diff --git a/libr/debug/p/native/xnu/xnu_excthreads.c b/libr/debug/p/native/xnu/xnu_excthreads.c index 4edb63b036..8445ef17a7 100644 --- a/libr/debug/p/native/xnu/xnu_excthreads.c +++ b/libr/debug/p/native/xnu/xnu_excthreads.c @@ -123,12 +123,18 @@ static int modify_trace_bit(RDebug *dbg, xnu_thread_t *th, int enable) { regs = (R_REG_T*)&th->gpr; if (enable) { int i = 0; + static chained_address = 0; RIOBind *bio = &dbg->iob; memcpy ((void *)&th->oldstate, (void *)state, sizeof (arm_debug_state_t)); //set a breakpoint that will stop when the PC doesn't //match the current one //set the current PC as the breakpoint address - state->__bvr[i] = regs->ts_32.__pc & 0xFFFFFFFCu; + if (chained_address) { + state->__bvr[i] = chained_address & 0xFFFFFFFCu; + chained_address = 0; + } else { + state->__bvr[i] = regs->ts_32.__pc & 0xFFFFFFFCu; + } state->__bcr[i] = BCR_M_IMVA_MISMATCH | // stop on // address // mismatch @@ -146,8 +152,7 @@ static int modify_trace_bit(RDebug *dbg, xnu_thread_t *th, int enable) { return false; } if (is_thumb_32 (op)) { - eprintf ("Thumb32 chain stepping not supported yet\n"); - return false; + chained_address = regs->ts_32.__pc + 2; } else { // Extend the number of bits to ignore for the mismatch state->__bcr[i] |= BAS_IMVA_ALL; @@ -316,7 +321,6 @@ static int handle_exception_message (RDebug *dbg, exc_msg *msg) { if (kr != KERN_SUCCESS) eprintf ("failed to suspend task breakpoint\n"); ret = R_DEBUG_REASON_BREAKPOINT; - eprintf ("EXC_BREAKPOINT\n"); break; default: eprintf ("UNKNOWN\n"); @@ -364,7 +368,6 @@ static int __xnu_wait (RDebug *dbg, int pid) { eprintf ("message didn't succeded\n"); break; } - eprintf ("Received exception\n"); ret = validate_mach_message (dbg, &msg); if (!ret) { ret = handle_dead_notify (dbg, &msg); @@ -393,7 +396,6 @@ static int __xnu_wait (RDebug *dbg, int pid) { reply.Head.msgh_size, 0, MACH_PORT_NULL, 0, MACH_PORT_NULL); - eprintf ("REPLIED\n"); if (reply.Head.msgh_remote_port != 0 && kr != MACH_MSG_SUCCESS) { kr = mach_port_deallocate(mach_task_self (), reply.Head.msgh_remote_port); if (kr != KERN_SUCCESS) diff --git a/libr/io/p/io_mach.c b/libr/io/p/io_mach.c index 93fbf55304..fcdfbfca4e 100644 --- a/libr/io/p/io_mach.c +++ b/libr/io/p/io_mach.c @@ -268,18 +268,21 @@ static bool tsk_setperm(RIO *io, task_t task, vm_address_t addr, int len, int pe static bool tsk_write(task_t task, vm_address_t addr, const ut8 *buf, int len) { kern_return_t kr; - mach_msg_type_number_t _len = len; - vm_offset_t _buf = (vm_offset_t)buf; unsigned int count = 0; kr = mach_port_get_refs (mach_task_self(), task, MACH_PORT_RIGHT_SEND, &count); if (kr != KERN_SUCCESS) perror ("get refs"); - if (count == 0) + if (count == 0) { + eprintf ("REFS drop to 0\n"); return false; - kr = vm_write (task, addr, _buf, _len); - if (kr != KERN_SUCCESS) + } + eprintf ("address %u\n", addr); + kr = vm_write (task, addr, (vm_offset_t)buf, (mach_msg_type_number_t)len); + if (kr != KERN_SUCCESS) { //the memory is not mapped + eprintf ("error when writing to memory , code: %d\n", kr); return false; + } return true; } @@ -302,10 +305,13 @@ static int mach_write_at(RIO *io, RIOMach *riom, const void *buf, int len, ut64 else total_size = pagesize; + eprintf ("BASE ADDR %u\n", pageaddr); + eprintf ("PAGE SIZE %d\n", pagesize); + if (tsk_write (task, vaddr, buf, len)) return len; operms = tsk_getperm (io, task, pageaddr); - if (!tsk_setperm (io, task, pageaddr, total_size, VM_PROT_READ | VM_PROT_WRITE | VM_PROT_EXECUTE)) { + if (!tsk_setperm (io, task, pageaddr, total_size, VM_PROT_WRITE | VM_PROT_COPY)) { eprintf ("io.mach: Cannot set page perms for %d bytes at 0x%08" PFMT64x"\n", (int)pagesize, (ut64)pageaddr); return -1;