backtrace-arm.c revision 19b39f371be5250e7b9e88016be1e5e665367b3f
1501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* 2501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Copyright (C) 2011 The Android Open Source Project 3501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 4501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Licensed under the Apache License, Version 2.0 (the "License"); 5501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * you may not use this file except in compliance with the License. 6501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * You may obtain a copy of the License at 7501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 8501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * http://www.apache.org/licenses/LICENSE-2.0 9501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 10501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Unless required by applicable law or agreed to in writing, software 11501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * distributed under the License is distributed on an "AS IS" BASIS, 12501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 13501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * See the License for the specific language governing permissions and 14501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * limitations under the License. 15501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown */ 16501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 17501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* 18501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Backtracing functions for ARM. 19501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 20501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * This implementation uses the exception unwinding tables provided by 21501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * the compiler to unwind call frames. Refer to the ARM Exception Handling ABI 22501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * documentation (EHABI) for more details about what's going on here. 23501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 24501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * An ELF binary may contain an EXIDX section that provides an index to 25501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * the exception handling table of each function, sorted by program 26501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * counter address. 27501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 28501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * This implementation also supports unwinding other processes via ptrace(). 29501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * In that case, the EXIDX section is found by reading the ELF section table 30501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * structures using ptrace(). 31501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 32501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Because the tables are used for exception handling, it can happen that 33501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * a given function will not have an exception handling table. In particular, 349524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * exceptions are assumed to only ever be thrown at call sites. Therefore, 35501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * by definition leaf functions will not have exception handling tables. 36501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * This may make unwinding impossible in some cases although we can still get 37501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * some idea of the call stack by examining the PC and LR registers. 38501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 39501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * As we are only interested in backtrace information, we do not need 40501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * to perform all of the work of unwinding such as restoring register 41501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * state and running cleanup functions. Unwinding is performed virtually on 42501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * an abstract machine context consisting of just the ARM core registers. 43501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Furthermore, we do not run generic "personality functions" because 44501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * we may not be in a position to execute arbitrary code, especially if 45501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * we are running in a signal handler or using ptrace()! 46501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown */ 47501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 48501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#define LOG_TAG "Corkscrew" 49501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown//#define LOG_NDEBUG 0 50501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 51501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include "../backtrace-arch.h" 52501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include "../backtrace-helper.h" 53501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include "../ptrace-arch.h" 54501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <corkscrew/ptrace.h> 55501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 56501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <stdlib.h> 57501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <signal.h> 58501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <stdbool.h> 59501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <limits.h> 60501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <errno.h> 61501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <sys/ptrace.h> 62501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <sys/exec_elf.h> 63501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown#include <cutils/log.h> 64501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 65501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* Machine context at the time a signal was raised. */ 66501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Browntypedef struct ucontext { 67501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t uc_flags; 68501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown struct ucontext* uc_link; 69501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown stack_t uc_stack; 70501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown struct sigcontext { 71501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t trap_no; 72501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t error_code; 73501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t oldmask; 74501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t gregs[16]; 75501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t arm_cpsr; 76501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t fault_address; 77501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } uc_mcontext; 78501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t uc_sigmask; 79501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} ucontext_t; 80501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 81501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* Unwind state. */ 82501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Browntypedef struct { 83501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t gregs[16]; 84501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} unwind_state_t; 85501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 86501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownstatic const int R_SP = 13; 87501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownstatic const int R_LR = 14; 88501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownstatic const int R_PC = 15; 89501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 90501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* Special EXIDX value that indicates that a frame cannot be unwound. */ 91501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownstatic const uint32_t EXIDX_CANTUNWIND = 1; 92501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 939524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown/* Get the EXIDX section start and size for the module that contains a 949524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * given program counter address. 959524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * 969524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * When the executable is statically linked, the EXIDX section can be 979524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * accessed by querying the values of the __exidx_start and __exidx_end 989524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * symbols. 999524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * 1009524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * When the executable is dynamically linked, the linker exports a function 1019524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * called dl_unwind_find_exidx that obtains the EXIDX section for a given 1029524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * absolute program counter address. 1039524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * 1049524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * Bionic exports a helpful function called __gnu_Unwind_Find_exidx that 1059524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown * handles both cases, so we use that here. 1069524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown */ 1079524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Browntypedef long unsigned int* _Unwind_Ptr; 1089524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brownextern _Unwind_Ptr __gnu_Unwind_Find_exidx(_Unwind_Ptr pc, int *pcount); 1099524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown 1109524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brownstatic uintptr_t find_exidx(uintptr_t pc, size_t* out_exidx_size) { 1119524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown int count; 1129524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown uintptr_t start = (uintptr_t)__gnu_Unwind_Find_exidx((_Unwind_Ptr)pc, &count); 1139524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown *out_exidx_size = count; 1149524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown return start; 1159524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown} 116501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 117501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* Transforms a 31-bit place-relative offset to an absolute address. 118501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * We assume the most significant bit is clear. */ 119501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownstatic uintptr_t prel_to_absolute(uintptr_t place, uint32_t prel_offset) { 120501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return place + (((int32_t)(prel_offset << 1)) >> 1); 121501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 122501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 123f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownstatic uintptr_t get_exception_handler(const memory_t* memory, 124f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown const map_info_t* map_info_list, uintptr_t pc) { 125f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!pc) { 126f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown ALOGV("get_exception_handler: pc is zero, no handler"); 127f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown return 0; 128f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 129f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown 130501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t exidx_start; 131501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size_t exidx_size; 132bd57bd00b2172af9f315f2d3d62d68ca369e3666Jeff Brown const map_info_t* mi; 133f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (memory->tid < 0) { 134bd57bd00b2172af9f315f2d3d62d68ca369e3666Jeff Brown mi = NULL; 1359524e4158fbb988b6a5e4f5be68ee10b7e4dd6d8Jeff Brown exidx_start = find_exidx(pc, &exidx_size); 136501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 137f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown mi = find_map_info(map_info_list, pc); 138501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (mi && mi->data) { 139501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown const map_info_data_t* data = (const map_info_data_t*)mi->data; 140501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown exidx_start = data->exidx_start; 141f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown exidx_size = data->exidx_size; 142501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 143501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown exidx_start = 0; 144501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown exidx_size = 0; 145501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 146501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 147501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 148bd57bd00b2172af9f315f2d3d62d68ca369e3666Jeff Brown uintptr_t handler = 0; 14919b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown int32_t handler_index = -1; 150501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (exidx_start) { 151501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t low = 0; 152501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t high = exidx_size; 153501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown while (low < high) { 154501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t index = (low + high) / 2; 155501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t entry = exidx_start + index * 8; 156501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t entry_prel_pc; 15719b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown ALOGV("XXX low=%u, high=%u, index=%u", low, high, index); 158f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_get_word(memory, entry, &entry_prel_pc)) { 159501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 160501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 161501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t entry_pc = prel_to_absolute(entry, entry_prel_pc); 16219b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown ALOGV("XXX entry_pc=0x%08x", entry_pc); 163501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (pc < entry_pc) { 164501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown high = index; 165501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown continue; 166501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 167501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (index + 1 < exidx_size) { 168501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t next_entry = entry + 8; 169501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t next_entry_prel_pc; 170f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_get_word(memory, next_entry, &next_entry_prel_pc)) { 171501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 172501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 173501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t next_entry_pc = prel_to_absolute(next_entry, next_entry_prel_pc); 17419b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown ALOGV("XXX next_entry_pc=0x%08x", next_entry_pc); 175501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (pc >= next_entry_pc) { 176501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown low = index + 1; 177501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown continue; 178501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 179501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 180501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 181501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t entry_handler_ptr = entry + 4; 182501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t entry_handler; 183f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_get_word(memory, entry_handler_ptr, &entry_handler)) { 184501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 185501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 186501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (entry_handler & (1L << 31)) { 187501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown handler = entry_handler_ptr; // in-place handler data 188501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (entry_handler != EXIDX_CANTUNWIND) { 189501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown handler = prel_to_absolute(entry_handler_ptr, entry_handler); 190501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 19119b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown handler_index = index; 192501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 193501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 194501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 195f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (mi) { 196f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown ALOGV("get_exception_handler: pc=0x%08x, module='%s', module_start=0x%08x, " 19719b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown "exidx_start=0x%08x, exidx_size=%d, handler=0x%08x, handler_index=%d", 19819b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown pc, mi->name, mi->start, exidx_start, exidx_size, handler, handler_index); 199f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } else { 200f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown ALOGV("get_exception_handler: pc=0x%08x, " 20119b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown "exidx_start=0x%08x, exidx_size=%d, handler=0x%08x, handler_index=%d", 20219b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown pc, exidx_start, exidx_size, handler, handler_index); 203f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 204501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return handler; 205501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 206501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 207501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Browntypedef struct { 208501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uintptr_t ptr; 209501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t word; 210501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} byte_stream_t; 211501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 212f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownstatic bool try_next_byte(const memory_t* memory, byte_stream_t* stream, uint8_t* out_value) { 213501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t result; 214501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown switch (stream->ptr & 3) { 215501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown case 0: 216f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_get_word(memory, stream->ptr, &stream->word)) { 217501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown *out_value = 0; 218501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 219501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 220501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown *out_value = stream->word >> 24; 221501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 222501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 223501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown case 1: 224501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown *out_value = stream->word >> 16; 225501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 226501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 227501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown case 2: 228501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown *out_value = stream->word >> 8; 229501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 230501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 231501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown default: 232501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown *out_value = stream->word; 233501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 234501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 235501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 23669f4cd7f5add7a7c7f5915e5292aab7eb2a42e9fSteve Block ALOGV("next_byte: ptr=0x%08x, value=0x%02x", stream->ptr, *out_value); 237501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown stream->ptr += 1; 238501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return true; 239501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 240501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 241501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownstatic void set_reg(unwind_state_t* state, uint32_t reg, uint32_t value) { 24269f4cd7f5add7a7c7f5915e5292aab7eb2a42e9fSteve Block ALOGV("set_reg: reg=%d, value=0x%08x", reg, value); 243501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown state->gregs[reg] = value; 244501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 245501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 246f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownstatic bool try_pop_registers(const memory_t* memory, unwind_state_t* state, uint32_t mask) { 247501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t sp = state->gregs[R_SP]; 248501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown bool sp_updated = false; 249501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown for (int i = 0; i < 16; i++) { 250501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (mask & (1 << i)) { 251501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t value; 252f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_get_word(memory, sp, &value)) { 253501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 254501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 255501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (i == R_SP) { 256501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown sp_updated = true; 257501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 258501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, i, value); 259501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown sp += 4; 260501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 261501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 262501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (!sp_updated) { 263501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, sp); 264501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 265501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return true; 266501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 267501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 268501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown/* Executes a built-in personality routine as defined in the EHABI. 269501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * Returns true if unwinding should continue. 270501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 271501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * The data for the built-in personality routines consists of a sequence 272501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * of unwinding instructions, followed by a sequence of scope descriptors, 273501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * each of which has a length and offset encoded using 16-bit or 32-bit 274501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * values. 275501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * 276501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * We only care about the unwinding instructions. They specify the 277501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * operations of an abstract machine whose purpose is to transform the 278501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * virtual register state (including the stack pointer) such that 279501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown * the call frame is unwound and the PC register points to the call site. 280501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown */ 281f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownstatic bool execute_personality_routine(const memory_t* memory, 282f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown unwind_state_t* state, byte_stream_t* stream, int pr_index) { 283501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size_t size; 284501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown switch (pr_index) { 285501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown case 0: // Personality routine #0, short frame, descriptors have 16-bit scope. 286501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size = 3; 287501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 288501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown case 1: // Personality routine #1, long frame, descriptors have 16-bit scope. 289501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown case 2: { // Personality routine #2, long frame, descriptors have 32-bit scope. 290501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t size_byte; 291f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_next_byte(memory, stream, &size_byte)) { 292501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 293501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 294501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size = (uint32_t)size_byte * sizeof(uint32_t) + 2; 295501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 296501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 297501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown default: // Unknown personality routine. Stop here. 298501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 299501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 300501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 301501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown bool pc_was_set = false; 302501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown while (size--) { 303501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op; 304f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_next_byte(memory, stream, &op)) { 305501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 306501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 307501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if ((op & 0xc0) == 0x00) { 308501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "vsp = vsp + (xxxxxx << 2) + 4" 309501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + ((op & 0x3f) << 2) + 4); 310501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xc0) == 0x40) { 311501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "vsp = vsp - (xxxxxx << 2) - 4" 312501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] - ((op & 0x3f) << 2) - 4); 313501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xf0) == 0x80) { 314501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 315f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 316501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 317501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 318501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t mask = (((uint32_t)op & 0x0f) << 12) | ((uint32_t)op2 << 4); 319501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (mask) { 320501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop up to 12 integer registers under masks {r15-r12}, {r11-r4}" 321f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_pop_registers(memory, state, mask)) { 322501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 323501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 324501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (mask & (1 << R_PC)) { 325501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown pc_was_set = true; 326501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 327501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 328501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Refuse to unwind" 329501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 330501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 331501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xf0) == 0x90) { 332501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (op != 0x9d && op != 0x9f) { 333501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Set vsp = r[nnnn]" 334501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[op & 0x0f]); 335501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 336501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Reserved as prefix for ARM register to register moves" 337501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Reserved as prefix for Intel Wireless MMX register to register moves" 338501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 339501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 340501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xf8) == 0xa0) { 341501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop r4-r[4+nnn]" 342501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t mask = (0x0ff0 >> (7 - (op & 0x07))) & 0x0ff0; 343f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_pop_registers(memory, state, mask)) { 344501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 345501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 346501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xf8) == 0xa8) { 347501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop r4-r[4+nnn], r14" 348501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t mask = ((0x0ff0 >> (7 - (op & 0x07))) & 0x0ff0) | 0x4000; 349f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_pop_registers(memory, state, mask)) { 350501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 351501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 352501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xb0) { 353501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Finish" 354501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 355501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xb1) { 356501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 357f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 358501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 359501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 360501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (op2 != 0x00 && (op2 & 0xf0) == 0x00) { 361501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop integer registers under mask {r3, r2, r1, r0}" 362f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_pop_registers(memory, state, op2)) { 363501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 364501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 365501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 366501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Spare" 367501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 368501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 369501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xb2) { 370501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "vsp = vsp + 0x204 + (uleb128 << 2)" 371501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t value = 0; 372501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint32_t shift = 0; 373501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 374501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown do { 375f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 376501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 377501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 378501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown value |= (op2 & 0x7f) << shift; 379501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown shift += 7; 380501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } while (op2 & 0x80); 381501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (value << 2) + 0x204); 382501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xb3) { 383501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop VFP double-precision registers D[ssss]-D[ssss+cccc] saved (as if) by FSTMFDX" 384501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 385f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 386501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 387501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 388501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op2 & 0x0f) * 8 + 12); 389501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xf8) == 0xb8) { 390501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop VFP double-precision registers D[8]-D[8+nnn] saved (as if) by FSTMFDX" 391501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op & 0x07) * 8 + 12); 392501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op & 0xf8) == 0xc0) { 393501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Intel Wireless MMX pop wR[10]-wR[10+nnn]" 394501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op & 0x07) * 8 + 8); 395501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xc6) { 396501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Intel Wireless MMX pop wR[ssss]-wR[ssss+cccc]" 397501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 398f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 399501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 400501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 401501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op2 & 0x0f) * 8 + 8); 402501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xc7) { 403501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 404f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 405501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 406501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 407501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (op2 != 0x00 && (op2 & 0xf0) == 0x00) { 408501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Intel Wireless MMX pop wCGR registers under mask {wCGR3,2,1,0}" 409501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + __builtin_popcount(op2) * 4); 410501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 411501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Spare" 412501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 413501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 414501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xc8) { 415501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop VFP double precision registers D[16+ssss]-D[16+ssss+cccc] 416501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // saved (as if) by FSTMFD" 417501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 418f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 419501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 420501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 421501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op2 & 0x0f) * 8 + 8); 422501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if (op == 0xc9) { 423501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop VFP double precision registers D[ssss]-D[ssss+cccc] saved (as if) by FSTMFDD" 424501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t op2; 425f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!(size--) || !try_next_byte(memory, stream, &op2)) { 426501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 427501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 428501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op2 & 0x0f) * 8 + 8); 429501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else if ((op == 0xf8) == 0xd0) { 430501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Pop VFP double-precision registers D[8]-D[8+nnn] saved (as if) by FSTMFDD" 431501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_SP, state->gregs[R_SP] + (uint32_t)(op & 0x07) * 8 + 8); 432501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } else { 433501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // "Spare" 434501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return false; 435501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 436501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 437501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (!pc_was_set) { 438501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown set_reg(state, R_PC, state->gregs[R_LR]); 439501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 440501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return true; 441501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 442501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 443f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownstatic bool try_get_half_word(const memory_t* memory, uint32_t pc, uint16_t* out_value) { 444f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown uint32_t word; 445f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (try_get_word(memory, pc & ~2, &word)) { 446f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown *out_value = pc & 2 ? word >> 16 : word & 0xffff; 447f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown return true; 448f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 449f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown return false; 450f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown} 451f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown 452f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownuintptr_t rewind_pc_arch(const memory_t* memory, uintptr_t pc) { 453f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (pc & 1) { 454f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown /* Thumb mode - need to check whether the bl(x) has long offset or not. 455f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * Examples: 456f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 457f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * arm blx in the middle of thumb: 458f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 187ae: 2300 movs r3, #0 459f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 187b0: f7fe ee1c blx 173ec 460f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 187b4: 2c00 cmp r4, #0 461f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 462f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * arm bl in the middle of thumb: 463f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 187d8: 1c20 adds r0, r4, #0 464f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 187da: f136 fd15 bl 14f208 465f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 187de: 2800 cmp r0, #0 466f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 467f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * pure thumb: 468f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 18894: 189b adds r3, r3, r2 469f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 18896: 4798 blx r3 470f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown * 18898: b001 add sp, #4 471f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown */ 472f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown uint16_t prev1, prev2; 47319b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown if (try_get_half_word(memory, pc - 5, &prev1) 474f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown && ((prev1 & 0xf000) == 0xf000) 47519b39f371be5250e7b9e88016be1e5e665367b3fJeff Brown && try_get_half_word(memory, pc - 3, &prev2) 476f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown && ((prev2 & 0xe000) == 0xe000)) { 477f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown pc -= 4; // long offset 478f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } else { 479f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown pc -= 2; 480f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 481f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } else { 482f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown /* ARM mode, all instructions are 32bit. Yay! */ 483f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown pc -= 4; 484f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 485f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown return pc; 486f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown} 487f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown 488f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brownstatic ssize_t unwind_backtrace_common(const memory_t* memory, 489f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown const map_info_t* map_info_list, 490501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown unwind_state_t* state, backtrace_frame_t* backtrace, 491501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size_t ignore_depth, size_t max_depth) { 492501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size_t ignored_frames = 0; 493501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown size_t returned_frames = 0; 494501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 495f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown for (size_t index = 0; returned_frames < max_depth; index++) { 496f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown uintptr_t pc = index ? rewind_pc_arch(memory, state->gregs[R_PC]) 497f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown : state->gregs[R_PC]; 498f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown backtrace_frame_t* frame = add_backtrace_entry(pc, 499f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown backtrace, ignore_depth, max_depth, &ignored_frames, &returned_frames); 500501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (frame) { 501501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown frame->stack_top = state->gregs[R_SP]; 502501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 503501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 504f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown uintptr_t handler = get_exception_handler(memory, map_info_list, pc); 505501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (!handler) { 506f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // If there is no handler for the PC and this is the first frame, 507f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // then the program may have branched to an invalid address. 508f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // Try starting from the LR instead, otherwise stop unwinding. 509f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (index == 0 && state->gregs[R_LR] 510f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown && state->gregs[R_LR] != state->gregs[R_PC]) { 511f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown set_reg(state, R_PC, state->gregs[R_LR]); 512f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown continue; 513f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } else { 514f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown break; 515501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 516501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 517501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 518501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown byte_stream_t stream; 519501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown stream.ptr = handler; 520501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown uint8_t pr; 521f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!try_next_byte(memory, &stream, &pr)) { 522501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 523501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 524501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if ((pr & 0xf0) != 0x80) { 525501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // The first word is a place-relative pointer to a generic personality 526501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // routine function. We don't support invoking such functions, so stop here. 527501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 528501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 529501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 530501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // The first byte indicates the personality routine to execute. 531501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown // Following bytes provide instructions to the personality routine. 532f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!execute_personality_routine(memory, state, &stream, pr & 0x0f)) { 533501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown break; 534501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 535501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (frame && state->gregs[R_SP] > frame->stack_top) { 536501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown frame->stack_size = state->gregs[R_SP] - frame->stack_top; 537501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 538f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (!state->gregs[R_PC]) { 539f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown break; 540f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 541f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown } 542501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 543f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // Ran out of frames that we could unwind using handlers. 544f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // Add a final entry for the LR if it looks sane and call it good. 545f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown if (returned_frames < max_depth 546f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown && state->gregs[R_LR] 547f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown && state->gregs[R_LR] != state->gregs[R_PC] 548f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown && is_executable_map(map_info_list, state->gregs[R_LR])) { 549f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // We don't know where the stack for this extra frame starts so we 550f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown // don't return any stack information for it. 551f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown add_backtrace_entry(rewind_pc_arch(memory, state->gregs[R_LR]), 552f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown backtrace, ignore_depth, max_depth, &ignored_frames, &returned_frames); 553501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 554501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return returned_frames; 555501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 556501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 557501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownssize_t unwind_backtrace_signal_arch(siginfo_t* siginfo, void* sigcontext, 558f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown const map_info_t* map_info_list, 559501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown backtrace_frame_t* backtrace, size_t ignore_depth, size_t max_depth) { 560501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown const ucontext_t* uc = (const ucontext_t*)sigcontext; 561501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 562501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown unwind_state_t state; 563501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown for (int i = 0; i < 16; i++) { 564501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown state.gregs[i] = uc->uc_mcontext.gregs[i]; 565501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 566501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 567f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown memory_t memory; 568f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown init_memory(&memory, map_info_list); 569f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown return unwind_backtrace_common(&memory, map_info_list, &state, 570f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown backtrace, ignore_depth, max_depth); 571501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 572501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 573501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brownssize_t unwind_backtrace_ptrace_arch(pid_t tid, const ptrace_context_t* context, 574501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown backtrace_frame_t* backtrace, size_t ignore_depth, size_t max_depth) { 575501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown struct pt_regs regs; 576501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown if (ptrace(PTRACE_GETREGS, tid, 0, ®s)) { 577501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown return -1; 578501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 579501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 580501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown unwind_state_t state; 581501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown for (int i = 0; i < 16; i++) { 582501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown state.gregs[i] = regs.uregs[i]; 583501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown } 584501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown 585f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown memory_t memory; 586f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown init_memory_ptrace(&memory, tid); 587f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown return unwind_backtrace_common(&memory, context->map_info_list, &state, 588f0c5872637a63e28e3cd314cfc915c07f76df9c6Jeff Brown backtrace, ignore_depth, max_depth); 589501edd29b823ce1301d2effdd3a9e4b6e2b20b76Jeff Brown} 590