kerneltest/e32utils/d_exc/minkda.cpp
author Dremov Kirill (Nokia-D-MSW/Tampere) <kirill.dremov@nokia.com>
Thu, 17 Dec 2009 09:24:54 +0200
changeset 9 96e5fb8b040d
permissions -rw-r--r--
Revision: 200951 Kit: 200951

// Copyright (c) 2002-2009 Nokia Corporation and/or its subsidiary(-ies).
// All rights reserved.
// This component and the accompanying materials are made available
// under the terms of the License "Eclipse Public License v1.0"
// which accompanies this distribution, and is available
// at the URL "http://www.eclipse.org/legal/epl-v10.html".
//
// Initial Contributors:
// Nokia Corporation - initial contribution.
//
// Contributors:
//
// Description:
// e32utils\d_exc\minkda.cpp
// Example of LDD implementing a minimal kernel-side debug agent.
// 
//

#include <kernel/kern_priv.h>
#ifdef __MARM__
#include <arm.h>
#endif
#include "minkda.h"

// Uncomment following lines to enable traces in UREL builds
//#undef __KTRACE_OPT
//#define __KTRACE_OPT(c,b) b

#ifdef _DEBUG
// Panic category used for internal errors
static const char KFault[] = "MINKDA-ERROR, line:";
#endif

// Panic category and codes used when detecting programming error in
// user-side clients.
_LIT(KClientPanic, "MINKDA");
enum TPanic
	{
	EPanicTrapWhileRequestPending,
	EPanicNoCrashedThread,
	EPanicUnsupportedRequest,
	};

// As this LDD allows to bypass platform security, we need to restrict
// access to a few trusted clients.
const TUint32 KDexecSid = 0x101F7770;

//////////////////////////////////////////////////////////////////////////////

//
// Callback invoked on thread panic/exception and associated state.
//

class DCrashHandler : public DKernelEventHandler
	{
public:
	// construction & destruction
	inline DCrashHandler();
	TInt Create(DLogicalDevice* aDevice);
	~DCrashHandler();
public:
	void Trap(TRequestStatus* aRs, TAny* aCrashInfo);
	void CancelTrap();
	void KillCrashedThread();
private:
	static TUint EventHandler(TKernelEvent aEvent, TAny* a1, TAny* a2, TAny* aThis);
	void HandleCrash(TAny* aContext);
	void GetCpuExcInfo(const TAny* aContext, TDbgCpuExcInfo& aInfo);
private:
	DMutex* iHandlerMutex;		// serialise access to crash handler
	NFastSemaphore iSuspendSem; // for suspending crashed thread
	DMutex* iDataMutex;			// serialise access to following members
	DThread* iClient;			// client to signal on crash or NULL
	TRequestStatus* iTrapRq;	// signalled on crash (NULL if none)
	TAny* iCrashInfo;			// user-side buffer filled when crash trapped
	DThread* iCrashedThread;	// thread which took exception (NULL if none)
	DLogicalDevice* iDevice;	// open reference to LDD for avoiding lifetime issues
	};

inline DCrashHandler::DCrashHandler()
	: DKernelEventHandler(EventHandler, this)
	{
	}

//
// second-phase c'tor.  Called in thread critical section.
//

TInt DCrashHandler::Create(DLogicalDevice* aDevice)
	{
	TInt r;
	r = aDevice->Open();
	if (r != KErrNone)
		return r;
	iDevice = aDevice;
	_LIT(KHandlerMutexName, "CtHandlerMutex");
	r = Kern::MutexCreate(iHandlerMutex, KHandlerMutexName, KMutexOrdDebug);
	if (r != KErrNone)
		return r;
	_LIT(KDataMutexName, "CtDataMutex");
	r = Kern::MutexCreate(iDataMutex, KDataMutexName, KMutexOrdDebug-1);
	if (r != KErrNone)
		return r;
	return Add();
	}


//
// Called when reference count reaches zero.  At that point no threads
// are in the handler anymore and the handler has been removed from
// the queue.
//

DCrashHandler::~DCrashHandler()
	{
	__KTRACE_OPT(KDEBUGGER, Kern::Printf("DCrashHandler::~DCrashHandler"));
	if (iDataMutex)
		iDataMutex->Close(NULL);
	if (iHandlerMutex)
		iHandlerMutex->Close(NULL);
	if (iDevice)
		iDevice->Close(NULL);
	}

inline TBool TookException(const DThread* aThread)
	{
    return aThread->iExitType == EExitPanic && 
			aThread->iExitReason == ECausedException && 
			aThread->iExitCategory == KLitKernExec;
	}

//
// Called by kernel when various kinds of events occur.  In thread critical
// section.
//

TUint DCrashHandler::EventHandler(TKernelEvent aEvent, TAny* a1, TAny* /*a2*/, TAny* aThis)
	{
	DThread* pC = &Kern::CurrentThread();
	switch (aEvent)
		{
	case EEventHwExc:
		((DCrashHandler*)aThis)->HandleCrash(a1);
		break;
	case EEventKillThread:
		if (pC->iExitType == EExitPanic && ! TookException(pC))
			((DCrashHandler*)aThis)->HandleCrash(NULL);
		break;
	default:
		// ignore other events
		break;
		}
	return ERunNext;
	}

//
// Called when an exception or panic occurs in context of thread which
// took the exception/panicked.  In thread critical section.
//

void DCrashHandler::HandleCrash(TAny* aContext)
	{
	DThread* pC = &Kern::CurrentThread();
	__KTRACE_OPT(KDEBUGGER, Kern::Printf("HandleCrash context=0x%08X thread=%O", aContext, pC));

	// Quick exit if crashed thread is debugger (i.e. client thread
	// which issued trap request).
	if (pC == iClient)
		{
		__KTRACE_OPT(KDEBUGGER, Kern::Printf("ignoring debugger crash"));
		return;
		}

	// Set realtime state to off to allow us to write to possibly paged debugger thread.  This is
	// reasonable as this thread has already crashed.
	Kern::SetRealtimeState(ERealtimeStateOff);

	// Ensure that, at any time, at most one thread executes the following
	// code.  This simplifies user-side API.
	Kern::MutexWait(*iHandlerMutex);
	__ASSERT_DEBUG(iCrashedThread == NULL, Kern::Fault(KFault, __LINE__));

	// If there is a pending trap request, store basic information
	// about the panic/exception in user-supplied buffer and
	// freeze the crashed thread so it can be inspected.

	Kern::MutexWait(*iDataMutex);
	if (iTrapRq != NULL)
		{
		iCrashedThread = pC;
		iSuspendSem.iOwningThread = &(iCrashedThread->iNThread);

		TDbgCrashInfo info;
		info.iTid = iCrashedThread->iId;
		if (aContext)
			{
			GetCpuExcInfo(aContext, info.iCpu);
			info.iType = TDbgCrashInfo::EException;
			}
		else
			info.iType = TDbgCrashInfo::EPanic;
		TInt r = Kern::ThreadRawWrite(iClient, iCrashInfo, &info, sizeof(info));
		Kern::RequestComplete(iClient, iTrapRq, r);
		iClient = NULL;
		}
	Kern::MutexSignal(*iDataMutex);

	if (iCrashedThread)
		{
		__KTRACE_OPT(KDEBUGGER, Kern::Printf("freezing crashed thread"));
		NKern::FSWait(&(iSuspendSem));
		__KTRACE_OPT(KDEBUGGER, Kern::Printf("resuming crashed thread"));
		Kern::MutexWait(*iDataMutex);
		// Must protect in case a cancel executes concurrently.
		iCrashedThread = NULL;
		Kern::MutexSignal(*iDataMutex);
		}

	Kern::MutexSignal(*iHandlerMutex);
	}


void DCrashHandler::Trap(TRequestStatus* aRs, TAny* aCrashInfo)
	{
	if (iTrapRq != NULL)
		Kern::PanicCurrentThread(KClientPanic, EPanicTrapWhileRequestPending);
	NKern::ThreadEnterCS();
	Kern::MutexWait(*iDataMutex);
	iClient = &Kern::CurrentThread();
	iCrashInfo = aCrashInfo;
	iTrapRq = aRs;
	Kern::MutexSignal(*iDataMutex);
	NKern::ThreadLeaveCS();
	}


void DCrashHandler::CancelTrap()
	{
	__KTRACE_OPT(KDEBUGGER, Kern::Printf(">DCrashHandler::CancelTrap"));
	NKern::ThreadEnterCS();
	Kern::MutexWait(*iDataMutex);

	__KTRACE_OPT(KDEBUGGER, Kern::Printf("cancel request (0x%08X)", iTrapRq));
	Kern::RequestComplete(iClient, iTrapRq, KErrCancel);
	iClient = NULL;

	if (iCrashedThread != NULL)
		{
		__KTRACE_OPT(KDEBUGGER, Kern::Printf("resume crashed thread"));
		NKern::FSSignal(&(iSuspendSem));
		}

	Kern::MutexSignal(*iDataMutex);
	NKern::ThreadLeaveCS();
	__KTRACE_OPT(KDEBUGGER, Kern::Printf("<DCrashHandler::CancelTrap"));
	}


void DCrashHandler::KillCrashedThread()
	{
	if (iCrashedThread == NULL)
		Kern::PanicCurrentThread(KClientPanic, EPanicNoCrashedThread);
	NKern::FSSignal(&iSuspendSem);
	}


void DCrashHandler::GetCpuExcInfo(const TAny* aContext, TDbgCpuExcInfo& aInfo)
	{
#if defined(__MARM__)
	const TArmExcInfo* pE = (const TArmExcInfo*)aContext;
	aInfo.iFaultPc = pE->iR15;
	aInfo.iFaultAddress = pE->iFaultAddress;
	aInfo.iFaultStatus = pE->iFaultStatus;
	aInfo.iExcCode = (TDbgCpuExcInfo::TExcCode)pE->iExcCode;
	aInfo.iR13Svc = pE->iR13Svc;
	aInfo.iR14Svc = pE->iR14Svc;
	aInfo.iSpsrSvc = pE->iSpsrSvc;
#else
	(void) aContext; // silence warnings
	(void) aInfo;
#endif
	}

//////////////////////////////////////////////////////////////////////////////

//
// Channel initialisation and cleanup.  Dispatcher for user-side
// requests.  Crash-related requests are forwarded to DCrashHandler,
// others are implemented here.
//

class DKdaChannel : public DLogicalChannelBase
	{
public:
	~DKdaChannel();
protected:
	// from DLogicalChannelBase
	virtual TInt DoCreate(TInt aUnit, const TDesC8* anInfo, const TVersion &aVer);
	virtual TInt Request(TInt aFunction, TAny* a1, TAny* a2);
private:
	TInt ReadMem(RMinKda::TReadMemParams* aParams);
	TInt GetThreadInfo(TUint aTid, TAny* aInfo);
	void GetThreadCpuInfo(DThread* aThread, TDbgRegSet& aInfo);
	TInt GetCodeSegs(RMinKda::TCodeSnapshotParams* aParams);
	TInt GetCodeSegInfo(RMinKda::TCodeInfoParams* aParams);
	TInt OpenTempObject(TUint aId, TObjectType aType);
	void CloseTempObject();
private:
	DCrashHandler* iCrashHandler;
	DObject* iTempObj;			// automagically closed if abnormal termination
	};


//
// Called when user-side thread create new channel with LDD.  Called
// in context of that thread, in thread critical section.
//

TInt DKdaChannel::DoCreate(TInt /*aUnit*/, const TDesC8* /*aInfo*/, const TVersion &aVer)
	{
	if (Kern::CurrentThread().iOwningProcess->iS.iSecureId != KDexecSid)
		return KErrPermissionDenied;
	if (! Kern::QueryVersionSupported(KKdaLddVersion(), aVer))
		return KErrNotSupported;

	iCrashHandler = new DCrashHandler;
	if (iCrashHandler == NULL)
		return KErrNoMemory;
	return iCrashHandler->Create(iDevice);
	}


//
// Called when last reference to channel is closed, in context of
// closing thread, in thread critical section.
//

DKdaChannel::~DKdaChannel()
	{
	__KTRACE_OPT(KDEBUGGER, Kern::Printf("DKdaChannel::~DKdaChannel"));
	Kern::SafeClose(iTempObj, NULL);
	if (iCrashHandler)
		{
		iCrashHandler->CancelTrap();
		iCrashHandler->Close();
		}
	}


//
// Request dispatcher. Called in context of requesting thread.
//

TInt DKdaChannel::Request(TInt aFunction, TAny* a1, TAny* a2)
	{
	__KTRACE_OPT(KDEBUGGER, Kern::Printf(">DKdaChannel::Request function=%d a1=0x%08X a2=0x%08X", aFunction, a1, a2));
	
	TInt r = KErrNone;
	switch (aFunction)
		{
	case RMinKda::ETrap:
		iCrashHandler->Trap((TRequestStatus*)a1, a2);
		break;
	case RMinKda::ECancelTrap:
		iCrashHandler->CancelTrap();
		break;
	case RMinKda::EKillCrashedThread:
		iCrashHandler->KillCrashedThread();
		break;
	case RMinKda::EGetThreadInfo:
		r = GetThreadInfo((TUint)a1, a2);
		break;
	case RMinKda::EReadMem:
		r = ReadMem((RMinKda::TReadMemParams*)a1);
		break;
	case RMinKda::EGetCodeSegs:
		r = GetCodeSegs((RMinKda::TCodeSnapshotParams*)a1);
		break;
	case RMinKda::EGetCodeSegInfo:
		r = GetCodeSegInfo((RMinKda::TCodeInfoParams*)a1);
		break;
	default:
		Kern::PanicCurrentThread(KClientPanic, EPanicUnsupportedRequest);
		break;
		}

	__KTRACE_OPT(KDEBUGGER, Kern::Printf("<DKdaChannel::Request r=%d", r));
	return r;
	}


TInt DKdaChannel::ReadMem(RMinKda::TReadMemParams* aParams)
	{
	RMinKda::TReadMemParams params;
	umemget32(&params, aParams, sizeof(params));

	TInt destLen;
	TInt destMax;
	TUint8* destPtr = (TUint8*)Kern::KUDesInfo(*params.iDes, destLen, destMax);

	TInt r = OpenTempObject(params.iTid, EThread);
	if (r == KErrNone)
		{
		r = Kern::ThreadRawRead((DThread*)iTempObj, (TAny*)params.iAddr, destPtr, destMax);

		if (r == KErrNone)
			Kern::KUDesSetLength(*params.iDes, destMax);

		CloseTempObject();
		}

	return r;
	}


TInt DKdaChannel::GetThreadInfo(TUint aTid, TAny* aInfo)
	{
	TInt r = OpenTempObject(aTid, EThread);
	if (r == KErrNone)
		{
		DThread* pT = (DThread*)iTempObj;
		TDbgThreadInfo info;
		pT->FullName(info.iFullName);
		info.iPid = pT->iOwningProcess->iId;
		info.iStackBase = pT->iUserStackRunAddress;
		info.iStackSize = pT->iUserStackSize;
		info.iExitCategory = pT->iExitCategory;
		info.iExitReason = pT->iExitReason;
		GetThreadCpuInfo(pT, info.iCpu);
		umemput32(aInfo, &info, sizeof(info));
		CloseTempObject();
		}
	return r;
	}

// :FIXME: improve API
TInt DKdaChannel::GetCodeSegs(RMinKda::TCodeSnapshotParams* aParams)
	{
	RMinKda::TCodeSnapshotParams params;
	umemget32(&params, aParams, sizeof(params));

	TInt maxcount;
	umemget32(&maxcount, params.iCountPtr, sizeof(maxcount));

	__KTRACE_OPT(KDEBUGGER, Kern::Printf(">DKdaChannel::GetCodeSegs pid=%d maxcount=%d", params.iPid, maxcount));
	
	__ASSERT_DEBUG(! iTempObj, Kern::Fault(KFault, __LINE__));
	TInt r = OpenTempObject(params.iPid, EProcess);
	if (r != KErrNone)
		{
		__KTRACE_OPT(KDEBUGGER, Kern::Printf("<DKdaChannel::GetCodeSegs process not found"));
		return r;
		}
		
	DProcess* pP = (DProcess*)iTempObj;

	Kern::AccessCode();

	SDblQue q;
	TInt actcount = pP->TraverseCodeSegs(&q, NULL, DCodeSeg::EMarkDebug, DProcess::ETraverseFlagAdd);

	CloseTempObject();

	TInt n = Min(actcount, maxcount);
	SDblQueLink* pL = q.iA.iNext;
	r = KErrNone;
	for (TInt i=0; i<n; ++i, pL = pL->iNext)
		{
		DCodeSeg* pS = _LOFF(pL, DCodeSeg, iTempLink);
		XTRAP(r, XT_DEFAULT, umemput32(params.iHandles + i, &pS, sizeof(TAny*)));
		if (r != KErrNone)
			break;
		}

	DCodeSeg::EmptyQueue(q, DCodeSeg::EMarkDebug);

	Kern::EndAccessCode();

	if (r == KErrBadDescriptor)
		Kern::PanicCurrentThread(KLitKernExec, ECausedException);
	umemput32(params.iCountPtr, &actcount, sizeof(actcount));

	__KTRACE_OPT(KDEBUGGER, Kern::Printf("<DKdaChannel::GetCodeSegs actcount=%d", actcount));
	return r;
	}


// :FIXME: improve API
TInt DKdaChannel::GetCodeSegInfo(RMinKda::TCodeInfoParams* aParams)
	{
	RMinKda::TCodeInfoParams params;
	umemget32(&params, aParams, sizeof(params));

	// :FIXME: Currently code segments are always loaded at the same
	// location in every address space.  Consequently we can ignore
	// the PID provided by the client.
	DProcess* pP = NULL;

	TInt r = KErrNotFound;
	TFileName	nameBuffer;
	nameBuffer.Zero();
	Kern::AccessCode();
	DCodeSeg* pS = DCodeSeg::VerifyHandle(params.iHandle);
	if (pS)
		{
		TModuleMemoryInfo mmi;
		r = pS->GetMemoryInfo(mmi, pP);
		if (r == KErrNone)
			{
			params.iCodeBase = mmi.iCodeBase;
			params.iCodeSize = mmi.iCodeSize;
			XTRAP(r, XT_DEFAULT, nameBuffer.Append(*(pS->iFileName)));
			}
		}
	Kern::EndAccessCode();
	Kern::KUDesPut(*(params.iPathPtr), nameBuffer);
	if (r == KErrBadDescriptor)
		Kern::PanicCurrentThread(KLitKernExec, ECausedException);

	if (r == KErrNone)
		umemput32(aParams, &params, sizeof(params));

	return r;
	}

//
// Lookup a thread or process id and open the corresponding object.
//
// The object is stored in DKdaChannel::iTempObj to ensure it will be
// closed even if the client thread terminates unexpectedly.  The
// caller must call CloseTempObject() when it is finished with it.
//

TInt DKdaChannel::OpenTempObject(TUint aId, TObjectType aType)
	{
	__ASSERT_DEBUG(aType == EProcess || aType == EThread, Kern::Fault(KFault, __LINE__));
	__ASSERT_DEBUG(! iTempObj, Kern::Fault(KFault, __LINE__));

	DObjectCon* pC = Kern::Containers()[aType];
	NKern::ThreadEnterCS();
	pC->Wait();
	DObject* tempObj = (aType == EProcess) ? (DObject*)Kern::ProcessFromId(aId) : (DObject*)Kern::ThreadFromId(aId);
	NKern::LockSystem();
	iTempObj = tempObj;
	TInt r = KErrNotFound;
	if (iTempObj)
		r = iTempObj->Open();

	NKern::UnlockSystem();
	pC->Signal();
	NKern::ThreadLeaveCS();
	return r;
	}

void DKdaChannel::CloseTempObject()
	{
	__ASSERT_DEBUG(iTempObj, Kern::Fault(KFault, __LINE__));
	NKern::ThreadEnterCS();
	iTempObj->Close(NULL);
	iTempObj = NULL;
	NKern::ThreadLeaveCS();
	}

#ifdef __MARM__

void DKdaChannel::GetThreadCpuInfo(DThread* aThread, TDbgRegSet& aInfo)
	{
	__ASSERT_DEBUG(aThread != &Kern::CurrentThread(), Kern::Fault(KFault, __LINE__));

	TArmRegSet regSet;
	TUint32 unused;
	NKern::ThreadGetUserContext(&(aThread->iNThread), &regSet, unused);
	aInfo.iRn[0] = regSet.iR0;
	aInfo.iRn[1] = regSet.iR1;
	aInfo.iRn[2] = regSet.iR2;
	aInfo.iRn[3] = regSet.iR3;
	aInfo.iRn[4] = regSet.iR4;
	aInfo.iRn[5] = regSet.iR5;
	aInfo.iRn[6] = regSet.iR6;
	aInfo.iRn[7] = regSet.iR7;
	aInfo.iRn[8] = regSet.iR8;
	aInfo.iRn[9] = regSet.iR9;
	aInfo.iRn[10] = regSet.iR10;
	aInfo.iRn[11] = regSet.iR11;
	aInfo.iRn[12] = regSet.iR12;
	aInfo.iRn[13] = regSet.iR13;
	aInfo.iRn[14] = regSet.iR14;
	aInfo.iRn[15] = regSet.iR15;
	aInfo.iCpsr = regSet.iFlags;
	}

#else

void DKdaChannel::GetThreadCpuInfo(DThread* /*aThread*/, TDbgRegSet& /*aInfo*/)
	{
	}

#endif


//////////////////////////////////////////////////////////////////////////////

class DCtDevice : public DLogicalDevice
	{
public:
	DCtDevice();
	// from DLogicalDevice
	virtual TInt Install();
	virtual void GetCaps(TDes8& aDes) const;
	virtual TInt Create(DLogicalChannelBase*& aChannel);
	};

DCtDevice::DCtDevice()
	{
	// iParseMask = 0;
	// iUnitsMask = 0;
	iVersion = KKdaLddVersion();
	}

TInt DCtDevice::Install()
	{
	return SetName(&KKdaLddName);
	}

void DCtDevice::GetCaps(TDes8& /*aDes*/) const
	{
	}

TInt DCtDevice::Create(DLogicalChannelBase*& aChannel)
	{
	aChannel = new DKdaChannel;
	return (aChannel != NULL) ? KErrNone : KErrNoMemory;
	}

//////////////////////////////////////////////////////////////////////////////

DECLARE_STANDARD_LDD()
	{
	return new DCtDevice;
	}