How to rewrite and check IL code more easy?


hi!

i instrument method system.web.mvc.controlleractioninvoker.invokeaction instrument [system.web.mvc.dll] version 3.0.0.0, got verificationexception: operation destabilize runtime.

test same profiler instrument same method in system.web.mvc.dll version 2.0.0.0, works normally.

i test newrelic profiler  instrument same method in version 3.0.0.0, works normally.

i think rewriting il code invalid, don't know how verify it. 

here hex getilfunctionbody

[1b300500e80000007b000011032d0b721d000070732b00000a7a04282e00000a2c1028630b000672d9080070732f00000a7a02036f620200060a020306046f630200060b0739a80000000203076f640200060c0203086f040a0006076f700200060d096f190400062c0f0203096f190400066f6d0200062b44036fea0100066fd30200062c060328720200060203076f6702000613040203086f030a00060711046f6c02000613050203086f060a000611056fff0100066f6f02000626de3126fe1a13060203086f050a000611066f71020006130711076fe60500062d02fe1a020311076fe80500066f6d020006de00172a162a011c0000000047006cb300031e010001000047006cb6002e84000001]=272 

, here hex use setilfunctionbody  
[1b306a004d010000e50100111f028d02000001251f000e01a2251f010e02a21308724c4b00702000800000723f02007072be4b007072dc4b0070722a4c007072444c0070021108283606000a130a032d0b721d000070732b00000a7a04282e00000a2c1028630b000672d9080070732f00000a7a02036f620200060a020306046f630200060b0739ac0000000203076f640200060c0203086f040a0006076f700200060d096f190400062c0f0203096f190400066f6d0200062b44036fea0100066fd30200062c060328720200060203076f6702000613040203086f030a00060711046f6c02000613050203086f060a000611056fff0100066f6f02000626de3126fe1a13060203086f050a000611066f71020006130711076fe60500062d02fe1a020311076fe80500066f6d020006de001700130bde141600130bde0e1309110a141109283706000afe1a110a110b14283706000a110b2a000000414c000000000000890000006c000000f5000000030000001e01000100000000890000006c000000f80000002e000000840000010000000042000000f0000000320100000e00000084000001]=424

ps: wrapper method try/catch structure.  in try branch replace ret opcode save return value leave.s opcode. in catch  branch call static method exception , rethrow exception.
want record return value , exception(if throw) each method being instrumented.

1.how can solve verificationexception?  i'm not sure il code invalid or not, think should debug it. 

2.my way warp method dirty, break old il code double linked list, insert instruction, generates il code double linked list.  are there library this?
3.are there tool or way verify il code debug?

thank you! 

 

i don't know if there tools publicly available, writing 1 straight forward (if sort out license stuff happily open source mine ... procrastination keeps getting in way).

i decompiled 2 method bodies following

"getilfunctionbody"

.maxstack 5 .locals 1100007b // code size: 232   ldarg.1   brtrue.s        il_000e   ldstr           7000001d   newobj          0a00002b   throw  il_000e     ldarg.2   call            0a00002e   brfalse.s       il_0026   call            06000b63   ldstr           700008d9   newobj          0a00002f   throw  il_0026     ldarg.0   ldarg.1   callvirt        06000262   stloc.0   ldarg.0   ldarg.1   ldloc.0   ldarg.2   callvirt        06000263   stloc.1   ldloc.1   brfalse         il_00e6   ldarg.0   ldarg.1   ldloc.1   callvirt        06000264   stloc.2 il_0047     ldarg.0   ldarg.1   ldloc.2   callvirt        06000a04   ldloc.1   callvirt        06000270   stloc.3   ldloc.3   callvirt        06000419   brfalse.s       il_006d   ldarg.0   ldarg.1   ldloc.3   callvirt        06000419   callvirt        0600026d   br.s            il_00b1  il_006d     ldarg.1   callvirt        060001ea   callvirt        060002d3   brfalse.s       il_0080   ldarg.1   call            06000272 il_0080     ldarg.0   ldarg.1   ldloc.1   callvirt        06000267   stloc.s         4   ldarg.0   ldarg.1   ldloc.2   callvirt        06000a03   ldloc.1   ldloc.s         4   callvirt        0600026c   stloc.s         5   ldarg.0   ldarg.1   ldloc.2   callvirt        06000a06   ldloc.s         5   callvirt        060001ff   callvirt        0600026f   pop il_00b1     leave.s         il_00e4  il_00b3     pop   rethrow  il_00b6     stloc.s         6   ldarg.0   ldarg.1   ldloc.2   callvirt        06000a05   ldloc.s         6   callvirt        06000271   stloc.s         7   ldloc.s         7   callvirt        060005e6   brtrue.s        il_00d4   rethrow  il_00d4     ldarg.0   ldarg.1   ldloc.s         7   callvirt        060005e8   callvirt        0600026d   leave.s         il_00e4  il_00e4     ldc.i4.1   ret  il_00e6     ldc.i4.0   ret  try il_0047 il_00b3 catch 0100011e il_00b3 il_00b6 try il_0047 il_00b3 catch 01000084 il_00b6 il_00e4

"setilfunctionbody"

.maxstack 106
.locals 110001e5
// code size: 333
  ldc.i4.s        2
  newarr          01000002
  dup
  ldc.i4.s        0
  ldarg.s         1
  stelem.ref
  dup
  ldc.i4.s        1
  ldarg.s         2
  stelem.ref
  stloc.s         8
  ldstr           70004b4c
  ldc.i4          32768
  ldstr           7000023f
  ldstr           70004bbe
  ldstr           70004bdc
  ldstr           70004c2a
  ldstr           70004c44
  ldarg.0
  ldloc.s         8
  call            0a000636
  stloc.s         10
il_0042  
  ldarg.1
  brtrue.s        il_0050
  ldstr           7000001d
  newobj          0a00002b
  throw

il_0050  
  ldarg.2
  call            0a00002e
  brfalse.s       il_0068
  call            06000b63
  ldstr           700008d9
  newobj          0a00002f
  throw

il_0068  
  ldarg.0
  ldarg.1
  callvirt        06000262
  stloc.0
  ldarg.0
  ldarg.1
  ldloc.0
  ldarg.2
  callvirt        06000263
  stloc.1
  ldloc.1
  brfalse         il_012c
  ldarg.0
  ldarg.1
  ldloc.1
  callvirt        06000264
  stloc.2
il_0089  
  ldarg.0
  ldarg.1
  ldloc.2
  callvirt        06000a04
  ldloc.1
  callvirt        06000270
  stloc.3
  ldloc.3
  callvirt        06000419
  brfalse.s       il_00af
  ldarg.0
  ldarg.1
  ldloc.3
  callvirt        06000419
  callvirt        0600026d
  br.s            il_00f3

il_00af  
  ldarg.1
  callvirt        060001ea
  callvirt        060002d3
  brfalse.s       il_00c2
  ldarg.1
  call            06000272
il_00c2  
  ldarg.0
  ldarg.1
  ldloc.1
  callvirt        06000267
  stloc.s         4
  ldarg.0
  ldarg.1
  ldloc.2
  callvirt        06000a03
  ldloc.1
  ldloc.s         4
  callvirt        0600026c
  stloc.s         5
  ldarg.0
  ldarg.1
  ldloc.2
  callvirt        06000a06
  ldloc.s         5
  callvirt        060001ff
  callvirt        0600026f
  pop
il_00f3  
  leave.s         il_0126

il_00f5  
  pop
  rethrow

il_00f8  
  stloc.s         6
  ldarg.0
  ldarg.1
  ldloc.2
  callvirt        06000a05
  ldloc.s         6
  callvirt        06000271
  stloc.s         7
  ldloc.s         7
  callvirt        060005e6
  brtrue.s        il_0116
  rethrow

il_0116  
  ldarg.0
  ldarg.1
  ldloc.s         7
  callvirt        060005e8
  callvirt        0600026d
  leave.s         il_0126

il_0126  
  ldc.i4.1
  nop
  stloc.s         11
  leave.s         il_0140

il_012c  
  ldc.i4.0
  nop
  stloc.s         11
  leave.s         il_0140

il_0132  
  stloc.s         9
  ldloc.s         10
  ldnull
  ldloc.s         9
  call            0a000637
  rethrow

il_0140  
  ldloc.s         10
  ldloc.s         11
  ldnull
  call            0a000637
  ldloc.s         11
  ret

try il_0089 il_00f5 catch 0100011e il_00f5 il_00f8
try il_0089 il_00f5 catch 01000084 il_00f8 il_0126
try il_0042 il_0132 catch 01000084 il_0132 il_0140

the first thing noticed massive jump in maxstack 5 106, might want how value calculated.

i can't comment on whether or not evaluation stack consistent since don't have signatures. in general looks plausible, might want check against signatures yourself.



.NET Framework  >  Common Language Runtime Internals and Architecture



Comments

Post a Comment

Popular posts from this blog

Azure DocumentDB Owner resource does not exist

having same error microsoft.azure.documents.documentclientexception: message: {"errors":["owner resource not exist"]} , scenario. when deployed webapp azure , try document docdb throws error. docdb exists in azure , contains document looking for. weird local machine(running vs) works fine. i'm using same settings in azure , local. have , idea this. thanks Microsoft Azure  >  Azure Cosmos DB
Read more

RFC_ERROR_SYSTEM_FAILURE with SAP ECC 6 Unicode

hi all, i using biztalk 2006 r2, microsoft biztalk adapter v2.0 mysap business suite sp1 & sql server 2005 database server. we have developed orchestrations communicating sap version 4.7.   currently sap has been upgraded in ecc 6(unicode) system. i have configured new send port on dev server. orchestration can communicate sap ecc 6.0 (non- unicode) system while trying connect sap ecc 6.0 (unicode) getting error. a message sent adapter "sap" on send port "ecc 6 sendport" uri "sap://as:***.**.***.***/**/***/" suspended.   error details: rfc_error_system_failure   messageid:   {b7dd677e-0ef3-480b-835a-d389f2e24179} is there can configure setting unicode ?   thanks in advance     ajay dabhade problem solved: standard table data types appear not unicode compatible in sap ecc 6.0. make rfcgetfunctiondesc raise error. solution: used other data types scratch in rfcs in sap   ajay dabhad...
Read more

C# System.Data.Common DbCommand and getting Datasets from Oracle

i found no oracle specific forum area, decided post here. getting dataset oracle c# system.data.common library's dbcommand seems tricky task. i using command object in project along dbproviderfactory , dbdataadapter because meant allow use same library multiple database providers, , don't have clutter data access layer of project separate classes accessing each individual database provider. my problem is, stored procedures fetching data oracle require refcursor object added in parameters. however, dbtype library not contain definition object. using "object"-type not work. i have read many places not have add refcursor parameter, endless failed attempts @ running command without refcursor object has brought me conclusion leaving out refcursor object not option when using system.data.common library. here coded example connectionstring purposefully left out.                 dbconnection.ope...
Read more