How do I debug platform issues?

[yrp604]

I have two linux arm64 binaries: one is libc and one has a statically linked libc.

ioctl in libc gets lifted as:
000c98c8 int64_t x0_1 = syscall(sys_ioctl {0x1d}, fd: sx.q(arg1))

ioctl when statically linked gets lifted as:
00418c18 int64_t x0_1 = syscall(sx.q(arg1))

I think the problem with the statically linked one is the lack the correct platform being associated with this... binary view? function? So, I have a few questions, all related:

1. Why wouldn't the platform be associated here?
2. What are platforms attached to? Binary Views? Functions?
3. How can I apply the correct platform to all functions in this bndb?
4. How can I see the what platforms are in use, and where?

[rssor]

There's a default platform for a BinaryView, but each Function has its own reference to a platform object. Function.platfom and BinaryView.platform will show you what's in use for each.

Function is a parameter of function creation (can't be changed after the fact; functions in a bndb are identified by a tuple of (platform, address)).

Was the statically linked file also an elf/mach-o or was it a raw file? My suspicion would be that the type library with syscall information hasn't been loaded for that file.

[yrp604]

can't be changed after the fact

This was the thing that was biting me -- when I originally opened this binary I was testing lifter improvements before #2035 was fixed, so there was no platform for the initial analysis pass. Subsequently when I swapped out my arm64 architecture dll, it didn't fix things because the functions were already identified with no platform.

In this case, if I wanted to reset the platform on everything it would be:

plat = binaryninja.platform.whatever('fancy_platform')
for f in bv.functions:
  f.platform = plat

Or something similar?