MachoCacheResolve
Description
Resolve runtime_ip to a function name.
Parameters
| Name | Direction | Description |
|---|---|---|
self |
in,out | Cache. Grows on first sight of module_path. |
module_path |
in | Path to the loaded Mach-O on disk. |
slide |
in | ASLR slide as reported by _dyld_get_image_vmaddr_slide – the offset added to the binary’s on-disk vmaddrs to get its runtime addresses. runtime_ip - slide is the file-relative VA. |
runtime_ip |
in | Address to resolve. |
out_name |
out | On success, pointer to the function name (borrowed from the cached Mach-O / DWARF strings; valid until MachoCacheDeinit). |
out_offset |
out | On success, byte offset from the function start. |
Success
Returns true.
Failure
Returns false if the module can’t be opened or the IP falls outside any symbol / function.
Usage example (Cross-references)
Usage examples (Cross-references)
- In
MachoCache.c:197:
const char *name = NULL;
u32 offset = 0;
bool ok = MachoCacheResolve(&cache, bin_path, slide, runtime_ip, &name, &offset);
ok = ok && name && ZstrCompare(name, "real_main_proc") == 0 && offset == 0x10;- In
MachoCache.c:235:
const char *name = NULL;
u32 offset = 0;
bool ok = MachoCacheResolve(&cache, bin_path, slide, runtime_ip, &name, &offset);
ok = ok && name && ZstrCompare(name, "dsym_only_fn") == 0 && offset == 0x8;- In
MachoCache.c:271:
const char *name = NULL;
bool ok = !MachoCacheResolve(&cache, bin_path, 0, 0x100000208ull, &name, NULL);
MachoCacheDeinit(&cache);- In
MachoCache.c:190:
}
bool MachoCacheResolve(
MachoCache *self,
const char *module_path,- In
Backtrace.c:408:
u64 slide = 0;
if (cache_ok && dyld_image_for_ip(frames[i].ip, &mod_path, &slide)) {
if (MachoCacheResolve(&cache, mod_path, slide, ip, &sym_name, &sym_off)) {
named = true;
}
Last updated on