Bug Summary

File:build/source/lldb/source/Plugins/Process/Utility/StopInfoMachException.cpp
Warning:line 715, column 9
Value stored to 'is_actual_breakpoint' is never read

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -clear-ast-before-backend -disable-llvm-verifier -discard-value-names -main-file-name StopInfoMachException.cpp -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -setup-static-analyzer -analyzer-config-compatibility-mode=true -mrelocation-model pic -pic-level 2 -mframe-pointer=none -fmath-errno -ffp-contract=on -fno-rounding-math -mconstructor-aliases -funwind-tables=2 -target-cpu x86-64 -tune-cpu generic -debugger-tuning=gdb -ffunction-sections -fdata-sections -fcoverage-compilation-dir=/build/source/build-llvm/tools/clang/stage2-bins -resource-dir /usr/lib/llvm-17/lib/clang/17 -isystem /usr/include/libxml2 -D HAVE_ROUND -D _DEBUG -D _GLIBCXX_ASSERTIONS -D _GNU_SOURCE -D _LIBCPP_ENABLE_ASSERTIONS -D __STDC_CONSTANT_MACROS -D __STDC_FORMAT_MACROS -D __STDC_LIMIT_MACROS -I tools/lldb/source/Plugins/Process/Utility -I /build/source/lldb/source/Plugins/Process/Utility -I /build/source/lldb/include -I tools/lldb/include -I include -I /build/source/llvm/include -I /usr/include/python3.9 -I /build/source/clang/include -I tools/lldb/../clang/include -I /build/source/lldb/source -I tools/lldb/source -D _FORTIFY_SOURCE=2 -D NDEBUG -U NDEBUG -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/x86_64-linux-gnu/c++/10 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../include/c++/10/backward -internal-isystem /usr/lib/llvm-17/lib/clang/17/include -internal-isystem /usr/local/include -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/10/../../../../x86_64-linux-gnu/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -fmacro-prefix-map=/build/source/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fmacro-prefix-map=/build/source/= -fcoverage-prefix-map=/build/source/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fcoverage-prefix-map=/build/source/= -source-date-epoch 1683717183 -O2 -Wno-unused-command-line-argument -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers -Wno-long-long -Wno-maybe-uninitialized -Wno-class-memaccess -Wno-redundant-move -Wno-pessimizing-move -Wno-noexcept-type -Wno-comment -Wno-misleading-indentation -Wno-deprecated-declarations -Wno-unknown-pragmas -Wno-strict-aliasing -Wno-stringop-truncation -std=c++17 -fdeprecated-macro -fdebug-compilation-dir=/build/source/build-llvm/tools/clang/stage2-bins -fdebug-prefix-map=/build/source/build-llvm/tools/clang/stage2-bins=build-llvm/tools/clang/stage2-bins -fdebug-prefix-map=/build/source/= -ferror-limit 19 -fvisibility-inlines-hidden -stack-protector 2 -fgnuc-version=4.2.1 -fcolor-diagnostics -vectorize-loops -vectorize-slp -analyzer-output=html -analyzer-config stable-report-filename=true -faddrsig -D__GCC_HAVE_DWARF2_CFI_ASM=1 -o /tmp/scan-build-2023-05-10-133810-16478-1 -x c++ /build/source/lldb/source/Plugins/Process/Utility/StopInfoMachException.cpp
1//===-- StopInfoMachException.cpp -----------------------------------------===//
2//
3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4// See https://llvm.org/LICENSE.txt for license information.
5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6//
7//===----------------------------------------------------------------------===//
8
9#include "StopInfoMachException.h"
10
11#include "lldb/lldb-forward.h"
12
13#if defined(__APPLE__)
14// Needed for the EXC_RESOURCE interpretation macros
15#include <kern/exc_resource.h>
16#endif
17
18#include "lldb/Breakpoint/Watchpoint.h"
19#include "lldb/Symbol/Symbol.h"
20#include "lldb/Target/ABI.h"
21#include "lldb/Target/DynamicLoader.h"
22#include "lldb/Target/ExecutionContext.h"
23#include "lldb/Target/Process.h"
24#include "lldb/Target/RegisterContext.h"
25#include "lldb/Target/Target.h"
26#include "lldb/Target/Thread.h"
27#include "lldb/Target/ThreadPlan.h"
28#include "lldb/Target/UnixSignals.h"
29#include "lldb/Utility/StreamString.h"
30#include <optional>
31
32using namespace lldb;
33using namespace lldb_private;
34
35/// Information about a pointer-authentication related instruction.
36struct PtrauthInstructionInfo {
37 bool IsAuthenticated;
38 bool IsLoad;
39 bool DoesBranch;
40};
41
42/// Get any pointer-authentication related information about the instruction
43/// at address \p at_addr.
44static std::optional<PtrauthInstructionInfo>
45GetPtrauthInstructionInfo(Target &target, const ArchSpec &arch,
46 const Address &at_addr) {
47 const char *plugin_name = nullptr;
48 const char *flavor = nullptr;
49 AddressRange range_bounds(at_addr, 4);
50 const bool prefer_file_cache = true;
51 DisassemblerSP disassembler_sp = Disassembler::DisassembleRange(
52 arch, plugin_name, flavor, target, range_bounds, prefer_file_cache);
53 if (!disassembler_sp)
54 return std::nullopt;
55
56 InstructionList &insn_list = disassembler_sp->GetInstructionList();
57 InstructionSP insn = insn_list.GetInstructionAtIndex(0);
58 if (!insn)
59 return std::nullopt;
60
61 return PtrauthInstructionInfo{insn->IsAuthenticated(), insn->IsLoad(),
62 insn->DoesBranch()};
63}
64
65/// Describe the load address of \p addr using the format filename:line:col.
66static void DescribeAddressBriefly(Stream &strm, const Address &addr,
67 Target &target) {
68 strm.Printf("at address=0x%" PRIx64"l" "x", addr.GetLoadAddress(&target));
69 StreamString s;
70 if (addr.GetDescription(s, target, eDescriptionLevelBrief))
71 strm.Printf(" %s", s.GetString().data());
72 strm.Printf(".\n");
73}
74
75bool StopInfoMachException::DeterminePtrauthFailure(ExecutionContext &exe_ctx) {
76 bool IsBreakpoint = m_value == 6; // EXC_BREAKPOINT
77 bool IsBadAccess = m_value == 1; // EXC_BAD_ACCESS
78 if (!IsBreakpoint && !IsBadAccess)
79 return false;
80
81 // Check that we have a live process.
82 if (!exe_ctx.HasProcessScope() || !exe_ctx.HasThreadScope() ||
83 !exe_ctx.HasTargetScope())
84 return false;
85
86 Thread &thread = *exe_ctx.GetThreadPtr();
87 StackFrameSP current_frame = thread.GetStackFrameAtIndex(0);
88 if (!current_frame)
89 return false;
90
91 Target &target = *exe_ctx.GetTargetPtr();
92 Process &process = *exe_ctx.GetProcessPtr();
93 ABISP abi_sp = process.GetABI();
94 const ArchSpec &arch = target.GetArchitecture();
95 assert(abi_sp && "Missing ABI info")(static_cast <bool> (abi_sp && "Missing ABI info"
) ? void (0) : __assert_fail ("abi_sp && \"Missing ABI info\""
, "lldb/source/Plugins/Process/Utility/StopInfoMachException.cpp"
, 95, __extension__ __PRETTY_FUNCTION__));
96
97 // Check for a ptrauth-enabled target.
98 const bool ptrauth_enabled_target =
99 arch.GetCore() == ArchSpec::eCore_arm_arm64e;
100 if (!ptrauth_enabled_target)
101 return false;
102
103 // Set up a stream we can write a diagnostic into.
104 StreamString strm;
105 auto emit_ptrauth_prologue = [&](uint64_t at_address) {
106 strm.Printf("EXC_BAD_ACCESS (code=%" PRIu64"l" "u" ", address=0x%" PRIx64"l" "x" ")\n",
107 m_exc_code, at_address);
108 strm.Printf("Note: Possible pointer authentication failure detected.\n");
109 };
110
111 // Check if we have a "brk 0xc47x" trap, where the value that failed to
112 // authenticate is in x16.
113 Address current_address = current_frame->GetFrameCodeAddress();
114 if (IsBreakpoint) {
115 RegisterContext *reg_ctx = exe_ctx.GetRegisterContext();
116 if (!reg_ctx)
117 return false;
118
119 const RegisterInfo *X16Info = reg_ctx->GetRegisterInfoByName("x16");
120 RegisterValue X16Val;
121 if (!reg_ctx->ReadRegister(X16Info, X16Val))
122 return false;
123 uint64_t bad_address = X16Val.GetAsUInt64();
124
125 uint64_t fixed_bad_address = abi_sp->FixCodeAddress(bad_address);
126 Address brk_address;
127 if (!target.ResolveLoadAddress(fixed_bad_address, brk_address))
128 return false;
129
130 auto brk_ptrauth_info =
131 GetPtrauthInstructionInfo(target, arch, current_address);
132 if (brk_ptrauth_info && brk_ptrauth_info->IsAuthenticated) {
133 emit_ptrauth_prologue(bad_address);
134 strm.Printf("Found value that failed to authenticate ");
135 DescribeAddressBriefly(strm, brk_address, target);
136 m_description = std::string(strm.GetString());
137 return true;
138 }
139 return false;
140 }
141
142 assert(IsBadAccess && "Handle EXC_BAD_ACCESS only after this point")(static_cast <bool> (IsBadAccess && "Handle EXC_BAD_ACCESS only after this point"
) ? void (0) : __assert_fail ("IsBadAccess && \"Handle EXC_BAD_ACCESS only after this point\""
, "lldb/source/Plugins/Process/Utility/StopInfoMachException.cpp"
, 142, __extension__ __PRETTY_FUNCTION__));
143
144 // Check that we have the "bad address" from an EXC_BAD_ACCESS.
145 if (m_exc_data_count < 2)
146 return false;
147
148 // Ok, we know the Target is valid and that it describes a ptrauth-enabled
149 // device. Now, we need to determine whether this exception was caused by a
150 // ptrauth failure.
151
152 uint64_t bad_address = m_exc_subcode;
153 uint64_t fixed_bad_address = abi_sp->FixCodeAddress(bad_address);
154 uint64_t current_pc = current_address.GetLoadAddress(&target);
155
156 // Detect: LDRAA, LDRAB (Load Register, with pointer authentication).
157 //
158 // If an authenticated load results in an exception, the instruction at the
159 // current PC should be one of LDRAx.
160 if (bad_address != current_pc && fixed_bad_address != current_pc) {
161 auto ptrauth_info =
162 GetPtrauthInstructionInfo(target, arch, current_address);
163 if (ptrauth_info && ptrauth_info->IsAuthenticated && ptrauth_info->IsLoad) {
164 emit_ptrauth_prologue(bad_address);
165 strm.Printf("Found authenticated load instruction ");
166 DescribeAddressBriefly(strm, current_address, target);
167 m_description = std::string(strm.GetString());
168 return true;
169 }
170 }
171
172 // Detect: BLRAA, BLRAAZ, BLRAB, BLRABZ (Branch with Link to Register, with
173 // pointer authentication).
174 //
175 // TODO: Detect: BRAA, BRAAZ, BRAB, BRABZ (Branch to Register, with pointer
176 // authentication). At a minimum, this requires call site info support for
177 // indirect calls.
178 //
179 // If an authenticated call or tail call results in an exception, stripping
180 // the bad address should give the current PC, which points to the address
181 // we tried to branch to.
182 if (bad_address != current_pc && fixed_bad_address == current_pc) {
183 if (StackFrameSP parent_frame = thread.GetStackFrameAtIndex(1)) {
184 addr_t return_pc =
185 parent_frame->GetFrameCodeAddress().GetLoadAddress(&target);
186 Address blr_address;
187 if (!target.ResolveLoadAddress(return_pc - 4, blr_address))
188 return false;
189
190 auto blr_ptrauth_info =
191 GetPtrauthInstructionInfo(target, arch, blr_address);
192 if (blr_ptrauth_info && blr_ptrauth_info->IsAuthenticated &&
193 blr_ptrauth_info->DoesBranch) {
194 emit_ptrauth_prologue(bad_address);
195 strm.Printf("Found authenticated indirect branch ");
196 DescribeAddressBriefly(strm, blr_address, target);
197 m_description = std::string(strm.GetString());
198 return true;
199 }
200 }
201 }
202
203 // TODO: Detect: RETAA, RETAB (Return from subroutine, with pointer
204 // authentication).
205 //
206 // Is there a motivating, non-malicious code snippet that corrupts LR?
207
208 return false;
209}
210
211const char *StopInfoMachException::GetDescription() {
212 if (!m_description.empty())
213 return m_description.c_str();
214 if (GetValue() == eStopReasonInvalid)
215 return "invalid stop reason!";
216
217 ExecutionContext exe_ctx(m_thread_wp.lock());
218 Target *target = exe_ctx.GetTargetPtr();
219 const llvm::Triple::ArchType cpu =
220 target ? target->GetArchitecture().GetMachine()
221 : llvm::Triple::UnknownArch;
222
223 const char *exc_desc = nullptr;
224 const char *code_label = "code";
225 const char *code_desc = nullptr;
226 const char *subcode_label = "subcode";
227 const char *subcode_desc = nullptr;
228
229#if defined(__APPLE__)
230 char code_desc_buf[32];
231 char subcode_desc_buf[32];
232#endif
233
234 switch (m_value) {
235 case 1: // EXC_BAD_ACCESS
236 exc_desc = "EXC_BAD_ACCESS";
237 subcode_label = "address";
238 switch (cpu) {
239 case llvm::Triple::x86:
240 case llvm::Triple::x86_64:
241 switch (m_exc_code) {
242 case 0xd:
243 code_desc = "EXC_I386_GPFLT";
244 m_exc_data_count = 1;
245 break;
246 }
247 break;
248 case llvm::Triple::arm:
249 case llvm::Triple::thumb:
250 switch (m_exc_code) {
251 case 0x101:
252 code_desc = "EXC_ARM_DA_ALIGN";
253 break;
254 case 0x102:
255 code_desc = "EXC_ARM_DA_DEBUG";
256 break;
257 }
258 break;
259
260 case llvm::Triple::aarch64:
261 if (DeterminePtrauthFailure(exe_ctx))
262 return m_description.c_str();
263 break;
264
265 default:
266 break;
267 }
268 break;
269
270 case 2: // EXC_BAD_INSTRUCTION
271 exc_desc = "EXC_BAD_INSTRUCTION";
272 switch (cpu) {
273 case llvm::Triple::x86:
274 case llvm::Triple::x86_64:
275 if (m_exc_code == 1)
276 code_desc = "EXC_I386_INVOP";
277 break;
278
279 case llvm::Triple::arm:
280 case llvm::Triple::thumb:
281 if (m_exc_code == 1)
282 code_desc = "EXC_ARM_UNDEFINED";
283 break;
284
285 default:
286 break;
287 }
288 break;
289
290 case 3: // EXC_ARITHMETIC
291 exc_desc = "EXC_ARITHMETIC";
292 switch (cpu) {
293 case llvm::Triple::x86:
294 case llvm::Triple::x86_64:
295 switch (m_exc_code) {
296 case 1:
297 code_desc = "EXC_I386_DIV";
298 break;
299 case 2:
300 code_desc = "EXC_I386_INTO";
301 break;
302 case 3:
303 code_desc = "EXC_I386_NOEXT";
304 break;
305 case 4:
306 code_desc = "EXC_I386_EXTOVR";
307 break;
308 case 5:
309 code_desc = "EXC_I386_EXTERR";
310 break;
311 case 6:
312 code_desc = "EXC_I386_EMERR";
313 break;
314 case 7:
315 code_desc = "EXC_I386_BOUND";
316 break;
317 case 8:
318 code_desc = "EXC_I386_SSEEXTERR";
319 break;
320 }
321 break;
322
323 default:
324 break;
325 }
326 break;
327
328 case 4: // EXC_EMULATION
329 exc_desc = "EXC_EMULATION";
330 break;
331
332 case 5: // EXC_SOFTWARE
333 exc_desc = "EXC_SOFTWARE";
334 if (m_exc_code == 0x10003) {
335 subcode_desc = "EXC_SOFT_SIGNAL";
336 subcode_label = "signo";
337 }
338 break;
339
340 case 6: // EXC_BREAKPOINT
341 {
342 exc_desc = "EXC_BREAKPOINT";
343 switch (cpu) {
344 case llvm::Triple::x86:
345 case llvm::Triple::x86_64:
346 switch (m_exc_code) {
347 case 1:
348 code_desc = "EXC_I386_SGL";
349 break;
350 case 2:
351 code_desc = "EXC_I386_BPT";
352 break;
353 }
354 break;
355
356 case llvm::Triple::arm:
357 case llvm::Triple::thumb:
358 switch (m_exc_code) {
359 case 0x101:
360 code_desc = "EXC_ARM_DA_ALIGN";
361 break;
362 case 0x102:
363 code_desc = "EXC_ARM_DA_DEBUG";
364 break;
365 case 1:
366 code_desc = "EXC_ARM_BREAKPOINT";
367 break;
368 // FIXME temporary workaround, exc_code 0 does not really mean
369 // EXC_ARM_BREAKPOINT
370 case 0:
371 code_desc = "EXC_ARM_BREAKPOINT";
372 break;
373 }
374 break;
375
376 case llvm::Triple::aarch64:
377 if (DeterminePtrauthFailure(exe_ctx))
378 return m_description.c_str();
379 break;
380
381 default:
382 break;
383 }
384 } break;
385
386 case 7:
387 exc_desc = "EXC_SYSCALL";
388 break;
389
390 case 8:
391 exc_desc = "EXC_MACH_SYSCALL";
392 break;
393
394 case 9:
395 exc_desc = "EXC_RPC_ALERT";
396 break;
397
398 case 10:
399 exc_desc = "EXC_CRASH";
400 break;
401 case 11:
402 exc_desc = "EXC_RESOURCE";
403#if defined(__APPLE__)
404 {
405 int resource_type = EXC_RESOURCE_DECODE_RESOURCE_TYPE(m_exc_code);
406
407 code_label = "limit";
408 code_desc = code_desc_buf;
409 subcode_label = "observed";
410 subcode_desc = subcode_desc_buf;
411
412 switch (resource_type) {
413 case RESOURCE_TYPE_CPU:
414 exc_desc =
415 "EXC_RESOURCE (RESOURCE_TYPE_CPU: CPU usage monitor tripped)";
416 snprintf(code_desc_buf, sizeof(code_desc_buf), "%d%%",
417 (int)EXC_RESOURCE_CPUMONITOR_DECODE_PERCENTAGE(m_exc_code));
418 snprintf(subcode_desc_buf, sizeof(subcode_desc_buf), "%d%%",
419 (int)EXC_RESOURCE_CPUMONITOR_DECODE_PERCENTAGE_OBSERVED(
420 m_exc_subcode));
421 break;
422 case RESOURCE_TYPE_WAKEUPS:
423 exc_desc = "EXC_RESOURCE (RESOURCE_TYPE_WAKEUPS: idle wakeups monitor "
424 "tripped)";
425 snprintf(
426 code_desc_buf, sizeof(code_desc_buf), "%d w/s",
427 (int)EXC_RESOURCE_CPUMONITOR_DECODE_WAKEUPS_PERMITTED(m_exc_code));
428 snprintf(subcode_desc_buf, sizeof(subcode_desc_buf), "%d w/s",
429 (int)EXC_RESOURCE_CPUMONITOR_DECODE_WAKEUPS_OBSERVED(
430 m_exc_subcode));
431 break;
432 case RESOURCE_TYPE_MEMORY:
433 exc_desc = "EXC_RESOURCE (RESOURCE_TYPE_MEMORY: high watermark memory "
434 "limit exceeded)";
435 snprintf(code_desc_buf, sizeof(code_desc_buf), "%d MB",
436 (int)EXC_RESOURCE_HWM_DECODE_LIMIT(m_exc_code));
437 subcode_desc = nullptr;
438 subcode_label = nullptr;
439 break;
440#if defined(RESOURCE_TYPE_IO)
441 // RESOURCE_TYPE_IO is introduced in macOS SDK 10.12.
442 case RESOURCE_TYPE_IO:
443 exc_desc = "EXC_RESOURCE RESOURCE_TYPE_IO";
444 snprintf(code_desc_buf, sizeof(code_desc_buf), "%d MB",
445 (int)EXC_RESOURCE_IO_DECODE_LIMIT(m_exc_code));
446 snprintf(subcode_desc_buf, sizeof(subcode_desc_buf), "%d MB",
447 (int)EXC_RESOURCE_IO_OBSERVED(m_exc_subcode));
448 ;
449 break;
450#endif
451 }
452 }
453#endif
454 break;
455 case 12:
456 exc_desc = "EXC_GUARD";
457 break;
458 }
459
460 StreamString strm;
461
462 if (exc_desc)
463 strm.PutCString(exc_desc);
464 else
465 strm.Printf("EXC_??? (%" PRIu64"l" "u" ")", m_value);
466
467 if (m_exc_data_count >= 1) {
468 if (code_desc)
469 strm.Printf(" (%s=%s", code_label, code_desc);
470 else
471 strm.Printf(" (%s=%" PRIu64"l" "u", code_label, m_exc_code);
472 }
473
474 if (m_exc_data_count >= 2) {
475 if (subcode_label && subcode_desc)
476 strm.Printf(", %s=%s", subcode_label, subcode_desc);
477 else if (subcode_label)
478 strm.Printf(", %s=0x%" PRIx64"l" "x", subcode_label, m_exc_subcode);
479 }
480
481 if (m_exc_data_count > 0)
482 strm.PutChar(')');
483
484 m_description = std::string(strm.GetString());
485 return m_description.c_str();
486}
487
488static StopInfoSP GetStopInfoForHardwareBP(Thread &thread, Target *target,
489 uint32_t exc_data_count,
490 uint64_t exc_sub_code,
491 uint64_t exc_sub_sub_code) {
492 // Try hardware watchpoint.
493 if (target) {
494 // The exc_sub_code indicates the data break address.
495 lldb::WatchpointSP wp_sp =
496 target->GetWatchpointList().FindByAddress((lldb::addr_t)exc_sub_code);
497 if (wp_sp && wp_sp->IsEnabled()) {
498 // Debugserver may piggyback the hardware index of the fired watchpoint
499 // in the exception data. Set the hardware index if that's the case.
500 if (exc_data_count >= 3)
501 wp_sp->SetHardwareIndex((uint32_t)exc_sub_sub_code);
502 return StopInfo::CreateStopReasonWithWatchpointID(thread, wp_sp->GetID());
503 }
504 }
505
506 // Try hardware breakpoint.
507 ProcessSP process_sp(thread.GetProcess());
508 if (process_sp) {
509 // The exc_sub_code indicates the data break address.
510 lldb::BreakpointSiteSP bp_sp =
511 process_sp->GetBreakpointSiteList().FindByAddress(
512 (lldb::addr_t)exc_sub_code);
513 if (bp_sp && bp_sp->IsEnabled()) {
514 // Debugserver may piggyback the hardware index of the fired breakpoint
515 // in the exception data. Set the hardware index if that's the case.
516 if (exc_data_count >= 3)
517 bp_sp->SetHardwareIndex((uint32_t)exc_sub_sub_code);
518 return StopInfo::CreateStopReasonWithBreakpointSiteID(thread,
519 bp_sp->GetID());
520 }
521 }
522
523 return nullptr;
524}
525
526#if defined(__APPLE__)
527const char *
528StopInfoMachException::MachException::Name(exception_type_t exc_type) {
529 switch (exc_type) {
530 case EXC_BAD_ACCESS:
531 return "EXC_BAD_ACCESS";
532 case EXC_BAD_INSTRUCTION:
533 return "EXC_BAD_INSTRUCTION";
534 case EXC_ARITHMETIC:
535 return "EXC_ARITHMETIC";
536 case EXC_EMULATION:
537 return "EXC_EMULATION";
538 case EXC_SOFTWARE:
539 return "EXC_SOFTWARE";
540 case EXC_BREAKPOINT:
541 return "EXC_BREAKPOINT";
542 case EXC_SYSCALL:
543 return "EXC_SYSCALL";
544 case EXC_MACH_SYSCALL:
545 return "EXC_MACH_SYSCALL";
546 case EXC_RPC_ALERT:
547 return "EXC_RPC_ALERT";
548#ifdef EXC_CRASH
549 case EXC_CRASH:
550 return "EXC_CRASH";
551#endif
552 case EXC_RESOURCE:
553 return "EXC_RESOURCE";
554#ifdef EXC_GUARD
555 case EXC_GUARD:
556 return "EXC_GUARD";
557#endif
558#ifdef EXC_CORPSE_NOTIFY
559 case EXC_CORPSE_NOTIFY:
560 return "EXC_CORPSE_NOTIFY";
561#endif
562#ifdef EXC_CORPSE_VARIANT_BIT
563 case EXC_CORPSE_VARIANT_BIT:
564 return "EXC_CORPSE_VARIANT_BIT";
565#endif
566 default:
567 break;
568 }
569 return NULL__null;
570}
571
572std::optional<exception_type_t>
573StopInfoMachException::MachException::ExceptionCode(const char *name) {
574 return llvm::StringSwitch<std::optional<exception_type_t>>(name)
575 .Case("EXC_BAD_ACCESS", EXC_BAD_ACCESS)
576 .Case("EXC_BAD_INSTRUCTION", EXC_BAD_INSTRUCTION)
577 .Case("EXC_ARITHMETIC", EXC_ARITHMETIC)
578 .Case("EXC_EMULATION", EXC_EMULATION)
579 .Case("EXC_SOFTWARE", EXC_SOFTWARE)
580 .Case("EXC_BREAKPOINT", EXC_BREAKPOINT)
581 .Case("EXC_SYSCALL", EXC_SYSCALL)
582 .Case("EXC_MACH_SYSCALL", EXC_MACH_SYSCALL)
583 .Case("EXC_RPC_ALERT", EXC_RPC_ALERT)
584#ifdef EXC_CRASH
585 .Case("EXC_CRASH", EXC_CRASH)
586#endif
587 .Case("EXC_RESOURCE", EXC_RESOURCE)
588#ifdef EXC_GUARD
589 .Case("EXC_GUARD", EXC_GUARD)
590#endif
591#ifdef EXC_CORPSE_NOTIFY
592 .Case("EXC_CORPSE_NOTIFY", EXC_CORPSE_NOTIFY)
593#endif
594 .Default(std::nullopt);
595}
596#endif
597
598StopInfoSP StopInfoMachException::CreateStopReasonWithMachException(
599 Thread &thread, uint32_t exc_type, uint32_t exc_data_count,
600 uint64_t exc_code, uint64_t exc_sub_code, uint64_t exc_sub_sub_code,
601 bool pc_already_adjusted, bool adjust_pc_if_needed) {
602 if (exc_type == 0)
603 return StopInfoSP();
604
605 uint32_t pc_decrement = 0;
606 ExecutionContext exe_ctx(thread.shared_from_this());
607 Target *target = exe_ctx.GetTargetPtr();
608 const llvm::Triple::ArchType cpu =
609 target ? target->GetArchitecture().GetMachine()
610 : llvm::Triple::UnknownArch;
611
612 switch (exc_type) {
613 case 1: // EXC_BAD_ACCESS
614 case 2: // EXC_BAD_INSTRUCTION
615 case 3: // EXC_ARITHMETIC
616 case 4: // EXC_EMULATION
617 break;
618
619 case 5: // EXC_SOFTWARE
620 if (exc_code == 0x10003) // EXC_SOFT_SIGNAL
621 {
622 if (exc_sub_code == 5) {
623 // On MacOSX, a SIGTRAP can signify that a process has called exec,
624 // so we should check with our dynamic loader to verify.
625 ProcessSP process_sp(thread.GetProcess());
626 if (process_sp) {
627 DynamicLoader *dynamic_loader = process_sp->GetDynamicLoader();
628 if (dynamic_loader && dynamic_loader->ProcessDidExec()) {
629 // The program was re-exec'ed
630 return StopInfo::CreateStopReasonWithExec(thread);
631 }
632 }
633 }
634 return StopInfo::CreateStopReasonWithSignal(thread, exc_sub_code);
635 }
636 break;
637
638 case 6: // EXC_BREAKPOINT
639 {
640 bool is_actual_breakpoint = false;
641 bool is_trace_if_actual_breakpoint_missing = false;
642 switch (cpu) {
643 case llvm::Triple::x86:
644 case llvm::Triple::x86_64:
645 if (exc_code == 1) // EXC_I386_SGL
646 {
647 if (!exc_sub_code) {
648 // This looks like a plain trap.
649 // Have to check if there is a breakpoint here as well. When you
650 // single-step onto a trap, the single step stops you not to trap.
651 // Since we also do that check below, let's just use that logic.
652 is_actual_breakpoint = true;
653 is_trace_if_actual_breakpoint_missing = true;
654 } else {
655 if (StopInfoSP stop_info =
656 GetStopInfoForHardwareBP(thread, target, exc_data_count,
657 exc_sub_code, exc_sub_sub_code))
658 return stop_info;
659 }
660 } else if (exc_code == 2 || // EXC_I386_BPT
661 exc_code == 3) // EXC_I386_BPTFLT
662 {
663 // KDP returns EXC_I386_BPTFLT for trace breakpoints
664 if (exc_code == 3)
665 is_trace_if_actual_breakpoint_missing = true;
666
667 is_actual_breakpoint = true;
668 if (!pc_already_adjusted)
669 pc_decrement = 1;
670 }
671 break;
672
673 case llvm::Triple::arm:
674 case llvm::Triple::thumb:
675 if (exc_code == 0x102) // EXC_ARM_DA_DEBUG
676 {
677 // It's a watchpoint, then, if the exc_sub_code indicates a
678 // known/enabled data break address from our watchpoint list.
679 lldb::WatchpointSP wp_sp;
680 if (target)
681 wp_sp = target->GetWatchpointList().FindByAddress(
682 (lldb::addr_t)exc_sub_code);
683 if (wp_sp && wp_sp->IsEnabled()) {
684 // Debugserver may piggyback the hardware index of the fired
685 // watchpoint in the exception data. Set the hardware index if
686 // that's the case.
687 if (exc_data_count >= 3)
688 wp_sp->SetHardwareIndex((uint32_t)exc_sub_sub_code);
689 return StopInfo::CreateStopReasonWithWatchpointID(thread,
690 wp_sp->GetID());
691 } else {
692 is_actual_breakpoint = true;
693 is_trace_if_actual_breakpoint_missing = true;
694 }
695 } else if (exc_code == 1) // EXC_ARM_BREAKPOINT
696 {
697 is_actual_breakpoint = true;
698 is_trace_if_actual_breakpoint_missing = true;
699 } else if (exc_code == 0) // FIXME not EXC_ARM_BREAKPOINT but a kernel
700 // is currently returning this so accept it
701 // as indicating a breakpoint until the
702 // kernel is fixed
703 {
704 is_actual_breakpoint = true;
705 is_trace_if_actual_breakpoint_missing = true;
706 }
707 break;
708
709 case llvm::Triple::aarch64_32:
710 case llvm::Triple::aarch64: {
711 if (exc_code == 1 && exc_sub_code == 0) // EXC_ARM_BREAKPOINT
712 {
713 // This is hit when we single instruction step aka MDSCR_EL1 SS bit 0
714 // is set
715 is_actual_breakpoint = false;
Value stored to 'is_actual_breakpoint' is never read
716 is_trace_if_actual_breakpoint_missing = true;
717 }
718 if (exc_code == 0x102) // EXC_ARM_DA_DEBUG
719 {
720 // It's a watchpoint, then, if the exc_sub_code indicates a
721 // known/enabled data break address from our watchpoint list.
722 lldb::WatchpointSP wp_sp;
723 if (target)
724 wp_sp = target->GetWatchpointList().FindByAddress(
725 (lldb::addr_t)exc_sub_code);
726 if (wp_sp && wp_sp->IsEnabled()) {
727 // Debugserver may piggyback the hardware index of the fired
728 // watchpoint in the exception data. Set the hardware index if
729 // that's the case.
730 if (exc_data_count >= 3)
731 wp_sp->SetHardwareIndex((uint32_t)exc_sub_sub_code);
732 return StopInfo::CreateStopReasonWithWatchpointID(thread,
733 wp_sp->GetID());
734 }
735 // EXC_ARM_DA_DEBUG seems to be reused for EXC_BREAKPOINT as well as
736 // EXC_BAD_ACCESS
737 if (thread.GetTemporaryResumeState() == eStateStepping)
738 return StopInfo::CreateStopReasonToTrace(thread);
739 }
740 // It looks like exc_sub_code has the 4 bytes of the instruction that
741 // triggered the exception, i.e. our breakpoint opcode
742 is_actual_breakpoint = exc_code == 1;
743 break;
744 }
745
746 default:
747 break;
748 }
749
750 if (is_actual_breakpoint) {
751 RegisterContextSP reg_ctx_sp(thread.GetRegisterContext());
752 addr_t pc = reg_ctx_sp->GetPC() - pc_decrement;
753
754 ProcessSP process_sp(thread.CalculateProcess());
755
756 lldb::BreakpointSiteSP bp_site_sp;
757 if (process_sp)
758 bp_site_sp = process_sp->GetBreakpointSiteList().FindByAddress(pc);
759 if (bp_site_sp && bp_site_sp->IsEnabled()) {
760 // Update the PC if we were asked to do so, but only do so if we find
761 // a breakpoint that we know about cause this could be a trap
762 // instruction in the code
763 if (pc_decrement > 0 && adjust_pc_if_needed)
764 reg_ctx_sp->SetPC(pc);
765
766 // If the breakpoint is for this thread, then we'll report the hit,
767 // but if it is for another thread, we can just report no reason. We
768 // don't need to worry about stepping over the breakpoint here, that
769 // will be taken care of when the thread resumes and notices that
770 // there's a breakpoint under the pc. If we have an operating system
771 // plug-in, we might have set a thread specific breakpoint using the
772 // operating system thread ID, so we can't make any assumptions about
773 // the thread ID so we must always report the breakpoint regardless
774 // of the thread.
775 if (bp_site_sp->ValidForThisThread(thread) ||
776 thread.GetProcess()->GetOperatingSystem() != nullptr)
777 return StopInfo::CreateStopReasonWithBreakpointSiteID(
778 thread, bp_site_sp->GetID());
779 else if (is_trace_if_actual_breakpoint_missing)
780 return StopInfo::CreateStopReasonToTrace(thread);
781 else
782 return StopInfoSP();
783 }
784
785 // Don't call this a trace if we weren't single stepping this thread.
786 if (is_trace_if_actual_breakpoint_missing &&
787 thread.GetTemporaryResumeState() == eStateStepping) {
788 return StopInfo::CreateStopReasonToTrace(thread);
789 }
790 }
791 } break;
792
793 case 7: // EXC_SYSCALL
794 case 8: // EXC_MACH_SYSCALL
795 case 9: // EXC_RPC_ALERT
796 case 10: // EXC_CRASH
797 break;
798 }
799
800 return StopInfoSP(new StopInfoMachException(thread, exc_type, exc_data_count,
801 exc_code, exc_sub_code));
802}