Implement -ignore_duplicates_module

dillonfranke · dillonfranke · commit 2a540406e4b3 · 2024-12-11T15:06:34.000-08:00
diff --git a/README.md b/README.md
@@ -186,6 +186,8 @@ In addition to the general-purpose API documented above, TinyInst also implement
 
 `-indirect_instrumentation [none|local|global|auto]` which instrumentation to use for indirect jump/calls
 
+`-ignore_duplicates_module [module name]` Ensures only the first loaded instance of `[module name]` is instrumented, ignoring subsequent duplicates. Useful when instrumenting system libraries (e.g., `CoreAudio`) on macOS Sequoia and later, where multiple distinct libraries with the same name may be loaded.
+
 `-patch_return_addresses` - replaces return address with the original value, causes returns to be instrumented using whatever `-indirect_instrumentation` method is specified
 
 `-generate_unwind` - Generates stack unwinding data for instrumented code (for faster C++ exception handling). Note that it might not work correctly on some older Windows versions.
diff --git a/hook.md b/hook.md
@@ -23,7 +23,7 @@ It is expected that most hooking operations can be performed just using the brea
 
 If a hook needs to add additional assembly code, this can be done by implementing `WriteCodeBefore`/`WriteCodeAfter` methods of the hook class. Assembly code can be inserted by calling the `WriteCode` function with the buffer containing the assembly to be inserted. Note that both `WriteCodeBefore`/`WriteCodeAfter` get called during instrumentation time (before the function gets run) and, due to how `HookBeginEnd` is implemented, `WriteCodeAfter` can be called multiple times for a single hooked function.
 
-Once the hook classes have been implemented for each function the user wants to hook, the user can register them by calling `RegisterHook` method inside their clien's constructor.
+Once the hook classes have been implemented for each function the user wants to hook, the user can register them by calling `RegisterHook` method inside their client's constructor.
 
 ### Example
 
diff --git a/tinyinst.cpp b/tinyinst.cpp
@@ -43,6 +43,7 @@ ModuleInfo::ModuleInfo() {
   max_address = 0;
   loaded = false;
   instrumented = false;
+  ignore_duplicates = false;
   instrumented_code_local = NULL;
   instrumented_code_remote = NULL;
   instrumented_code_remote_previous = NULL;
@@ -849,6 +850,8 @@ void TinyInst::OnModuleInstrumented(ModuleInfo* module) {
       }
       if(address) {
         resolved_hooks[address] = hook;
+      } else {
+        FATAL("Could not resolve function %s in module %s", hook->GetFunctionName().c_str(), hook->GetModuleName().c_str());
       }
     }
   }
@@ -1071,9 +1074,14 @@ void TinyInst::OnInstrumentModuleLoaded(void *module, ModuleInfo *target_module)
       target_module->module_header &&
       (target_module->module_header != (void *)module))
   {
-    WARN("Instrumented module loaded on a different address than seen previously\n"
-         "Module will need to be re-instrumented. Expect a drop in performance.");
-    ClearInstrumentation(target_module);
+    if (target_module->ignore_duplicates) {
+      WARN("Skipping duplicate module %s.", target_module->module_name.c_str());
+      return;
+    } else {
+      WARN("Instrumented module loaded on a different address than seen previously\n"
+        "Module will need to be re-instrumented. Expect a drop in performance.");
+      ClearInstrumentation(target_module);
+    }
   }
 
   target_module->module_header = (void *)module;
@@ -1091,7 +1099,7 @@ void TinyInst::OnInstrumentModuleLoaded(void *module, ModuleInfo *target_module)
   }
 }
 
-// called when a potentialy interesting module gets loaded
+// called when a potentially interesting module gets loaded
 void TinyInst::OnModuleLoaded(void *module, char *module_name) {
   Debugger::OnModuleLoaded(module, module_name);
 
@@ -1261,6 +1269,9 @@ void TinyInst::Init(int argc, char **argv) {
   std::list <char *> module_names;
   GetOptionAll("-instrument_module", argc, argv, &module_names);
 
+  std::list <char *> ignored_duplicate_modules;
+  GetOptionAll("-ignore_duplicates_module", argc, argv, &ignored_duplicate_modules);
+
 #if defined(__APPLE__) && defined(ARM64)
   std::set <std::string> orig_uniq_mod_names;
   std::set <std::string> new_uniq_mod_names;
@@ -1300,6 +1311,11 @@ void TinyInst::Init(int argc, char **argv) {
   for (const auto module_name: module_names) {
     ModuleInfo *new_module = new ModuleInfo();
     new_module->module_name = module_name;
+    for (const auto& ignored_module : ignored_duplicate_modules) {
+      if (strcmp(ignored_module, module_name) == 0) {
+        new_module->ignore_duplicates = true;
+      }
+    }
     instrumented_modules.push_back(new_module);
     // SAY("--- %s\n", module_name);
   }
diff --git a/tinyinst.h b/tinyinst.h
@@ -292,6 +292,7 @@ class ModuleInfo {
   size_t code_size;
   bool loaded;
   bool instrumented;
+  bool ignore_duplicates;
   std::list<AddressRange> executable_ranges;
 
   size_t instrumented_code_size;
