#include <rz_debug.h>
#include "xnu_debug.h"
#include "xnu_threads.h"

Functions
static void	xnu_thread_free (xnu_thread_t *thread)

RZ_IPI bool	rz_xnu_thread_get_drx (RzDebug dbg, xnu_thread_t thread)

RZ_IPI bool	rz_xnu_thread_set_drx (RzDebug dbg, xnu_thread_t thread)

RZ_IPI bool	rz_xnu_thread_set_gpr (RzDebug dbg, xnu_thread_t thread)

RZ_IPI bool	rz_xnu_thread_get_gpr (RzDebug dbg, xnu_thread_t thread)

static bool	xnu_fill_info_thread (RzDebug dbg, xnu_thread_t thread)

static xnu_thread_t *	xnu_get_thread_with_info (RzDebug *dbg, thread_t port)

static int	xnu_update_thread_info (RzDebug dbg, xnu_thread_t thread)

static int	thread_find (thread_t port, xnu_thread_t a)

RZ_IPI int	rz_xnu_update_thread_list (RzDebug *dbg)

RZ_IPI xnu_thread_t *	rz_xnu_get_thread (RzDebug *dbg, int tid)

RZ_IPI thread_t	rz_xnu_get_cur_thread (RzDebug *dbg)

Function Documentation

◆ rz_xnu_get_cur_thread()

RZ_IPI thread_t rz_xnu_get_cur_thread ( RzDebug * dbg )

Definition at line 402 of file xnu_threads.c.

                                                     {
     thread_t th;
     thread_array_t threads = NULL;
     unsigned int n_threads = 0;
     task_t t = pid_to_task(dbg->pid);
     if (!t) {
         return -1;
     }
     if (task_threads(t, &threads, &n_threads) != KERN_SUCCESS) {
         return -1;
     }
     if (n_threads > 0) {
         memcpy(&th, threads, sizeof(th));
     } else {
         th = -1;
     }
     vm_deallocate(mach_task_self(), (vm_address_t)threads, n_threads * sizeof(thread_act_t));
     return th;
 }

References dbg, memcpy(), NULL, rz_debug_t::pid, pid_to_task(), and threads.

Referenced by rz_xnu_get_thread(), xnu_continue(), xnu_reg_read(), xnu_reg_write(), and xnu_step().

◆ rz_xnu_get_thread()

RZ_IPI xnu_thread_t* rz_xnu_get_thread	(	RzDebug *	dbg,
		int	tid
	)

Definition at line 378 of file xnu_threads.c.

                                                               {
     if (!dbg || tid < 0) {
         return NULL;
     }
     if (!rz_xnu_update_thread_list(dbg)) {
         eprintf("Failed to update thread_list xnu_udpate_thread_list\n");
         return NULL;
     }
     // TODO get the current thread
     RzListIter *it = rz_list_find(dbg->threads, (const void *)(size_t)&tid,
         (RzListComparator)&thread_find);
     if (!it) {
         tid = rz_xnu_get_cur_thread(dbg);
         it = rz_list_find(dbg->threads, (const void *)(size_t)&tid,
             (RzListComparator)&thread_find);
         if (!it) {
             eprintf("Thread not found get_xnu_thread\n");
             return NULL;
         }
     }
     return (xnu_thread_t *)it->data;
 }

References rz_list_iter_t::data, dbg, eprintf, NULL, rz_list_find(), rz_xnu_get_cur_thread(), rz_xnu_update_thread_list(), thread_find(), and rz_debug_t::threads.

Referenced by xnu_continue(), xnu_map_alloc(), xnu_map_dealloc(), xnu_reg_read(), xnu_reg_write(), and xnu_step().

◆ rz_xnu_thread_get_drx()

RZ_IPI bool rz_xnu_thread_get_drx	(	RzDebug *	dbg,
		xnu_thread_t *	thread
	)

Definition at line 26 of file xnu_threads.c.

                                                                       {
     rz_return_val_if_fail(dbg && thread, false);
     kern_return_t rc;
 #if __x86_64__ || __i386__
     thread->flavor = x86_DEBUG_STATE;
     thread->count = x86_DEBUG_STATE_COUNT;
     thread->state_size = (dbg->bits == RZ_SYS_BITS_64)
         ? sizeof(x86_debug_state64_t)
         : sizeof(x86_debug_state32_t);
     thread->state = &thread->drx.uds;
     rc = thread_get_state(thread->port, thread->flavor,
         (thread_state_t)&thread->drx, &thread->count);
 #elif __arm64__ || __arm64 || __aarch64 || __aarch64__
     if (dbg->bits == RZ_SYS_BITS_64) {
         thread->count = ARM_DEBUG_STATE64_COUNT;
         thread->flavor = ARM_DEBUG_STATE64;
         rc = thread_get_state(thread->port, thread->flavor,
             (thread_state_t)&thread->debug.drx64,
             &thread->count);
     } else {
         thread->count = ARM_DEBUG_STATE32_COUNT;
         thread->flavor = ARM_DEBUG_STATE32;
         rc = thread_get_state(thread->port, thread->flavor,
             (thread_state_t)&thread->debug.drx32,
             &thread->count);
     }
 #elif __arm__ || __arm || __armv7__
     thread->count = ARM_DEBUG_STATE_COUNT;
     thread->flavor = ARM_DEBUG_STATE;
     rc = thread_get_state(thread->port, thread->flavor,
         (thread_state_t)&thread->debug.drx,
         &thread->count);
 #else
 #warning xnu_thread_get_drx: Unsupported architecture
     rc = KERN_FAILURE;
 #endif
     if (rc != KERN_SUCCESS) {
         LOG_MACH_ERROR("thread_get_state", rc);
         thread->count = 0;
         return false;
     }
     return true;
 }

References rz_debug_t::bits, _xnu_thread::count, dbg, _xnu_thread::flavor, LOG_MACH_ERROR, _xnu_thread::port, rz_return_val_if_fail, RZ_SYS_BITS_64, _xnu_thread::state, _xnu_thread::state_size, and x86_DEBUG_STATE.

Referenced by xnu_reg_read().

◆ rz_xnu_thread_get_gpr()

RZ_IPI bool rz_xnu_thread_get_gpr	(	RzDebug *	dbg,
		xnu_thread_t *	thread
	)

Definition at line 184 of file xnu_threads.c.

                                                                       {
     rz_return_val_if_fail(dbg && thread, false);
     RZ_REG_T *regs = &thread->gpr;
     if (!regs) {
         return false;
     }
     kern_return_t rc;
 #if __POWERPC__
     thread->state = regs;
 #elif __arm64 || __aarch64 || __aarch64__ || __arm64__
     // thread->state = regs;
     thread->state = &regs->uts;
     if (dbg->bits == RZ_SYS_BITS_64) {
         thread->flavor = ARM_THREAD_STATE64;
         thread->count = ARM_THREAD_STATE64_COUNT;
         thread->state_size = sizeof(arm_thread_state64_t);
     } else {
         thread->flavor = ARM_THREAD_STATE;
         thread->count = ARM_THREAD_STATE_COUNT;
         thread->state_size = sizeof(arm_thread_state32_t);
     }
 #elif __arm || __arm__ || __armv7__
     thread->state = regs;
     thread->flavor = ARM_THREAD_STATE;
     thread->count = ARM_THREAD_STATE_COUNT;
     thread->state_size = sizeof(arm_thread_state_t);
 #elif __x86_64__ || __i386__
     thread->state = &regs->uts;
     thread->flavor = x86_THREAD_STATE;
     thread->count = x86_THREAD_STATE_COUNT;
     thread->state_size = (dbg->bits == RZ_SYS_BITS_64) ? sizeof(x86_thread_state64_t) : sizeof(x86_thread_state32_t);
 #endif
     rc = thread_get_state(thread->port, thread->flavor,
         (thread_state_t)regs, &thread->count);
     if (rc != KERN_SUCCESS) {
         LOG_MACH_ERROR("thread_get_state", rc);
         thread->count = 0;
         return false;
     }
     return true;
 }

References rz_debug_t::bits, _xnu_thread::count, dbg, _xnu_thread::flavor, _xnu_thread::gpr, LOG_MACH_ERROR, _xnu_thread::port, regs, rz_return_val_if_fail, RZ_SYS_BITS_64, _xnu_thread::state, _xnu_thread::state_size, x86_THREAD_STATE, and x86_THREAD_STATE_COUNT.

Referenced by xnu_reg_read(), and xnu_thread_list().

◆ rz_xnu_thread_set_drx()

RZ_IPI bool rz_xnu_thread_set_drx	(	RzDebug *	dbg,
		xnu_thread_t *	thread
	)

Definition at line 70 of file xnu_threads.c.

                                                                       {
     rz_return_val_if_fail(dbg && thread, false);
     kern_return_t rc;
 #if __i386__ || __x86_64__
     x86_debug_state_t *regs = &thread->drx;
     if (!regs) {
         return false;
     }
     thread->flavor = x86_DEBUG_STATE;
     thread->count = x86_DEBUG_STATE_COUNT;
     if (dbg->bits == RZ_SYS_BITS_64) {
         regs->dsh.flavor = x86_DEBUG_STATE64;
         regs->dsh.count = x86_DEBUG_STATE64_COUNT;
     } else {
         regs->dsh.flavor = x86_DEBUG_STATE32;
         regs->dsh.count = x86_DEBUG_STATE32_COUNT;
     }
     rc = thread_set_state(thread->port, thread->flavor,
         (thread_state_t)regs, thread->count);
 #elif __arm64__ || __arm64 || __aarch64 || __aarch64__
     if (dbg->bits == RZ_SYS_BITS_64) {
         thread->count = ARM_DEBUG_STATE64_COUNT;
         thread->flavor = ARM_DEBUG_STATE64;
         rc = thread_set_state(thread->port, thread->flavor,
             (thread_state_t)&thread->debug.drx64,
             thread->count);
     } else {
         thread->count = ARM_DEBUG_STATE32_COUNT;
         thread->flavor = ARM_DEBUG_STATE32;
         rc = thread_set_state(thread->port, thread->flavor,
             (thread_state_t)&thread->debug.drx32,
             thread->count);
     }
 #elif __arm__ || __arm || __armv7__
     thread->count = ARM_DEBUG_STATE_COUNT;
     thread->flavor = ARM_DEBUG_STATE;
     rc = thread_set_state(thread->port, thread->flavor,
         (thread_state_t)&thread->debug.drx,
         &thread->count);
 #elif __POWERPC__
 /* not supported */
 #ifndef PPC_DEBUG_STATE32
 #define PPC_DEBUG_STATE32 1
 #endif
     ppc_debug_state_t *regs;
     // thread->flavor = PPC_DEBUG_STATE32;
     // thread->count  = RZ_MIN (thread->count, sizeof (regs->uds.ds32));
     return false;
 #else
     regs->dsh.flavor = 0;
     thread->count = 0;
 #endif
     if (rc != KERN_SUCCESS) {
         LOG_MACH_ERROR("thread_set_state", rc);
         thread->count = 0;
         return false;
     }
     return true;
 }

References rz_debug_t::bits, _xnu_thread::count, dbg, _xnu_thread::flavor, LOG_MACH_ERROR, _xnu_thread::port, regs, rz_return_val_if_fail, RZ_SYS_BITS_64, x86_DEBUG_STATE, x86_DEBUG_STATE32, and x86_DEBUG_STATE64.

Referenced by xnu_reg_write().

◆ rz_xnu_thread_set_gpr()

RZ_IPI bool rz_xnu_thread_set_gpr	(	RzDebug *	dbg,
		xnu_thread_t *	thread
	)

Definition at line 130 of file xnu_threads.c.

                                                                       {
     rz_return_val_if_fail(dbg && thread, false);
     kern_return_t rc;
     RZ_REG_T *regs = (RZ_REG_T *)&thread->gpr;
     if (!regs) {
         return false;
     }
 #if __i386__ || __x86_64__
     // thread->flavor is used in a switch+case but in regs->tsh.flavor we
     // specify
     thread->state = &regs->uts;
     // thread->state = regs;
     thread->flavor = x86_THREAD_STATE;
     thread->count = x86_THREAD_STATE_COUNT;
     if (dbg->bits == RZ_SYS_BITS_64) {
         regs->tsh.flavor = x86_THREAD_STATE64;
         regs->tsh.count = x86_THREAD_STATE64_COUNT;
     } else {
         regs->tsh.flavor = x86_THREAD_STATE32;
         regs->tsh.count = x86_THREAD_STATE32_COUNT;
     }
 #elif __arm64 || __aarch64 || __arm64__ || __aarch64__
 #if 0
     /* unified doesnt seems to work */
     thread->flavor = ARM_UNIFIED_THREAD_STATE;
     thread->count = ARM_UNIFIED_THREAD_STATE_COUNT;
 #endif
     // thread->state = regs;
     thread->state = &regs->uts;
     if (dbg->bits == RZ_SYS_BITS_64) {
         thread->flavor = ARM_THREAD_STATE64;
         thread->count = ARM_THREAD_STATE64_COUNT;
         thread->state_size = sizeof(arm_thread_state64_t);
     } else {
         thread->flavor = ARM_THREAD_STATE32;
         thread->count = ARM_THREAD_STATE32_COUNT;
         thread->state_size = sizeof(arm_thread_state32_t);
     }
 #elif __arm || __arm__ || __armv7__
     thread->flavor = ARM_THREAD_STATE;
     thread->count = ARM_THREAD_STATE_COUNT;
     thread->state_size = sizeof(arm_thread_state_t);
  
 #endif
     rc = thread_set_state(thread->port, thread->flavor,
         (thread_state_t)regs, thread->count);
     if (rc != KERN_SUCCESS) {
         LOG_MACH_ERROR("thread_set_state", rc);
         thread->count = 0;
         return false;
     }
     return true;
 }

References rz_debug_t::bits, _xnu_thread::count, dbg, _xnu_thread::flavor, _xnu_thread::gpr, if(), LOG_MACH_ERROR, _xnu_thread::port, regs, rz_return_val_if_fail, RZ_SYS_BITS_64, _xnu_thread::state, _xnu_thread::state_size, x86_THREAD_STATE, x86_THREAD_STATE32, x86_THREAD_STATE64, x86_THREAD_STATE64_COUNT, and x86_THREAD_STATE_COUNT.

Referenced by xnu_reg_write().

◆ rz_xnu_update_thread_list()

RZ_IPI int rz_xnu_update_thread_list ( RzDebug * dbg )

Definition at line 290 of file xnu_threads.c.

                                                    {
     thread_array_t thread_list = NULL;
     unsigned int thread_count = 0;
     xnu_thread_t *thread;
     kern_return_t kr;
     task_t task;
     int i;
  
     if (!dbg->threads) {
         dbg->threads = rz_list_newf((RzListFree)&xnu_thread_free);
         if (!dbg->threads) {
             return false;
         }
     }
     // ok we have the list that will hold our threads, now is time to get
     // them
     task = pid_to_task(dbg->pid);
     if (!task) {
         return false;
     }
     kr = task_threads(task, &thread_list, &thread_count);
     if (kr != KERN_SUCCESS) {
         // we can get into this when the process has terminated but we
         // still hold the old task because we are caching it
         eprintf("Failed to get list of task's threads\n");
         return false;
     }
     if (rz_list_empty(dbg->threads)) {
         // it's the first time write all threads inside the list
         for (i = 0; i < thread_count; i++) {
             thread = xnu_get_thread_with_info(dbg, thread_list[i]);
             if (!thread) {
                 eprintf("Failed to fill_thread\n");
                 continue;
             }
             if (!rz_list_append(dbg->threads, thread)) {
                 eprintf("Failed to add thread to list\n");
                 xnu_thread_free(thread);
             }
         }
     } else {
         RzListIter *iter, *iter2;
         // first pass to get rid of those threads that are not longer
         // alive
         rz_list_foreach_safe (dbg->threads, iter, iter2, thread) {
             bool flag = true; // this flag will denote when delete
                       // a thread
             for (i = 0; i < thread_count; i++) {
                 if (thread->port == thread_list[i]) {
                     flag = false;
                     break;
                 }
             }
             if (flag) {
                 // it is not longer alive so remove from the
                 // list
                 rz_list_delete(dbg->threads, iter);
             } else {
                 // otherwise update the info
                 xnu_update_thread_info(dbg, thread);
             }
         }
         // ok now we have to insert those threads that we don't have
         for (i = 0; i < thread_count; i++) {
             xnu_thread_t *t;
             iter = rz_list_find(dbg->threads, &thread_list[i],
                 (RzListComparator)&thread_find);
             // it means is already in our list
             if (iter) {
                 // free the ownership over the thread
                 kr = mach_port_deallocate(mach_task_self(),
                     thread_list[i]);
                 if (kr != KERN_SUCCESS) {
                     eprintf("Failed to deallocate port\n");
                 }
                 continue;
             }
             // otherwise insert it
             t = xnu_get_thread_with_info(dbg, thread_list[i]);
             rz_list_append(dbg->threads, t);
         }
     }
     // once that is over we need to free the buffer
     (void)vm_deallocate(mach_task_self(), (mach_vm_address_t)thread_list,
         thread_count * sizeof(thread_t));
     return true;
 }

References dbg, eprintf, i, NULL, rz_debug_t::pid, pid_to_task(), _xnu_thread::port, rz_list_append(), rz_list_delete(), rz_list_find(), rz_list_newf(), thread_find(), rz_debug_t::threads, xnu_get_thread_with_info(), xnu_thread_free(), and xnu_update_thread_info().

Referenced by rz_xnu_get_thread(), and xnu_thread_list().

◆ thread_find()

static int thread_find	(	thread_t *	port,
		xnu_thread_t *	a
	)

static

Definition at line 286 of file xnu_threads.c.

                                                         {
     return (a && port && (a->port == *port)) ? 0 : 1;
 }

References a.

Referenced by rz_xnu_get_thread(), and rz_xnu_update_thread_list().

◆ xnu_fill_info_thread()

static bool xnu_fill_info_thread	(	RzDebug *	dbg,
		xnu_thread_t *	thread
	)

static

Definition at line 226 of file xnu_threads.c.

                                                                      {
 #if __POWERPC__
     thread->name = strdup("unknown");
     return false;
 #else
     mach_msg_type_number_t count = THREAD_BASIC_INFO_COUNT;
     thread_identifier_info_data_t identifier_info;
     kern_return_t kr = thread_info(thread->port, THREAD_BASIC_INFO,
         (thread_info_t)&thread->basic_info, &count);
     if (kr != KERN_SUCCESS) {
         eprintf("Fail to get thread_basic_info\n");
         return false;
     }
     count = THREAD_IDENTIFIER_INFO_COUNT;
     kr = thread_info(thread->port, THREAD_IDENTIFIER_INFO,
         (thread_info_t)&identifier_info, &count);
     if (kr != KERN_SUCCESS) {
         eprintf("Fail to get thread_identifier_info\n");
         return false;
     }
     RZ_FREE(thread->name);
 #if TARGET_OS_IPHONE
     // TODO proc_pidinfo here
     thread->name = strdup("unknown");
 #else
     struct proc_threadinfo proc_threadinfo;
     int ret_proc = proc_pidinfo(dbg->pid, PROC_PIDTHREADINFO,
         identifier_info.thread_handle,
         &proc_threadinfo, PROC_PIDTHREADINFO_SIZE);
     if (ret_proc && proc_threadinfo.pth_name[0]) {
         thread->name = strdup(proc_threadinfo.pth_name);
     } else {
         thread->name = strdup("unknown");
     }
 #endif
 #endif
     return true;
 }

References _xnu_thread::basic_info, count, dbg, eprintf, _xnu_thread::name, rz_debug_t::pid, _xnu_thread::port, RZ_FREE, and strdup().

Referenced by xnu_get_thread_with_info(), and xnu_update_thread_info().

◆ xnu_get_thread_with_info()

static xnu_thread_t* xnu_get_thread_with_info	(	RzDebug *	dbg,
		thread_t	port
	)

static

Definition at line 265 of file xnu_threads.c.

                                                                            {
     xnu_thread_t *thread = RZ_NEW0(xnu_thread_t);
     if (!thread) {
         return NULL;
     }
     thread->port = port;
     if (!xnu_fill_info_thread(dbg, thread)) {
         free(thread->name);
         thread->name = strdup("unknown");
     }
     return thread;
 }

References dbg, free(), _xnu_thread::name, NULL, _xnu_thread::port, RZ_NEW0, strdup(), and xnu_fill_info_thread().

Referenced by rz_xnu_update_thread_list().

◆ xnu_thread_free()

static void xnu_thread_free ( xnu_thread_t * thread )

static

Definition at line 10 of file xnu_threads.c.

                                                   {
     kern_return_t kr;
     if (!thread) {
         return;
     }
     free(thread->name);
     // if we free our thread from the list we need to decrement the ref
     // count
     kr = mach_port_deallocate(mach_task_self(), thread->port);
     if (kr != KERN_SUCCESS) {
         eprintf("failed to deallocate thread port\n");
     }
     free(thread);
 }

References eprintf, free(), _xnu_thread::name, and _xnu_thread::port.

Referenced by rz_xnu_update_thread_list().

◆ xnu_update_thread_info()

static int xnu_update_thread_info	(	RzDebug *	dbg,
		xnu_thread_t *	thread
	)

static

Definition at line 278 of file xnu_threads.c.

                                                                       {
     if (!xnu_fill_info_thread(dbg, thread)) {
         free(thread->name);
         thread->name = strdup("unknown");
     }
     return true;
 }

References dbg, free(), _xnu_thread::name, strdup(), and xnu_fill_info_thread().

Referenced by rz_xnu_update_thread_list().

Functions

Function Documentation

◆ rz_xnu_get_cur_thread()

◆ rz_xnu_get_thread()

◆ rz_xnu_thread_get_drx()

◆ rz_xnu_thread_get_gpr()

◆ rz_xnu_thread_set_drx()

◆ rz_xnu_thread_set_gpr()

◆ rz_xnu_update_thread_list()

◆ thread_find()

◆ xnu_fill_info_thread()

◆ xnu_get_thread_with_info()

◆ xnu_thread_free()

◆ xnu_update_thread_info()