search

frida / frida-java-bridge

Java runtime interop from Frida
324 stars 120 forks source link

art_quick_trampolines are not intercepted (Android 14, S22) when using optimized tests #306

Closed cr4zyserb closed 7 months ago

cr4zyserb commented 8 months ago

Issue is when using --enable-optimizations in tests, all Method quick trampolines are art_quick_resolution_trampoline which would skip 2 default ones. Solution would be to add art_quick_resolution_trampoline to list of ones to hook:

temporaryApi.artQuickGenericJniTrampoline = getArtQuickEntrypointFromTrampoline(quickGenericJniTrampoline, vm);
    temporaryApi.artQuickToInterpreterBridge = getArtQuickEntrypointFromTrampoline(quickToInterpreterBridgeTrampoline, vm);
    temporaryApi.artQuickResolutionTrampoline = getArtQuickEntrypointFromTrampoline(quickResolutionTrampoline, vm);

and:

  // Entrypoints that dispatch method invocation from the quick ABI.
  const quickEntrypoints = [
    api.artQuickGenericJniTrampoline,
    api.artQuickToInterpreterBridge,
    api.artQuickResolutionTrampoline
  ];

I will issue pull request, feel free to merge it if it satisfies code logic and design.