1 //===-- AppleObjCTrampolineHandler.cpp ------------------------------------===//
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
7 //===----------------------------------------------------------------------===//
9 #include "AppleObjCTrampolineHandler.h"
10 #include "AppleThreadPlanStepThroughObjCTrampoline.h"
12 #include "Plugins/TypeSystem/Clang/TypeSystemClang.h"
13 #include "lldb/Breakpoint/StoppointCallbackContext.h"
14 #include "lldb/Core/Debugger.h"
15 #include "lldb/Core/Module.h"
16 #include "lldb/Core/StreamFile.h"
17 #include "lldb/Core/Value.h"
18 #include "lldb/Expression/DiagnosticManager.h"
19 #include "lldb/Expression/FunctionCaller.h"
20 #include "lldb/Expression/UserExpression.h"
21 #include "lldb/Expression/UtilityFunction.h"
22 #include "lldb/Symbol/Symbol.h"
23 #include "lldb/Target/ABI.h"
24 #include "lldb/Target/ExecutionContext.h"
25 #include "lldb/Target/Process.h"
26 #include "lldb/Target/RegisterContext.h"
27 #include "lldb/Target/Target.h"
28 #include "lldb/Target/Thread.h"
29 #include "lldb/Target/ThreadPlanRunToAddress.h"
30 #include "lldb/Utility/ConstString.h"
31 #include "lldb/Utility/FileSpec.h"
32 #include "lldb/Utility/Log.h"
34 #include "llvm/ADT/STLExtras.h"
36 #include "Plugins/LanguageRuntime/ObjC/ObjCLanguageRuntime.h"
41 using namespace lldb_private;
43 const char *AppleObjCTrampolineHandler::g_lookup_implementation_function_name =
44 "__lldb_objc_find_implementation_for_selector";
45 const char *AppleObjCTrampolineHandler::
46 g_lookup_implementation_with_stret_function_code =
50 extern void *class_getMethodImplementation(void *objc_class, void *sel); \n\
51 extern void *class_getMethodImplementation_stret(void *objc_class, \n\
53 extern void * object_getClass (id object); \n\
54 extern void * sel_getUid(char *name); \n\
55 extern int printf(const char *format, ...); \n\
57 extern \"C\" void * __lldb_objc_find_implementation_for_selector ( \n\
67 struct __lldb_imp_return_struct \n\
74 struct __lldb_objc_class { \n\
78 struct __lldb_objc_super { \n\
80 struct __lldb_objc_class *class_ptr; \n\
82 struct __lldb_msg_ref { \n\
87 struct __lldb_imp_return_struct return_struct; \n\
90 printf (\"\\n*** Called with obj: 0x%p sel: 0x%p is_stret: %d is_super: %d, \"\n\
91 \"is_super2: %d, is_fixup: %d, is_fixed: %d\\n\", \n\
92 object, sel, is_stret, is_super, is_super2, is_fixup, is_fixed);\n\
97 return_struct.class_addr = ((__lldb_objc_super *) object)->class_ptr->super_ptr;\n\
101 return_struct.class_addr = ((__lldb_objc_super *) object)->class_ptr;\n\
106 // This code seems a little funny, but has its reasons... \n\
108 // The call to [object class] is here because if this is a \n\
109 // class, and has not been called into yet, we need to do \n\
110 // something to force the class to initialize itself. \n\
111 // Then the call to object_getClass will actually return the \n\
112 // correct class, either the class if object is a class \n\
113 // instance, or the meta-class if it is a class pointer. \n\
114 void *class_ptr = (void *) [(id) object class]; \n\
115 return_struct.class_addr = (id) object_getClass((id) object); \n\
118 if (class_ptr == object) \n\
120 printf (\"Found a class object, need to use the meta class %p -> %p\\n\",\n\
121 class_ptr, return_struct.class_addr); \n\
125 printf (\"[object class] returned: %p object_getClass: %p.\\n\", \n\
126 class_ptr, return_struct.class_addr); \n\
135 return_struct.sel_addr = ((__lldb_msg_ref *) sel)->sel; \n\
139 char *sel_name = (char *) ((__lldb_msg_ref *) sel)->sel; \n\
140 return_struct.sel_addr = sel_getUid (sel_name); \n\
142 printf (\"\\n*** Got fixed up selector: %p for name %s.\\n\",\n\
143 return_struct.sel_addr, sel_name); \n\
148 return_struct.sel_addr = sel; \n\
153 return_struct.impl_addr = \n\
154 class_getMethodImplementation_stret (return_struct.class_addr, \n\
155 return_struct.sel_addr); \n\
159 return_struct.impl_addr = \n\
160 class_getMethodImplementation (return_struct.class_addr, \n\
161 return_struct.sel_addr); \n\
164 printf (\"\\n*** Returning implementation: %p.\\n\", \n\
165 return_struct.impl_addr); \n\
167 return return_struct.impl_addr; \n\
171 AppleObjCTrampolineHandler::g_lookup_implementation_no_stret_function_code =
175 extern void *class_getMethodImplementation(void *objc_class, void *sel); \n\
176 extern void * object_getClass (id object); \n\
177 extern void * sel_getUid(char *name); \n\
178 extern int printf(const char *format, ...); \n\
180 extern \"C\" void * __lldb_objc_find_implementation_for_selector (void *object, \n\
189 struct __lldb_imp_return_struct \n\
191 void *class_addr; \n\
196 struct __lldb_objc_class { \n\
200 struct __lldb_objc_super { \n\
202 struct __lldb_objc_class *class_ptr; \n\
204 struct __lldb_msg_ref { \n\
209 struct __lldb_imp_return_struct return_struct; \n\
212 printf (\"\\n*** Called with obj: 0x%p sel: 0x%p is_stret: %d is_super: %d, \" \n\
213 \"is_super2: %d, is_fixup: %d, is_fixed: %d\\n\", \n\
214 object, sel, is_stret, is_super, is_super2, is_fixup, is_fixed); \n\
219 return_struct.class_addr = ((__lldb_objc_super *) object)->class_ptr->super_ptr; \n\
223 return_struct.class_addr = ((__lldb_objc_super *) object)->class_ptr; \n\
228 // This code seems a little funny, but has its reasons... \n\
229 // The call to [object class] is here because if this is a class, and has not been called into \n\
230 // yet, we need to do something to force the class to initialize itself. \n\
231 // Then the call to object_getClass will actually return the correct class, either the class \n\
232 // if object is a class instance, or the meta-class if it is a class pointer. \n\
233 void *class_ptr = (void *) [(id) object class]; \n\
234 return_struct.class_addr = (id) object_getClass((id) object); \n\
237 if (class_ptr == object) \n\
239 printf (\"Found a class object, need to return the meta class %p -> %p\\n\", \n\
240 class_ptr, return_struct.class_addr); \n\
244 printf (\"[object class] returned: %p object_getClass: %p.\\n\", \n\
245 class_ptr, return_struct.class_addr); \n\
254 return_struct.sel_addr = ((__lldb_msg_ref *) sel)->sel; \n\
258 char *sel_name = (char *) ((__lldb_msg_ref *) sel)->sel; \n\
259 return_struct.sel_addr = sel_getUid (sel_name); \n\
261 printf (\"\\n*** Got fixed up selector: %p for name %s.\\n\",\n\
262 return_struct.sel_addr, sel_name); \n\
267 return_struct.sel_addr = sel; \n\
270 return_struct.impl_addr = \n\
271 class_getMethodImplementation (return_struct.class_addr, \n\
272 return_struct.sel_addr); \n\
274 printf (\"\\n*** Returning implementation: 0x%p.\\n\", \n\
275 return_struct.impl_addr); \n\
277 return return_struct.impl_addr; \n\
281 AppleObjCTrampolineHandler::AppleObjCVTables::VTableRegion::VTableRegion(
282 AppleObjCVTables *owner, lldb::addr_t header_addr)
283 : m_valid(true), m_owner(owner), m_header_addr(header_addr),
284 m_code_start_addr(0), m_code_end_addr(0), m_next_region(0) {
288 AppleObjCTrampolineHandler::~AppleObjCTrampolineHandler() {}
290 void AppleObjCTrampolineHandler::AppleObjCVTables::VTableRegion::SetUpRegion() {
291 // The header looks like:
293 // uint16_t headerSize
295 // uint32_t descCount
298 // First read in the header:
300 char memory_buffer[16];
301 ProcessSP process_sp = m_owner->GetProcessSP();
304 DataExtractor data(memory_buffer, sizeof(memory_buffer),
305 process_sp->GetByteOrder(),
306 process_sp->GetAddressByteSize());
307 size_t actual_size = 8 + process_sp->GetAddressByteSize();
310 process_sp->ReadMemory(m_header_addr, memory_buffer, actual_size, error);
311 if (bytes_read != actual_size) {
316 lldb::offset_t offset = 0;
317 const uint16_t header_size = data.GetU16(&offset);
318 const uint16_t descriptor_size = data.GetU16(&offset);
319 const size_t num_descriptors = data.GetU32(&offset);
321 m_next_region = data.GetAddress(&offset);
323 // If the header size is 0, that means we've come in too early before this
325 // Set ourselves as not valid, and continue.
326 if (header_size == 0 || num_descriptors == 0) {
331 // Now read in all the descriptors:
332 // The descriptor looks like:
337 // Where offset is either 0 - in which case it is unused, or it is
338 // the offset of the vtable code from the beginning of the
339 // descriptor record. Below, we'll convert that into an absolute
340 // code address, since I don't want to have to compute it over and
343 // Ingest the whole descriptor array:
344 const lldb::addr_t desc_ptr = m_header_addr + header_size;
345 const size_t desc_array_size = num_descriptors * descriptor_size;
346 DataBufferSP data_sp(new DataBufferHeap(desc_array_size, '\0'));
347 uint8_t *dst = (uint8_t *)data_sp->GetBytes();
349 DataExtractor desc_extractor(dst, desc_array_size, process_sp->GetByteOrder(),
350 process_sp->GetAddressByteSize());
351 bytes_read = process_sp->ReadMemory(desc_ptr, dst, desc_array_size, error);
352 if (bytes_read != desc_array_size) {
357 // The actual code for the vtables will be laid out consecutively, so I also
358 // compute the start and end of the whole code block.
361 m_code_start_addr = 0;
364 for (size_t i = 0; i < num_descriptors; i++) {
365 lldb::addr_t start_offset = offset;
366 uint32_t voffset = desc_extractor.GetU32(&offset);
367 uint32_t flags = desc_extractor.GetU32(&offset);
368 lldb::addr_t code_addr = desc_ptr + start_offset + voffset;
369 m_descriptors.push_back(VTableDescriptor(flags, code_addr));
371 if (m_code_start_addr == 0 || code_addr < m_code_start_addr)
372 m_code_start_addr = code_addr;
373 if (code_addr > m_code_end_addr)
374 m_code_end_addr = code_addr;
376 offset = start_offset + descriptor_size;
378 // Finally, a little bird told me that all the vtable code blocks
379 // are the same size. Let's compute the blocks and if they are all
380 // the same add the size to the code end address:
381 lldb::addr_t code_size = 0;
382 bool all_the_same = true;
383 for (size_t i = 0; i < num_descriptors - 1; i++) {
384 lldb::addr_t this_size =
385 m_descriptors[i + 1].code_start - m_descriptors[i].code_start;
387 code_size = this_size;
389 if (this_size != code_size)
390 all_the_same = false;
391 if (this_size > code_size)
392 code_size = this_size;
396 m_code_end_addr += code_size;
399 bool AppleObjCTrampolineHandler::AppleObjCVTables::VTableRegion::
400 AddressInRegion(lldb::addr_t addr, uint32_t &flags) {
404 if (addr < m_code_start_addr || addr > m_code_end_addr)
407 std::vector<VTableDescriptor>::iterator pos, end = m_descriptors.end();
408 for (pos = m_descriptors.begin(); pos != end; pos++) {
409 if (addr <= (*pos).code_start) {
410 flags = (*pos).flags;
417 void AppleObjCTrampolineHandler::AppleObjCVTables::VTableRegion::Dump(
419 s.Printf("Header addr: 0x%" PRIx64 " Code start: 0x%" PRIx64
420 " Code End: 0x%" PRIx64 " Next: 0x%" PRIx64 "\n",
421 m_header_addr, m_code_start_addr, m_code_end_addr, m_next_region);
422 size_t num_elements = m_descriptors.size();
423 for (size_t i = 0; i < num_elements; i++) {
425 s.Printf("Code start: 0x%" PRIx64 " Flags: %d\n",
426 m_descriptors[i].code_start, m_descriptors[i].flags);
430 AppleObjCTrampolineHandler::AppleObjCVTables::AppleObjCVTables(
431 const ProcessSP &process_sp, const ModuleSP &objc_module_sp)
432 : m_process_wp(), m_trampoline_header(LLDB_INVALID_ADDRESS),
433 m_trampolines_changed_bp_id(LLDB_INVALID_BREAK_ID),
434 m_objc_module_sp(objc_module_sp) {
436 m_process_wp = process_sp;
439 AppleObjCTrampolineHandler::AppleObjCVTables::~AppleObjCVTables() {
440 ProcessSP process_sp = GetProcessSP();
442 if (m_trampolines_changed_bp_id != LLDB_INVALID_BREAK_ID)
443 process_sp->GetTarget().RemoveBreakpointByID(m_trampolines_changed_bp_id);
447 bool AppleObjCTrampolineHandler::AppleObjCVTables::InitializeVTableSymbols() {
448 if (m_trampoline_header != LLDB_INVALID_ADDRESS)
451 ProcessSP process_sp = GetProcessSP();
453 Target &target = process_sp->GetTarget();
455 const ModuleList &target_modules = target.GetImages();
456 std::lock_guard<std::recursive_mutex> guard(target_modules.GetMutex());
457 size_t num_modules = target_modules.GetSize();
458 if (!m_objc_module_sp) {
459 for (size_t i = 0; i < num_modules; i++) {
460 if (ObjCLanguageRuntime::Get(*process_sp)
461 ->IsModuleObjCLibrary(
462 target_modules.GetModuleAtIndexUnlocked(i))) {
463 m_objc_module_sp = target_modules.GetModuleAtIndexUnlocked(i);
469 if (m_objc_module_sp) {
470 ConstString trampoline_name("gdb_objc_trampolines");
471 const Symbol *trampoline_symbol =
472 m_objc_module_sp->FindFirstSymbolWithNameAndType(trampoline_name,
474 if (trampoline_symbol != nullptr) {
475 m_trampoline_header = trampoline_symbol->GetLoadAddress(&target);
476 if (m_trampoline_header == LLDB_INVALID_ADDRESS)
479 // Next look up the "changed" symbol and set a breakpoint on that...
480 ConstString changed_name("gdb_objc_trampolines_changed");
481 const Symbol *changed_symbol =
482 m_objc_module_sp->FindFirstSymbolWithNameAndType(changed_name,
484 if (changed_symbol != nullptr) {
485 const Address changed_symbol_addr = changed_symbol->GetAddress();
486 if (!changed_symbol_addr.IsValid())
489 lldb::addr_t changed_addr =
490 changed_symbol_addr.GetOpcodeLoadAddress(&target);
491 if (changed_addr != LLDB_INVALID_ADDRESS) {
492 BreakpointSP trampolines_changed_bp_sp =
493 target.CreateBreakpoint(changed_addr, true, false);
494 if (trampolines_changed_bp_sp) {
495 m_trampolines_changed_bp_id = trampolines_changed_bp_sp->GetID();
496 trampolines_changed_bp_sp->SetCallback(RefreshTrampolines, this,
498 trampolines_changed_bp_sp->SetBreakpointKind(
499 "objc-trampolines-changed");
510 bool AppleObjCTrampolineHandler::AppleObjCVTables::RefreshTrampolines(
511 void *baton, StoppointCallbackContext *context, lldb::user_id_t break_id,
512 lldb::user_id_t break_loc_id) {
513 AppleObjCVTables *vtable_handler = (AppleObjCVTables *)baton;
514 if (vtable_handler->InitializeVTableSymbols()) {
515 // The Update function is called with the address of an added region. So we
516 // grab that address, and
517 // feed it into ReadRegions. Of course, our friend the ABI will get the
519 ExecutionContext exe_ctx(context->exe_ctx_ref);
520 Process *process = exe_ctx.GetProcessPtr();
521 const ABI *abi = process->GetABI().get();
523 TypeSystemClang *clang_ast_context =
524 TypeSystemClang::GetScratch(process->GetTarget());
525 if (!clang_ast_context)
528 ValueList argument_values;
530 CompilerType clang_void_ptr_type =
531 clang_ast_context->GetBasicType(eBasicTypeVoid).GetPointerType();
533 input_value.SetValueType(Value::eValueTypeScalar);
534 // input_value.SetContext (Value::eContextTypeClangType,
535 // clang_void_ptr_type);
536 input_value.SetCompilerType(clang_void_ptr_type);
537 argument_values.PushValue(input_value);
540 abi->GetArgumentValues(exe_ctx.GetThreadRef(), argument_values);
544 // Now get a pointer value from the zeroth argument.
547 error = argument_values.GetValueAtIndex(0)->GetValueAsData(&exe_ctx, data,
549 lldb::offset_t offset = 0;
550 lldb::addr_t region_addr = data.GetAddress(&offset);
552 if (region_addr != 0)
553 vtable_handler->ReadRegions(region_addr);
558 bool AppleObjCTrampolineHandler::AppleObjCVTables::ReadRegions() {
559 // The no argument version reads the start region from the value of
560 // the gdb_regions_header, and gets started from there.
563 if (!InitializeVTableSymbols())
566 ProcessSP process_sp = GetProcessSP();
568 lldb::addr_t region_addr =
569 process_sp->ReadPointerFromMemory(m_trampoline_header, error);
571 return ReadRegions(region_addr);
576 bool AppleObjCTrampolineHandler::AppleObjCVTables::ReadRegions(
577 lldb::addr_t region_addr) {
578 ProcessSP process_sp = GetProcessSP();
582 Log *log(lldb_private::GetLogIfAllCategoriesSet(LIBLLDB_LOG_STEP));
584 // We aren't starting at the trampoline symbol.
585 InitializeVTableSymbols();
586 lldb::addr_t next_region = region_addr;
588 // Read in the sizes of the headers.
589 while (next_region != 0) {
590 m_regions.push_back(VTableRegion(this, next_region));
591 if (!m_regions.back().IsValid()) {
597 m_regions.back().Dump(s);
598 LLDB_LOGF(log, "Read vtable region: \n%s", s.GetData());
601 next_region = m_regions.back().GetNextRegionAddr();
607 bool AppleObjCTrampolineHandler::AppleObjCVTables::IsAddressInVTables(
608 lldb::addr_t addr, uint32_t &flags) {
609 region_collection::iterator pos, end = m_regions.end();
610 for (pos = m_regions.begin(); pos != end; pos++) {
611 if ((*pos).AddressInRegion(addr, flags))
617 const AppleObjCTrampolineHandler::DispatchFunction
618 AppleObjCTrampolineHandler::g_dispatch_functions[] = {
619 // NAME STRET SUPER SUPER2 FIXUP TYPE
620 {"objc_msgSend", false, false, false, DispatchFunction::eFixUpNone},
621 {"objc_msgSend_fixup", false, false, false,
622 DispatchFunction::eFixUpToFix},
623 {"objc_msgSend_fixedup", false, false, false,
624 DispatchFunction::eFixUpFixed},
625 {"objc_msgSend_stret", true, false, false,
626 DispatchFunction::eFixUpNone},
627 {"objc_msgSend_stret_fixup", true, false, false,
628 DispatchFunction::eFixUpToFix},
629 {"objc_msgSend_stret_fixedup", true, false, false,
630 DispatchFunction::eFixUpFixed},
631 {"objc_msgSend_fpret", false, false, false,
632 DispatchFunction::eFixUpNone},
633 {"objc_msgSend_fpret_fixup", false, false, false,
634 DispatchFunction::eFixUpToFix},
635 {"objc_msgSend_fpret_fixedup", false, false, false,
636 DispatchFunction::eFixUpFixed},
637 {"objc_msgSend_fp2ret", false, false, true,
638 DispatchFunction::eFixUpNone},
639 {"objc_msgSend_fp2ret_fixup", false, false, true,
640 DispatchFunction::eFixUpToFix},
641 {"objc_msgSend_fp2ret_fixedup", false, false, true,
642 DispatchFunction::eFixUpFixed},
643 {"objc_msgSendSuper", false, true, false, DispatchFunction::eFixUpNone},
644 {"objc_msgSendSuper_stret", true, true, false,
645 DispatchFunction::eFixUpNone},
646 {"objc_msgSendSuper2", false, true, true, DispatchFunction::eFixUpNone},
647 {"objc_msgSendSuper2_fixup", false, true, true,
648 DispatchFunction::eFixUpToFix},
649 {"objc_msgSendSuper2_fixedup", false, true, true,
650 DispatchFunction::eFixUpFixed},
651 {"objc_msgSendSuper2_stret", true, true, true,
652 DispatchFunction::eFixUpNone},
653 {"objc_msgSendSuper2_stret_fixup", true, true, true,
654 DispatchFunction::eFixUpToFix},
655 {"objc_msgSendSuper2_stret_fixedup", true, true, true,
656 DispatchFunction::eFixUpFixed},
659 // This is the table of ObjC "accelerated dispatch" functions. They are a set
660 // of objc methods that are "seldom overridden" and so the compiler replaces the
661 // objc_msgSend with a call to one of the dispatch functions. That will check
662 // whether the method has been overridden, and directly call the Foundation
663 // implementation if not.
664 // This table is supposed to be complete. If ones get added in the future, we
665 // will have to add them to the table.
666 const char *AppleObjCTrampolineHandler::g_opt_dispatch_names[] = {
672 "objc_allocWithZone",
674 "objc_opt_isKindOfClass",
676 "objc_opt_respondsToSelector",
680 AppleObjCTrampolineHandler::AppleObjCTrampolineHandler(
681 const ProcessSP &process_sp, const ModuleSP &objc_module_sp)
682 : m_process_wp(), m_objc_module_sp(objc_module_sp),
683 m_lookup_implementation_function_code(nullptr),
684 m_impl_fn_addr(LLDB_INVALID_ADDRESS),
685 m_impl_stret_fn_addr(LLDB_INVALID_ADDRESS),
686 m_msg_forward_addr(LLDB_INVALID_ADDRESS) {
688 m_process_wp = process_sp;
689 // Look up the known resolution functions:
691 ConstString get_impl_name("class_getMethodImplementation");
692 ConstString get_impl_stret_name("class_getMethodImplementation_stret");
693 ConstString msg_forward_name("_objc_msgForward");
694 ConstString msg_forward_stret_name("_objc_msgForward_stret");
696 Target *target = process_sp ? &process_sp->GetTarget() : nullptr;
697 const Symbol *class_getMethodImplementation =
698 m_objc_module_sp->FindFirstSymbolWithNameAndType(get_impl_name,
700 const Symbol *class_getMethodImplementation_stret =
701 m_objc_module_sp->FindFirstSymbolWithNameAndType(get_impl_stret_name,
703 const Symbol *msg_forward = m_objc_module_sp->FindFirstSymbolWithNameAndType(
704 msg_forward_name, eSymbolTypeCode);
705 const Symbol *msg_forward_stret =
706 m_objc_module_sp->FindFirstSymbolWithNameAndType(msg_forward_stret_name,
709 if (class_getMethodImplementation)
711 class_getMethodImplementation->GetAddress().GetOpcodeLoadAddress(
713 if (class_getMethodImplementation_stret)
714 m_impl_stret_fn_addr =
715 class_getMethodImplementation_stret->GetAddress().GetOpcodeLoadAddress(
718 m_msg_forward_addr = msg_forward->GetAddress().GetOpcodeLoadAddress(target);
719 if (msg_forward_stret)
720 m_msg_forward_stret_addr =
721 msg_forward_stret->GetAddress().GetOpcodeLoadAddress(target);
723 // FIXME: Do some kind of logging here.
724 if (m_impl_fn_addr == LLDB_INVALID_ADDRESS) {
725 // If we can't even find the ordinary get method implementation function,
726 // then we aren't going to be able to
727 // step through any method dispatches. Warn to that effect and get out of
729 if (process_sp->CanJIT()) {
730 process_sp->GetTarget().GetDebugger().GetErrorStream().Printf(
731 "Could not find implementation lookup function \"%s\""
732 " step in through ObjC method dispatch will not work.\n",
733 get_impl_name.AsCString());
736 } else if (m_impl_stret_fn_addr == LLDB_INVALID_ADDRESS) {
737 // It there is no stret return lookup function, assume that it is the same
738 // as the straight lookup:
739 m_impl_stret_fn_addr = m_impl_fn_addr;
740 // Also we will use the version of the lookup code that doesn't rely on the
741 // stret version of the function.
742 m_lookup_implementation_function_code =
743 g_lookup_implementation_no_stret_function_code;
745 m_lookup_implementation_function_code =
746 g_lookup_implementation_with_stret_function_code;
749 // Look up the addresses for the objc dispatch functions and cache
750 // them. For now I'm inspecting the symbol names dynamically to
751 // figure out how to dispatch to them. If it becomes more
752 // complicated than this we can turn the g_dispatch_functions char *
753 // array into a template table, and populate the DispatchFunction
756 for (size_t i = 0; i != llvm::array_lengthof(g_dispatch_functions); i++) {
757 ConstString name_const_str(g_dispatch_functions[i].name);
758 const Symbol *msgSend_symbol =
759 m_objc_module_sp->FindFirstSymbolWithNameAndType(name_const_str,
761 if (msgSend_symbol && msgSend_symbol->ValueIsAddress()) {
762 // FIXME: Make g_dispatch_functions static table of
763 // DispatchFunctions, and have the map be address->index.
764 // Problem is we also need to lookup the dispatch function. For
765 // now we could have a side table of stret & non-stret dispatch
766 // functions. If that's as complex as it gets, we're fine.
768 lldb::addr_t sym_addr =
769 msgSend_symbol->GetAddressRef().GetOpcodeLoadAddress(target);
771 m_msgSend_map.insert(std::pair<lldb::addr_t, int>(sym_addr, i));
775 // Similarly, cache the addresses of the "optimized dispatch" function.
776 for (size_t i = 0; i != llvm::array_lengthof(g_opt_dispatch_names); i++) {
777 ConstString name_const_str(g_opt_dispatch_names[i]);
778 const Symbol *msgSend_symbol =
779 m_objc_module_sp->FindFirstSymbolWithNameAndType(name_const_str,
781 if (msgSend_symbol && msgSend_symbol->ValueIsAddress()) {
782 lldb::addr_t sym_addr =
783 msgSend_symbol->GetAddressRef().GetOpcodeLoadAddress(target);
785 m_opt_dispatch_map.emplace(sym_addr, i);
789 // Build our vtable dispatch handler here:
791 std::make_unique<AppleObjCVTables>(process_sp, m_objc_module_sp);
793 m_vtables_up->ReadRegions();
797 AppleObjCTrampolineHandler::SetupDispatchFunction(Thread &thread,
798 ValueList &dispatch_values) {
799 ThreadSP thread_sp(thread.shared_from_this());
800 ExecutionContext exe_ctx(thread_sp);
801 DiagnosticManager diagnostics;
802 Log *log(lldb_private::GetLogIfAllCategoriesSet(LIBLLDB_LOG_STEP));
804 lldb::addr_t args_addr = LLDB_INVALID_ADDRESS;
805 FunctionCaller *impl_function_caller = nullptr;
807 // Scope for mutex locker:
809 std::lock_guard<std::mutex> guard(m_impl_function_mutex);
811 // First stage is to make the ClangUtility to hold our injected function:
814 if (m_lookup_implementation_function_code != nullptr) {
816 m_impl_code.reset(exe_ctx.GetTargetRef().GetUtilityFunctionForLanguage(
817 m_lookup_implementation_function_code, eLanguageTypeObjC,
818 g_lookup_implementation_function_name, error));
822 "Failed to get Utility Function for implementation lookup: %s.",
828 if (!m_impl_code->Install(diagnostics, exe_ctx)) {
830 LLDB_LOGF(log, "Failed to install implementation lookup.");
831 diagnostics.Dump(log);
837 LLDB_LOGF(log, "No method lookup implementation code.");
838 return LLDB_INVALID_ADDRESS;
841 // Next make the runner function for our implementation utility function.
842 TypeSystemClang *clang_ast_context =
843 TypeSystemClang::GetScratch(thread.GetProcess()->GetTarget());
844 if (!clang_ast_context)
845 return LLDB_INVALID_ADDRESS;
847 CompilerType clang_void_ptr_type =
848 clang_ast_context->GetBasicType(eBasicTypeVoid).GetPointerType();
851 impl_function_caller = m_impl_code->MakeFunctionCaller(
852 clang_void_ptr_type, dispatch_values, thread_sp, error);
855 "Error getting function caller for dispatch lookup: \"%s\".",
860 impl_function_caller = m_impl_code->GetFunctionCaller();
866 // Now write down the argument values for this particular call.
867 // This looks like it might be a race condition if other threads
868 // were calling into here, but actually it isn't because we allocate
869 // a new args structure for this call by passing args_addr =
870 // LLDB_INVALID_ADDRESS...
872 if (!impl_function_caller->WriteFunctionArguments(
873 exe_ctx, args_addr, dispatch_values, diagnostics)) {
875 LLDB_LOGF(log, "Error writing function arguments.");
876 diagnostics.Dump(log);
884 const AppleObjCTrampolineHandler::DispatchFunction *
885 AppleObjCTrampolineHandler::FindDispatchFunction(lldb::addr_t addr) {
886 MsgsendMap::iterator pos;
887 pos = m_msgSend_map.find(addr);
888 if (pos != m_msgSend_map.end()) {
889 return &g_dispatch_functions[(*pos).second];
895 AppleObjCTrampolineHandler::ForEachDispatchFunction(
896 std::function<void(lldb::addr_t,
897 const DispatchFunction &)> callback) {
898 for (auto elem : m_msgSend_map) {
899 callback(elem.first, g_dispatch_functions[elem.second]);
904 AppleObjCTrampolineHandler::GetStepThroughDispatchPlan(Thread &thread,
906 ThreadPlanSP ret_plan_sp;
907 lldb::addr_t curr_pc = thread.GetRegisterContext()->GetPC();
909 DispatchFunction vtable_dispatch
910 = {"vtable", 0, false, false, DispatchFunction::eFixUpFixed};
912 // First step is to look and see if we are in one of the known ObjC
913 // dispatch functions. We've already compiled a table of same, so
916 const DispatchFunction *this_dispatch = FindDispatchFunction(curr_pc);
918 // Next check to see if we are in a vtable region:
920 if (!this_dispatch && m_vtables_up) {
922 if (m_vtables_up->IsAddressInVTables(curr_pc, flags)) {
923 vtable_dispatch.stret_return =
924 (flags & AppleObjCVTables::eOBJC_TRAMPOLINE_STRET) ==
925 AppleObjCVTables::eOBJC_TRAMPOLINE_STRET;
926 this_dispatch = &vtable_dispatch;
931 Log *log(lldb_private::GetLogIfAllCategoriesSet(LIBLLDB_LOG_STEP));
933 // We are decoding a method dispatch. First job is to pull the
936 lldb::StackFrameSP thread_cur_frame = thread.GetStackFrameAtIndex(0);
938 const ABI *abi = nullptr;
939 ProcessSP process_sp(thread.CalculateProcess());
941 abi = process_sp->GetABI().get();
945 TargetSP target_sp(thread.CalculateTarget());
947 TypeSystemClang *clang_ast_context = TypeSystemClang::GetScratch(*target_sp);
948 if (!clang_ast_context)
951 ValueList argument_values;
952 Value void_ptr_value;
953 CompilerType clang_void_ptr_type =
954 clang_ast_context->GetBasicType(eBasicTypeVoid).GetPointerType();
955 void_ptr_value.SetValueType(Value::eValueTypeScalar);
956 // void_ptr_value.SetContext (Value::eContextTypeClangType,
957 // clang_void_ptr_type);
958 void_ptr_value.SetCompilerType(clang_void_ptr_type);
963 // If this is a struct return dispatch, then the first argument is
964 // the return struct pointer, and the object is the second, and
965 // the selector is the third. Otherwise the object is the first
966 // and the selector the second.
967 if (this_dispatch->stret_return) {
970 argument_values.PushValue(void_ptr_value);
971 argument_values.PushValue(void_ptr_value);
972 argument_values.PushValue(void_ptr_value);
976 argument_values.PushValue(void_ptr_value);
977 argument_values.PushValue(void_ptr_value);
980 bool success = abi->GetArgumentValues(thread, argument_values);
984 lldb::addr_t obj_addr =
985 argument_values.GetValueAtIndex(obj_index)->GetScalar().ULongLong();
986 if (obj_addr == 0x0) {
989 "Asked to step to dispatch to nil object, returning empty plan.");
993 ExecutionContext exe_ctx(thread.shared_from_this());
994 Process *process = exe_ctx.GetProcessPtr();
995 // isa_addr will store the class pointer that the method is being
996 // dispatched to - so either the class directly or the super class
997 // if this is one of the objc_msgSendSuper flavors. That's mostly
998 // used to look up the class/selector pair in our cache.
1000 lldb::addr_t isa_addr = LLDB_INVALID_ADDRESS;
1001 lldb::addr_t sel_addr =
1002 argument_values.GetValueAtIndex(sel_index)->GetScalar().ULongLong();
1004 // Figure out the class this is being dispatched to and see if
1005 // we've already cached this method call, If so we can push a
1006 // run-to-address plan directly. Otherwise we have to figure out
1007 // where the implementation lives.
1009 if (this_dispatch->is_super) {
1010 if (this_dispatch->is_super2) {
1011 // In the objc_msgSendSuper2 case, we don't get the object
1012 // directly, we get a structure containing the object and the
1013 // class to which the super message is being sent. So we need
1014 // to dig the super out of the class and use that.
1016 Value super_value(*(argument_values.GetValueAtIndex(obj_index)));
1017 super_value.GetScalar() += process->GetAddressByteSize();
1018 super_value.ResolveValue(&exe_ctx);
1020 if (super_value.GetScalar().IsValid()) {
1022 // isa_value now holds the class pointer. The second word of the
1023 // class pointer is the super-class pointer:
1024 super_value.GetScalar() += process->GetAddressByteSize();
1025 super_value.ResolveValue(&exe_ctx);
1026 if (super_value.GetScalar().IsValid())
1027 isa_addr = super_value.GetScalar().ULongLong();
1029 LLDB_LOGF(log, "Failed to extract the super class value from the "
1030 "class in objc_super.");
1033 LLDB_LOGF(log, "Failed to extract the class value from objc_super.");
1036 // In the objc_msgSendSuper case, we don't get the object
1037 // directly, we get a two element structure containing the
1038 // object and the super class to which the super message is
1039 // being sent. So the class we want is the second element of
1042 Value super_value(*(argument_values.GetValueAtIndex(obj_index)));
1043 super_value.GetScalar() += process->GetAddressByteSize();
1044 super_value.ResolveValue(&exe_ctx);
1046 if (super_value.GetScalar().IsValid()) {
1047 isa_addr = super_value.GetScalar().ULongLong();
1049 LLDB_LOGF(log, "Failed to extract the class value from objc_super.");
1053 // In the direct dispatch case, the object->isa is the class pointer we
1056 // This is a little cheesy, but since object->isa is the first field,
1057 // making the object value a load address value and resolving it will get
1058 // the pointer sized data pointed to by that value...
1060 // Note, it isn't a fatal error not to be able to get the
1061 // address from the object, since this might be a "tagged
1062 // pointer" which isn't a real object, but rather some word
1063 // length encoded dingus.
1065 Value isa_value(*(argument_values.GetValueAtIndex(obj_index)));
1067 isa_value.SetValueType(Value::eValueTypeLoadAddress);
1068 isa_value.ResolveValue(&exe_ctx);
1069 if (isa_value.GetScalar().IsValid()) {
1070 isa_addr = isa_value.GetScalar().ULongLong();
1072 LLDB_LOGF(log, "Failed to extract the isa value from object.");
1076 // Okay, we've got the address of the class for which we're resolving this,
1077 // let's see if it's in our cache:
1078 lldb::addr_t impl_addr = LLDB_INVALID_ADDRESS;
1080 if (isa_addr != LLDB_INVALID_ADDRESS) {
1083 "Resolving call for class - 0x%" PRIx64
1084 " and selector - 0x%" PRIx64,
1085 isa_addr, sel_addr);
1087 ObjCLanguageRuntime *objc_runtime =
1088 ObjCLanguageRuntime::Get(*thread.GetProcess());
1089 assert(objc_runtime != nullptr);
1091 impl_addr = objc_runtime->LookupInMethodCache(isa_addr, sel_addr);
1094 if (impl_addr != LLDB_INVALID_ADDRESS) {
1095 // Yup, it was in the cache, so we can run to that address directly.
1097 LLDB_LOGF(log, "Found implementation address in cache: 0x%" PRIx64,
1100 ret_plan_sp = std::make_shared<ThreadPlanRunToAddress>(thread, impl_addr,
1103 // We haven't seen this class/selector pair yet. Look it up.
1104 StreamString errors;
1105 Address impl_code_address;
1107 ValueList dispatch_values;
1109 // We've will inject a little function in the target that takes the
1110 // object, selector and some flags,
1111 // and figures out the implementation. Looks like:
1112 // void *__lldb_objc_find_implementation_for_selector (void *object,
1120 // So set up the arguments for that call.
1122 dispatch_values.PushValue(*(argument_values.GetValueAtIndex(obj_index)));
1123 dispatch_values.PushValue(*(argument_values.GetValueAtIndex(sel_index)));
1126 CompilerType clang_int_type =
1127 clang_ast_context->GetBuiltinTypeForEncodingAndBitSize(
1128 lldb::eEncodingSint, 32);
1129 flag_value.SetValueType(Value::eValueTypeScalar);
1130 // flag_value.SetContext (Value::eContextTypeClangType, clang_int_type);
1131 flag_value.SetCompilerType(clang_int_type);
1133 if (this_dispatch->stret_return)
1134 flag_value.GetScalar() = 1;
1136 flag_value.GetScalar() = 0;
1137 dispatch_values.PushValue(flag_value);
1139 if (this_dispatch->is_super)
1140 flag_value.GetScalar() = 1;
1142 flag_value.GetScalar() = 0;
1143 dispatch_values.PushValue(flag_value);
1145 if (this_dispatch->is_super2)
1146 flag_value.GetScalar() = 1;
1148 flag_value.GetScalar() = 0;
1149 dispatch_values.PushValue(flag_value);
1151 switch (this_dispatch->fixedup) {
1152 case DispatchFunction::eFixUpNone:
1153 flag_value.GetScalar() = 0;
1154 dispatch_values.PushValue(flag_value);
1155 dispatch_values.PushValue(flag_value);
1157 case DispatchFunction::eFixUpFixed:
1158 flag_value.GetScalar() = 1;
1159 dispatch_values.PushValue(flag_value);
1160 flag_value.GetScalar() = 1;
1161 dispatch_values.PushValue(flag_value);
1163 case DispatchFunction::eFixUpToFix:
1164 flag_value.GetScalar() = 1;
1165 dispatch_values.PushValue(flag_value);
1166 flag_value.GetScalar() = 0;
1167 dispatch_values.PushValue(flag_value);
1170 if (log && log->GetVerbose())
1171 flag_value.GetScalar() = 1;
1173 flag_value.GetScalar() = 0; // FIXME - Set to 0 when debugging is done.
1174 dispatch_values.PushValue(flag_value);
1176 // The step through code might have to fill in the cache, so it
1177 // is not safe to run only one thread. So we override the
1178 // stop_others value passed in to us here:
1179 const bool trampoline_stop_others = false;
1180 ret_plan_sp = std::make_shared<AppleThreadPlanStepThroughObjCTrampoline>(
1181 thread, *this, dispatch_values, isa_addr, sel_addr,
1182 trampoline_stop_others);
1185 ret_plan_sp->GetDescription(&s, eDescriptionLevelFull);
1186 LLDB_LOGF(log, "Using ObjC step plan: %s.\n", s.GetData());
1191 // Finally, check if we have hit an "optimized dispatch" function. This will
1192 // either directly call the base implementation or dispatch an objc_msgSend
1193 // if the method has been overridden. So we just do a "step in/step out",
1194 // setting a breakpoint on objc_msgSend, and if we hit the msgSend, we
1195 // will automatically step in again. That's the job of the
1196 // AppleThreadPlanStepThroughDirectDispatch.
1197 if (!this_dispatch && !ret_plan_sp) {
1198 MsgsendMap::iterator pos;
1199 pos = m_opt_dispatch_map.find(curr_pc);
1200 if (pos != m_opt_dispatch_map.end()) {
1202 const char *opt_name = g_opt_dispatch_names[(*pos).second];
1204 bool trampoline_stop_others = false;
1205 LazyBool step_in_should_stop = eLazyBoolCalculate;
1206 ret_plan_sp = std::make_shared<AppleThreadPlanStepThroughDirectDispatch> (
1207 thread, *this, opt_name, trampoline_stop_others, step_in_should_stop);
1215 AppleObjCTrampolineHandler::GetLookupImplementationFunctionCaller() {
1216 return m_impl_code->GetFunctionCaller();
projects / FreeBSD / FreeBSD.git / blob