修改__RESTRICT/__restrict后闪退

自己写了个带反调试的appDemo，想试试逆向一下，结果崩溃了

系统环境：iOS 8.4
1.修改了__RESTRICT和__restrict为 __ERSTRITC __erstritc
2.ldid -S 二进制文件
3.Cydia下载安装了AppSync
4.拷贝替换掉原app二进制文件
5.修改二进制文件权限
6.运行=>崩溃

PS:如果再拷贝出app，然后重签名，再安装新包的话是没问题的；所以只替换二进制文件没法正常运行吗?

log如下：

Nov 22 14:12:26 iPhone-5c kernel[0] <Notice>: Sandbox: hook..execve() killing pid 3868: application requires container but none set Nov 22 14:12:26 iPhone-5c com.apple.xpc.launchd[1] (UIKitApplication:com.testflag[0xf21e][3868]) <Notice>: Service exited due to signal: Killed: 9 Nov 22 14:12:26 iPhone-5c assertiond[106] <Warning>: Unable to obtain a task name port right for pid 3868: (os/kern) failure (5) Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to register for exec notifications: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to obtain a task name port right for pid 3868: (os/kern) failure (5) Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to obtain a task name port right for <FBApplicationProcess: 0x1626e320; com.testflag; pid: 3868> Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to get short BSD proc info for 3868: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to get proc info for 3868: No such process Nov 22 14:12:26 iPhone-5c assertiond[106] <Warning>: Could not set priority of <BKNewProcess: 0x165a1270; com.testflag; pid: 3868; hostpid: -1> to 1, priority: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to register for exec notifications: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to obtain a task name port right for pid 3868: (os/kern) failure (5) Nov 22 14:12:26 iPhone-5c assertiond[106] <Warning>: Could not set priority of <BKNewProcess: 0x165a1270; com.testflag; pid: 3868; hostpid: -1> to 0, priority: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to obtain a task name port right for <FBApplicationProcess: 0x1626e320; com.testflag; pid: 3868> Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to get short BSD proc info for 3868: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Unable to get proc info for 3868: No such process Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: LICreateIconForImage passed NULL CGImageRef image Nov 22 14:12:26 iPhone-5c locationd[120] <Notice>: Gesture EnabledForTopCLient: 0, EnabledInDaemonSettings: 0 Nov 22 14:12:26 iPhone-5c SpringBoard[3591] <Warning>: Application 'UIKitApplication:com.testflag[0xf21e]' exited abnormally via signal. Nov 22 14:12:26 iPhone-5c assertiond[106] <Warning>: Could not set priority of <BKNewProcess: 0x165a1270; com.testflag; pid: 3868; hostpid: -1> to 2, priority: No such process Nov 22 14:12:26 iPhone-5c assertiond[106] <Warning>: Could not set priority of <BKNewProcess: 0x165a1270; com.testflag; pid: 3868; hostpid: -1> to 4096, priority: No such process Nov 22 14:12:27 iPhone-5c locationd[120] <Notice>: Gesture EnabledForTopCLient: 0, EnabledInDaemonSettings: 0 Nov 22 14:12:34 iPhone-5c locationd[120] <Notice>: Gesture EnabledForTopCLient: 0, EnabledInDaemonSettings: 0
[PS:MachOView截图]

blob.jpg272×684 113 KB

我感觉bin的签名有缓存的, 直接替换都不行, 要mv, 再cp过去
一个想法, 不一定对

不好使的样子[quote=“Ouroboros, post:2, topic:5770, full:true”]
我感觉bin的签名有缓存的, 直接替换都不行, 要mv, 再cp过去
一个想法, 不一定对
[/quote]

求助。。。难道是系统版本和越狱的问题？
我没有其他系统的越狱机器了，求验证。

也同样遇到过这样的问题

然而并没有想要的答案，再重签一下是不会崩的。

您好,请问您最后是怎么解决的?

_CodeSignature/CodeResources 记录了可执行程序的hash值，你修改了了可执行程序后，没处理_CodeSignature/CodeResources里的对应值

重签名可解，上面说了呀

难道是这样，有一阵没学逆向了，抽空试试看

嗯 已经解决了

你好，请问最后是怎么解决的呢？最近也遇到这个问题。我hook的是root权限的app。