ruptura icon indicating copy to clipboard operation
ruptura copied to clipboard

Published 20 hours ago verified publisher icon vezel-dev

`CallTrace`: Disassemble managed prestubs to find the real method address

Open alexrp opened this issue 2 years ago • 1 comments

https://github.com/vezel-dev/ruptura/blob/70168266ca273ec99eee6baba89522c896150db6/src/memory/Diagnostics/CallFrame.cs#L43-L45

The issue is that the function pointer we get from RuntimeMethodHandle.GetFunctionPointer() points to the prestub for the method, but the instruction pointer we have (of course) points to the actual JIT'd method that was executed.

One way we might solve this is by disassembling the prestub and following the jump to the actual method. But we would need to know for sure that RuntimeMethodHandle.GetFunctionPointer() always returns a pointer to a prestub.

alexrp avatar Jul 13 '22 12:07 alexrp

Lots of useful information here: https://github.com/MonoMod/MonoMod.Common/blob/master/RuntimeDetour/Platforms/Runtime/DetourRuntimeNETPlatform.cs

Looks like this is not going to be fun.

alexrp avatar Jul 23 '22 16:07 alexrp