2 /*--------------------------------------------------------------------*/
3 /*--- User-mode execve() for Mach-O executables m_ume_macho.c ---*/
4 /*--------------------------------------------------------------------*/
7 This file is part of Valgrind, a dynamic binary instrumentation
10 Copyright (C) 2005-2010 Apple Inc.
11 Greg Parker gparker@apple.com
13 This program is free software; you can redistribute it and/or
14 modify it under the terms of the GNU General Public License as
15 published by the Free Software Foundation; either version 2 of the
16 License, or (at your option) any later version.
18 This program is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
21 General Public License for more details.
23 You should have received a copy of the GNU General Public License
24 along with this program; if not, write to the Free Software
25 Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
28 The GNU General Public License is contained in the file COPYING.
31 #if defined(VGO_darwin)
33 #include "pub_core_basics.h"
34 #include "pub_core_vki.h"
36 #include "pub_core_aspacemgr.h" // various mapping fns
37 #include "pub_core_debuglog.h"
38 #include "pub_core_libcassert.h" // VG_(exit), vg_assert
39 #include "pub_core_libcbase.h" // VG_(memcmp), etc
40 #include "pub_core_libcfile.h" // VG_(open) et al
41 #include "pub_core_libcprint.h"
42 #include "pub_core_libcproc.h"
43 #include "pub_core_machine.h" // VG_ELF_CLASS (XXX: which should be moved)
44 #include "pub_core_mallocfree.h" // VG_(malloc), VG_(free)
45 #include "pub_core_syscall.h" // VG_(strerror)
46 #include "pub_core_ume.h" // self
50 #include <mach/mach.h>
52 #include <mach-o/dyld.h>
53 #include <mach-o/fat.h>
54 #include <mach-o/loader.h>
57 #define MAGIC MH_MAGIC
58 #define MACH_HEADER mach_header
59 #define LC_SEGMENT_CMD LC_SEGMENT
60 #define SEGMENT_COMMAND segment_command
61 #define SECTION section
63 #define MAGIC MH_MAGIC_64
64 #define MACH_HEADER mach_header_64
65 #define LC_SEGMENT_CMD LC_SEGMENT_64
66 #define SEGMENT_COMMAND segment_command_64
67 #define SECTION section_64
71 static void print(const char *str)
73 VG_(printf)("%s", str);
76 static void check_mmap(SysRes res, Addr base, SizeT len)
78 if (sr_isError(res)) {
79 VG_(printf)("valgrind: mmap(0x%llx, %lld) failed in UME.\n",
80 (ULong)base, (Long)len);
87 load_thin_file(int fd, vki_off_t offset, vki_off_t size, unsigned long filetype,
89 vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
90 vki_uint8_t **out_text, vki_uint8_t **out_entry, vki_uint8_t **out_linker_entry);
93 load_fat_file(int fd, vki_off_t offset, vki_off_t size, unsigned long filetype,
95 vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
96 vki_uint8_t **out_text, vki_uint8_t **out_entry, vki_uint8_t **out_linker_entry);
99 load_mach_file(int fd, vki_off_t offset, vki_off_t size, unsigned long filetype,
100 const char *filename,
101 vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
102 vki_uint8_t **out_text, vki_uint8_t **out_entry, vki_uint8_t **out_linker_entry);
105 /* Open and map a dylinker file.
106 Returns 0 on success, -1 on any failure.
107 filename must be an absolute path.
108 The dylinker's entry point is returned in *out_linker_entry.
111 open_dylinker(const char *filename, vki_uint8_t **out_linker_entry)
119 if (filename[0] != '/') {
120 print("bad executable (dylinker name is not an absolute path)\n");
124 res = VG_(open)(filename, VKI_O_RDONLY, 0);
126 if (sr_isError(res)) {
127 print("couldn't open dylinker: ");
132 err = VG_(fstat)(fd, &sb);
134 print("couldn't stat dylinker: ");
142 err = load_mach_file(fd, 0, filesize, MH_DYLINKER, filename,
143 NULL, NULL, NULL, out_linker_entry, NULL);
145 print("...while loading dylinker: ");
155 Process an LC_SEGMENT command, mapping it into memory if appropriate.
156 fd[offset..size) is a Mach-O thin file.
157 Returns 0 on success, -1 on any failure.
158 If this segment contains the executable's Mach headers, their
159 loaded address is returned in *text.
160 If this segment is a __UNIXSTACK, its start address is returned in
164 load_segment(int fd, vki_off_t offset, vki_off_t size,
165 vki_uint8_t **text, vki_uint8_t **stack_start,
166 struct SEGMENT_COMMAND *segcmd, const HChar *filename)
170 vki_size_t filesize; // page-aligned
171 vki_size_t vmsize; // page-aligned
174 // GrP fixme mark __UNIXSTACK as SF_STACK
177 if (segcmd->vmaddr == 0 && 0 == VG_(strcmp)(segcmd->segname, SEG_PAGEZERO)) {
178 if (segcmd->vmsize != 0x100000000) {
179 print("bad executable (__PAGEZERO is not 4 GB)\n");
186 // Record the segment containing the Mach headers themselves
187 if (segcmd->fileoff == 0 && segcmd->filesize != 0) {
188 if (text) *text = (vki_uint8_t *)segcmd->vmaddr;
191 // Record the __UNIXSTACK start
192 if (0 == VG_(strcmp)(segcmd->segname, SEG_UNIXSTACK)) {
193 if (stack_start) *stack_start = (vki_uint8_t *)segcmd->vmaddr;
196 // Sanity-check the segment
197 if (segcmd->fileoff + segcmd->filesize > size) {
198 print("bad executable (invalid segment command)\n");
201 if (segcmd->vmsize == 0) {
202 return 0; // nothing to map - ok
205 // Get desired memory protection
206 // GrP fixme need maxprot too
207 prot = (((segcmd->initprot & VM_PROT_READ) ? VKI_PROT_READ : 0) |
208 ((segcmd->initprot & VM_PROT_WRITE) ? VKI_PROT_WRITE : 0) |
209 ((segcmd->initprot & VM_PROT_EXECUTE) ? VKI_PROT_EXEC : 0));
212 filesize = VG_PGROUNDUP(segcmd->filesize);
213 vmsize = VG_PGROUNDUP(segcmd->vmsize);
215 addr = (Addr)segcmd->vmaddr;
216 res = VG_(am_mmap_named_file_fixed_client)(addr, filesize, prot, fd,
217 offset + segcmd->fileoff,
219 check_mmap(res, addr, filesize);
222 // Zero-fill the remainder of the segment, if any
223 if (segcmd->filesize != filesize) {
224 // non-page-aligned part
225 // GrP fixme kernel doesn't do this?
226 //bzero(segcmd->filesize+(vki_uint8_t *)addr, filesize-segcmd->filesize);
228 if (filesize != vmsize) {
230 SizeT length = vmsize - filesize;
231 addr = (Addr)(filesize + segcmd->vmaddr);
232 res = VG_(am_mmap_anon_fixed_client)(addr, length, prot);
233 check_mmap(res, addr, length);
241 Parse a LC_THREAD or LC_UNIXTHREAD command.
242 Return 0 on success, -1 on any failure.
243 The stack address is returned in *stack. If the executable requested
244 a non-default stack address, *customstack is set to TRUE. The thread's
245 entry point is returned in *entry.
246 The stack itself (if any) is not mapped.
247 Other custom register settings are silently ignored (GrP fixme).
250 load_genericthread(vki_uint8_t **stack_end,
251 int *customstack, vki_uint8_t **entry,
252 struct thread_command *threadcmd)
259 p = (unsigned int *)(threadcmd + 1);
260 left = (threadcmd->cmdsize - sizeof(struct thread_command)) / sizeof(*p);
264 print("bad executable (invalid thread command)\n");
267 flavor = *p++; left--;
268 count = *p++; left--;
271 print("bad executable (invalid thread command 2)\n");
276 if (flavor == i386_THREAD_STATE && count == i386_THREAD_STATE_COUNT) {
277 i386_thread_state_t *state = (i386_thread_state_t *)p;
278 if (entry) *entry = (vki_uint8_t *)state->__eip;
279 if (stack_end) *stack_end = (vki_uint8_t *)(state->__esp ? state->__esp : VKI_USRSTACK);
280 if (customstack) *customstack = state->__esp;
284 #elif defined(VGA_amd64)
285 if (flavor == x86_THREAD_STATE64 && count == x86_THREAD_STATE64_COUNT){
286 x86_thread_state64_t *state = (x86_thread_state64_t *)p;
287 if (entry) *entry = (vki_uint8_t *)state->__rip;
288 if (stack_end) *stack_end = (vki_uint8_t *)(state->__rsp ? state->__rsp : VKI_USRSTACK64);
289 if (customstack) *customstack = state->__rsp;
294 # error unknown platform
300 print("bad executable (no arch-compatible thread state)\n");
305 /* Returns the main stack size on this platform,
306 using getrlimit or a fixed size.
308 static vki_size_t default_stack_size(void)
310 struct vki_rlimit lim;
311 int err = VG_(getrlimit)(VKI_RLIMIT_STACK, &lim);
312 if (err) return 8*1024*1024; // 8 MB
313 else return lim.rlim_cur;
318 Processes a LC_UNIXTHREAD command.
319 Returns 0 on success, -1 on any failure.
320 The stack is mapped in and returned in *out_stack.
321 The thread's entry point is returned in *out_entry.
324 load_unixthread(vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
325 vki_uint8_t **out_entry, struct thread_command *threadcmd)
328 vki_uint8_t *stack_end;
331 err = load_genericthread(&stack_end, &customstack, out_entry, threadcmd);
335 print("bad executable (no thread stack)\n");
341 vki_size_t stacksize = VG_PGROUNDUP(default_stack_size());
342 vm_address_t stackbase = VG_PGROUNDDN(stack_end-stacksize);
345 res = VG_(am_mmap_anon_fixed_client)(stackbase, stacksize, VKI_PROT_READ|VKI_PROT_WRITE|VKI_PROT_EXEC);
346 check_mmap(res, stackbase, stacksize);
347 if (out_stack_start) *out_stack_start = (vki_uint8_t *)stackbase;
349 // custom stack - mapped via __UNIXTHREAD segment
352 if (out_stack_end) *out_stack_end = stack_end;
359 Processes an LC_LOAD_DYLINKER command.
360 Returns 0 on success, -1 on any error.
361 The linker itself is mapped into memory.
362 The linker's entry point is returned in *linker_entry.
365 load_dylinker(vki_uint8_t **linker_entry, struct dylinker_command *dycmd)
369 if (dycmd->name.offset >= dycmd->cmdsize) {
370 print("bad executable (invalid dylinker command)\n");
374 name = dycmd->name.offset + (char *)dycmd;
376 // GrP fixme assumes name is terminated somewhere
377 return open_dylinker(name, linker_entry);
382 Process an LC_THREAD command.
383 Returns 0 on success, -1 on any failure.
384 The thread's entry point is returned in *out_entry.
387 load_thread(vki_uint8_t **out_entry, struct thread_command *threadcmd)
392 err = load_genericthread(NULL, &customstack, out_entry, threadcmd);
395 print("bad executable (stackless thread has stack)\n");
403 Loads a Mach-O executable into memory, along with any threads,
404 stacks, and dylinker.
405 Returns 0 on success, -1 on any failure.
406 fd[offset..offset+size) is a Mach-O thin file.
407 filetype is MH_EXECUTE or MH_DYLINKER.
408 The mapped but empty stack is returned in *out_stack.
409 The executable's Mach headers are returned in *out_text.
410 The executable's entry point is returned in *out_entry.
411 The dylinker's entry point (if any) is returned in *out_linker_entry.
412 GrP fixme need to return whether dylinker was found - stack layout is different
415 load_thin_file(int fd, vki_off_t offset, vki_off_t size, unsigned long filetype,
416 const char *filename,
417 vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
418 vki_uint8_t **out_text, vki_uint8_t **out_entry, vki_uint8_t **out_linker_entry)
420 struct MACH_HEADER mh;
421 vki_uint8_t *headers;
422 vki_uint8_t *headers_end;
423 struct load_command *lc;
424 struct load_command *lcend;
425 struct SEGMENT_COMMAND *segcmd;
426 struct thread_command *threadcmd;
427 struct dylinker_command *dycmd;
432 vki_uint8_t *stack_start = NULL; // allocated thread stack (hot end)
433 vki_uint8_t *stack_end = NULL; // allocated thread stack (cold end)
434 vki_uint8_t *entry = NULL; // static entry point
435 vki_uint8_t *text = NULL; // start of text segment (i.e. the mach headers)
436 vki_uint8_t *linker_entry = NULL; // dylinker entry point
438 // Read Mach-O header
439 if (sizeof(mh) > size) {
440 print("bad executable (no Mach-O header)\n");
442 res = VG_(pread)(fd, &mh, sizeof(mh), offset);
443 if (sr_isError(res) || sr_Res(res) != sizeof(mh)) {
444 print("bad executable (no Mach-O header)\n");
449 // Sanity-check the header itself
450 if (mh.magic != MAGIC) {
451 print("bad executable (no Mach-O magic)\n");
455 if (mh.filetype != filetype) {
456 // expecting MH_EXECUTE or MH_DYLINKER
457 print("bad executable (wrong file type)\n");
462 // Map all headers into memory
463 len = sizeof(mh) + mh.sizeofcmds;
465 print("bad executable (missing load commands)\n");
469 headers = VG_(malloc)("ume.macho.headers", len);
470 res = VG_(pread)(fd, headers, len, offset);
471 if (sr_isError(res)) {
472 print("couldn't read load commands from executable\n");
475 headers_end = headers + size;
478 // Map some segments into client memory:
479 // LC_SEGMENT (text, data, etc)
481 // LOAD_DYLINKER (dyld)
482 lcend = (struct load_command *)(headers + mh.sizeofcmds + sizeof(mh));
483 for (lc = (struct load_command *)(headers + sizeof(mh));
485 lc = (struct load_command *)(lc->cmdsize + (vki_uint8_t *)lc))
487 if ((vki_uint8_t *)lc < headers ||
488 lc->cmdsize+(vki_uint8_t *)lc > headers_end) {
489 print("bad executable (invalid load commands)\n");
495 if (lc->cmdsize < sizeof(struct SEGMENT_COMMAND)) {
496 print("bad executable (invalid load commands)\n");
499 segcmd = (struct SEGMENT_COMMAND *)lc;
500 err = load_segment(fd, offset, size, &text, &stack_start,
507 if (stack_end || entry) {
508 print("bad executable (multiple thread commands)\n");
511 if (lc->cmdsize < sizeof(struct thread_command)) {
512 print("bad executable (invalid load commands)\n");
515 threadcmd = (struct thread_command *)lc;
516 err = load_unixthread(&stack_start, &stack_end, &entry, threadcmd);
520 case LC_LOAD_DYLINKER:
521 if (filetype == MH_DYLINKER) {
522 print("bad executable (dylinker needs a dylinker)\n");
526 print("bad executable (multiple dylinker commands)\n");
528 if (lc->cmdsize < sizeof(struct dylinker_command)) {
529 print("bad executable (invalid load commands)\n");
532 dycmd = (struct dylinker_command *)lc;
533 err = load_dylinker(&linker_entry, dycmd);
538 if (filetype == MH_EXECUTE) {
539 print("bad executable (stackless thread)\n");
542 if (stack_end || entry) {
543 print("bad executable (multiple thread commands)\n");
546 if (lc->cmdsize < sizeof(struct thread_command)) {
547 print("bad executable (invalid load commands)\n");
550 threadcmd = (struct thread_command *)lc;
551 err = load_thread(&entry, threadcmd);
561 // Done with the headers
564 if (filetype == MH_EXECUTE) {
565 // Verify the necessary pieces for an executable:
568 // an entry point (static or linker)
569 if (!stack_end || !stack_start) {
570 print("bad executable (no stack)\n");
574 print("bad executable (no text segment)\n");
577 if (!entry && !linker_entry) {
578 print("bad executable (no entry point)\n");
582 else if (filetype == MH_DYLINKER) {
583 // Verify the necessary pieces for a dylinker:
586 print("bad executable (no entry point)\n");
591 if (out_stack_start) *out_stack_start = stack_start;
592 if (out_stack_end) *out_stack_end = stack_end;
593 if (out_text) *out_text = text;
594 if (out_entry) *out_entry = entry;
595 if (out_linker_entry) *out_linker_entry = linker_entry;
602 Load a fat Mach-O executable.
605 load_fat_file(int fd, vki_off_t offset, vki_off_t size, unsigned long filetype,
606 const char *filename,
607 vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
608 vki_uint8_t **out_text, vki_uint8_t **out_entry, vki_uint8_t **out_linker_entry)
610 struct fat_header fh;
611 vki_off_t arch_offset;
613 cpu_type_t good_arch;
616 #if defined(VGA_ppc32)
617 good_arch = CPU_TYPE_POWERPC;
618 #elif defined(VGA_ppc64)
619 good_arch = CPU_TYPE_POWERPC64;
620 #elif defined(VGA_x86)
621 good_arch = CPU_TYPE_I386;
622 #elif defined(VGA_amd64)
623 good_arch = CPU_TYPE_X86_64;
625 # error unknown architecture
629 // All fat contents are BIG-ENDIAN
630 if (size < sizeof(fh)) {
631 print("bad executable (bad fat header)\n");
634 res = VG_(pread)(fd, &fh, sizeof(fh), offset);
635 if (sr_isError(res) || sr_Res(res) != sizeof(fh)) {
636 print("bad executable (bad fat header)\n");
640 // Scan arch headers looking for a good one
641 arch_offset = offset + sizeof(fh);
642 fh.nfat_arch = VG_(ntohl)(fh.nfat_arch);
643 for (i = 0; i < fh.nfat_arch; i++) {
644 struct fat_arch arch;
645 if (arch_offset + sizeof(arch) > size) {
646 print("bad executable (corrupt fat archs)\n");
650 res = VG_(pread)(fd, &arch, sizeof(arch), arch_offset);
651 arch_offset += sizeof(arch);
652 if (sr_isError(res) || sr_Res(res) != sizeof(arch)) {
653 VG_(printf)("bad executable (corrupt fat arch) %x %llu\n",
654 arch.cputype, (ULong)arch_offset);
658 arch.cputype = VG_(ntohl)(arch.cputype);
659 arch.cpusubtype = VG_(ntohl)(arch.cpusubtype);
660 arch.offset = VG_(ntohl)(arch.offset);
661 arch.size = VG_(ntohl)(arch.size);
662 arch.align = VG_(ntohl)(arch.align);
663 if (arch.cputype == good_arch) {
665 if (arch.offset > size || arch.offset + arch.size > size) {
666 print("bad executable (corrupt fat arch 2)\n");
669 return load_mach_file(fd, offset+arch.offset, arch.size, filetype,
670 filename, out_stack_start, out_stack_end,
671 out_text, out_entry, out_linker_entry);
675 print("bad executable (can't run on this machine)\n");
680 Load a Mach-O executable or dylinker.
681 The file may be fat or thin.
684 load_mach_file(int fd, vki_off_t offset, vki_off_t size, unsigned long filetype,
685 const char *filename,
686 vki_uint8_t **out_stack_start, vki_uint8_t **out_stack_end,
687 vki_uint8_t **out_text, vki_uint8_t **out_entry, vki_uint8_t **out_linker_entry)
692 if (size < sizeof(magic)) {
693 print("bad executable (no Mach-O magic)\n");
696 res = VG_(pread)(fd, &magic, sizeof(magic), offset);
697 if (sr_isError(res) || sr_Res(res) != sizeof(magic)) {
698 print("bad executable (no Mach-O magic)\n");
702 if (magic == MAGIC) {
704 return load_thin_file(fd, offset, size, filetype, filename,
705 out_stack_start, out_stack_end,
706 out_text, out_entry, out_linker_entry);
707 } else if (magic == VG_(htonl)(FAT_MAGIC)) {
709 return load_fat_file(fd, offset, size, filetype, filename,
710 out_stack_start, out_stack_end,
711 out_text, out_entry, out_linker_entry);
714 print("bad executable (bad Mach-O magic)\n");
720 Bool VG_(match_macho)(Char *hdr, Int len)
722 vki_uint32_t *magic = (vki_uint32_t *)hdr;
724 // GrP fixme check more carefully for matching fat arch?
726 return (len >= VKI_PAGE_SIZE &&
727 (*magic == MAGIC || *magic == VG_(ntohl)(FAT_MAGIC)))
732 Int VG_(load_macho)(Int fd, const HChar *name, ExeInfo *info)
736 vki_uint8_t *stack_start;
737 vki_uint8_t *stack_end;
740 vki_uint8_t *linker_entry;
742 err = VG_(fstat)(fd, &sb);
744 print("couldn't stat executable\n");
748 err = load_mach_file(fd, 0, sb.size, MH_EXECUTE, name,
749 &stack_start, &stack_end,
750 &text, &entry, &linker_entry);
751 if (err) return VKI_ENOEXEC;
753 // GrP fixme exe_base
755 info->entry = (Addr)entry;
756 info->init_ip = (Addr)(linker_entry ? linker_entry : entry);
757 info->brkbase = 0xffffffff; // GrP fixme hack
758 info->init_toc = 0; // GrP fixme unused
760 info->stack_start = (Addr)stack_start;
761 info->stack_end = (Addr)stack_end;
762 info->text = (Addr)text;
763 info->dynamic = linker_entry ? True : False;
765 info->executable_path = VG_(strdup)("ume.macho.executable_path", name);
770 #endif // defined(VGO_darwin)
772 /*--------------------------------------------------------------------*/
774 /*--------------------------------------------------------------------*/
projects / l4.git / blob