1/*
2 * Copyright (c) 2010 ARM Limited
3 * All rights reserved
4 *
5 * The license below extends only to copyright in the software and shall
6 * not be construed as granting a license to any other intellectual
7 * property including but not limited to intellectual property relating
8 * to a hardware implementation of the functionality of the software
9 * licensed hereunder.  You may use the software subject to the license
10 * terms below provided that you ensure that this notice is replicated
11 * unmodified and in its entirety in all distributions of the software,
12 * modified or unmodified, in source code or in binary form.
13 *
14 * Copyright (c) 2006-2009 The Regents of The University of Michigan
15 * All rights reserved.
16 *
17 * Redistribution and use in source and binary forms, with or without
18 * modification, are permitted provided that the following conditions are
19 * met: redistributions of source code must retain the above copyright
20 * notice, this list of conditions and the following disclaimer;
21 * redistributions in binary form must reproduce the above copyright
22 * notice, this list of conditions and the following disclaimer in the
23 * documentation and/or other materials provided with the distribution;
24 * neither the name of the copyright holders nor the names of its
25 * contributors may be used to endorse or promote products derived from
26 * this software without specific prior written permission.
27 *
28 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS
29 * "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT
30 * LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR
31 * A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT
32 * OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
33 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT
34 * LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
35 * DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
36 * THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
37 * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE
38 * OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
39 *
40 * Authors: Ali Saidi
41 *          Gabe Black
42 */
43
44#include <stdint.h>
45
46#include <cerrno>
47#include <cstdio>
48#include <cstring>
49#include <iostream>
50
51#include "arch/arm/tracechild.hh"
52
53using namespace std;
54
55ARMTraceChild::ARMTraceChild()
56{
57    foundMvn = false;
58
59    memset(&regs, 0, sizeof(regs));
60    memset(&oldregs, 0, sizeof(regs));
61    memset(&fpregs, 0, sizeof(vfp_regs));
62    memset(&oldfpregs, 0, sizeof(vfp_regs));
63
64    for (int x = 0; x < numregs; x++) {
65        regDiffSinceUpdate[x] = false;
66    }
67
68    assert(sizeof(regs.uregs)/sizeof(regs.uregs[0]) > CPSR);
69}
70
71bool
72ARMTraceChild::sendState(int socket)
73{
74    uint32_t regVal = 0;
75    uint64_t message[numregs + 1];
76    int pos = 1;
77    message[0] = 0;
78    for (int x = 0; x < numregs; x++) {
79        if (regDiffSinceUpdate[x]) {
80            message[0] = message[0] | (1ULL << x);
81            message[pos++] = getRegVal(x);
82        }
83    }
84
85    size_t sent = 0;
86    size_t toSend = pos * sizeof(message[0]);
87    uint8_t *messagePtr = (uint8_t *)message;
88    while (toSend != 0) {
89        sent = write(socket, messagePtr, toSend);
90        if (sent == -1) {
91            cerr << "Write failed! " << strerror(errno) << endl;
92            tracing = false;
93            return false;
94        }
95        toSend -= sent;
96        messagePtr += sent;
97    }
98
99    return true;
100}
101
102uint32_t
103ARMTraceChild::getRegs(user_regs &myregs, int num)
104{
105    assert(num <= CPSR && num >= 0);
106    return myregs.uregs[num];
107}
108
109uint64_t
110ARMTraceChild::getFpRegs(vfp_regs &my_fp_regs, int num)
111{
112    assert(num >= F0 && num < numregs);
113    if (num == FPSCR)
114        return my_fp_regs.fpscr;
115
116    num -= F0;
117    return my_fp_regs.fpregs[num];
118}
119
120bool
121ARMTraceChild::update(int pid)
122{
123    oldregs = regs;
124    if (ptrace(PTRACE_GETREGS, pid, 0, &regs) != 0) {
125        cerr << "update: " << strerror(errno) << endl;
126        return false;
127    }
128
129    const uint32_t get_vfp_regs = 32;
130
131    oldfpregs = fpregs;
132    if (ptrace((__ptrace_request)get_vfp_regs, pid, 0, &fpregs) != 0) {
133        cerr << "update: " << strerror(errno) << endl;
134        return false;
135    }
136
137    for (unsigned int x = 0; x < numregs; x++)
138        regDiffSinceUpdate[x] = (getRegVal(x) != getOldRegVal(x));
139
140    return true;
141}
142
143int64_t
144ARMTraceChild::getRegVal(int num)
145{
146    if (num <= CPSR)
147        return getRegs(regs, num);
148    else
149        return (int64_t)getFpRegs(fpregs, num);
150}
151
152int64_t
153ARMTraceChild::getOldRegVal(int num)
154{
155    if (num <= CPSR)
156        return getRegs(oldregs, num);
157    else
158        return (int64_t)getFpRegs(oldfpregs, num);
159}
160
161ostream &
162ARMTraceChild::outputStartState(ostream & os)
163{
164    uint32_t sp = getSP();
165    uint32_t pc = getPC();
166    uint32_t highestInfo = 0;
167    char obuf[1024];
168    sprintf(obuf, "Initial stack pointer = 0x%08x\n", sp);
169    os << obuf;
170    sprintf(obuf, "Initial program counter = 0x%08x\n", pc);
171    os << obuf;
172
173    //Output the argument count
174    int32_t cargc = ptrace(PTRACE_PEEKDATA, pid, sp, 0);
175    sprintf(obuf, "0x%08x: Argc = 0x%08x\n", sp, cargc);
176    os << obuf;
177    sp += 4;
178
179    //Output argv pointers
180    int argCount = 0;
181    int32_t cargv;
182    do {
183        cargv = ptrace(PTRACE_PEEKDATA, pid, sp, 0);
184        sprintf(obuf, "0x%08x: argv[%d] = 0x%08x\n",
185                sp, argCount++, cargv);
186        if (cargv)
187            if (highestInfo < cargv)
188                highestInfo = cargv;
189        os << obuf;
190        sp += 4;
191    } while (cargv);
192
193    //Output the envp pointers
194    int envCount = 0;
195    uint32_t cenvp;
196    do {
197        cenvp = ptrace(PTRACE_PEEKDATA, pid, sp, 0);
198        sprintf(obuf, "0x%08x: envp[%d] = 0x%08x\n",
199                sp, envCount++, cenvp);
200        os << obuf;
201        sp += 4;
202    } while (cenvp);
203    uint32_t auxType, auxVal;
204    do {
205        auxType = ptrace(PTRACE_PEEKDATA, pid, sp, 0);
206        sp += 4;
207        auxVal = ptrace(PTRACE_PEEKDATA, pid, sp, 0);
208        sp += 4;
209        sprintf(obuf, "0x%08x: Auxiliary vector = {0x%08x, 0x%08x}\n",
210                sp - 8, auxType, auxVal);
211        os << obuf;
212    } while (auxType != 0 || auxVal != 0);
213    //Print out the argument strings, environment strings, and file name.
214    string current;
215    uint32_t buf;
216    uint32_t currentStart = sp;
217    bool clearedInitialPadding = false;
218    do {
219        buf = ptrace(PTRACE_PEEKDATA, pid, sp, 0);
220        char * cbuf = (char *)&buf;
221        for (int x = 0; x < sizeof(uint32_t); x++) {
222            if (cbuf[x])
223                current += cbuf[x];
224            else {
225                sprintf(obuf, "0x%08x: \"%s\"\n",
226                        currentStart, current.c_str());
227                os << obuf;
228                current = "";
229                currentStart = sp + x + 1;
230            }
231        }
232        sp += 4;
233        clearedInitialPadding = clearedInitialPadding || buf != 0;
234    } while (!clearedInitialPadding || buf != 0 || sp <= highestInfo);
235    return os;
236}
237
238bool
239ARMTraceChild::step()
240{
241    const uint32_t bkpt_inst = 0xe7f001f0;
242
243    uint32_t lr = getRegVal(14);
244    uint32_t pc = getPC();
245    uint32_t lrOp, subsOp;
246    char obuf[128];
247    bool patch = false;
248
249    // Since ARM uses software breakpoints behind the scenes, they don't work
250    // in read only areas like the page of routines provided by the kernel. The
251    // link register generally holds the address the process wants to the
252    // kernel to return to after it's done, so we'll install a software
253    // breakpoint there.
254    //
255    // Calls into the kernel user page always follow the form:
256    //  MVN ...
257    //  <possible MOV lr,...>
258    //  SUB PC, ...
259    //
260    //  So we look for this pattern and set a breakpoint on the LR at the SUB
261    //  instruction.
262
263
264    subsOp = ptrace(PTRACE_PEEKDATA, pid, pc, 0);
265    if ((subsOp & 0xFFFF0FFF) == 0xe3e00a0f)
266        foundMvn = true;
267
268    if (foundMvn && ((subsOp & 0xFFF0F000) == 0xe240f000)) {
269        foundMvn = false;
270        lrOp = ptrace(PTRACE_PEEKDATA, pid, lr, 0);
271        ptrace(PTRACE_POKEDATA, pid, lr, bkpt_inst);
272        patch = true;
273    }
274    ptraceSingleStep();
275
276    if (patch)
277        ptrace(PTRACE_POKEDATA, pid, lr, lrOp);
278}
279
280
281TraceChild *
282genTraceChild()
283{
284    return new ARMTraceChild;
285}
286
287