Mono.Cecil：获取抽象方法的实现

Question

I'm using Cecil to inspect my program. It is working really great with one exception. How can I use Cecil to find the implementation of an abstract method?

1. Example of code to inspect

This is an example of code where the method CallingType::CallAbstractMethod() makes a call to ImplementingType::MyMethod() .

public abstract class AbstractBase
{
    public abstract bool MyMethod();
}

public class ImplementingType : AbstractBase
{
    public override bool MyMethod()
    {
        return true;
    }
}

public class CallingType
{
    public void CallAbstractMethod()
    {
        var implementingType = new ImplementingType();
        var result = implementingType.MyMethod();
    }
}

2. The problem

When I use the Cecil code below to inspect my program the variable myMethodDefinition represents the abstract method AbstractBase::MyMethod() instead of ImplementingType::MyMethod() . The later is the method that I would like to find. Just reading the source code it is obvious that the method CallAbstractMethod is actually calling ImplementingType::MyMethod() .

var assembly = AssemblyDefinition.ReadAssembly(Assembly.GetExecutingAssembly().Location);

var callingType = assembly.MainModule.Types
    .Single(t => t.Name == "CallingType");

var callAbstractMethodDefinition = callingType.Methods
    .Single(m => m.Name == "CallAbstractMethod");

var myMethodReference = callAbstractMethodDefinition.Body.Instructions
    .Where(i => i.OpCode == OpCodes.Callvirt)
    .Select(i => (MethodReference)i.Operand)
    .Single();

var myMethodDefinition = myMethodReference.Resolve();

3. My question

What can I do to get my Cecil code to find the implementing method ImplementingType::MyMethod() ?

Answer 1

The IL from CallAbstractMethod

.method public hidebysig 
    instance void CallAbstractMethod () cil managed 
{
    // Method begins at RVA 0x2078
    // Code size 15 (0xf)
    .maxstack 1
    .locals init (
        [0] class ConsoleApplication1.ImplementingType, //first variable
        [1] bool
    )

    IL_0000: nop
    IL_0001: newobj instance void ConsoleApplication1.ImplementingType::.ctor()
    IL_0006: stloc.0
    IL_0007: ldloc.0
    IL_0008: callvirt instance bool ConsoleApplication1.AbstractBase::MyMethod()
    IL_000d: stloc.1
    IL_000e: ret
} // end of method CallingType::CallAbstractMethod

As you can see, the callvirt OpCode is calling base class, if you want to get the real class that hold the implementation of MyMethod you must work like IL works, using stack.

So, when you run line IL_0001

Your stack will have 1 item, that is the instance of ImplementingType

Then you run IL_0006

Your stack will have 0 items, and the instance of ImplementingType will be saved in first variable

Then you run IL_0007

Your stack will have 1 item again, that is the instance of ImplementingType

Then you run IL_0008,

Call MyMethod from first item in the stack, that is the instance of ImplementingType.

So there is no way to get reference to ImplementingType just with the line IL_0008, you must "execute" the code, fake stack process and then you will be able to discover the instanced that hold the method that will execute.

The same code could be optimized, see it below:

.method public hidebysig 
    instance void CallAbstractMethod () cil managed 
{
    // Method begins at RVA 0x2065
    // Code size 12 (0xc)
    .maxstack 8

    IL_0000: newobj instance void ConsoleApplication1.ImplementingType::.ctor()
    IL_0005: callvirt instance bool ConsoleApplication1.AbstractBase::MyMethod()
    IL_000a: pop
    IL_000b: ret
} // end of method CallingType::CallAbstractMethod

I don't know what you want to do with this, but you have the solution, csprojs, and c# class files, and you want to read the code, I would suggest you to use Roslyn to do that.