darwin: Add more temporary debug

src/darwin/frida-helper-backend-glue.m

@@ -2197,13 +2197,13 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
 }
 
 void
-_frida_darwin_helper_backend_schedule_heartbeat_on_dispatch_queue (FridaDarwinHelperBackend * self)
+_frida_darwin_helper_backend_schedule_heartbeat_on_dispatch_queue (FridaDarwinHelperBackend * self, guint identifier)
 {
   FridaHelperContext * ctx = self->context;
 
   dispatch_async (ctx->dispatch_queue, ^
   {
-    _frida_darwin_helper_backend_on_heartbeat (self);
+    _frida_darwin_helper_backend_on_heartbeat (self, identifier);
   });
 }
 
@@ -2771,10 +2771,14 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
 
   if (instance->server_recv_source != NULL)
   {
+    _frida_darwin_helper_backend_log_event (instance->backend, "\tcancelling source for instance %p (on backend %p)", instance, instance->backend);
+    g_object_ref (instance->backend);
     dispatch_source_cancel (instance->server_recv_source);
     return;
   }
 
+  _frida_darwin_helper_backend_log_event (instance->backend, "\tfreeing instance %p (on backend %p)", instance, instance->backend);
+
   self_task = mach_task_self ();
 
   if (instance->do_modinit_strcmp_checks != NULL)
@@ -2842,9 +2846,53 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
 frida_spawn_instance_on_server_cancel (void * context)
 {
   FridaSpawnInstance * self = context;
+  FridaDarwinHelperBackend * backend = self->backend;
 
   dispatch_release (g_steal_pointer (&self->server_recv_source));
   frida_spawn_instance_free (self);
+  g_object_unref (backend);
+}
+
+static void
+frida_spawn_instance_log_breakpoint_phase (FridaSpawnInstance * self, const gchar * label)
+{
+  const gchar * name;
+
+  switch (self->breakpoint_phase)
+  {
+    case FRIDA_BREAKPOINT_DETECT_FLAVOR: name = "detect-flavor"; break;
+
+    case FRIDA_BREAKPOINT_SET_LIBDYLD_INITIALIZE_CALLER_BREAKPOINT: name = "set-libdyld-initialize-caller-breakpoint"; break;
+    case FRIDA_BREAKPOINT_LIBSYSTEM_INITIALIZED: name = "libsystem-initialized"; break;
+
+    case FRIDA_BREAKPOINT_SET_HELPERS: name = "set-helpers"; break;
+    case FRIDA_BREAKPOINT_DLOPEN_LIBC: name = "dlopen-libc"; break;
+    case FRIDA_BREAKPOINT_SKIP_CLEAR: name = "skip-clear"; break;
+    case FRIDA_BREAKPOINT_DLOPEN_BOOTSTRAPPER: name = "dlopen-bootstrapper"; break;
+
+    case FRIDA_BREAKPOINT_CF_INITIALIZE: name = "cf-initialize"; break;
+    case FRIDA_BREAKPOINT_CLEANUP: name = "cleanup"; break;
+    case FRIDA_BREAKPOINT_DONE: name = "done"; break;
+
+    default: g_assert_not_reached ();
+  }
+
+  _frida_darwin_helper_backend_log_event (self->backend, "\t%3s breakpoint_phase=\"%s\"", label, name);
+}
+
+static void
+frida_spawn_instance_log_pc (FridaSpawnInstance * self, GumAddress pc)
+{
+  if (pc >= self->dyld->base_address && pc < self->dyld->base_address + self->dyld_size)
+  {
+    _frida_darwin_helper_backend_log_event (self->backend, "\tpc=dyld!0x%" G_GINT64_MODIFIER "x",
+        pc - self->dyld->base_address);
+  }
+  else
+  {
+    _frida_darwin_helper_backend_log_event (self->backend, "\tpc=0x%" G_GINT64_MODIFIER "x",
+        pc);
+  }
 }
 
 static void
@@ -2859,6 +2907,7 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
   GumDarwinUnifiedThreadState state;
   guint i, current_bp_index;
   FridaBreakpoint * breakpoint = NULL;
+  GumAddress new_pc;
   gboolean carry_on, pc_changed;
 
   frida_spawn_instance_receive_breakpoint_request (self);
@@ -2872,6 +2921,8 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
     if ((self->single_stepping >= 0 && !is_step_complete) ||
         (self->single_stepping == -1 && is_step_complete))
     {
+      _frida_darwin_helper_backend_log_event (self->backend, "\tack-step single_stepping=%d is_step_complete=%s",
+          self->single_stepping, is_step_complete ? "TRUE" : "FALSE");
       frida_spawn_instance_send_breakpoint_response (self);
       return;
     }
@@ -2880,7 +2931,10 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
 
   kr = frida_get_thread_state (self->thread, state_flavor, &state, &state_count);
   if (kr != KERN_SUCCESS)
+  {
+    _frida_darwin_helper_backend_log_event (self->backend, "\tfrida_get_thread_state() failed with kr=%u", kr);
     return;
+  }
 
 #if __has_feature (ptrauth_calls)
   {
@@ -2907,10 +2961,14 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
     pc = state.ts_32.__pc;
 #endif
 
+  frida_spawn_instance_log_pc (self, pc);
+
   if (self->single_stepping >= 0)
   {
     FridaBreakpoint * bp = &self->breakpoints[self->single_stepping];
 
+    _frida_darwin_helper_backend_log_event (self->backend, "\thandle-step single_stepping=%d", self->single_stepping);
+
     frida_set_hardware_single_step (&self->breakpoint_debug_state, &state, FALSE, self->cpu_type);
 
     if (bp->repeat != FRIDA_BREAKPOINT_REPEAT_ALWAYS)
@@ -2942,24 +3000,33 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
     }
   }
 
+  _frida_darwin_helper_backend_log_event (self->backend, "\thit breakpoint: %s", (breakpoint != NULL) ? "yes" : "no");
   if (breakpoint == NULL)
     goto unexpected_exception;
 
+  frida_spawn_instance_log_breakpoint_phase (self, ">>>");
   carry_on = frida_spawn_instance_handle_breakpoint (self, breakpoint, &state);
+  frida_spawn_instance_log_breakpoint_phase (self, "<<<");
+  _frida_darwin_helper_backend_log_event (self->backend, "\thandle_breakpoint => carry_on=%s", carry_on ? "TRUE" : "FALSE");
   if (!carry_on)
     return;
 
 #ifdef HAVE_I386
   if (self->cpu_type == GUM_CPU_AMD64)
-    pc_changed = state.uts.ts64.__rip != pc;
+    new_pc = state.uts.ts64.__rip;
   else
-    pc_changed = state.uts.ts32.__eip != pc;
+    new_pc = state.uts.ts32.__eip;
 #else
   if (self->cpu_type == GUM_CPU_ARM64)
-    pc_changed = __darwin_arm_thread_state64_get_pc (state.ts_64) != pc;
+    new_pc = __darwin_arm_thread_state64_get_pc (state.ts_64);
   else
-    pc_changed = state.ts_32.__pc != pc;
+    new_pc = state.ts_32.__pc;
 #endif
+  pc_changed = new_pc != pc;
+
+  _frida_darwin_helper_backend_log_event (self->backend, "\tpc_changed=%s", pc_changed ? "TRUE" : "FALSE");
+  if (pc_changed)
+    frida_spawn_instance_log_pc (self, new_pc);
 
   if (!pc_changed)
   {
@@ -3078,7 +3145,10 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
     if (self->dyld_flavor == FRIDA_DYLD_V4_PLUS)
     {
       if (pc == self->modern_entry_address)
+      {
         self->breakpoint_phase = FRIDA_BREAKPOINT_SET_LIBDYLD_INITIALIZE_CALLER_BREAKPOINT;
+        frida_spawn_instance_log_breakpoint_phase (self, "A");
+      }
       else
         return frida_spawn_instance_handle_dyld_restart (self);
     }
@@ -3090,6 +3160,7 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
         self->breakpoint_phase = FRIDA_BREAKPOINT_CF_INITIALIZE;
       else
         self->breakpoint_phase = FRIDA_BREAKPOINT_SET_HELPERS;
+      frida_spawn_instance_log_breakpoint_phase (self, "B");
     }
   }
 
@@ -3178,6 +3249,7 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
     case FRIDA_BREAKPOINT_LIBSYSTEM_INITIALIZED:
       memcpy (&self->previous_thread_state, state, sizeof (GumDarwinUnifiedThreadState));
       self->breakpoint_phase = FRIDA_BREAKPOINT_CF_INITIALIZE;
+      frida_spawn_instance_log_breakpoint_phase (self, "C");
       goto next_phase;
 
     case FRIDA_BREAKPOINT_SET_HELPERS:
@@ -3265,7 +3337,10 @@ static void frida_darwin_helper_backend_launch_using_lsaw (NSString * identifier
 #endif
 
     case FRIDA_BREAKPOINT_CF_INITIALIZE:
+      _frida_darwin_helper_backend_log_event (self->backend, "\tenumerate-start");
       gum_darwin_enumerate_modules (self->task, frida_find_cf_initialize, self);
+      _frida_darwin_helper_backend_log_event (self->backend, "\tenumerate-end cf_initialize_address=0x%" G_GINT64_MODIFIER "x",
+          self->cf_initialize_address);
 
       if (self->cf_initialize_address != 0)
       {