com.apple.securityfoundation (6.0 - 55126) /System/Library/Frameworks/SecurityFoundation.framework/Versions/A/SecurityFoundation
0x7fff9318d000 - 0x7fff9319afff com.apple.SpeechRecognitionCore (2.0.32 - 2.0.32) <87F0C88D-502D-3217-8B4A-8388288568BA> /System/Library/PrivateFrameworks/SpeechRecognitionCore.framework/Versions/A/SpeechRecognitionCore

External Modification Summary:
Calls made by other processes targeting this process:
task_for_pid: 2
thread_create: 1
thread_set_state: 0
Calls made by this process:
task_for_pid: 0
thread_create: 0
thread_set_state: 0
Calls made by all processes on this machine:
task_for_pid: 146201
thread_create: 8
thread_set_state: 0

VM Region Summary:
ReadOnly portion of Libraries: Total=177.8M resident=129.0M(73%) swapped_out_or_unallocated=48.8M(27%)
Writable regions: Total=1.1G written=5132K(0%) resident=14.0M(1%) swapped_out=0K(0%) unallocated=1.1G(99%)

REGION TYPE VIRTUAL
=========== =======
CG backing stores 176K
CG framebuffers 810.1M
CG shared images 272K
CoreGraphics 12K
Dispatch continuations 8192K
IOKit 6128K
IOKit (reserved) 256.0M reserved VM address space (unallocated)
Kernel Alloc Once 8K
MALLOC 71.0M
MALLOC (admin) 32K
OpenGL GLSL 256K
STACK GUARD 56.0M
Stack 10.6M
VM_ALLOCATE 284K
__CGSERVER 4K
__DATA 14.0M
__GLSLBUILTINS 2588K
__IMAGE 528K
__LINKEDIT 70.0M
__TEXT 107.8M
__UNICODE 544K
mapped file 22.5M
shared memory 72K
=========== =======
TOTAL 1.4G
TOTAL, minus reserved VM space 1.2G

System Profile:
Graphics: AMD Radeon HD 6750M, AMD Radeon HD 6750M, PCIe, 512 MB
AirPort: spairport_wireless_card_type_airport_extreme (0x168C, 0x9A), Atheros 9380: 4.0.74.0-P2P
Bluetooth: Version 4.3.0f10 14890, 3 services, 27 devices, 1 incoming serial ports
Thunderbolt Bus: iMac, Apple Inc., 22.1
FireWire Device: Passport III, WD, Up to 800 Mb/sec
Memory Module: BANK 0/DIMM0, 2 GB, DDR3, 1333 MHz, 0x80CE, 0x4D34373142353637334648302D4348392020
Memory Module: BANK 1/DIMM0, 2 GB, DDR3, 1333 MHz, 0x80CE, 0x4D34373142353637334648302D4348392020
USB Device: FaceTime HD Camera (Built-in)
USB Device: Hub
USB Device: BRCM2046 Hub
USB Device: Bluetooth USB Host Controller
USB Device: Hub
USB Device: USB3.0 Device
USB Device: Internal Memory Card Reader
USB Device: IR Receiver
Serial ATA Device: WDC WD5000AAKS-402AA0, 500,11 GB
Serial ATA Device: HL-DT-STDVDRW GA32N
Network Service: Ethernet, Ethernet, en0
Model: iMac12,1, BootROM IM121.0047.B1F, 4 processors, Intel Core i5, 2.5 GHz, 4 GB, SMC 1.71f22

Hi

Recently i encounter a error when trying to inject code to android app to fetch signatures, here is the js code executing:

Dalvik.perform(function () {
var application = Dalvik.use("com.test.test").currentApplication();
var context = application.getApplicationContext();
var package_name = context.getPakcageName();
var package_info = context.getPackageManager().getPakcageInfo(package_info, 64);
send(package_info);
send(context):
send(package_name):
var sign = package_info.signatures[0];
send(signs);
});

The exception occurs when executing package_info.signatures[0]. It's known to us that it's the way to get signature in java, but i just can't do it in frida:

        PackageInfo packageInfo = context.getPackageManager().getPackageInfo(pkgName, PackageManager.GET_SIGNATURES);
        Signature[] signs = packageInfo.signatures;
        Signature sign = signs[0];
                    getMD5(sign.toByteArray());

The class "PackageInfo" and "Signature" are all class that implement interface "Percelable", the difference is "PackageInfo" implements "toString" while "Signature" only implements "toCharsString", i don't know if it matters. Is there anything i missed?

Hi oleavr!

I tried to build your tools for Windows 7 x64 and get the following errors:

20>z:\dev\frida\frida\frida-clr\src\Script.hpp(5): fatal error C1083: Cannot open include file: 'frida-core.h': No such file or directory
And some others:
5>------ Build started: Project: frida-agent-64, Configuration: Release x64 ------ 2> resource-compiler.c 4> agent-glue.c 3> backtracer.cpp 5> agent-glue.c 4>z:\dev\frida\frida\frida-core\lib\agent\frida-agent.h(9): fatal error C1083: Cannot open include file: 'frida-interfaces.h': No such file or directory 3> interceptor.cpp 5>z:\dev\frida\frida\frida-core\lib\agent\frida-agent.h(9): fatal error C1083: Cannot open include file: 'frida-interfaces.h': No such file or directory
17>------ Build started: Project: frida-core, Configuration: Release x64 ------ 17> Serializing Agent resources 17> Error opening file: No such file or directory 17>C:\Program Files (x86)\MSBuild\Microsoft.Cpp\v4.0\V120\Microsoft.CppCommon.targets(170,5): error MSB6006: "cmd.exe" exited with code 1.

Finally, I got 15 projects succeed and 8 failed.

Kindly clarify how to connect frida clients to a frida-server on another machine over TCP.

After a quick look at the sources it seems to be possible, both server and tcp-host-session have a default connection string of "tcp:host=127.0.0.1,port=27042", but an arbitrary one can be supplied.

How I see the steps now:

1. Make the frida-server listen on arbitrary address and port (undocumented, derived from source, tested, works):
   ./frida-server tcp:host=ADDRESS,port=PORT
2. Make the frida client connect to the arbitrary address and port
   ??? Tried a couple of parameters without any luck.

Also, forwarding the remote port 27042 on the target (frida-server) machine to port 27042 on the client machine does not seem to help.

I'm rooted on 4.4.2. After installing frida-server and running it, I forwarded a port as shown in the android documentation, and then ran frida-ps -R

The resuts were:

PID NAME
13225 frida-server
13161 sh

And nothing else. This stayed constant even with other applications open, running, etc.

I'm sure I am doing something wrong, but having followed the documentation closely, I am not sure what the problem is.

EDIT: Following the same process on an AVD running 4.4.2, frida-ps seems to work correctly

EDIT 2: I'm an idiot and didn't run the server as root :(

Frida usage on Nexus 5 with android 5.0.1 fails with:
error: only position independent executables (PIE) are supported.

while spinning up frida server

The instructions at http://www.frida.re/docs/android/ say frida-server should be downloaded from http://build.frida.re/frida/android/bin/frida-server, but this url (and also the Ios folder) return HTTP 403 forbidden.

Hi,

When trying to attach to the function android_getaddrinfoforiface on netd after doing the first resolving there is a process crash with null deref when the functions tries to reload the __stack_chk_guard value from stack.
Attaching a debugger to the process and trying to debug the issue (by putting a breakpoint on the traced function) was quit difficult due the fact that the breakpoint is being hit from different threads.
This multiple threads might be also the core reason of the crash (I am not sure the intercepting logic is thread safe), but I am not sure.

To reproduce the issue just start an emulator (or a device) and run the default trace function (frida-trace -R -i android_getaddrinfoforiface netd), then do any host resolving (with a browser) and you will see the crash.

On Android 4.4.4 (stock image KTU84P for Nexus 5), with dalvik runtime, when using frida-trace on any Java-only application (e.g. stock Gmail client), while tracing native calls from system libraries (e.g. libssl.so, ssl3_read and ssl3_write), Memory.readByteArray(addr, length) silently fails (returns null, the rest of the handler after readByteArray call is not executed), but, surprizingly, Memory.readCString(addr, length) works, when called with the same parameters.

By the way, looks like readCString can read arbitrary number of null-bytes if the size parameter is specified, which is a nice feature, so it can be used instead of readByteArray indeed.

The only difference in their implementation that I can infer from the sources is that the readCString is the only one exposed as GUM_EXPORT_MEMORY_READ, the others Memory.read***String functions are all GUM_DEFINE_MEMORY_READ_WRITE. However, this should make no difference as in my case as readUtf8String also works fine, while readByteArray does not.

Hi, Thx for making good tools for hackers.
I think I've followed all instruction from "frida.re" and github.com
But it comes error below. Please check this out.

Envirionment : Ubuntu 14.04 64bit

################ Error Log

make[2]: Leaving directory /home/june/frida/build/tmp-android-arm/frida-core/lib/pipe' . build/frida-env-android-arm.rc && make -C build/tmp-android-arm/frida-core/lib/agent make[2]: Entering directory/home/june/frida/build/tmp-android-arm/frida-core/lib/agent'
VALAC ../../../../../frida-core/lib/agent/libfrida_agent_la_vala.stamp
CC libfrida_agent_la-agent.lo
CC libfrida_agent_la-script-engine.lo
CXX dummy.lo
CC agent-glue.lo
CCLD libfrida-agent-glue.la
CXXLD libfrida-agent.la
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::ios_base::getloc() const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::locale::use_facet(std::__1::locale::id&) const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::locale::~locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::ios_base::getloc() const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::locale::use_facet(std::__1::locale::id&) const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::locale::~locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::ios_base::clear(unsigned int)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::num_put<char, std::__1::ostreambuf_iterator<char, std::__1::char_traits > >::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::_1::char_traits >::operator<<(void const): error: undefined reference to 'std::__1::ctype::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::sentry::~sentry(): error: undefined reference to 'std::uncaught_exception()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::sentry::~sentry(): error: undefined reference to 'std::__1::ios_base::clear(unsigned int)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::flush(): error: undefined reference to 'std::__1::ios_base::clear(unsigned int)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >& std::__1::__put_character_sequence<char, std::__1::char_traits >(std::__1::basic_ostream<char, std::_1::char_traits >&, char const, unsigned int): error: undefined reference to 'std::__1::ios_base::getloc() const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >& std::__1::__put_character_sequence<char, std::__1::char_traits >(std::__1::basic_ostream<char, std::_1::char_traits >&, char const, unsigned int): error: undefined reference to 'std::__1::locale::use_facet(std::__1::locale::id&) const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >& std::__1::__put_character_sequence<char, std::__1::char_traits >(std::__1::basic_ostream<char, std::_1::char_traits >&, char const, unsigned int): error: undefined reference to 'std::__1::locale::~locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >& std::__1::__put_character_sequence<char, std::__1::char_traits >(std::__1::basic_ostream<char, std::_1::char_traits >&, char const, unsigned int): error: undefined reference to 'std::__1::ios_base::clear(unsigned int)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(assembler.o):../src/assembler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >& std::__1::__put_character_sequence<char, std::__1::char_traits >(std::__1::basic_ostream<char, std::_1::char_traits >&, char const, unsigned int): error: undefined reference to 'std::__1::ctype::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function v8::internal::CodeStub::RecordCodeGeneration(v8::internal::Handlev8::internal::Code): error: undefined reference to 'std::_1::ios_base::init(void)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function v8::internal::CodeStub::RecordCodeGeneration(v8::internal::Handlev8::internal::Code): error: undefined reference to 'std::__1::locale::locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function v8::internal::CodeStub::RecordCodeGeneration(v8::internal::Handlev8::internal::Code): error: undefined reference to 'std::__1::locale::~locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function v8::internal::CodeStub::RecordCodeGeneration(v8::internal::Handlev8::internal::Code): error: undefined reference to 'std::__1::ios_base::~ios_base()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function std::__1::basic_ostringstream<char, std::__1::char_traits, std::__1::allocator >::~basic_ostringstream(): error: undefined reference to 'std::__1::ios_base::~ios_base()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function void v8::internal::HydrogenCodeStub::TraceTransitionv8::internal::CompareNilICStub::State(v8::internal::CompareNilICStub::State, v8::internal::CompareNilICStub::State): error: undefined reference to 'std::__1::ios_base::getloc() const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function void v8::internal::HydrogenCodeStub::TraceTransitionv8::internal::CompareNilICStub::State(v8::internal::CompareNilICStub::State, v8::internal::CompareNilICStub::State): error: undefined reference to 'std::__1::locale::use_facet(std::__1::locale::id&) const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function void v8::internal::HydrogenCodeStub::TraceTransitionv8::internal::CompareNilICStub::State(v8::internal::CompareNilICStub::State, v8::internal::CompareNilICStub::State): error: undefined reference to 'std::__1::ctype::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::operator<<(int): error: undefined reference to 'std::__1::num_put<char, std::__1::ostreambuf_iterator<char, std::__1::char_traits > >::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::operator<<(int): error: undefined reference to 'std::__1::ctype::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::~basic_ostream(): error: undefined reference to 'std::__1::ios_base::~ios_base()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs.o):../src/code-stubs.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::~basic_ostream(): error: undefined reference to 'std::__1::ios_base::~ios_base()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(code-stubs-hydrogen.o):../src/code-stubs-hydrogen.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::operator<<(double): error: undefined reference to 'std::__1::num_put<char, std::__1::ostreambuf_iterator<char, std::__1::char_traits > >::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(compiler.o):../src/compiler.cc:function std::__1::basic_ostream<char, std::__1::char_traits >::operator<<(unsigned int): error: undefined reference to 'std::_1::num_put<char, std::1::ostreambuf_iterator<char, std::1::char_traits > >::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(flags.o):../src/flags.cc:function v8::internal::ComputeFlagListHash(): error: undefined reference to 'std::1::ios_base::init(void)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(flags.o):../src/flags.cc:function v8::internal::ComputeFlagListHash(): error: undefined reference to 'std::1::locale::locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(frames.o):../src/frames.cc:function v8::internal::(anonymous namespace)::PrintFunctionSource(v8::internal::StringStream, v8::internal::SharedFunctionInfo, v8::internal::Code): error: undefined reference to 'std::1::ios_base::init(void)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(frames.o):../src/frames.cc:function v8::internal::(anonymous namespace)::PrintFunctionSource(v8::internal::StringStream, v8::internal::SharedFunctionInfo, v8::internal::Code): error: undefined reference to 'std::1::locale::locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(hydrogen.o):../src/hydrogen.cc:function v8::internal::HTracer::Trace(char const, v8::internal::HGraph, v8::internal::LChunk): error: undefined reference to 'std::1::ios_base::init(void)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(hydrogen.o):../src/hydrogen.cc:function v8::internal::HTracer::Trace(char const, v8::internal::HGraph, v8::internal::LChunk): error: undefined reference to 'std::__1::locale::locale()'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(isolate.o):../src/isolate.cc:function std::__1::basic_filebuf<char, std::__1::char_traits >::basic_filebuf(): error: undefined reference to 'std::__1::locale::locale(std::__1::locale const&)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(isolate.o):../src/isolate.cc:function std::__1::basic_filebuf<char, std::__1::char_traits >::basic_filebuf(): error: undefined reference to 'std::__1::locale::has_facet(std::__1::locale::id&) const'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(isolate.o):../src/isolate.cc:function std::__1::basic_filebuf<char, std::__1::char_traits >::basic_filebuf(): error: undefined reference to 'std::__1::locale::locale(std::__1::locale const&)'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(isolate.o):../src/isolate.cc:function std::__1::basic_filebuf<char, std::__1::char_traits >::basic_filebuf(): error: undefined reference to 'std::__1::codecvt<char, char, mbstate_t>::id'
/home/june/frida/build/sdk-android-arm/lib/libv8_base.a(isolate.o):../src/isolate.cc:function std::__1::basic_filebuf<char, std::__1::char_traits >::imbue(std::__1::locale const&): error: undefined reference to 'std::__1::codecvt<char, char, mbstate_t>::id'
clang++: error: linker command failed with exit code 1 (use -v to see invocation)
make[2]: *** [libfrida-agent.la] Error 1
make[2]: Leaving directory /home/june/frida/build/tmp-android-arm/frida-core/lib/agent' make[1]: *** [build/tmp-android-arm/frida-core/lib/agent/libfrida-agent.la] Error 2 make[1]: Leaving directory/home/june/frida'
make: *** [server-android] Error 2

After trace session (when trace script stopped), I have to restart server to launch another one. Is this bug or feature?

This is a meta issue for the QNX-ARM port.

Things still to do:

• support injecting into thumb-targets (where the target thread being hijacked is thumb)
• spawn targets on device
• investigate failing backtrace tests
• implement side-stack support for replacement functions
• determine if we still need side-stack for replacement functions, and possibly remove it
• fix gumexceptor context parsing/unparsing
• investigate failing malloc_count test
• investigate failing function replacement tests
• implement debugger detection
• implement module imports enumeration
• implement thread enumeration/modification

I would like to use Frida to instrument processes running on x86 QNX. I use Windows as a Development and I have access to a QNX toolchain.

Can you kindly instruct me how to build Frida for QNX?

For osx, something like:

#!/bin/bash
PREFIX="/usr"

cd build

SITEPACKAGES=$(python3 -c 'import site; print(site.getsitepackages()[0])')
cp -r frida-mac-universal/lib/python3.4/site-packages/. "$SITEPACKAGES"

# Probably requires sudo
cp -r frida-mac-x86_64/bin/. "$PREFIX/bin"

Hi guys,

I got following error when I using frida-ps after I installed it with "sudo easy_install frida" as the doc suggested, any idea why and can I fixed please? thank you

$ sudo frida-ps -R
/usr/lib/python2.7/dist-packages/pkg_resources.py:1031: UserWarning: /home/txia/.python-eggs is writable by group/others and vulnerable to attack when used with get_resource_filename. Consider a more secure location (set with .set_extraction_path or the PYTHON_EGG_CACHE environment variable).
warnings.warn(msg, UserWarning)

Failed to load the Frida native extension: /home/txia/.python-eggs/frida-3.0.1-py2.7-linux-i686.egg-tmp/_frida.so: undefined symbol: PyUnicodeUCS2_AsUTF8String
Please ensure that the extension was compiled for Python 2.7.

Traceback (most recent call last):
File "/usr/local/bin/frida-ps", line 9, in
load_entry_point('frida==3.0.1', 'console_scripts', 'frida-ps')()
File "/usr/local/lib/python2.7/dist-packages/frida-3.0.1-py2.7-linux-i686.egg/frida/ps.py", line 58, in main
File "/usr/local/lib/python2.7/dist-packages/frida-3.0.1-py2.7-linux-i686.egg/frida/application.py", line 81, in run
File "/usr/local/lib/python2.7/dist-packages/frida-3.0.1-py2.7-linux-i686.egg/frida/init.py", line 84, in get_device_manager
ImportError: /home/txia/.python-eggs/frida-3.0.1-py2.7-linux-i686.egg-tmp/_frida.so: undefined symbol: PyUnicodeUCS2_AsUTF8String

Machine: Linux bright 3.17.2-1-ARCH #1 SMP PREEMPT Thu Oct 30 20:49:39 CET 2014 x86_64 GNU/Linux

make output :

make[1]: Entering directory '/home/afx237/frida'
mkdir -p build/tmp-linux-x86_64/frida-python2.7
. build/frida-env-linux-x86_64.rc && cd build/tmp-linux-x86_64/frida-python2.7 && PYTHON=/usr/bin/python2.7 ../../../frida-python/configure
configure: loading site script /home/afx237/frida/build/config-linux-x86_64.site
checking build system type... x86_64-unknown-linux-gnu
checking host system type... x86_64-pc-linux-gnu
checking target system type... x86_64-pc-linux-gnu
checking for a BSD-compatible install... (cached) /usr/bin/install -p
checking whether build environment is sane... yes
checking for a thread-safe mkdir -p... /usr/bin/mkdir -p
checking for gawk... gawk
checking whether make sets $(MAKE)... yes
checking whether make supports nested variables... yes
checking whether make supports nested variables... (cached) yes
checking whether to enable maintainer-specific portions of Makefiles... yes
checking for style of include used by make... GNU
checking for gcc... /usr/bin/gcc
checking whether the C compiler works... yes
checking for C compiler default output file name... a.out
checking for suffix of executables...
checking whether we are cross compiling... no
checking for suffix of object files... o
checking whether we are using the GNU C compiler... yes
checking whether /usr/bin/gcc accepts -g... yes
checking for /usr/bin/gcc option to accept ISO C89... none needed
checking whether /usr/bin/gcc understands -c and -o together... yes
checking dependency style of /usr/bin/gcc... gcc3
checking the archiver (/usr/bin/ar) interface... ar
checking how to print strings... printf
checking for a sed that does not truncate output... /usr/bin/sed
checking for grep that handles long lines and -e... /usr/bin/grep
checking for egrep... /usr/bin/grep -E
checking for fgrep... /usr/bin/grep -F
checking for ld used by /usr/bin/gcc... /usr/bin/ld
checking if the linker (/usr/bin/ld) is GNU ld... yes
checking for BSD- or MS-compatible name lister (nm)... /usr/bin/nm
checking the name lister (/usr/bin/nm) interface... BSD nm
checking whether ln -s works... yes
checking the maximum length of command line arguments... 1572864
checking how to convert x86_64-unknown-linux-gnu file names to x86_64-pc-linux-gnu format... func_convert_file_noop
checking how to convert x86_64-unknown-linux-gnu file names to toolchain format... func_convert_file_noop
checking for /usr/bin/ld option to reload object files... -r
checking for objdump... /usr/bin/objdump
checking how to recognize dependent libraries... pass_all
checking for dlltool... no
checking how to associate runtime and link libraries... printf %s\n
checking for archiver @file support... @
checking for strip... /usr/bin/strip
checking for ranlib... /usr/bin/ranlib
checking command to parse /usr/bin/nm output from /usr/bin/gcc object... ok
checking for sysroot... no
checking for a working dd... /usr/bin/dd
checking how to truncate binary pipes... /usr/bin/dd bs=4096 count=1
checking for mt... no
checking if : is a manifest tool... no
checking how to run the C preprocessor... /usr/bin/cpp
checking for ANSI C header files... yes
checking for sys/types.h... yes
checking for sys/stat.h... yes
checking for stdlib.h... yes
checking for string.h... yes
checking for memory.h... yes
checking for strings.h... yes
checking for inttypes.h... yes
checking for stdint.h... yes
checking for unistd.h... yes
checking for dlfcn.h... yes
checking for objdir... .libs
checking if /usr/bin/gcc supports -fno-rtti -fno-exceptions... no
checking for /usr/bin/gcc option to produce PIC... -fPIC -DPIC
checking if /usr/bin/gcc PIC flag -fPIC -DPIC works... yes
checking if /usr/bin/gcc static flag -static works... yes
checking if /usr/bin/gcc supports -c -o file.o... yes
checking if /usr/bin/gcc supports -c -o file.o... (cached) yes
checking whether the /usr/bin/gcc linker (/usr/bin/ld -m elf_x86_64) supports shared libraries... yes
checking whether -lc should be explicitly linked in... no
checking dynamic linker characteristics... GNU/Linux ld.so
checking how to hardcode library paths into programs... immediate
checking whether stripping libraries is possible... yes
checking if libtool supports shared libraries... yes
checking whether to build shared libraries... yes
checking whether to build static libraries... yes
checking whether /usr/bin/python2.7 version is >= 2.6... yes
checking for /usr/bin/python2.7 version... 2.7
checking for /usr/bin/python2.7 platform... linux2
checking for /usr/bin/python2.7 script directory... ${prefix}/lib/python2.7/site-packages
checking for /usr/bin/python2.7 extension module directory... ${exec_prefix}/lib/python2.7/site-packages
checking pkg-config is at least version 0.9.0... yes
checking for PYFRIDA... yes
checking that generated files are newer than configure... done
configure: creating ./config.status
Makefile.linux.mk:127: recipe for target 'build/tmp-linux-x86_64/frida-python2.7/Makefile' failed
make[1]: Leaving directory '/home/afx237/frida'
Makefile:2: recipe for target 'all' failed

There seem to be missing some value when generating frida-version.h
here is the error log.

Generating frida-version.h
1> fatal: Not a git repository (or any of the parent directories): .git
1> Traceback (most recent call last):
1> File "D:\frida-master\releng\generate-version-header.py", line 45, in
1> generate_version_header()
1> File "D:\frida-master\releng\generate-version-header.py", line 11, in generate_version_header
1> (major, minor, micro, nano, commit) = version.split(".")
1> ValueError: need more than 1 value to unpack

I cant find any info about it on the repository
Is it supported ?

I am trying to build Firda on my RPI 2 ( OS = ubuntu 15.04 ).

Thanks in advance.

1. Is it possible to remove all the installed hooks and completely detach Frida from a process by calling a command from script?

The use case is when auditing partially self-checking/self-modifying binaries to make the necessary instrumentations before the self-checking/self-modifying code finds them, save the results somewhere and then detach, but leave the process running with minimum modifications.

2. Is the same possible from frida-trace? There is an Interceptor.detachAll() method, but it looks like it does not work at all if called from within frida-trace __handlers__ scripts.

hi.
I use android in genymotion x86. when I downloaded frida-server for arm and try run write

frida-server not executable magic 7f45

I install arm translator but don't help me, continue write

frida-server not executable magic 7f45.
Anybody know how fix it?

It would be great to be able to use frida on QNX ARM targets.

How do I go about adding a new platform backend to frida? What do I need to implement?

wondering if you got doc for that, I can see there are for js though

Frida-CLI REPL relies on Exception.message, which fails if run under Python 3.4:

File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\repl.py", line 167, in _eval_and_print
AttributeError: 'Exception' object has no attribute 'message'

Looks like Exception.message has been deprecated since Python 2.6.

Full python backtrace:

C:\>frida -R 13662
    _____
   (_____)
    |   |    Frida 4.4.0 - A world-class dynamic instrumentation framework
    |   |
    |`-'|    Commands:
    |   |        help      -> Displays the help system
    |   |        object?   -> Display information about 'object'
    |   |        exit/quit -> Exit
    |   |
    |   |    More info at http://www.frida.re/docs/home/
    `._.'

[Remote::PID::13662]-> ?Array
Traceback (most recent call last):
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\repl.py", line 157, in _eval_and_print
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\repl.py", line 329, in _evaluate
Exception: {'message': 'Unexpected token ?', 'name': 'SyntaxError'}

During handling of the above exception, another exception occurred:

Traceback (most recent call last):
  File "C:\Python34\Scripts\frida-script.py", line 9, in <module>
    load_entry_point('frida==4.4.0', 'console_scripts', 'frida')()
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\repl.py", line 518, in main
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\application.py", line 125, in run
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\application.py", line 278, in run
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\repl.py", line 153, in _process_input
  File "C:\Python34\lib\site-packages\frida-4.4.0-py3.4-win-amd64.egg\frida\repl.py", line 167, in _eval_and_print
AttributeError: 'Exception' object has no attribute 'message'

Hi, I'm trying to build frida in Archlinux, following this documentation: http://www.frida.re/docs/building/

The make goes fine, but then I run "make -f Makefile.linux.mk python-64 PYTHON=/usr/bin/python2.7", and this happens:

FRIDA_HOST=linux-x86_64 ./releng/setup-env.sh
Downloading and deploying toolchain...

bzip2: Compressed file ends unexpectedly;
perhaps it is corrupted? Possible reason follows.
bzip2: Inappropriate ioctl for device
Input file = (stdin), output file = (stdout)

It is possible that the compressed file(s) have become corrupted.
You can use the -tvv option to test integrity of such files.

You can use the `bzip2recover' program to attempt to recover
data from undamaged sections of corrupted files.

tar: Child returned status 2
tar: Error is not recoverable: exiting now
releng/common.mk:34: recipe for target 'build/frida-env-linux-x86_64.rc' failed
make: *** [build/frida-env-linux-x86_64.rc] Error 1

I guess it's because when the script tries to donwload "https://build.frida.re/toolchain-20150401-linux-x86_64.tar.bz2" the server responds with a 500 code.

By the way, I'm trying to build frida because the version installed by easy_install gives me this error when I try to run frida-ps -R:

Failed to load the Frida native extension: /home/umpacu/.python-eggs/frida-3.0.1-py2.7-linux-x86_64.egg-tmp/_frida.so: undefined symbol: PyUnicodeUCS2_AsUTF8String
Please ensure that the extension was compiled for Python 2.7.

From what I read it seems that my python version uses a 4-byte representation for Unicode characters. Is that a known issue? Or do you want me to create a new issue for that?

Thank you very much!

debian sid

root@b751a7d3b40c:~# nc -l -p 8080 &
[1] 56
root@b751a7d3b40c:~# frida-trace -i 'recv*' nc
Attaching...
**
ERROR:../../../../frida-core/src/linux/linjector-glue.c:928:frida_resolve_remote_library_function: assertion failed: (module != NULL)
Aborted
root@b751a7d3b40c:~# 

First of all: Thanks guys for your time and work, this project is amazing!

I've tried frida on a fresh new installed debian 32bit (virtual machine) and all worked smootlhy, super cool.
I've also tried to use frida on two other machines, with Ubuntu 12.10 LTS and Ubuntu 14.04 LTS, both fresh installed and 64bit but frida crashes every process while attaching to it.
I did the same process as with debian (easy_install and enabled ptracing non-child processes).

I have create a core dump of the crashed application (/bin/cat) so if you need information just ask.

The below test case should crash after the 25th~27th .attach call

import frida, sys, time, os, ctypes
os.system("taskkill /F /IM notepad.exe")
x = 0
proc = 0
finished = True
msgs = 0

def do_run():
    global finished, proc
    finished = False
    print("spawn...")
    proc = frida.spawn(["C:\Windows\system32\\notepad.exe"])
    print("attach...")
    session = frida.attach("notepad.exe")

    print("resume...")
    frida.resume(proc)
    finished = True

while x < 100:
    while not finished:
        time.sleep(0.01)
    if proc != 0:
        print("kill...")
        frida.kill(proc)

    proc = 0
    x += 1
    print(x)
    do_run()

if proc != 0:
    frida.kill(proc)

Hi!

After update to last versions my scripts don't work anymore.
For example, while I doing the following
frida-trace -U -f net.whatsapp.WhatsApp -i "CCCryptorUpdate"
I get the following output (target is crashed and no JS exception thrown)

   463 ms   ==>CCCryptorRef cryptorRef = 0x160047000
   464 ms   ==>const void *dataIn = 0x170251e50
   464 ms   ==>size_t dataInLength = 0x20
   464 ms   ==>void *dataOut = 0x170251cd0
   464 ms   ==>size_t dataOutAvailable = 0x170251e50
   464 ms   ==>size_t *dataOutMoved = 0x20
   464 ms   this.size = <0x20>
   464 ms   in_size = <0x20>
   464 ms   ===========
   464 ms   CCCryptorUpdate(0x160047000, 0x170251e50, 0x20, 0x170251cd0, 1881480784, &size = 0x20)
   465 ms   ---
   466 ms   --return--0x20--
   466 ms   return value 0x0
   466 ms   ===========
   474 ms   ==>CCCryptorRef cryptorRef = 0x15f848000
   474 ms   ==>const void *dataIn = 0x17026c910
   475 ms   ==>size_t dataInLength = 0x30
   475 ms   ==>void *dataOut = 0x17407e780
   475 ms   ==>size_t dataOutAvailable = 0x17026c900
   475 ms   ==>size_t *dataOutMoved = 0x18a83da22
Target process terminated.
Stopping...

When I trying to attach to the process (with frida-trace -U -i "CCCryptorUpdate" WhatsApp), I get another problem (JS excpetion thrown and processed well):

 18816 ms   ==>CCCryptorRef cryptorRef = 0x158094a00
 18817 ms   ==>const void *dataIn = 0x170669a80
 18817 ms   ==>size_t dataInLength = 0x24
 18817 ms   ==>void *dataOut = 0x170657e50
 18817 ms   ==>size_t dataOutAvailable = 0x30
 18817 ms   ==>size_t *dataOutMoved = 0x0
 18817 ms   ===========
 18817 ms   CCCryptorUpdate(0x158094a00, 0x170669a80, 0x24, 0x170657e50, 48, &size = 0x0)
 18818 ms   trying to read memory 0x170669a80 with size 0x24
 18822 ms   exception!
 18822 ms   ---
 18822 ms   --return--0x0--
 18823 ms   return value 0x0
 18823 ms   ===========
 19133 ms   ==>CCCryptorRef cryptorRef = 0x15883d200
 19133 ms   ==>const void *dataIn = 0x1704513e0
 19133 ms   ==>size_t dataInLength = 0x1d
 19133 ms   ==>void *dataOut = 0x170642130
 19133 ms   ==>size_t dataOutAvailable = 0x0
 19134 ms   ==>size_t *dataOutMoved = 0x0
 19135 ms   ===========
 19135 ms   CCCryptorUpdate(0x15883d200, 0x1704513e0, 0x1d, 0x170642130, 0, &size = 0x0)
 19135 ms   ---
 19136 ms   --return--0x0--
 19136 ms   return value 0x0
 19136 ms   ===========
^CStopping...

And here my realization:

    onEnter: function onEnter(log, args, state) {
        var names = [ "CCCryptorRef cryptorRef", "const void *dataIn", "size_t dataInLength", "void *dataOut", "size_t dataOutAvailable", "size_t *dataOutMoved"];
        for (var i = 0; i < 6; ++i) {
            log("==>" + names[i] + " = " + args[i]);
        }
        this.data_in = args[1];
        var in_size = args[2];
        this.data_out = args[3];
        var dataOutAvailable = args[4];
        if (dataOutAvailable)
            dataOutAvailable = dataOutAvailable.toInt32();
        this.size = args[5];
        var real_size = this.size;
        if (this.size.toInt32()) {
            log("this.size = <" + this.size + ">");
            log("in_size = <" + in_size + ">");
            //real_size = Memory.readS32(this.size);
        }
        log("===========");
        log("CCCryptorUpdate(" + args[0] + ", " + this.data_in + ", " + in_size + ", " +
                this.data_out + ", " + dataOutAvailable + ", &size = " + real_size + ")");
        if (this.data_in && in_size > 0x20 ) {
            try {
                log("trying to read memory " + this.data_in + " with size " + in_size);
                var bytes = Memory.readByteArray(this.data_in, in_size);
                log("memory was readed");
                var hex_str = "";
                for (var i = 0; i < bytes.length; ++i) {
                    hex_str += "0x" + ("0" + bytes[i].toString(16)).slice(-2) + " ";
                }
                log("in data: " + hex_str);
            } catch (e) {
                log("exception!");
            }
        }
        log("---");
    },
...

My goal is a universal script for research of mobile cryptography. I have one more question to check the file descriptor for the socket type, but I need to finish the current problem. Btw, my script worked fine with versions before frida 4.2/4.2.5.

After successful compilation, I try to find and run frida-ps (android server already launched and ports are forwarded) according this manual http://www.frida.re/docs/android/

And get this (I've checked permissions twice :) :

afx237@bright ~/frida> find | grep frida-ps
./frida-python/src/frida-ps.in
./build/tmp-linux-x86_64/frida-python3.4/src/frida-ps
./build/tmp-linux-x86_64/frida-python2.7/src/frida-ps
./build/frida-linux-x86_64/bin/frida-ps
afx237@bright ~/frida> ./build/frida-linux-x86_64/bin/frida-ps

Failed to load the Frida native extension: dynamic module does not define init function (init_frida)
Please ensure that the extension was compiled for Python 2.7.

Traceback (most recent call last):
File "./build/frida-linux-x86_64/bin/frida-ps", line 9, in
frida.ps.main()
File "/home/afx237/frida/build/frida-linux-x86_64/lib/python3.4/site-packages/frida/ps.py", line 58, in main
app.run()
File "/home/afx237/frida/build/frida-linux-x86_64/lib/python3.4/site-packages/frida/application.py", line 57, in run
mgr = frida.get_device_manager()
File "/home/afx237/frida/build/frida-linux-x86_64/lib/python3.4/site-packages/frida/init.py", line 43, in get_device_manager
raise ex
ImportError: dynamic module does not define init function (init_frida)

error: Package `frida-gum-1.0' not found in specified Vala API directories or GObject-Introspection GIR directories

So maybe this is an issue related to the GLIBC_2.15 bug I mentioned, because I hacked around it by symlinking valac to my system's valac instead of the one you shipped, but frida-gum is not being found.

Did 'cd build/tmp-linux-x86_64/frida-gum && make install' to circumvent this.

I tried using Memory.readAnsiString and received an error that the function is undefined.

Sure enough, returning Object.getOwnPropertyNames(Memory) yields:

[u'alloc', u'copy', u'protect', u'readPointer', u'writePointer', u'readS8', u'writeS8', u'readU8', u'writeU8', u'readS16', u'writeS16', u'readU16', u'writeU16', u'readS32', u'writeS32', u'readU32', u'writeU32', u'readS64', u'writeS64', u'readU64', u'writeU64', u'readByteArray', u'writeByteArray', u'readUtf8String', u'writeUtf8String', u'readUtf16String', u'writeUtf16String', u'allocUtf8String', u'allocUtf16String', u'scan', u'dup']

which does not include either readAnsi or writeAnsi.

Were these functions intentionally deleted? Is there a different way of reading a generic null-terminated string?

Methods that are added to a class with @implementation in ObjC cannot be seen or attached to by Frida.

e.g.
import frida
import sys

session = frida.attach(455) // some process with a menu bar icon

script = session.create_script("""
var NSSound = ObjC.use('NSStatusItem'); /* Mac */
var oldImpl = NSSound.drawRect.implementation;
NSSound.drawRect.implementation = ObjC.implement(NSSound.drawRect, function (handle, selector) {
console.log('drawrect');
return oldImpl(handle, selector);
});
""");

def on_message(message, data):
print "{}, {}".format(message, data)

script.on('message', on_message)
script.load()
sys.stdin.read()

Error on commands from example:

% frida-trace -i 'recv_' -i 'read_' skype
Failed to attach: attach_to_process PTRACE_GETREGS failed: 3
% pgrep skype
2084

% cat /etc/issue
Ubuntu 14.04.2 LTS \n \l
% uname -a
Linux 3.13.0-45-generic #74-Ubuntu SMP Tue Jan 13 19:36:28 UTC 2015 x86_64 x86_64 x86_64 GNU/Linux

As Numbers in JavaScript are stored as doubles, they can't represent all 64-bit integers.

Problematic example:

$ cat > fail.c
#include <stdio.h>
#include <stdint.h>

uint64_t a = 0x8888888888888888;
uint64_t b = 0x8888888888888889;

int main(void) {
    printf("&a, a: 0x%p, %llu\n", &a, a);
    printf("&b, b: 0x%p, %llu\n", &b, b);
    getchar();

    return 0;
}
^D
$ cc fail.c -o fail
$ ./fail
&a, a: 0x0x108520020, 9838263505978427528
&b, b: 0x0x108520028, 9838263505978427529

(leave running)

$ frida-repl fail
Attaching...
>>> a = Memory.readU64(ptr(0x108520020))
9838263505978427000
>>> b = Memory.readU64(ptr(0x108520028))
9838263505978427000
>>> a == b
true

As you can see the JavaScript API thinks that the memory contents of a and b are the same, when they in fact differ by 1.