| public ReadAddress ( TargetAddress address ) : TargetAddress | ||
| address | TargetAddress | |
| return | TargetAddress | |
internal override void Hack_ReturnNull(Inferior inferior)
{
Registers regs = inferior.GetRegisters ();
TargetAddress rsp = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RSP].GetValue ());
TargetAddress rip = inferior.ReadAddress (rsp);
rsp += TargetAddressSize;
regs [(int) X86_Register.RIP].SetValue (rip);
regs [(int) X86_Register.RSP].SetValue (rsp);
regs [(int) X86_Register.RAX].SetValue (TargetAddress.Null);
inferior.SetRegisters (regs);
}
public override bool InterpretInstruction(Inferior inferior)
{
switch (InstructionType) {
case Type.IndirectJump:
case Type.Jump: {
TargetAddress target = GetEffectiveAddress (inferior);
Registers regs = inferior.GetRegisters ();
regs [(int) X86_Register.RIP].SetValue (target);
inferior.SetRegisters (regs);
return true;
}
case Type.IndirectCall:
case Type.Call: {
TargetAddress target = GetEffectiveAddress (inferior);
Registers regs = inferior.GetRegisters ();
TargetAddress rip = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RIP].Value);
TargetAddress rsp = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RSP].Value);
inferior.WriteAddress (rsp - 8, rip + InstructionSize);
regs [(int) X86_Register.RSP].SetValue (rsp - 8);
regs [(int) X86_Register.RIP].SetValue (target);
inferior.SetRegisters (regs);
return true;
}
case Type.Ret: {
Registers regs = inferior.GetRegisters ();
TargetAddress rsp = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RSP].Value);
TargetAddress rip = inferior.ReadAddress (rsp);
rsp += 8 + Displacement;
regs [(int) X86_Register.RSP].SetValue (rsp);
regs [(int) X86_Register.RIP].SetValue (rip);
inferior.SetRegisters (regs);
return true;
}
case Type.Interpretable: {
Registers regs = inferior.GetRegisters ();
TargetAddress rsp = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RSP].Value);
TargetAddress rbp = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RBP].Value);
TargetAddress rip = new TargetAddress (
inferior.AddressDomain, regs [(int) X86_Register.RIP].Value);
if (Code [0] == 0x55) /* push %rbp */ {
inferior.WriteAddress (rsp - 8, rbp);
regs [(int) X86_Register.RSP].SetValue (rsp - 8);
regs [(int) X86_Register.RIP].SetValue (rip + 1);
inferior.SetRegisters (regs);
return true;
}
return false;
}
default:
return false;
}
}
void check_for_mono_runtime(Inferior inferior, Bfd bfd)
{
TargetAddress info = bfd.LookupSymbol ("MONO_DEBUGGER__debugger_info_ptr");
if (info.IsNull)
return;
TargetAddress data = inferior.ReadAddress (info);
if (data.IsNull) {
//
// See CheckForPendingMonoInit() below - this should only happen when
// the Mono runtime is embedded - for instance Moonlight inside Firefox.
//
// Note that we have to do a symbol lookup for it because we do not know
// whether the mono runtime is recent enough to have this variable.
//
data = bfd.LookupSymbol ("MONO_DEBUGGER__using_debugger");
if (data.IsNull) {
Report.Error ("Failed to initialize the Mono runtime!");
return;
}
inferior.WriteInteger (data, 1);
pending_mono_init = info;
// Add a breakpoint in mini_debugger_init, to make sure that InitializeMono()
// gets called in time to set the breakpoint at debugger_initialize, needed to
// initialize the notifications.
TargetAddress mini_debugger_init = bfd.LookupSymbol ("mini_debugger_init");
if (!mini_debugger_init.IsNull)
{
Instruction insn = inferior.Architecture.ReadInstruction (inferior, mini_debugger_init);
if ((insn == null) || !insn.CanInterpretInstruction)
throw new InternalError ("Unknown dynlink breakpoint: {0}", mini_debugger_init);
DynlinkBreakpoint init_breakpoint = new DynlinkBreakpoint (this, insn);
init_breakpoint.Insert (inferior);
}
return;
}
Process.InitializeMono (inferior, data);
}
internal override bool CheckForPendingMonoInit(Inferior inferior)
{
if (pending_mono_init.IsNull)
return false;
TargetAddress data = inferior.ReadAddress (pending_mono_init);
if (data.IsNull)
return false;
pending_mono_init = TargetAddress.Null;
Process.InitializeMono (inferior, data);
return true;
}
void check_nptl_setxid(Inferior inferior, Bfd bfd)
{
if (setxid_breakpoint != null)
return;
TargetAddress vtable = bfd.LookupSymbol ("__libc_pthread_functions");
if (vtable.IsNull)
return;
/*
* Big big hack to allow debugging gnome-vfs:
* We intercept any calls to __nptl_setxid() and make it
* return 0. This is safe to do since we do not allow
* debugging setuid programs or running as root, so setxid()
* will always be a no-op anyways.
*/
TargetAddress nptl_setxid = inferior.ReadAddress (vtable + 51 * inferior.TargetAddressSize);
if (!nptl_setxid.IsNull) {
setxid_breakpoint = new SetXidBreakpoint (this, nptl_setxid);
setxid_breakpoint.Insert (inferior);
}
}
void check_for_mono_runtime(Inferior inferior, Bfd bfd)
{
TargetAddress info = bfd.GetSectionAddress (".mdb_debug_info");
if (info.IsNull)
return;
TargetAddress data = inferior.ReadAddress (info);
if (data.IsNull) {
//
// See CheckForPendingMonoInit() below - this should only happen when
// the Mono runtime is embedded - for instance Moonlight inside Firefox.
//
// Note that we have to do a symbol lookup for it because we do not know
// whether the mono runtime is recent enough to have this variable.
//
data = bfd.LookupSymbol ("MONO_DEBUGGER__using_debugger");
if (data.IsNull) {
Report.Error ("Failed to initialize the Mono runtime!");
return;
}
inferior.WriteInteger (data, 1);
pending_mono_init = info;
return;
}
Process.InitializeMono (inferior, data);
}
