macos m1 pthread_create hook之后崩溃，替换的跳转指令超出函数本身指令大小

jmpews / Dobby

a lightweight, multi-platform, multi-architecture hook framework.

Apache License 2.0

4.05k stars 849 forks source link

Closed nanatuo closed 1 year ago

nanatuo commented 1 year ago

在macos m1 pthread_create 指令中只有两条8字节，而dobbyhook arm64架构替换指令需要三条指令12字节，替换后导致和pthread_create相邻的指令被破坏，相邻函数被调用时错误的指令导致崩溃

nanatuo commented 1 year ago

针对m1 崩溃可以选择去hook pthread_create 内部的核心函数 __bsdthread_create

jmpews commented 1 year ago

try the trick function "dobby_enable_near_branch_trampoline()", only need 4 bytes for arm64(e) arch.