LLDB mainline
StopInfoMachException.cpp
Go to the documentation of this file.
1//===-- StopInfoMachException.cpp -----------------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
10
11#include "lldb/lldb-forward.h"
12
13#if defined(__APPLE__)
14// Needed for the EXC_RESOURCE interpretation macros
15#include <kern/exc_resource.h>
16#endif
17
19#include "lldb/Symbol/Symbol.h"
20#include "lldb/Target/ABI.h"
23#include "lldb/Target/Process.h"
25#include "lldb/Target/Target.h"
26#include "lldb/Target/Thread.h"
30#include "lldb/Utility/Log.h"
32#include <optional>
33
34using namespace lldb;
35using namespace lldb_private;
36
37/// Information about a pointer-authentication related instruction.
40 bool IsLoad;
42};
43
44/// Get any pointer-authentication related information about the instruction
45/// at address \p at_addr.
46static std::optional<PtrauthInstructionInfo>
48 const Address &at_addr) {
49 const char *plugin_name = nullptr;
50 const char *flavor = nullptr;
51 AddressRange range_bounds(at_addr, 4);
52 const bool prefer_file_cache = true;
54 arch, plugin_name, flavor, target, range_bounds, prefer_file_cache);
55 if (!disassembler_sp)
56 return std::nullopt;
57
58 InstructionList &insn_list = disassembler_sp->GetInstructionList();
59 InstructionSP insn = insn_list.GetInstructionAtIndex(0);
60 if (!insn)
61 return std::nullopt;
62
63 return PtrauthInstructionInfo{insn->IsAuthenticated(), insn->IsLoad(),
64 insn->DoesBranch()};
65}
66
67/// Describe the load address of \p addr using the format filename:line:col.
68static void DescribeAddressBriefly(Stream &strm, const Address &addr,
69 Target &target) {
70 strm.Printf("at address=0x%" PRIx64, addr.GetLoadAddress(&target));
72 if (addr.GetDescription(s, target, eDescriptionLevelBrief))
73 strm.Printf(" %s", s.GetString().data());
74 strm.Printf(".\n");
75}
76
78 bool IsBreakpoint = m_value == 6; // EXC_BREAKPOINT
79 bool IsBadAccess = m_value == 1; // EXC_BAD_ACCESS
80 if (!IsBreakpoint && !IsBadAccess)
81 return false;
82
83 // Check that we have a live process.
84 if (!exe_ctx.HasProcessScope() || !exe_ctx.HasThreadScope() ||
85 !exe_ctx.HasTargetScope())
86 return false;
87
88 Thread &thread = *exe_ctx.GetThreadPtr();
89 StackFrameSP current_frame = thread.GetStackFrameAtIndex(0);
90 if (!current_frame)
91 return false;
92
93 Target &target = *exe_ctx.GetTargetPtr();
94 Process &process = *exe_ctx.GetProcessPtr();
95 ABISP abi_sp = process.GetABI();
96 const ArchSpec &arch = target.GetArchitecture();
97 assert(abi_sp && "Missing ABI info");
98
99 // Check for a ptrauth-enabled target.
100 const bool ptrauth_enabled_target =
102 if (!ptrauth_enabled_target)
103 return false;
104
105 // Set up a stream we can write a diagnostic into.
106 StreamString strm;
107 auto emit_ptrauth_prologue = [&](uint64_t at_address) {
108 strm.Printf("EXC_BAD_ACCESS (code=%" PRIu64 ", address=0x%" PRIx64 ")\n",
109 m_exc_code, at_address);
110 strm.Printf("Note: Possible pointer authentication failure detected.\n");
111 };
112
113 // Check if we have a "brk 0xc47x" trap, where the value that failed to
114 // authenticate is in x16.
115 Address current_address = current_frame->GetFrameCodeAddress();
116 if (IsBreakpoint) {
117 RegisterContext *reg_ctx = exe_ctx.GetRegisterContext();
118 if (!reg_ctx)
119 return false;
120
121 const RegisterInfo *X16Info = reg_ctx->GetRegisterInfoByName("x16");
122 RegisterValue X16Val;
123 if (!reg_ctx->ReadRegister(X16Info, X16Val))
124 return false;
125 uint64_t bad_address = X16Val.GetAsUInt64();
126
127 uint64_t fixed_bad_address = abi_sp->FixCodeAddress(bad_address);
128 Address brk_address;
129 if (!target.ResolveLoadAddress(fixed_bad_address, brk_address))
130 return false;
131
132 auto brk_ptrauth_info =
133 GetPtrauthInstructionInfo(target, arch, current_address);
134 if (brk_ptrauth_info && brk_ptrauth_info->IsAuthenticated) {
135 emit_ptrauth_prologue(bad_address);
136 strm.Printf("Found value that failed to authenticate ");
137 DescribeAddressBriefly(strm, brk_address, target);
138 m_description = std::string(strm.GetString());
139 return true;
140 }
141 return false;
142 }
143
144 assert(IsBadAccess && "Handle EXC_BAD_ACCESS only after this point");
145
146 // Check that we have the "bad address" from an EXC_BAD_ACCESS.
147 if (m_exc_data_count < 2)
148 return false;
149
150 // Ok, we know the Target is valid and that it describes a ptrauth-enabled
151 // device. Now, we need to determine whether this exception was caused by a
152 // ptrauth failure.
153
154 uint64_t bad_address = m_exc_subcode;
155 uint64_t fixed_bad_address = abi_sp->FixCodeAddress(bad_address);
156 uint64_t current_pc = current_address.GetLoadAddress(&target);
157
158 // Detect: LDRAA, LDRAB (Load Register, with pointer authentication).
159 //
160 // If an authenticated load results in an exception, the instruction at the
161 // current PC should be one of LDRAx.
162 if (bad_address != current_pc && fixed_bad_address != current_pc) {
163 auto ptrauth_info =
164 GetPtrauthInstructionInfo(target, arch, current_address);
165 if (ptrauth_info && ptrauth_info->IsAuthenticated && ptrauth_info->IsLoad) {
166 emit_ptrauth_prologue(bad_address);
167 strm.Printf("Found authenticated load instruction ");
168 DescribeAddressBriefly(strm, current_address, target);
169 m_description = std::string(strm.GetString());
170 return true;
171 }
172 }
173
174 // Detect: BLRAA, BLRAAZ, BLRAB, BLRABZ (Branch with Link to Register, with
175 // pointer authentication).
176 //
177 // TODO: Detect: BRAA, BRAAZ, BRAB, BRABZ (Branch to Register, with pointer
178 // authentication). At a minimum, this requires call site info support for
179 // indirect calls.
180 //
181 // If an authenticated call or tail call results in an exception, stripping
182 // the bad address should give the current PC, which points to the address
183 // we tried to branch to.
184 if (bad_address != current_pc && fixed_bad_address == current_pc) {
185 if (StackFrameSP parent_frame = thread.GetStackFrameAtIndex(1)) {
186 addr_t return_pc =
187 parent_frame->GetFrameCodeAddress().GetLoadAddress(&target);
188 Address blr_address;
189 if (!target.ResolveLoadAddress(return_pc - 4, blr_address))
190 return false;
191
192 auto blr_ptrauth_info =
193 GetPtrauthInstructionInfo(target, arch, blr_address);
194 if (blr_ptrauth_info && blr_ptrauth_info->IsAuthenticated &&
195 blr_ptrauth_info->DoesBranch) {
196 emit_ptrauth_prologue(bad_address);
197 strm.Printf("Found authenticated indirect branch ");
198 DescribeAddressBriefly(strm, blr_address, target);
199 m_description = std::string(strm.GetString());
200 return true;
201 }
202 }
203 }
204
205 // TODO: Detect: RETAA, RETAB (Return from subroutine, with pointer
206 // authentication).
207 //
208 // Is there a motivating, non-malicious code snippet that corrupts LR?
209
210 return false;
211}
212
214 if (!m_description.empty())
215 return m_description.c_str();
217 return "invalid stop reason!";
218
219 ExecutionContext exe_ctx(m_thread_wp.lock());
220 Target *target = exe_ctx.GetTargetPtr();
221 const llvm::Triple::ArchType cpu =
222 target ? target->GetArchitecture().GetMachine()
223 : llvm::Triple::UnknownArch;
224
225 const char *exc_desc = nullptr;
226 const char *code_label = "code";
227 const char *code_desc = nullptr;
228 const char *subcode_label = "subcode";
229 const char *subcode_desc = nullptr;
230
231#if defined(__APPLE__)
232 char code_desc_buf[32];
233 char subcode_desc_buf[32];
234#endif
235
236 switch (m_value) {
237 case 1: // EXC_BAD_ACCESS
238 exc_desc = "EXC_BAD_ACCESS";
239 subcode_label = "address";
240 switch (cpu) {
241 case llvm::Triple::x86:
242 case llvm::Triple::x86_64:
243 switch (m_exc_code) {
244 case 0xd:
245 code_desc = "EXC_I386_GPFLT";
247 break;
248 }
249 break;
250 case llvm::Triple::arm:
251 case llvm::Triple::thumb:
252 switch (m_exc_code) {
253 case 0x101:
254 code_desc = "EXC_ARM_DA_ALIGN";
255 break;
256 case 0x102:
257 code_desc = "EXC_ARM_DA_DEBUG";
258 break;
259 }
260 break;
261
262 case llvm::Triple::aarch64:
263 if (DeterminePtrauthFailure(exe_ctx))
264 return m_description.c_str();
265 break;
266
267 default:
268 break;
269 }
270 break;
271
272 case 2: // EXC_BAD_INSTRUCTION
273 exc_desc = "EXC_BAD_INSTRUCTION";
274 switch (cpu) {
275 case llvm::Triple::x86:
276 case llvm::Triple::x86_64:
277 if (m_exc_code == 1)
278 code_desc = "EXC_I386_INVOP";
279 break;
280
281 case llvm::Triple::arm:
282 case llvm::Triple::thumb:
283 if (m_exc_code == 1)
284 code_desc = "EXC_ARM_UNDEFINED";
285 break;
286
287 default:
288 break;
289 }
290 break;
291
292 case 3: // EXC_ARITHMETIC
293 exc_desc = "EXC_ARITHMETIC";
294 switch (cpu) {
295 case llvm::Triple::x86:
296 case llvm::Triple::x86_64:
297 switch (m_exc_code) {
298 case 1:
299 code_desc = "EXC_I386_DIV";
300 break;
301 case 2:
302 code_desc = "EXC_I386_INTO";
303 break;
304 case 3:
305 code_desc = "EXC_I386_NOEXT";
306 break;
307 case 4:
308 code_desc = "EXC_I386_EXTOVR";
309 break;
310 case 5:
311 code_desc = "EXC_I386_EXTERR";
312 break;
313 case 6:
314 code_desc = "EXC_I386_EMERR";
315 break;
316 case 7:
317 code_desc = "EXC_I386_BOUND";
318 break;
319 case 8:
320 code_desc = "EXC_I386_SSEEXTERR";
321 break;
322 }
323 break;
324
325 default:
326 break;
327 }
328 break;
329
330 case 4: // EXC_EMULATION
331 exc_desc = "EXC_EMULATION";
332 break;
333
334 case 5: // EXC_SOFTWARE
335 exc_desc = "EXC_SOFTWARE";
336 if (m_exc_code == 0x10003) {
337 subcode_desc = "EXC_SOFT_SIGNAL";
338 subcode_label = "signo";
339 }
340 break;
341
342 case 6: // EXC_BREAKPOINT
343 {
344 exc_desc = "EXC_BREAKPOINT";
345 switch (cpu) {
346 case llvm::Triple::x86:
347 case llvm::Triple::x86_64:
348 switch (m_exc_code) {
349 case 1:
350 code_desc = "EXC_I386_SGL";
351 break;
352 case 2:
353 code_desc = "EXC_I386_BPT";
354 break;
355 }
356 break;
357
358 case llvm::Triple::arm:
359 case llvm::Triple::thumb:
360 switch (m_exc_code) {
361 case 0x101:
362 code_desc = "EXC_ARM_DA_ALIGN";
363 break;
364 case 0x102:
365 code_desc = "EXC_ARM_DA_DEBUG";
366 break;
367 case 1:
368 code_desc = "EXC_ARM_BREAKPOINT";
369 break;
370 // FIXME temporary workaround, exc_code 0 does not really mean
371 // EXC_ARM_BREAKPOINT
372 case 0:
373 code_desc = "EXC_ARM_BREAKPOINT";
374 break;
375 }
376 break;
377
378 case llvm::Triple::aarch64:
379 if (DeterminePtrauthFailure(exe_ctx))
380 return m_description.c_str();
381 break;
382
383 default:
384 break;
385 }
386 } break;
387
388 case 7:
389 exc_desc = "EXC_SYSCALL";
390 break;
391
392 case 8:
393 exc_desc = "EXC_MACH_SYSCALL";
394 break;
395
396 case 9:
397 exc_desc = "EXC_RPC_ALERT";
398 break;
399
400 case 10:
401 exc_desc = "EXC_CRASH";
402 break;
403 case 11:
404 exc_desc = "EXC_RESOURCE";
405#if defined(__APPLE__)
406 {
407 int resource_type = EXC_RESOURCE_DECODE_RESOURCE_TYPE(m_exc_code);
408
409 code_label = "limit";
410 code_desc = code_desc_buf;
411 subcode_label = "observed";
412 subcode_desc = subcode_desc_buf;
413
414 switch (resource_type) {
415 case RESOURCE_TYPE_CPU:
416 exc_desc =
417 "EXC_RESOURCE (RESOURCE_TYPE_CPU: CPU usage monitor tripped)";
418 snprintf(code_desc_buf, sizeof(code_desc_buf), "%d%%",
419 (int)EXC_RESOURCE_CPUMONITOR_DECODE_PERCENTAGE(m_exc_code));
420 snprintf(subcode_desc_buf, sizeof(subcode_desc_buf), "%d%%",
421 (int)EXC_RESOURCE_CPUMONITOR_DECODE_PERCENTAGE_OBSERVED(
423 break;
424 case RESOURCE_TYPE_WAKEUPS:
425 exc_desc = "EXC_RESOURCE (RESOURCE_TYPE_WAKEUPS: idle wakeups monitor "
426 "tripped)";
427 snprintf(
428 code_desc_buf, sizeof(code_desc_buf), "%d w/s",
429 (int)EXC_RESOURCE_CPUMONITOR_DECODE_WAKEUPS_PERMITTED(m_exc_code));
430 snprintf(subcode_desc_buf, sizeof(subcode_desc_buf), "%d w/s",
431 (int)EXC_RESOURCE_CPUMONITOR_DECODE_WAKEUPS_OBSERVED(
433 break;
434 case RESOURCE_TYPE_MEMORY:
435 exc_desc = "EXC_RESOURCE (RESOURCE_TYPE_MEMORY: high watermark memory "
436 "limit exceeded)";
437 snprintf(code_desc_buf, sizeof(code_desc_buf), "%d MB",
438 (int)EXC_RESOURCE_HWM_DECODE_LIMIT(m_exc_code));
439 subcode_desc = nullptr;
440 subcode_label = nullptr;
441 break;
442#if defined(RESOURCE_TYPE_IO)
443 // RESOURCE_TYPE_IO is introduced in macOS SDK 10.12.
444 case RESOURCE_TYPE_IO:
445 exc_desc = "EXC_RESOURCE RESOURCE_TYPE_IO";
446 snprintf(code_desc_buf, sizeof(code_desc_buf), "%d MB",
447 (int)EXC_RESOURCE_IO_DECODE_LIMIT(m_exc_code));
448 snprintf(subcode_desc_buf, sizeof(subcode_desc_buf), "%d MB",
449 (int)EXC_RESOURCE_IO_OBSERVED(m_exc_subcode));
450 ;
451 break;
452#endif
453 }
454 }
455#endif
456 break;
457 case 12:
458 exc_desc = "EXC_GUARD";
459 break;
460 }
461
462 StreamString strm;
463
464 if (exc_desc)
465 strm.PutCString(exc_desc);
466 else
467 strm.Printf("EXC_??? (%" PRIu64 ")", m_value);
468
469 if (m_exc_data_count >= 1) {
470 if (code_desc)
471 strm.Printf(" (%s=%s", code_label, code_desc);
472 else
473 strm.Printf(" (%s=%" PRIu64, code_label, m_exc_code);
474 }
475
476 if (m_exc_data_count >= 2) {
477 if (subcode_label && subcode_desc)
478 strm.Printf(", %s=%s", subcode_label, subcode_desc);
479 else if (subcode_label)
480 strm.Printf(", %s=0x%" PRIx64, subcode_label, m_exc_subcode);
481 }
482
483 if (m_exc_data_count > 0)
484 strm.PutChar(')');
485
486 m_description = std::string(strm.GetString());
487 return m_description.c_str();
488}
489
491 uint32_t exc_data_count,
492 uint64_t exc_sub_code,
493 uint64_t exc_sub_sub_code) {
494 // Try hardware watchpoint.
495 if (target) {
496 // The exc_sub_code indicates the data break address.
497 WatchpointResourceSP wp_rsrc_sp =
498 target->GetProcessSP()->GetWatchpointResourceList().FindByAddress(
499 (addr_t)exc_sub_code);
500 if (wp_rsrc_sp && wp_rsrc_sp->GetNumberOfConstituents() > 0) {
502 thread, wp_rsrc_sp->GetConstituentAtIndex(0)->GetID());
503 }
504 }
505
506 // Try hardware breakpoint.
507 ProcessSP process_sp(thread.GetProcess());
508 if (process_sp) {
509 // The exc_sub_code indicates the data break address.
511 process_sp->GetBreakpointSiteList().FindByAddress(
512 (lldb::addr_t)exc_sub_code);
513 if (bp_sp && bp_sp->IsEnabled()) {
515 bp_sp->GetID());
516 }
517 }
518
519 return nullptr;
520}
521
522#if defined(__APPLE__)
523const char *
524StopInfoMachException::MachException::Name(exception_type_t exc_type) {
525 switch (exc_type) {
526 case EXC_BAD_ACCESS:
527 return "EXC_BAD_ACCESS";
528 case EXC_BAD_INSTRUCTION:
529 return "EXC_BAD_INSTRUCTION";
530 case EXC_ARITHMETIC:
531 return "EXC_ARITHMETIC";
532 case EXC_EMULATION:
533 return "EXC_EMULATION";
534 case EXC_SOFTWARE:
535 return "EXC_SOFTWARE";
536 case EXC_BREAKPOINT:
537 return "EXC_BREAKPOINT";
538 case EXC_SYSCALL:
539 return "EXC_SYSCALL";
540 case EXC_MACH_SYSCALL:
541 return "EXC_MACH_SYSCALL";
542 case EXC_RPC_ALERT:
543 return "EXC_RPC_ALERT";
544#ifdef EXC_CRASH
545 case EXC_CRASH:
546 return "EXC_CRASH";
547#endif
548 case EXC_RESOURCE:
549 return "EXC_RESOURCE";
550#ifdef EXC_GUARD
551 case EXC_GUARD:
552 return "EXC_GUARD";
553#endif
554#ifdef EXC_CORPSE_NOTIFY
555 case EXC_CORPSE_NOTIFY:
556 return "EXC_CORPSE_NOTIFY";
557#endif
558#ifdef EXC_CORPSE_VARIANT_BIT
559 case EXC_CORPSE_VARIANT_BIT:
560 return "EXC_CORPSE_VARIANT_BIT";
561#endif
562 default:
563 break;
564 }
565 return NULL;
566}
567
568std::optional<exception_type_t>
569StopInfoMachException::MachException::ExceptionCode(const char *name) {
570 return llvm::StringSwitch<std::optional<exception_type_t>>(name)
571 .Case("EXC_BAD_ACCESS", EXC_BAD_ACCESS)
572 .Case("EXC_BAD_INSTRUCTION", EXC_BAD_INSTRUCTION)
573 .Case("EXC_ARITHMETIC", EXC_ARITHMETIC)
574 .Case("EXC_EMULATION", EXC_EMULATION)
575 .Case("EXC_SOFTWARE", EXC_SOFTWARE)
576 .Case("EXC_BREAKPOINT", EXC_BREAKPOINT)
577 .Case("EXC_SYSCALL", EXC_SYSCALL)
578 .Case("EXC_MACH_SYSCALL", EXC_MACH_SYSCALL)
579 .Case("EXC_RPC_ALERT", EXC_RPC_ALERT)
580#ifdef EXC_CRASH
581 .Case("EXC_CRASH", EXC_CRASH)
582#endif
583 .Case("EXC_RESOURCE", EXC_RESOURCE)
584#ifdef EXC_GUARD
585 .Case("EXC_GUARD", EXC_GUARD)
586#endif
587#ifdef EXC_CORPSE_NOTIFY
588 .Case("EXC_CORPSE_NOTIFY", EXC_CORPSE_NOTIFY)
589#endif
590 .Default(std::nullopt);
591}
592#endif
593
595 Thread &thread, uint32_t exc_type, uint32_t exc_data_count,
596 uint64_t exc_code, uint64_t exc_sub_code, uint64_t exc_sub_sub_code,
597 bool pc_already_adjusted, bool adjust_pc_if_needed) {
598 if (exc_type == 0)
599 return StopInfoSP();
600
601 bool not_stepping_but_got_singlestep_exception = false;
602 uint32_t pc_decrement = 0;
603 ExecutionContext exe_ctx(thread.shared_from_this());
604 Target *target = exe_ctx.GetTargetPtr();
605 const llvm::Triple::ArchType cpu =
606 target ? target->GetArchitecture().GetMachine()
607 : llvm::Triple::UnknownArch;
608
609 switch (exc_type) {
610 case 1: // EXC_BAD_ACCESS
611 case 2: // EXC_BAD_INSTRUCTION
612 case 3: // EXC_ARITHMETIC
613 case 4: // EXC_EMULATION
614 break;
615
616 case 5: // EXC_SOFTWARE
617 if (exc_code == 0x10003) // EXC_SOFT_SIGNAL
618 {
619 if (exc_sub_code == 5) {
620 // On MacOSX, a SIGTRAP can signify that a process has called exec,
621 // so we should check with our dynamic loader to verify.
622 ProcessSP process_sp(thread.GetProcess());
623 if (process_sp) {
624 DynamicLoader *dynamic_loader = process_sp->GetDynamicLoader();
625 if (dynamic_loader && dynamic_loader->ProcessDidExec()) {
626 // The program was re-exec'ed
628 }
629 }
630 }
631 return StopInfo::CreateStopReasonWithSignal(thread, exc_sub_code);
632 }
633 break;
634
635 case 6: // EXC_BREAKPOINT
636 {
637 bool is_actual_breakpoint = false;
638 bool is_trace_if_actual_breakpoint_missing = false;
639 switch (cpu) {
640 case llvm::Triple::x86:
641 case llvm::Triple::x86_64:
642 if (exc_code == 1) // EXC_I386_SGL
643 {
644 if (!exc_sub_code) {
645 // This looks like a plain trap.
646 // Have to check if there is a breakpoint here as well. When you
647 // single-step onto a trap, the single step stops you not to trap.
648 // Since we also do that check below, let's just use that logic.
649 is_actual_breakpoint = true;
650 is_trace_if_actual_breakpoint_missing = true;
651 } else {
652 if (StopInfoSP stop_info =
653 GetStopInfoForHardwareBP(thread, target, exc_data_count,
654 exc_sub_code, exc_sub_sub_code))
655 return stop_info;
656 }
657 } else if (exc_code == 2 || // EXC_I386_BPT
658 exc_code == 3) // EXC_I386_BPTFLT
659 {
660 // KDP returns EXC_I386_BPTFLT for trace breakpoints
661 if (exc_code == 3)
662 is_trace_if_actual_breakpoint_missing = true;
663
664 is_actual_breakpoint = true;
665 if (!pc_already_adjusted)
666 pc_decrement = 1;
667 }
668 break;
669
670 case llvm::Triple::arm:
671 case llvm::Triple::thumb:
672 if (exc_code == 0x102) // EXC_ARM_DA_DEBUG
673 {
674 // LWP_TODO: We need to find the WatchpointResource that matches
675 // the address, and evaluate its Watchpoints.
676
677 // It's a watchpoint, then, if the exc_sub_code indicates a
678 // known/enabled data break address from our watchpoint list.
679 lldb::WatchpointSP wp_sp;
680 if (target)
681 wp_sp = target->GetWatchpointList().FindByAddress(
682 (lldb::addr_t)exc_sub_code);
683 if (wp_sp && wp_sp->IsEnabled()) {
685 wp_sp->GetID());
686 } else {
687 is_actual_breakpoint = true;
688 is_trace_if_actual_breakpoint_missing = true;
689 }
690 } else if (exc_code == 1) // EXC_ARM_BREAKPOINT
691 {
692 is_actual_breakpoint = true;
693 is_trace_if_actual_breakpoint_missing = true;
694 } else if (exc_code == 0) // FIXME not EXC_ARM_BREAKPOINT but a kernel
695 // is currently returning this so accept it
696 // as indicating a breakpoint until the
697 // kernel is fixed
698 {
699 is_actual_breakpoint = true;
700 is_trace_if_actual_breakpoint_missing = true;
701 }
702 break;
703
704 case llvm::Triple::aarch64_32:
705 case llvm::Triple::aarch64: {
706 // xnu describes three things with type EXC_BREAKPOINT:
707 //
708 // exc_code 0x102 [EXC_ARM_DA_DEBUG], exc_sub_code addr-of-insn
709 // Watchpoint access. exc_sub_code is the address of the
710 // instruction which trigged the watchpoint trap.
711 // debugserver may add the watchpoint number that was triggered
712 // in exc_sub_sub_code.
713 //
714 // exc_code 1 [EXC_ARM_BREAKPOINT], exc_sub_code 0
715 // Instruction step has completed.
716 //
717 // exc_code 1 [EXC_ARM_BREAKPOINT], exc_sub_code address-of-instruction
718 // Software breakpoint instruction executed.
719
720 if (exc_code == 1 && exc_sub_code == 0) // EXC_ARM_BREAKPOINT
721 {
722 // This is hit when we single instruction step aka MDSCR_EL1 SS bit 0
723 // is set
724 is_actual_breakpoint = true;
725 is_trace_if_actual_breakpoint_missing = true;
727 not_stepping_but_got_singlestep_exception = true;
728 }
729 if (exc_code == 0x102) // EXC_ARM_DA_DEBUG
730 {
731 // LWP_TODO: We need to find the WatchpointResource that matches
732 // the address, and evaluate its Watchpoints.
733
734 // It's a watchpoint, then, if the exc_sub_code indicates a
735 // known/enabled data break address from our watchpoint list.
736 lldb::WatchpointSP wp_sp;
737 if (target)
738 wp_sp = target->GetWatchpointList().FindByAddress(
739 (lldb::addr_t)exc_sub_code);
740 if (wp_sp && wp_sp->IsEnabled()) {
742 wp_sp->GetID());
743 }
744 // EXC_ARM_DA_DEBUG seems to be reused for EXC_BREAKPOINT as well as
745 // EXC_BAD_ACCESS
748 }
749 // It looks like exc_sub_code has the 4 bytes of the instruction that
750 // triggered the exception, i.e. our breakpoint opcode
751 is_actual_breakpoint = exc_code == 1;
752 break;
753 }
754
755 default:
756 break;
757 }
758
759 if (is_actual_breakpoint) {
760 RegisterContextSP reg_ctx_sp(thread.GetRegisterContext());
761 addr_t pc = reg_ctx_sp->GetPC() - pc_decrement;
762
763 ProcessSP process_sp(thread.CalculateProcess());
764
765 lldb::BreakpointSiteSP bp_site_sp;
766 if (process_sp)
767 bp_site_sp = process_sp->GetBreakpointSiteList().FindByAddress(pc);
768 if (bp_site_sp && bp_site_sp->IsEnabled()) {
769 // Update the PC if we were asked to do so, but only do so if we find
770 // a breakpoint that we know about cause this could be a trap
771 // instruction in the code
772 if (pc_decrement > 0 && adjust_pc_if_needed)
773 reg_ctx_sp->SetPC(pc);
774
775 // If the breakpoint is for this thread, then we'll report the hit,
776 // but if it is for another thread, we can just report no reason. We
777 // don't need to worry about stepping over the breakpoint here, that
778 // will be taken care of when the thread resumes and notices that
779 // there's a breakpoint under the pc. If we have an operating system
780 // plug-in, we might have set a thread specific breakpoint using the
781 // operating system thread ID, so we can't make any assumptions about
782 // the thread ID so we must always report the breakpoint regardless
783 // of the thread.
784 if (bp_site_sp->ValidForThisThread(thread) ||
785 thread.GetProcess()->GetOperatingSystem() != nullptr)
787 thread, bp_site_sp->GetID());
788 else if (is_trace_if_actual_breakpoint_missing)
790 else
791 return StopInfoSP();
792 }
793
794 // Don't call this a trace if we weren't single stepping this thread.
795 if (is_trace_if_actual_breakpoint_missing &&
798 }
799 }
800 } break;
801
802 case 7: // EXC_SYSCALL
803 case 8: // EXC_MACH_SYSCALL
804 case 9: // EXC_RPC_ALERT
805 case 10: // EXC_CRASH
806 break;
807 }
808
809 return std::make_shared<StopInfoMachException>(
810 thread, exc_type, exc_data_count, exc_code, exc_sub_code,
811 not_stepping_but_got_singlestep_exception);
812}
813
814// Detect an unusual situation on Darwin where:
815//
816// 0. We did an instruction-step before this.
817// 1. We have a hardware breakpoint or watchpoint set.
818// 2. We resumed the process, but not with an instruction-step.
819// 3. The thread gets an "instruction-step completed" mach exception.
820// 4. The pc has not advanced - it is the same as before.
821//
822// This method returns true for that combination of events.
824 Log *log = GetLog(LLDBLog::Step);
825
826 // We got an instruction-step completed mach exception but we were not
827 // doing an instruction step on this thread.
829 return false;
830
831 RegisterContextSP reg_ctx_sp(thread.GetRegisterContext());
832 std::optional<addr_t> prev_pc = thread.GetPreviousFrameZeroPC();
833 if (!reg_ctx_sp || !prev_pc)
834 return false;
835
836 // The previous pc value and current pc value are the same.
837 if (*prev_pc != reg_ctx_sp->GetPC())
838 return false;
839
840 // We have a watchpoint -- this is the kernel bug.
841 ProcessSP process_sp = thread.GetProcess();
842 if (process_sp->GetWatchpointResourceList().GetSize()) {
843 LLDB_LOGF(log,
844 "Thread stopped with insn-step completed mach exception but "
845 "thread was not stepping; there is a hardware watchpoint set.");
846 return true;
847 }
848
849 // We have a hardware breakpoint -- this is the kernel bug.
850 auto &bp_site_list = process_sp->GetBreakpointSiteList();
851 for (auto &site : bp_site_list.Sites()) {
852 if (site->IsHardware() && site->IsEnabled()) {
853 LLDB_LOGF(log,
854 "Thread stopped with insn-step completed mach exception but "
855 "thread was not stepping; there is a hardware breakpoint set.");
856 return true;
857 }
858 }
859
860 return false;
861}
#define LLDB_LOGF(log,...)
Definition: Log.h:366
static StopInfoSP GetStopInfoForHardwareBP(Thread &thread, Target *target, uint32_t exc_data_count, uint64_t exc_sub_code, uint64_t exc_sub_sub_code)
static std::optional< PtrauthInstructionInfo > GetPtrauthInstructionInfo(Target &target, const ArchSpec &arch, const Address &at_addr)
Get any pointer-authentication related information about the instruction at address at_addr.
static void DescribeAddressBriefly(Stream &strm, const Address &addr, Target &target)
Describe the load address of addr using the format filename:line:col.
A section + offset based address range class.
Definition: AddressRange.h:25
A section + offset based address class.
Definition: Address.h:62
lldb::addr_t GetLoadAddress(Target *target) const
Get the load address.
Definition: Address.cpp:313
bool GetDescription(Stream &s, Target &target, lldb::DescriptionLevel level) const
Write a description of this object to a Stream.
Definition: Address.cpp:395
An architecture specification class.
Definition: ArchSpec.h:31
llvm::Triple::ArchType GetMachine() const
Returns a machine family for the current architecture.
Definition: ArchSpec.cpp:683
Core GetCore() const
Definition: ArchSpec.h:429
static lldb::DisassemblerSP DisassembleRange(const ArchSpec &arch, const char *plugin_name, const char *flavor, Target &target, const AddressRange &disasm_range, bool force_live_memory=false)
A plug-in interface definition class for dynamic loaders.
Definition: DynamicLoader.h:52
virtual bool ProcessDidExec()
Helper function that can be used to detect when a process has called exec and is now a new and differ...
Definition: DynamicLoader.h:90
"lldb/Target/ExecutionContext.h" A class that contains an execution context.
bool HasThreadScope() const
Returns true the ExecutionContext object contains a valid target, process, and thread.
bool HasProcessScope() const
Returns true the ExecutionContext object contains a valid target and process.
Target * GetTargetPtr() const
Returns a pointer to the target object.
bool HasTargetScope() const
Returns true the ExecutionContext object contains a valid target.
Process * GetProcessPtr() const
Returns a pointer to the process object.
RegisterContext * GetRegisterContext() const
Thread * GetThreadPtr() const
Returns a pointer to the thread object.
lldb::InstructionSP GetInstructionAtIndex(size_t idx) const
A plug-in interface definition class for debugging a process.
Definition: Process.h:341
const lldb::ABISP & GetABI()
Definition: Process.cpp:1497
const RegisterInfo * GetRegisterInfoByName(llvm::StringRef reg_name, uint32_t start_idx=0)
virtual bool ReadRegister(const RegisterInfo *reg_info, RegisterValue &reg_value)=0
uint64_t GetAsUInt64(uint64_t fail_value=UINT64_MAX, bool *success_ptr=nullptr) const
bool DeterminePtrauthFailure(ExecutionContext &exe_ctx)
Determine the pointer-authentication related failure that caused this exception.
bool WasContinueInterrupted(Thread &thread) override
A Continue operation can result in a false stop event before any execution has happened.
static lldb::StopInfoSP CreateStopReasonWithMachException(Thread &thread, uint32_t exc_type, uint32_t exc_data_count, uint64_t exc_code, uint64_t exc_sub_code, uint64_t exc_sub_sub_code, bool pc_already_adjusted=true, bool adjust_pc_if_needed=false)
std::string m_description
Definition: StopInfo.h:185
uint64_t GetValue() const
Definition: StopInfo.h:45
static lldb::StopInfoSP CreateStopReasonToTrace(Thread &thread)
Definition: StopInfo.cpp:1393
static lldb::StopInfoSP CreateStopReasonWithSignal(Thread &thread, int signo, const char *description=nullptr, std::optional< int > code=std::nullopt)
Definition: StopInfo.cpp:1386
static lldb::StopInfoSP CreateStopReasonWithWatchpointID(Thread &thread, lldb::break_id_t watch_id, bool silently_continue=false)
Definition: StopInfo.cpp:1379
static lldb::StopInfoSP CreateStopReasonWithBreakpointSiteID(Thread &thread, lldb::break_id_t break_id)
static lldb::StopInfoSP CreateStopReasonWithExec(Thread &thread)
Definition: StopInfo.cpp:1414
lldb::ThreadWP m_thread_wp
Definition: StopInfo.h:180
llvm::StringRef GetString() const
A stream class that can stream formatted output to a file.
Definition: Stream.h:28
size_t Printf(const char *format,...) __attribute__((format(printf
Output printf formatted output to the stream.
Definition: Stream.cpp:134
size_t PutCString(llvm::StringRef cstr)
Output a C string to the stream.
Definition: Stream.cpp:65
size_t PutChar(char ch)
Definition: Stream.cpp:131
const lldb::ProcessSP & GetProcessSP() const
Definition: Target.cpp:221
bool ResolveLoadAddress(lldb::addr_t load_addr, Address &so_addr, uint32_t stop_id=SectionLoadHistory::eStopIDNow)
Definition: Target.cpp:3104
const ArchSpec & GetArchitecture() const
Definition: Target.h:1023
WatchpointList & GetWatchpointList()
Definition: Target.h:774
std::optional< lldb::addr_t > GetPreviousFrameZeroPC()
Request the pc value the thread had when previously stopped.
Definition: Thread.cpp:1418
virtual lldb::StackFrameSP GetStackFrameAtIndex(uint32_t idx)
Definition: Thread.h:405
virtual lldb::RegisterContextSP GetRegisterContext()=0
lldb::ProcessSP CalculateProcess() override
Definition: Thread.cpp:1398
lldb::StateType GetTemporaryResumeState() const
Definition: Thread.h:1195
lldb::ProcessSP GetProcess() const
Definition: Thread.h:154
const lldb::WatchpointSP FindByAddress(lldb::addr_t addr) const
Returns a shared pointer to the watchpoint at address addr - const version.
A class that represents a running process on the host machine.
Log * GetLog(Cat mask)
Retrieve the Log object for the channel associated with the given log enum.
Definition: Log.h:331
Definition: SBAddress.h:15
std::shared_ptr< lldb_private::ABI > ABISP
Definition: lldb-forward.h:312
std::shared_ptr< lldb_private::StackFrame > StackFrameSP
Definition: lldb-forward.h:415
std::shared_ptr< lldb_private::BreakpointSite > BreakpointSiteSP
Definition: lldb-forward.h:318
@ eDescriptionLevelBrief
@ eStateStepping
Process or thread is in the process of stepping and can not be examined.
std::shared_ptr< lldb_private::Instruction > InstructionSP
Definition: lldb-forward.h:353
std::shared_ptr< lldb_private::Process > ProcessSP
Definition: lldb-forward.h:384
std::shared_ptr< lldb_private::Disassembler > DisassemblerSP
Definition: lldb-forward.h:336
std::shared_ptr< lldb_private::Watchpoint > WatchpointSP
Definition: lldb-forward.h:480
std::shared_ptr< lldb_private::WatchpointResource > WatchpointResourceSP
Definition: lldb-forward.h:481
std::shared_ptr< lldb_private::StopInfo > StopInfoSP
Definition: lldb-forward.h:422
uint64_t addr_t
Definition: lldb-types.h:80
@ eStopReasonInvalid
std::shared_ptr< lldb_private::RegisterContext > RegisterContextSP
Definition: lldb-forward.h:389
Information about a pointer-authentication related instruction.
Every register is described in detail including its name, alternate name (optional),...
lldb::user_id_t GetID() const
Get accessor for the user ID.
Definition: UserID.h:47