On Sunday 28 July 2024 09:46:57 GMT-7 Frederick Virchanza Gotham via Std-
Proposals wrote:
> I just realised today that the "interceptor function" doesn't
> necessarily need to end with a jump to the original function.

Yes, it does. It must be a tail-call.

> This scenario is a little more
> complicated than what I described in my original post because the
> "interceptor function" won't end with a jump to the original function
> (instead it will end with a jump back to the caller).

Then it won't work, because:


> lea come_back_here(%rip), (%rsp) ; change return address on stack
> jmp *%rax ; jump to the original function
>
> come_back_here:
> push_all_registers ; save al

First of all, this breaks execution with Controlflow Enforcement Technology
enabled. You can't do that.

Second, you forgot to copy the arguments passed on the stack.

> I'm 99% certain that this technique will work on every CPU with every
> calling convention.

It will break on 100% of them with sufficiently many parameters: 4 for ARM 32-
bit, 4 for x86-64 on Windows, 6 for x86-64 on Unix systems, 8 on IA-64, etc.

-- 
Thiago Macieira - thiago (AT) macieira.info - thiago (AT) kde.org
  Principal Engineer - Intel DCAI Platform & System Engineering