Skip to content

Commit

Permalink
Covering breakpoints, but can't detect process exit
Browse files Browse the repository at this point in the history
  • Loading branch information
@SimonKagstrom
SimonKagstrom committed Aug 10, 2023
1 parent 49a8fe6 commit 97e615d
Showing 1 changed file with 37 additions and 31 deletions.
68 changes: 37 additions & 31 deletions src/engines/mach-engine.cc
View file
Original file line number Diff line number Diff line change
Expand Up @@ -108,7 +108,7 @@ class MachEngine : public IEngine
mach_exception_data_t codes,
mach_msg_type_number_t num_codes)
{
printf("Exc raise: %d, 0x%llx\n", exception_type, codes[0]);
printf("Exc raise: %d, 0x%llx:0x%llx:0x%llx\n", exception_type, codes[0], codes[1], codes[2]);
/* exception_type is defined in exception_types.h */

/* an exception may include a code and a sub-code. num_codes specifies */
Expand All @@ -121,10 +121,23 @@ class MachEngine : public IEngine
/* handling UNIX soft signal: */
/* this example clears SIGSTOP before resuming the process. */

if (codes[2] == SIGSTOP)
codes[2] = 0;
// if (codes[2] == SIGSTOP)
// codes[2] = 0;

ptrace(PT_THUPDATE, m_pid, (caddr_t)(uintptr_t)thread_port, codes[2]);

x86_thread_state64_t state;

auto state_count = x86_THREAD_STATE64_COUNT;
auto kret = thread_get_state(
thread_port, x86_THREAD_STATE64, (thread_state_t)&state, &state_count);
if (kret != KERN_SUCCESS)
{
error("thread_get_state with error: %s\n", mach_error_string(kret));
return KERN_SUCCESS;
}
printf("EXC at 0x%llx\n", state.__rip);

ptrace(PT_THUPDATE, m_pid, (caddr_t)(uintptr_t)thread_port, codes[1]);
}
else if (exception_type == EXC_BREAKPOINT)
{
Expand Down Expand Up @@ -160,6 +173,8 @@ class MachEngine : public IEngine
return KERN_SUCCESS;
}
}

//ptrace(PT_THUPDATE, m_pid, (caddr_t)(uintptr_t)thread_port, codes[2]);
}

return KERN_SUCCESS;
Expand All @@ -169,7 +184,7 @@ class MachEngine : public IEngine
// From IEngine
virtual int registerBreakpoint(unsigned long addr) override
{
#if 1
#if 0
auto patch_addr = m_imageBase + (addr & 0xffffffff);
// VM_PROT_COPY forces COW, probably, see vm_map_protect in vm_map.c
kern_return_t kr;
Expand Down Expand Up @@ -261,14 +276,6 @@ class MachEngine : public IEngine

m_imageBase = findImageAddress();

rv = ptrace(PT_ATTACHEXC, m_pid, 0, 0);
if (rv != 0)
{
error("ptrace error %d, errno %d\n", rv, errno);
return false;
}


rv = task_get_exception_ports(m_task,
EXC_MASK_ALL,
saved_masks,
Expand Down Expand Up @@ -312,24 +319,32 @@ class MachEngine : public IEngine
error("task_set_exception_ports: %d\n", rv);
return false;
}
rv = ptrace(PT_ATTACHEXC, m_pid, 0, 0);
if (rv != 0)
{
error("ptrace error %d, errno %d\n", rv, errno);
return false;
}


return true;
}

bool continueExecution() final
{
printf("CE\n");
setupAllBreakpoints();

//ptrace(PT_CONTINUE, m_pid, 0, 0);
::kill(m_pid, SIGCONT);
int status;
auto rv = waitpid(m_pid, &status, 0);
auto rv = ptrace(PT_CONTINUE, m_pid, 0, 0);
printf("CE pt rv %d\n", rv);
// ::kill(m_pid, SIGCONT);
int status = 0;
rv = waitpid(-1, &status, WNOHANG);
if (rv == -1)
{
error("waitpid");
return false;
}
printf("waitpid: %d, 0x%x %d (pid is %d)\n", rv, status, WIFEXITED(status), m_pid);


/* wait indefinitely to receive an exception message */
Expand All @@ -344,6 +359,7 @@ class MachEngine : public IEngine
MACH_MSG_TIMEOUT_NONE, /* wait indefinitely */
MACH_PORT_NULL); /* notify port, unused */

task_suspend(m_task);
/* resume all threads in the process before replying to the exception */

if (krt == KERN_SUCCESS)
Expand All @@ -366,17 +382,6 @@ class MachEngine : public IEngine
printf("Some error %d?\n", krt);
}

printf("Got message, resume\n");
{
mach_port_t tp = MACH_PORT_NULL;

krt = task_for_pid(mach_task_self(), m_pid, &tp);
if (krt != KERN_SUCCESS)
{
printf("NEIN!\n");
}
}

task_resume(m_task);
/* reply to the exception */

Expand All @@ -397,6 +402,7 @@ class MachEngine : public IEngine
void kill(int signal) final
{
printf("kill %d\n", signal);
::kill(m_pid, signal);
}

// From vm-demo.git
Expand Down Expand Up @@ -493,7 +499,7 @@ class MachEngine : public IEngine

// FIXME! Is this really true?
auto patch_addr = m_imageBase + (aligned_addr & 0xffffffff);
// printf("PEEK WROD: 0x%llx\n", patch_addr);
// printf("PEEK WROD: 0x%llx\n", patch_addr);

auto kr = vm_read_overwrite(m_task, patch_addr, sizeof(val), (vm_offset_t)&val, &size);
if (kr != KERN_SUCCESS)
Expand Down Expand Up @@ -524,7 +530,7 @@ class MachEngine : public IEngine
panic("vm_protect failed\n");
}

printf("Poke word 0x%llx -> 0x%x\n", patch_addr, value);
//printf("Poke word 0x%llx -> 0x%x\n", patch_addr, value);
kr = vm_write(m_task, patch_addr, (vm_offset_t)&value, sizeof(value));
if (kr != KERN_SUCCESS)
{
Expand Down

0 comments on commit 97e615d

Please sign in to comment.