Gitiles
Code Review Sign In
gerrit-public.fairphone.software / platform / external / valgrind / 6654de8547d2e420c20e21980669b807aa80710e / . / coregrind / vgdb-invoker-ptrace.c
blob: b0e49a182da651cf0725b50bb4067cce1f3050f7 [file] [log] [blame]
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]1/*--------------------------------------------------------------------*/
2/*--- Implementation of vgdb invoker subsystem via ptrace() calls. ---*/
3/*--------------------------------------------------------------------*/
4
5/*
6 This file is part of Valgrind, a dynamic binary instrumentation
7 framework.
8
9 Copyright (C) 2011-2013 Philippe Waroquiers
10
11 This program is free software; you can redistribute it and/or
12 modify it under the terms of the GNU General Public License as
13 published by the Free Software Foundation; either version 2 of the
14 License, or (at your option) any later version.
15
16 This program is distributed in the hope that it will be useful, but
17 WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 General Public License for more details.
20
21 You should have received a copy of the GNU General Public License
22 along with this program; if not, write to the Free Software
23 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
24 02111-1307, USA.
25
26 The GNU General Public License is contained in the file COPYING.
27*/
28
29#include "config.h"
30
31#include "vgdb.h"
32#include "pub_core_threadstate.h"
33
34#include <alloca.h>
35#include <assert.h>
36#include <errno.h>
37#include <stdio.h>
38#include <stdlib.h>
39#include <string.h>
40#include <sys/ptrace.h>
41#include <sys/time.h>
42#include <sys/user.h>
43#include <sys/wait.h>
44
45#if VEX_HOST_WORDSIZE == 8
46typedef Addr64 CORE_ADDR;
47#elif VEX_HOST_WORDSIZE == 4
48typedef Addr32 CORE_ADDR;
49#else
50# error "unexpected wordsize"
51#endif
52
53#if VEX_HOST_WORDSIZE == 8
54typedef Addr64 PTRACE_XFER_TYPE;
55typedef void* PTRACE_ARG3_TYPE;
56#elif VEX_HOST_WORDSIZE == 4
57typedef Addr32 PTRACE_XFER_TYPE;
58typedef void* PTRACE_ARG3_TYPE;
59#else
60# error "unexpected wordsize"
61#endif
62
philippe6654de82014-04-15 22:35:23 +0000[diff] [blame^]63// if > 0, pid for which registers have to be restored.
64// if == 0, means we have not yet called setregs (or have already
65// restored the registers).
66static int pid_of_save_regs = 0;
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]67/* True if we have continued pid_of_save_regs after PTRACE_ATTACH. */
68static Bool pid_of_save_regs_continued = False;
philippe6654de82014-04-15 22:35:23 +0000[diff] [blame^]69// When setregs has been called to change the registers of pid_of_save_regs,
70// vgdb cannot transmit the signals intercepted during ptrace.
71// So, we queue them, and will deliver them when detaching.
72// See function waitstopped for more info.
73static int signal_queue_sz = 0;
74static siginfo_t *signal_queue;
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]75
76/* True when loss of connection indicating that the Valgrind
77 process is dying. */
78static Bool dying = False;
79
80/* ptrace_(read|write)_memory are modified extracts of linux-low.c
81 from gdb 6.6. Copyrighted FSF */
82/* Copy LEN bytes from valgrind memory starting at MEMADDR
83 to vgdb memory starting at MYADDR. */
84static
85int ptrace_read_memory (pid_t inferior_pid, CORE_ADDR memaddr,
86 void *myaddr, size_t len)
87{
88 register int i;
89 /* Round starting address down to longword boundary. */
90 register CORE_ADDR addr = memaddr & -(CORE_ADDR) sizeof (PTRACE_XFER_TYPE);
91 /* Round ending address up; get number of longwords that makes. */
92 register int count
93 = (((memaddr + len) - addr) + sizeof (PTRACE_XFER_TYPE) - 1)
94 / sizeof (PTRACE_XFER_TYPE);
95 /* Allocate buffer of that many longwords. */
96 register PTRACE_XFER_TYPE *buffer
97 = (PTRACE_XFER_TYPE *) alloca (count * sizeof (PTRACE_XFER_TYPE));
98
99 /* Read all the longwords */
100 for (i = 0; i < count; i++, addr += sizeof (PTRACE_XFER_TYPE)) {
101 errno = 0;
102 buffer[i] = ptrace (PTRACE_PEEKTEXT, inferior_pid,
103 (PTRACE_ARG3_TYPE) addr, 0);
104 if (errno)
105 return errno;
106 }
107
108 /* Copy appropriate bytes out of the buffer. */
109 memcpy (myaddr,
110 (char *) buffer + (memaddr & (sizeof (PTRACE_XFER_TYPE) - 1)), len);
111
112 return 0;
113}
114
115/* Copy LEN bytes of data from vgdb memory at MYADDR
116 to valgrind memory at MEMADDR.
117 On failure (cannot write the valgrind memory)
118 returns the value of errno. */
119__attribute__((unused)) /* not used on all platforms */
120static
121int ptrace_write_memory (pid_t inferior_pid, CORE_ADDR memaddr,
122 const void *myaddr, size_t len)
123{
124 register int i;
125 /* Round starting address down to longword boundary. */
126 register CORE_ADDR addr = memaddr & -(CORE_ADDR) sizeof (PTRACE_XFER_TYPE);
127 /* Round ending address up; get number of longwords that makes. */
128 register int count
129 = (((memaddr + len) - addr) + sizeof (PTRACE_XFER_TYPE) - 1)
130 / sizeof (PTRACE_XFER_TYPE);
131 /* Allocate buffer of that many longwords. */
132 register PTRACE_XFER_TYPE *buffer
133 = (PTRACE_XFER_TYPE *) alloca (count * sizeof (PTRACE_XFER_TYPE));
134
135 if (debuglevel >= 1) {
136 DEBUG (1, "Writing ");
137 for (i = 0; i < len; i++)
138 PDEBUG (1, "%02x", ((const unsigned char*)myaddr)[i]);
139 PDEBUG(1, " to %p\n", (void *) memaddr);
140 }
141
142 /* Fill start and end extra bytes of buffer with existing memory data. */
143
144 buffer[0] = ptrace (PTRACE_PEEKTEXT, inferior_pid,
145 (PTRACE_ARG3_TYPE) addr, 0);
146
147 if (count > 1) {
148 buffer[count - 1]
149 = ptrace (PTRACE_PEEKTEXT, inferior_pid,
150 (PTRACE_ARG3_TYPE) (addr + (count - 1)
151 * sizeof (PTRACE_XFER_TYPE)),
152 0);
153 }
154
155 /* Copy data to be written over corresponding part of buffer */
156
157 memcpy ((char *) buffer + (memaddr & (sizeof (PTRACE_XFER_TYPE) - 1)),
158 myaddr, len);
159
160 /* Write the entire buffer. */
161
162 for (i = 0; i < count; i++, addr += sizeof (PTRACE_XFER_TYPE)) {
163 errno = 0;
164 ptrace (PTRACE_POKETEXT, inferior_pid,
165 (PTRACE_ARG3_TYPE) addr, buffer[i]);
166 if (errno)
167 return errno;
168 }
169
170 return 0;
171}
172
173/* subset of VG_(threads) needed for vgdb ptrace.
174 This is initialized when process is attached. */
175typedef struct {
176 ThreadStatus status;
177 Int lwpid;
178}
179VgdbThreadState;
180static VgdbThreadState vgdb_threads[VG_N_THREADS];
181
182static const
183HChar* name_of_ThreadStatus ( ThreadStatus status )
184{
185 switch (status) {
186 case VgTs_Empty: return "VgTs_Empty";
187 case VgTs_Init: return "VgTs_Init";
188 case VgTs_Runnable: return "VgTs_Runnable";
189 case VgTs_WaitSys: return "VgTs_WaitSys";
190 case VgTs_Yielding: return "VgTs_Yielding";
191 case VgTs_Zombie: return "VgTs_Zombie";
192 default: return "VgTs_???";
193 }
194}
195
196static
197char *status_image (int status)
198{
199 static char result[256];
200 int sz = 0;
201#define APPEND(...) sz += snprintf (result+sz, 256 - sz - 1, __VA_ARGS__)
202
203 result[0] = 0;
204
205 if (WIFEXITED(status))
206 APPEND ("WIFEXITED %d ", WEXITSTATUS(status));
207
208 if (WIFSIGNALED(status)) {
209 APPEND ("WIFSIGNALED %d ", WTERMSIG(status));
210 if (WCOREDUMP(status)) APPEND ("WCOREDUMP ");
211 }
212
213 if (WIFSTOPPED(status))
214 APPEND ("WIFSTOPPED %d ", WSTOPSIG(status));
215
216#ifdef WIFCONTINUED
217 if (WIFCONTINUED(status))
218 APPEND ("WIFCONTINUED ");
219#endif
220
221 return result;
222#undef APPEND
223}
224
225/* Wait till the process pid is reported as stopped with signal_expected.
226 If other signal(s) than signal_expected are received, waitstopped
227 will pass them to pid, waiting for signal_expected to stop pid.
228 Returns True when process is in stopped state with signal_expected.
229 Returns False if a problem was encountered while waiting for pid
230 to be stopped.
231
232 If pid is reported as being dead/exited, waitstopped will return False.
233*/
234static
235Bool waitstopped (pid_t pid, int signal_expected, const char *msg)
236{
237 pid_t p;
238 int status = 0;
239 int signal_received;
240 int res;
241
242 while (1) {
243 DEBUG(1, "waitstopped %s before waitpid signal_expected %d\n",
244 msg, signal_expected);
245 p = waitpid(pid, &status, __WALL);
246 DEBUG(1, "after waitpid pid %d p %d status 0x%x %s\n", pid, p,
247 status, status_image (status));
248 if (p != pid) {
249 ERROR(errno, "%s waitpid pid %d in waitstopped %d status 0x%x %s\n",
250 msg, pid, p, status, status_image (status));
251 return False;
252 }
253
254 if (WIFEXITED(status)) {
255 shutting_down = True;
256 return False;
257 }
258
259 assert (WIFSTOPPED(status));
260 signal_received = WSTOPSIG(status);
261 if (signal_received == signal_expected)
262 break;
263
264 /* pid received a signal which is not the signal we are waiting for.
philippe6654de82014-04-15 22:35:23 +0000[diff] [blame^]265 If we have not (yet) changed the registers of the inferior
266 or we have (already) reset them, we can transmit the signal.
267
268 If we have already set the registers of the inferior, we cannot
269 transmit the signal, as this signal would arrive when the
270 gdbserver code runs. And valgrind only expects signals to
271 arrive in a small code portion around
272 client syscall logic, where signal are unmasked (see e.g.
273 m_syswrap/syscall-x86-linux.S ML_(do_syscall_for_client_WRK).
274
275 As ptrace is forcing a call to gdbserver by jumping
276 'out of this region', signals are not masked, but
277 will arrive outside of the allowed/expected code region.
278 So, if we have changed the registers of the inferior, we
279 rather queue the signal to transmit them when detaching,
280 after having restored the registers to the initial values. */
281 if (pid_of_save_regs) {
282 siginfo_t *newsiginfo;
283
284 // realloc a bigger queue, and store new signal at the end.
285 // This is not very efficient but we assume not many sigs are queued.
286 signal_queue_sz++;
287 signal_queue = vrealloc(signal_queue, sizeof(siginfo_t) * signal_queue_sz);
288 newsiginfo = signal_queue + (signal_queue_sz - 1);
289
290 res = ptrace (PTRACE_GETSIGINFO, pid, NULL, newsiginfo);
291 if (res != 0) {
292 ERROR(errno, "PTRACE_GETSIGINFO failed: signal lost !!!!\n");
293 signal_queue_sz--;
294 } else
295 DEBUG(1, "waitstopped PTRACE_CONT, queuing signal %d"
296 " si_signo %d si_pid %d\n",
297 signal_received, newsiginfo->si_signo, newsiginfo->si_pid);
298 res = ptrace (PTRACE_CONT, pid, NULL, 0);
299 } else {
300 DEBUG(1, "waitstopped PTRACE_CONT with signal %d\n", signal_received);
301 res = ptrace (PTRACE_CONT, pid, NULL, signal_received);
302 }
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]303 if (res != 0) {
304 ERROR(errno, "waitstopped PTRACE_CONT\n");
305 return False;
306 }
307 }
308
309 return True;
310}
311
312/* Stops the given pid, wait for the process to be stopped.
313 Returns True if succesful, False otherwise.
314 msg is used in tracing and error reporting. */
315static
316Bool stop (pid_t pid, const char *msg)
317{
318 long res;
319
320 DEBUG(1, "%s SIGSTOP pid %d\n", msg, pid);
321 res = kill (pid, SIGSTOP);
322 if (res != 0) {
323 ERROR(errno, "%s SIGSTOP pid %d %ld\n", msg, pid, res);
324 return False;
325 }
326
327 return waitstopped (pid, SIGSTOP, msg);
328
329}
330
331/* Attaches to given pid, wait for the process to be stopped.
332 Returns True if succesful, False otherwise.
333 msg is used in tracing and error reporting. */
334static
335Bool attach (pid_t pid, const char *msg)
336{
337 long res;
338 static Bool output_error = True;
339 static Bool initial_attach = True;
340 // For a ptrace_scope protected system, we do not want to output
341 // repetitively attach error. We will output once an error
342 // for the initial_attach. Once the 1st attach has succeeded, we
343 // again show all errors.
344
345 DEBUG(1, "%s PTRACE_ATTACH pid %d\n", msg, pid);
346 res = ptrace (PTRACE_ATTACH, pid, NULL, NULL);
347 if (res != 0) {
348 if (output_error || debuglevel > 0) {
349 ERROR(errno, "%s PTRACE_ATTACH pid %d %ld\n", msg, pid, res);
350 if (initial_attach)
351 output_error = False;
352 }
353 return False;
354 }
355
356 initial_attach = False;
357 output_error = True;
358 return waitstopped(pid, SIGSTOP, msg);
359}
360
361/* once we are attached to the pid, get the list of threads and stop
362 them all.
363 Returns True if all threads properly suspended, False otherwise. */
364static
365Bool acquire_and_suspend_threads (pid_t pid)
366{
367 int i;
368 int rw;
369 Bool pid_found = False;
370 Addr vgt;
371 int sz_tst;
372 int off_status;
373 int off_lwpid;
374 int nr_live_threads = 0;
375
376 if (shared32 != NULL) {
377 vgt = shared32->threads;
378 sz_tst = shared32->sizeof_ThreadState;
379 off_status = shared32->offset_status;
380 off_lwpid = shared32->offset_lwpid;
381 }
382 else if (shared64 != NULL) {
383 vgt = shared64->threads;
384 sz_tst = shared64->sizeof_ThreadState;
385 off_status = shared64->offset_status;
386 off_lwpid = shared64->offset_lwpid;
387 } else {
388 assert (0);
389 }
390
391 /* note: the entry 0 is unused */
392 for (i = 1; i < VG_N_THREADS; i++) {
393 vgt += sz_tst;
394 rw = ptrace_read_memory(pid, vgt+off_status,
395 &(vgdb_threads[i].status),
396 sizeof(ThreadStatus));
397 if (rw != 0) {
398 ERROR(rw, "status ptrace_read_memory\n");
399 return False;
400 }
401
402 rw = ptrace_read_memory(pid, vgt+off_lwpid,
403 &(vgdb_threads[i].lwpid),
404 sizeof(Int));
405 if (rw != 0) {
406 ERROR(rw, "lwpid ptrace_read_memory\n");
407 return False;
408 }
409
410 if (vgdb_threads[i].status != VgTs_Empty) {
411 DEBUG(1, "found tid %d status %s lwpid %d\n",
412 i, name_of_ThreadStatus(vgdb_threads[i].status),
413 vgdb_threads[i].lwpid);
414 nr_live_threads++;
415 if (vgdb_threads[i].lwpid <= 1) {
416 if (vgdb_threads[i].lwpid == 0
417 && vgdb_threads[i].status == VgTs_Init) {
418 DEBUG(1, "not set lwpid tid %d status %s lwpid %d\n",
419 i, name_of_ThreadStatus(vgdb_threads[i].status),
420 vgdb_threads[i].lwpid);
421 } else {
422 ERROR(1, "unexpected lwpid tid %d status %s lwpid %d\n",
423 i, name_of_ThreadStatus(vgdb_threads[i].status),
424 vgdb_threads[i].lwpid);
425 }
426 /* in case we have a VtTs_Init thread with lwpid not yet set,
427 we try again later. */
428 return False;
429 }
430 if (vgdb_threads[i].lwpid == pid) {
431 assert (!pid_found);
432 assert (i == 1);
433 pid_found = True;
434 } else {
435 if (!attach(vgdb_threads[i].lwpid, "attach_thread")) {
436 ERROR(0, "ERROR attach pid %d tid %d\n",
437 vgdb_threads[i].lwpid, i);
438 return False;
439 }
440 }
441 }
442 }
443 /* If we found no thread, it means the process is stopping, and
444 we better do not force anything to happen during that. */
445 if (nr_live_threads > 0)
446 return True;
447 else
448 return False;
449}
450
451static
452void detach_from_all_threads (pid_t pid)
453{
454 int i;
455 long res;
456 Bool pid_found = False;
457
458 /* detach from all the threads */
459 for (i = 1; i < VG_N_THREADS; i++) {
460 if (vgdb_threads[i].status != VgTs_Empty) {
461 if (vgdb_threads[i].status == VgTs_Init
462 && vgdb_threads[i].lwpid == 0) {
463 DEBUG(1, "skipping PTRACE_DETACH pid %d tid %d status %s\n",
464 vgdb_threads[i].lwpid, i,
465 name_of_ThreadStatus (vgdb_threads[i].status));
466 } else {
467 if (vgdb_threads[i].lwpid == pid) {
468 assert (!pid_found);
469 pid_found = True;
470 }
471 DEBUG(1, "PTRACE_DETACH pid %d tid %d status %s\n",
472 vgdb_threads[i].lwpid, i,
473 name_of_ThreadStatus (vgdb_threads[i].status));
474 res = ptrace (PTRACE_DETACH, vgdb_threads[i].lwpid, NULL, NULL);
475 if (res != 0) {
476 ERROR(errno, "PTRACE_DETACH pid %d tid %d status %s res %ld\n",
477 vgdb_threads[i].lwpid, i,
478 name_of_ThreadStatus (vgdb_threads[i].status),
479 res);
480 }
481 }
482 }
483 }
484
485 if (!pid_found && pid) {
486 /* No threads are live. Process is busy stopping.
487 We need to detach from pid explicitely. */
488 DEBUG(1, "no thread live => PTRACE_DETACH pid %d\n", pid);
489 res = ptrace (PTRACE_DETACH, pid, NULL, NULL);
490 if (res != 0)
491 ERROR(errno, "PTRACE_DETACH pid %d res %ld\n", pid, res);
492 }
493}
494
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]495static struct user user_save;
496
497// The below indicates if ptrace_getregs (and ptrace_setregs) can be used.
498// Note that some linux versions are defining PTRACE_GETREGS but using
499// it gives back EIO.
500// has_working_ptrace_getregs can take the following values:
501// -1 : PTRACE_GETREGS is defined
502// runtime check not yet done.
503// 0 : PTRACE_GETREGS runtime check has failed.
504// 1 : PTRACE_GETREGS defined and runtime check ok.
505#ifdef HAVE_PTRACE_GETREGS
506static int has_working_ptrace_getregs = -1;
507#endif
508
509/* Get the registers from pid into regs.
510 regs_bsz value gives the length of *regs.
511 Returns True if all ok, otherwise False. */
512static
513Bool getregs (pid_t pid, void *regs, long regs_bsz)
514{
515 DEBUG(1, "getregs regs_bsz %ld\n", regs_bsz);
516# ifdef HAVE_PTRACE_GETREGS
517 if (has_working_ptrace_getregs) {
518 // Platforms having GETREGS
519 long res;
520 DEBUG(1, "getregs PTRACE_GETREGS\n");
521 res = ptrace (PTRACE_GETREGS, pid, NULL, regs);
522 if (res == 0) {
523 if (has_working_ptrace_getregs == -1) {
524 // First call to PTRACE_GETREGS succesful =>
525 has_working_ptrace_getregs = 1;
526 DEBUG(1, "detected a working PTRACE_GETREGS\n");
527 }
528 assert (has_working_ptrace_getregs == 1);
529 return True;
530 }
531 else if (has_working_ptrace_getregs == 1) {
532 // We had a working call, but now it fails.
533 // This is unexpected.
534 ERROR(errno, "PTRACE_GETREGS %ld\n", res);
535 return False;
536 } else {
537 // Check this is the first call:
538 assert (has_working_ptrace_getregs == -1);
539 if (errno == EIO) {
540 DEBUG(1, "detected a broken PTRACE_GETREGS with EIO\n");
541 has_working_ptrace_getregs = 0;
542 // Fall over to the PTRACE_PEEKUSER case.
543 } else {
544 ERROR(errno, "broken PTRACE_GETREGS unexpected errno %ld\n", res);
545 return False;
546 }
547 }
548 }
549# endif
550
551 // We assume PTRACE_PEEKUSER is defined everywhere.
552 {
553# ifdef PT_ENDREGS
554 long peek_bsz = PT_ENDREGS;
555 assert (peek_bsz <= regs_bsz);
556# else
557 long peek_bsz = regs_bsz-1;
558# endif
559 char *pregs = (char *) regs;
560 long offset;
561 errno = 0;
562 DEBUG(1, "getregs PTRACE_PEEKUSER(s) peek_bsz %ld\n", peek_bsz);
563 for (offset = 0; offset < peek_bsz; offset = offset + sizeof(long)) {
564 *(long *)(pregs+offset) = ptrace(PTRACE_PEEKUSER, pid, offset, NULL);
565 if (errno != 0) {
566 ERROR(errno, "PTRACE_PEEKUSER offset %ld\n", offset);
567 return False;
568 }
569 }
570 return True;
571 }
572
573 // If neither PTRACE_GETREGS not PTRACE_PEEKUSER have returned,
574 // then we are in serious trouble.
575 assert (0);
576}
577
578/* Set the registers of pid to regs.
579 regs_bsz value gives the length of *regs.
580 Returns True if all ok, otherwise False. */
581static
582Bool setregs (pid_t pid, void *regs, long regs_bsz)
583{
584 DEBUG(1, "setregs regs_bsz %ld\n", regs_bsz);
585// Note : the below is checking for GETREGS, not SETREGS
586// as if one is defined and working, the other one should also work.
587# ifdef HAVE_PTRACE_GETREGS
588 if (has_working_ptrace_getregs) {
589 // Platforms having SETREGS
590 long res;
591 // setregs can never be called before getregs has done a runtime check.
592 assert (has_working_ptrace_getregs == 1);
593 DEBUG(1, "setregs PTRACE_SETREGS\n");
594 res = ptrace (PTRACE_SETREGS, pid, NULL, regs);
595 if (res != 0) {
596 ERROR(errno, "PTRACE_SETREGS %ld\n", res);
597 return False;
598 }
599 return True;
600 }
601# endif
602
603 {
604 char *pregs = (char *) regs;
605 long offset;
606 long res;
607# ifdef PT_ENDREGS
608 long peek_bsz = PT_ENDREGS;
609 assert (peek_bsz <= regs_bsz);
610# else
611 long peek_bsz = regs_bsz-1;
612# endif
613 errno = 0;
614 DEBUG(1, "setregs PTRACE_POKEUSER(s) %ld\n", peek_bsz);
615 for (offset = 0; offset < peek_bsz; offset = offset + sizeof(long)) {
616 res = ptrace(PTRACE_POKEUSER, pid, offset, *(long*)(pregs+offset));
617 if (errno != 0) {
618 ERROR(errno, "PTRACE_POKEUSER offset %ld res %ld\n", offset, res);
619 return False;
620 }
621 }
622 return True;
623 }
624
625 // If neither PTRACE_SETREGS not PTRACE_POKEUSER have returned,
626 // then we are in serious trouble.
627 assert (0);
628}
629
630/* Restore the registers to the saved value, then detaches from all threads */
631static
632void restore_and_detach (pid_t pid)
633{
philippe6654de82014-04-15 22:35:23 +0000[diff] [blame^]634 int res;
635
636 DEBUG(1, "restore_and_detach pid %d pid_of_save_regs %d\n",
637 pid, pid_of_save_regs);
638
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]639 if (pid_of_save_regs) {
640 /* In case the 'main pid' has been continued, we need to stop it
641 before resetting the registers. */
642 if (pid_of_save_regs_continued) {
643 pid_of_save_regs_continued = False;
644 if (!stop(pid_of_save_regs, "sigstop before reset regs"))
645 DEBUG(0, "Could not sigstop before reset");
646 }
647
648 DEBUG(1, "setregs restore registers pid %d\n", pid_of_save_regs);
649 if (!setregs(pid_of_save_regs, &user_save.regs, sizeof(user_save.regs))) {
650 ERROR(errno, "setregs restore registers pid %d after cont\n",
651 pid_of_save_regs);
652 }
philippe6654de82014-04-15 22:35:23 +0000[diff] [blame^]653
654 /* Now, we transmit all the signals we have queued. */
655 if (signal_queue_sz > 0) {
656 int i;
657 for (i = 0; i < signal_queue_sz; i++) {
658 DEBUG(1, "PTRACE_CONT to transmit queued signal %d\n",
659 signal_queue[i].si_signo);
660 res = ptrace (PTRACE_CONT, pid_of_save_regs, NULL,
661 signal_queue[i].si_signo);
662 if (res != 0)
663 ERROR(errno, "PTRACE_CONT with signal %d\n",
664 signal_queue[i].si_signo);
665 if (!stop(pid_of_save_regs, "sigstop after transmit sig"))
666 DEBUG(0, "Could not sigstop after transmit sig");
667 }
668 free (signal_queue);
669 signal_queue = NULL;
670 signal_queue_sz = 0;
671 }
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]672 pid_of_save_regs = 0;
673 } else {
674 DEBUG(1, "PTRACE_SETREGS restore registers: no pid\n");
675 }
philippe6654de82014-04-15 22:35:23 +0000[diff] [blame^]676 if (signal_queue)
677 ERROR (0, "One or more signals queued were not delivered. "
678 "First signal: %d\n", signal_queue);
philippe3c761f02013-12-01 14:56:28 +0000[diff] [blame]679 detach_from_all_threads(pid);
680}
681
682Bool invoker_invoke_gdbserver (pid_t pid)
683{
684 long res;
685 Bool stopped;
686 struct user user_mod;
687 Addr sp;
688 /* A specific int value is passed to invoke_gdbserver, to check
689 everything goes according to the plan. */
690 const int check = 0x8BADF00D; // ate bad food.
691
692 const Addr bad_return = 0;
693 // A bad return address will be pushed on the stack.
694 // The function invoke_gdbserver cannot return. If ever it returns, a NULL
695 // address pushed on the stack should ensure this is detected.
696
697 /* Not yet attached. If problem, vgdb can abort,
698 no cleanup needed. */
699
700 DEBUG(1, "attach to 'main' pid %d\n", pid);
701 if (!attach(pid, "attach main pid")) {
702 ERROR(0, "error attach main pid %d\n", pid);
703 return False;
704 }
705
706 /* Now, we are attached. If problem, detach and return. */
707
708 if (!acquire_and_suspend_threads(pid)) {
709 detach_from_all_threads(pid);
710 /* if the pid does not exist anymore, we better stop */
711 if (kill(pid, 0) != 0)
712 XERROR (errno, "invoke_gdbserver: check for pid %d existence failed\n",
713 pid);
714 return False;
715 }
716
717 if (!getregs(pid, &user_mod.regs, sizeof(user_mod.regs))) {
718 detach_from_all_threads(pid);
719 return False;
720 }
721 user_save = user_mod;
722
723#if defined(VGA_x86)
724 sp = user_mod.regs.esp;
725#elif defined(VGA_amd64)
726 sp = user_mod.regs.rsp;
727 if (shared32 != NULL) {
728 /* 64bit vgdb speaking with a 32bit executable.
729 To have system call restart properly, we need to sign extend rax.
730 For more info:
731 web search '[patch] Fix syscall restarts for amd64->i386 biarch'
732 e.g. http://sourceware.org/ml/gdb-patches/2009-11/msg00592.html */
733 *(long *)&user_save.regs.rax = *(int*)&user_save.regs.rax;
734 DEBUG(1, "Sign extending %8.8lx to %8.8lx\n",
735 user_mod.regs.rax, user_save.regs.rax);
736 }
737#elif defined(VGA_arm)
738 sp = user_mod.regs.uregs[13];
739#elif defined(VGA_ppc32)
740 sp = user_mod.regs.gpr[1];
741#elif defined(VGA_ppc64)
742 sp = user_mod.regs.gpr[1];
743#elif defined(VGA_s390x)
744 sp = user_mod.regs.gprs[15];
745#elif defined(VGA_mips32)
746 long long *p = (long long *)user_mod.regs;
747 sp = p[29];
748#elif defined(VGA_mips64)
749 sp = user_mod.regs[29];
750#else
751 I_die_here : (sp) architecture missing in vgdb.c
752#endif
753
754
755 // the magic below is derived from spying what gdb sends to
756 // the (classical) gdbserver when invoking a C function.
757 if (shared32 != NULL) {
758 // vgdb speaking with a 32bit executable.
759#if defined(VGA_x86) || defined(VGA_amd64)
760 const int regsize = 4;
761 int rw;
762 /* push check arg on the stack */
763 sp = sp - regsize;
764 DEBUG(1, "push check arg ptrace_write_memory\n");
765 assert(regsize == sizeof(check));
766 rw = ptrace_write_memory(pid, sp,
767 &check,
768 regsize);
769 if (rw != 0) {
770 ERROR(rw, "push check arg ptrace_write_memory");
771 detach_from_all_threads(pid);
772 return False;
773 }
774
775 sp = sp - regsize;
776 DEBUG(1, "push bad_return return address ptrace_write_memory\n");
777 // Note that for a 64 bits vgdb, only 4 bytes of NULL bad_return
778 // are written.
779 rw = ptrace_write_memory(pid, sp,
780 &bad_return,
781 regsize);
782 if (rw != 0) {
783 ERROR(rw, "push bad_return return address ptrace_write_memory");
784 detach_from_all_threads(pid);
785 return False;
786 }
787#if defined(VGA_x86)
788 /* set ebp, esp, eip and orig_eax to invoke gdbserver */
789 // compiled in 32bits, speaking with a 32bits exe
790 user_mod.regs.ebp = sp; // bp set to sp
791 user_mod.regs.esp = sp;
792 user_mod.regs.eip = shared32->invoke_gdbserver;
793 user_mod.regs.orig_eax = -1L;
794#elif defined(VGA_amd64)
795 /* set ebp, esp, eip and orig_eax to invoke gdbserver */
796 // compiled in 64bits, speaking with a 32bits exe
797 user_mod.regs.rbp = sp; // bp set to sp
798 user_mod.regs.rsp = sp;
799 user_mod.regs.rip = shared32->invoke_gdbserver;
800 user_mod.regs.orig_rax = -1L;
801#else
802 I_die_here : not x86 or amd64 in x86/amd64 section/
803#endif
804
805#elif defined(VGA_ppc32) || defined(VGA_ppc64)
806 user_mod.regs.nip = shared32->invoke_gdbserver;
807 user_mod.regs.trap = -1L;
808 /* put check arg in register 3 */
809 user_mod.regs.gpr[3] = check;
810 /* put NULL return address in Link Register */
811 user_mod.regs.link = bad_return;
812
813#elif defined(VGA_arm)
814 /* put check arg in register 0 */
815 user_mod.regs.uregs[0] = check;
816 /* put NULL return address in Link Register */
817 user_mod.regs.uregs[14] = bad_return;
818 user_mod.regs.uregs[15] = shared32->invoke_gdbserver;
819
820#elif defined(VGA_s390x)
821 XERROR(0, "(fn32) s390x has no 32bits implementation");
822#elif defined(VGA_mips32)
823 /* put check arg in register 4 */
824 p[4] = check;
825 /* put NULL return address in ra */
826 p[31] = bad_return;
827 p[34] = shared32->invoke_gdbserver;
828 p[25] = shared32->invoke_gdbserver;
829 /* make stack space for args */
830 p[29] = sp - 32;
831
832#elif defined(VGA_mips64)
833 assert(0); // cannot vgdb a 32 bits executable with a 64 bits exe
834#else
835 I_die_here : architecture missing in vgdb.c
836#endif
837 }
838
839 else if (shared64 != NULL) {
840#if defined(VGA_x86)
841 assert(0); // cannot vgdb a 64 bits executable with a 32 bits exe
842#elif defined(VGA_amd64)
843 // vgdb speaking with a 64 bit executable.
844 const int regsize = 8;
845 int rw;
846
847 /* give check arg in rdi */
848 user_mod.regs.rdi = check;
849
850 /* push return address on stack : return to breakaddr */
851 sp = sp - regsize;
852 DEBUG(1, "push bad_return return address ptrace_write_memory\n");
853 rw = ptrace_write_memory(pid, sp,
854 &bad_return,
855 sizeof(bad_return));
856 if (rw != 0) {
857 ERROR(rw, "push bad_return return address ptrace_write_memory");
858 detach_from_all_threads(pid);
859 return False;
860 }
861
862 /* set rbp, rsp, rip and orig_rax to invoke gdbserver */
863 user_mod.regs.rbp = sp; // bp set to sp
864 user_mod.regs.rsp = sp;
865 user_mod.regs.rip = shared64->invoke_gdbserver;
866 user_mod.regs.orig_rax = -1L;
867
868#elif defined(VGA_arm)
869 assert(0); // cannot vgdb a 64 bits executable with a 32 bits exe
870#elif defined(VGA_ppc32)
871 assert(0); // cannot vgdb a 64 bits executable with a 32 bits exe
872#elif defined(VGA_ppc64)
873 Addr64 func_addr;
874 Addr64 toc_addr;
875 int rw;
876 rw = ptrace_read_memory(pid, shared64->invoke_gdbserver,
877 &func_addr,
878 sizeof(Addr64));
879 if (rw != 0) {
880 ERROR(rw, "ppc64 read func_addr\n");
881 detach_from_all_threads(pid);
882 return False;
883 }
884 rw = ptrace_read_memory(pid, shared64->invoke_gdbserver+8,
885 &toc_addr,
886 sizeof(Addr64));
887 if (rw != 0) {
888 ERROR(rw, "ppc64 read toc_addr\n");
889 detach_from_all_threads(pid);
890 return False;
891 }
892 // We are not pushing anything on the stack, so it is not
893 // very clear why the sp has to be decreased, but it seems
894 // needed. The ppc64 ABI might give some lights on this ?
895 user_mod.regs.gpr[1] = sp - 220;
896 user_mod.regs.gpr[2] = toc_addr;
897 user_mod.regs.nip = func_addr;
898 user_mod.regs.trap = -1L;
899 /* put check arg in register 3 */
900 user_mod.regs.gpr[3] = check;
901 /* put bad_return return address in Link Register */
902 user_mod.regs.link = bad_return;
903#elif defined(VGA_s390x)
904 /* put check arg in register r2 */
905 user_mod.regs.gprs[2] = check;
906 /* bad_return Return address is in r14 */
907 user_mod.regs.gprs[14] = bad_return;
908 /* minimum stack frame */
909 sp = sp - 160;
910 user_mod.regs.gprs[15] = sp;
911 /* set program counter */
912 user_mod.regs.psw.addr = shared64->invoke_gdbserver;
913#elif defined(VGA_mips32)
914 assert(0); // cannot vgdb a 64 bits executable with a 32 bits exe
915#elif defined(VGA_mips64)
916 /* put check arg in register 4 */
917 user_mod.regs[4] = check;
918 /* put NULL return address in ra */
919 user_mod.regs[31] = bad_return;
920 user_mod.regs[34] = shared64->invoke_gdbserver;
921 user_mod.regs[25] = shared64->invoke_gdbserver;
922#else
923 I_die_here: architecture missing in vgdb.c
924#endif
925 }
926 else {
927 assert(0);
928 }
929
930 if (!setregs(pid, &user_mod.regs, sizeof(user_mod.regs))) {
931 detach_from_all_threads(pid);
932 return False;
933 }
934 /* Now that we have modified the registers, we set
935 pid_of_save_regs to indicate that restore_and_detach
936 must restore the registers in case of cleanup. */
937 pid_of_save_regs = pid;
938 pid_of_save_regs_continued = False;
939
940
941 /* We PTRACE_CONT-inue pid.
942 Either gdbserver will be invoked directly (if all
943 threads are interruptible) or gdbserver will be
944 called soon by the scheduler. In the first case,
945 pid will stop on the break inserted above when
946 gdbserver returns. In the 2nd case, the break will
947 be encountered directly. */
948 DEBUG(1, "PTRACE_CONT to invoke\n");
949 res = ptrace (PTRACE_CONT, pid, NULL, NULL);
950 if (res != 0) {
951 ERROR(errno, "PTRACE_CONT\n");
952 restore_and_detach(pid);
953 return False;
954 }
955 pid_of_save_regs_continued = True;
956 /* Wait for SIGSTOP generated by m_gdbserver.c give_control_back_to_vgdb */
957 stopped = waitstopped (pid, SIGSTOP,
958 "waitpid status after PTRACE_CONT to invoke");
959 if (stopped) {
960 /* Here pid has properly stopped on the break. */
961 pid_of_save_regs_continued = False;
962 restore_and_detach(pid);
963 return True;
964 } else {
965 /* Whatever kind of problem happened. We shutdown. */
966 shutting_down = True;
967 return False;
968 }
969}
970
971void invoker_cleanup_restore_and_detach(void *v_pid)
972{
973 DEBUG(1, "invoker_cleanup_restore_and_detach dying: %d\n", dying);
974 if (!dying)
975 restore_and_detach(*(int*)v_pid);
976}
977
978void invoker_restrictions_msg(void)
979{
980}
981
982void invoker_valgrind_dying(void)
983{
984 /* Avoid messing up with registers of valgrind when it is dying. */
985 pid_of_save_regs_continued = False;
986 dying = True;
987}