iOS 18.4 _libdyld_initialize signature has changed so injector fails to detect as dyld4+

[pachoo]

I ran into the issue described in frida/frida#3424 when testing on iOS 18.4

Doing a quick look into this, the signature for _libdyld_initialize has changed, so the injector is failing to detect this as a dyld4 environment.

In iOS 18.3 (from IDA)

__text:00000001A8E9DF30 ; dyld4::APIs::_libdyld_initialize(dyld4::LibSystemHelpers const*)
__text:00000001A8E9DF30 __ZN5dyld44APIs19_libdyld_initializeEPKNS_16LibSystemHelpersE

in iOS 18.4 (from IDA)

; __int64 __fastcall dyld4::APIs::_libdyld_initialize(dyld4::APIs *__hidden this)
__ZN5dyld44APIs19_libdyld_initializeEv

Apparently the LibSystemHelpers pointer has been dropped in iOS 18.4. So the code here is failing in this case since it's not also checking for the newer function: https://github.com/frida/frida-core/blob/main/src/fruity/injector.vala#L828

		private async void ensure_libsystem_initialized (Cancellable? cancellable) throws GLib.Error {
			if (libsystem_initialized)
				return;

			var dyld_symbols = yield fetch_dyld_symbols (cancellable);

			yield restore_main_thread_state (cancellable);

			uint64? libdyld_initialize = dyld_symbols["__ZN5dyld44APIs19_libdyld_initializeEPKNS_16LibSystemHelpersE"];
			if (libdyld_initialize != null)
				yield ensure_libsystem_initialized_for_dyld_v4_and_above (libdyld_initialize, dyld_symbols, cancellable);
			else
				yield ensure_libsystem_initialized_for_dyld_v3_and_below (dyld_symbols, cancellable);

[lilili87222]

always attaching
ios 18.4 and 17.4

this command works on ios 16.7

frida -U -n aitest
____
/ _ | Frida 17.0.5 - A world-class dynamic instrumentation toolkit
| (| |
> _ | Commands:
// |_| help -> Displays the help system
. . . . object? -> Display information about 'object'
. . . . exit/quit -> Exit
. . . .
. . . . More info at https://frida.re/docs/home/
. . . .
. . . . Connected to Apple iPhone (id=00008110-001xxxxxxxxxxxxxxxxxxxxx)
Attaching...