
/* Derived from Valgrind sources, coregrind/m_debuginfo/readmacho.c.
   GPL 2+ therefore.

   Can be compiled as either a 32- or 64-bit program (doesn't matter).
*/

/* What does this program do?  In short it postprocesses tool
   executables on MacOSX, after linking using /usr/bin/ld.  This is so
   as to work around a bug in the linker on Xcode 4.0.0 and Xcode
   4.0.1.  Xcode versions prior to 4.0.0 are unaffected.

   The tracking bug is https://bugs.kde.org/show_bug.cgi?id=267997

   The bug causes 64-bit tool executables to segfault at startup,
   because:

   Comparing the MachO load commands vs a (working) tool executable
   that was created by Xcode 3.2.x, it appears that the new linker has
   partially ignored the build system's request to place the tool
   executable's stack at a non standard location.  The build system
   tells the linker "-stack_addr 0x134000000 -stack_size 0x800000".

   With the Xcode 3.2 linker those flags produce two results:

   (1) A load command to allocate the stack at the said location:
          Load command 3
                cmd LC_SEGMENT_64
            cmdsize 72
            segname __UNIXSTACK
             vmaddr 0x0000000133800000
             vmsize 0x0000000000800000
            fileoff 2285568
           filesize 0
            maxprot 0x00000007
           initprot 0x00000003
             nsects 0
              flags 0x0

   (2) A request (in LC_UNIXTHREAD) to set %rsp to the correct value
       at process startup, 0x134000000.

   With Xcode 4.0.1, (1) is missing but (2) is still present.  The
   tool executable therefore starts up with %rsp pointing to unmapped
   memory and faults almost instantly.

   The workaround implemented by this program is documented in comment
   8 of bug 267997, viz:

   One really sick workaround is to observe that the executables
   contain a redundant MachO load command:

      Load command 2
            cmd LC_SEGMENT_64
        cmdsize 72
        segname __LINKEDIT
         vmaddr 0x0000000138dea000
         vmsize 0x00000000000ad000
        fileoff 2658304
       filesize 705632
        maxprot 0x00000007
       initprot 0x00000001
         nsects 0
          flags 0x0

   The described section presumably contains information intended for
   the dynamic linker, but is irrelevant because this is a statically
   linked executable.  Hence it might be possible to postprocess the
   executables after linking, to overwrite this entry with the
   information that would have been in the missing __UNIXSTACK entry.
   I tried this by hand (with a binary editor) earlier and got
   something that worked.
*/

#define DEBUGPRINTING 0

#include <assert.h>
#include <stdlib.h>
#include <stdio.h>
#include <string.h>
#include <sys/mman.h>
#include <sys/stat.h>
#include <unistd.h>
#include <fcntl.h>


#undef PLAT_x86_darwin
#undef PLAT_amd64_darwin

#if defined(__APPLE__) && defined(__i386__)
#  define PLAT_x86_darwin 1
#elif defined(__APPLE__) && defined(__x86_64__)
#  define PLAT_amd64_darwin 1
#else
#  error "Can't be compiled on this platform"
#endif

#include <mach-o/loader.h>
#include <mach-o/nlist.h>
#include <mach-o/fat.h>
#include <mach/i386/thread_status.h>


typedef  unsigned char   UChar;
typedef    signed char   Char;
typedef           char   HChar; /* signfulness depends on host */

typedef  unsigned int    UInt;
typedef    signed int    Int;

typedef  unsigned char   Bool;
#define  True   ((Bool)1)
#define  False  ((Bool)0)

typedef  unsigned long   UWord;

typedef  UWord           SizeT;
typedef  UWord           Addr;

typedef  unsigned long long int   ULong;
typedef    signed long long int   Long;


__attribute__((noreturn))
void fail ( HChar* msg )
{
   fprintf(stderr, "fixup_macho_loadcmds: fail: %s\n", msg);
   exit(1);
}


/*------------------------------------------------------------*/
/*---                                                      ---*/
/*--- Mach-O file mapping/unmapping helpers                ---*/
/*---                                                      ---*/
/*------------------------------------------------------------*/

typedef
   struct {
      /* These two describe the entire mapped-in ("primary") image,
         fat headers, kitchen sink, whatnot: the entire file.  The
         image is mapped into img[0 .. img_szB-1]. */
      UChar* img;
      SizeT  img_szB;
      /* These two describe the Mach-O object of interest, which is
         presumably somewhere inside the primary image.
         map_image_aboard() below, which generates this info, will
         carefully check that the macho_ fields denote a section of
         memory that falls entirely inside img[0 .. img_szB-1]. */
      UChar* macho_img;
      SizeT  macho_img_szB;
   }
   ImageInfo;


Bool is_macho_object_file( const void* buf, SizeT szB )
{
   /* (JRS: the Mach-O headers might not be in this mapped data,
      because we only mapped a page for this initial check,
      or at least not very much, and what's at the start of the file
      is in general a so-called fat header.  The Mach-O object we're
      interested in could be arbitrarily far along the image, and so
      we can't assume its header will fall within this page.) */

   /* But we can say that either it's a fat object, in which case it
      begins with a fat header, or it's unadorned Mach-O, in which
      case it starts with a normal header.  At least do what checks we
      can to establish whether or not we're looking at something
      sane. */

   const struct fat_header*  fh_be = buf;
   const struct mach_header_64* mh    = buf;

   assert(buf);
   if (szB < sizeof(struct fat_header))
      return False;
   if (ntohl(fh_be->magic) == FAT_MAGIC)
      return True;

   if (szB < sizeof(struct mach_header_64))
      return False;
   if (mh->magic == MH_MAGIC_64)
      return True;

   return False;
}


/* Unmap an image mapped in by map_image_aboard. */
static void unmap_image ( /*MOD*/ImageInfo* ii )
{
   Int r;
   assert(ii->img);
   assert(ii->img_szB > 0);
   r = munmap( ii->img, ii->img_szB );
   /* Do we care if this fails?  I suppose so; it would indicate
      some fairly serious snafu with the mapping of the file. */
   assert( !r );
   memset(ii, 0, sizeof(*ii));
}


/* Map a given fat or thin object aboard, find the thin part if
   necessary, do some checks, and write details of both the fat and
   thin parts into *ii.  Returns 32 (and leaves the file unmapped) if
   the thin part is a 32 bit file.  Returns 64 if it's a 64 bit file.
   Does not return on failure.  Guarantees to return pointers to a
   valid(ish) Mach-O image if it succeeds. */
static Int map_image_aboard ( /*OUT*/ImageInfo* ii, HChar* filename )
{
   memset(ii, 0, sizeof(*ii));

   /* First off, try to map the thing in. */
   { SizeT  size;
     Int r, fd;
     struct stat stat_buf;

     r = stat(filename, &stat_buf);
     if (r)
        fail("Can't stat image (to determine its size)?!");
     size = stat_buf.st_size;

     fd = open(filename, O_RDWR, 0);
     if (fd == -1)
        fail("Can't open image for possible modification!");
     if (DEBUGPRINTING)
        printf("size %lu fd %d\n", size, fd);
     void* v = mmap ( NULL, size, PROT_READ|PROT_WRITE,
                                  MAP_FILE|MAP_SHARED, fd, 0 );
     if (v == MAP_FAILED) {
        perror("mmap failed");
        fail("Can't mmap image for possible modification!");
     }

     close(fd);

     ii->img     = (UChar*)v;
     ii->img_szB = size;
   }

   /* Now it's mapped in and we have .img and .img_szB set.  Look for
      the embedded Mach-O object.  If not findable, unmap and fail. */
   { struct fat_header*  fh_be;
     struct fat_header   fh;
     struct mach_header_64* mh;
     
     // Assume initially that we have a thin image, and update
     // these if it turns out to be fat.
     ii->macho_img     = ii->img;
     ii->macho_img_szB = ii->img_szB;

     // Check for fat header.
     if (ii->img_szB < sizeof(struct fat_header))
        fail("Invalid Mach-O file (0 too small).");

     // Fat header is always BIG-ENDIAN
     fh_be = (struct fat_header *)ii->img;
     fh.magic = ntohl(fh_be->magic);
     fh.nfat_arch = ntohl(fh_be->nfat_arch);
     if (fh.magic == FAT_MAGIC) {
        // Look for a good architecture.
        struct fat_arch *arch_be;
        struct fat_arch arch;
        Int f;
        if (ii->img_szB < sizeof(struct fat_header)
                          + fh.nfat_arch * sizeof(struct fat_arch))
           fail("Invalid Mach-O file (1 too small).");

        for (f = 0, arch_be = (struct fat_arch *)(fh_be+1); 
             f < fh.nfat_arch;
             f++, arch_be++) {
           Int cputype;
#          if defined(PLAT_x86_darwin)
           cputype = CPU_TYPE_X86;
#          elif defined(PLAT_amd64_darwin)
           cputype = CPU_TYPE_X86_64;
#          else
#            error "unknown architecture"
#          endif
           arch.cputype    = ntohl(arch_be->cputype);
           arch.cpusubtype = ntohl(arch_be->cpusubtype);
           arch.offset     = ntohl(arch_be->offset);
           arch.size       = ntohl(arch_be->size);
           if (arch.cputype == cputype) {
              if (ii->img_szB < arch.offset + arch.size)
                 fail("Invalid Mach-O file (2 too small).");
              ii->macho_img     = ii->img + arch.offset;
              ii->macho_img_szB = arch.size;
              break;
           }
        }
        if (f == fh.nfat_arch)
           fail("No acceptable architecture found in fat file.");
     }

     /* Sanity check what we found. */

     /* assured by logic above */
     assert(ii->img_szB >= sizeof(struct fat_header));

     if (ii->macho_img_szB < sizeof(struct mach_header_64))
        fail("Invalid Mach-O file (3 too small).");

     if (ii->macho_img_szB > ii->img_szB)
        fail("Invalid Mach-O file (thin bigger than fat).");

     if (ii->macho_img >= ii->img
         && ii->macho_img + ii->macho_img_szB <= ii->img + ii->img_szB) {
        /* thin entirely within fat, as expected */
     } else {
        fail("Invalid Mach-O file (thin not inside fat).");
     }

     mh = (struct mach_header_64 *)ii->macho_img;
     if (mh->magic == MH_MAGIC) {
        assert(ii->img);
        assert(ii->macho_img);
        assert(ii->img_szB > 0);
        assert(ii->macho_img_szB > 0);
        assert(ii->macho_img >= ii->img);
        assert(ii->macho_img + ii->macho_img_szB <= ii->img + ii->img_szB);
        return 32;
     }
     if (mh->magic != MH_MAGIC_64)
        fail("Invalid Mach-O file (bad magic).");

     if (ii->macho_img_szB < sizeof(struct mach_header_64) + mh->sizeofcmds)
        fail("Invalid Mach-O file (4 too small).");
   }

   assert(ii->img);
   assert(ii->macho_img);
   assert(ii->img_szB > 0);
   assert(ii->macho_img_szB > 0);
   assert(ii->macho_img >= ii->img);
   assert(ii->macho_img + ii->macho_img_szB <= ii->img + ii->img_szB);
   return 64;
}


/*------------------------------------------------------------*/
/*---                                                      ---*/
/*--- Mach-O top-level processing                          ---*/
/*---                                                      ---*/
/*------------------------------------------------------------*/

void modify_macho_loadcmds ( HChar* filename,
                             ULong  expected_stack_start,
                             ULong  expected_stack_size )
{
   ImageInfo ii;
   memset(&ii, 0, sizeof(ii));

   Int size = map_image_aboard( &ii, filename );
   if (size == 32) {
      fprintf(stderr, "fixup_macho_loadcmds:   Is 32-bit MachO file;"
              " no modifications needed.\n");
      goto out;
   }

   assert(size == 64);

   assert(ii.macho_img != NULL && ii.macho_img_szB > 0);

   /* Poke around in the Mach-O header, to find some important
      stuff.
      * the location of the __UNIXSTACK load command, if any
      * the location of the __LINKEDIT load command, if any
      * the initial RSP value as stated in the LC_UNIXTHREAD
   */

   /* The collected data */
   ULong init_rsp = 0;
   Bool  have_rsp = False;
   struct segment_command_64* seg__unixstack = NULL;
   struct segment_command_64* seg__linkedit  = NULL;

   /* Loop over the load commands and fill in the above 4 variables. */

   { struct mach_header_64 *mh = (struct mach_header_64 *)ii.macho_img;
      struct load_command *cmd;
      Int c;

      for (c = 0, cmd = (struct load_command *)(mh+1);
           c < mh->ncmds;
           c++, cmd = (struct load_command *)(cmd->cmdsize
                                              + (unsigned long)cmd)) {
         if (DEBUGPRINTING)
            printf("load cmd: offset %4lu   size %3d   kind %2d = ",
                   (unsigned long)((UChar*)cmd - (UChar*)ii.macho_img),
                   cmd->cmdsize, cmd->cmd);

         switch (cmd->cmd) {
            case LC_SEGMENT_64:
               if (DEBUGPRINTING)
                  printf("LC_SEGMENT_64");
               break;
            case LC_SYMTAB:
               if (DEBUGPRINTING)
                  printf("LC_SYMTAB");
               break;
            case LC_DYSYMTAB:
               if (DEBUGPRINTING)
                  printf("LC_DYSYMTAB");
               break;
            case LC_UUID:
               if (DEBUGPRINTING)
                  printf("LC_UUID");
               break;
            case LC_UNIXTHREAD:
               if (DEBUGPRINTING)
                  printf("LC_UNIXTHREAD");
               break;
            default:
                  printf("???");
               fail("unexpected load command in Mach header");
            break;
         }
         if (DEBUGPRINTING)
            printf("\n");

         /* Note what the stated initial RSP value is, so we can
            check it is as expected. */
         if (cmd->cmd == LC_UNIXTHREAD) {
            struct thread_command* tcmd = (struct thread_command*)cmd;
            UInt* w32s = (UInt*)( (UChar*)tcmd + sizeof(*tcmd) );
            if (DEBUGPRINTING)
               printf("UnixThread: flavor %u = ", w32s[0]);
            if (w32s[0] == x86_THREAD_STATE64 && !have_rsp) {
               if (DEBUGPRINTING)
                  printf("x86_THREAD_STATE64\n");
               x86_thread_state64_t* state64
                  = (x86_thread_state64_t*)(&w32s[2]);
               have_rsp = True;
               init_rsp = state64->__rsp;
               if (DEBUGPRINTING)
                  printf("rsp = 0x%llx\n", init_rsp);
            } else {
               if (DEBUGPRINTING)
                  printf("???");
            }
            if (DEBUGPRINTING)
               printf("\n");
         }

         if (cmd->cmd == LC_SEGMENT_64) {
            struct segment_command_64 *seg = (struct segment_command_64 *)cmd;
            if (0 == strcmp(seg->segname, "__LINKEDIT"))
               seg__linkedit = seg;
            if (0 == strcmp(seg->segname, "__UNIXSTACK"))
               seg__unixstack = seg;
         }

      }
   }

   /*
      Actions are then as follows:

      * (always) check the RSP value is as expected, and abort if not

      * if there's a UNIXSTACK load command, check it is as expected.
        If not abort, if yes, do nothing more.

      * (so there's no UNIXSTACK load command).  if there's a LINKEDIT
        load command, check if it is minimally usable (has 0 for
        nsects and flags).  If yes, convert it to a UNIXSTACK load
        command.  If there is none, or is unusable, then we're out of
        options and have to abort.
   */
   if (!have_rsp)
      fail("Can't find / check initial RSP setting");
   if (init_rsp != expected_stack_start + expected_stack_size)
      fail("Initial RSP value not as expected");

   fprintf(stderr, "fixup_macho_loadcmds:   "
                   "initial RSP is as expected (0x%llx)\n",
                   expected_stack_start + expected_stack_size );

   if (seg__unixstack) {
      struct segment_command_64 *seg = seg__unixstack;
      if (seg->vmaddr != expected_stack_start)
         fail("has __UNIXSTACK, but wrong ::vmaddr");
      if (seg->vmsize != expected_stack_size)
         fail("has __UNIXSTACK, but wrong ::vmsize");
      if (seg->maxprot != 7)
         fail("has __UNIXSTACK, but wrong ::maxprot (should be 7)");
      if (seg->initprot != 3)
         fail("has __UNIXSTACK, but wrong ::initprot (should be 3)");
      if (seg->nsects != 0)
         fail("has __UNIXSTACK, but wrong ::nsects (should be 0)");
      if (seg->flags != 0)
         fail("has __UNIXSTACK, but wrong ::flags (should be 0)");
      /* looks ok */
      fprintf(stderr, "fixup_macho_loadcmds:   "
              "acceptable __UNIXSTACK present; no modifications.\n" );
      goto out;
   }

   if (seg__linkedit) {
      struct segment_command_64 *seg = seg__linkedit;
      if (seg->nsects != 0)
         fail("has __LINKEDIT, but wrong ::nsects (should be 0)");
      if (seg->flags != 0)
         fail("has __LINKEDIT, but wrong ::flags (should be 0)");
      fprintf(stderr, "fixup_macho_loadcmds:   "
              "no __UNIXSTACK present.\n" );
      fprintf(stderr, "fixup_macho_loadcmds:   "
              "converting __LINKEDIT to __UNIXSTACK.\n" );
      strcpy(seg->segname, "__UNIXSTACK");
      seg->vmaddr   = expected_stack_start;
      seg->vmsize   = expected_stack_size;
      seg->fileoff  = 0;
      seg->filesize = 0;
      seg->maxprot  = 7;
      seg->initprot = 3;
      /* success */
      goto out;
   }

   /* out of options */
   fail("no __UNIXSTACK found and no usable __LINKEDIT found; "
        "out of options.");
   /* NOTREACHED */

  out:
   if (ii.img)
      unmap_image(&ii);
}


static Bool is_plausible_tool_exe_name ( HChar* nm )
{
   HChar* p;
   if (!nm)
      return False;

   // Does it end with this string?
   p = strstr(nm, "-x86-darwin");
   if (p && 0 == strcmp(p, "-x86-darwin"))
      return True;

   p = strstr(nm, "-amd64-darwin");
   if (p && 0 == strcmp(p, "-amd64-darwin"))
      return True;

   return False;
}


int main ( int argc, char** argv )
{
   Int   r;
   ULong req_stack_addr = 0;
   ULong req_stack_size = 0;

   if (argc != 4)
      fail("args: -stack_addr-arg -stack_size-arg "
           "name-of-tool-executable-to-modify"); 

   r= sscanf(argv[1], "0x%llx", &req_stack_addr);
   if (r != 1) fail("invalid stack_addr arg");

   r= sscanf(argv[2], "0x%llx", &req_stack_size);
   if (r != 1) fail("invalid stack_size arg");

   fprintf(stderr, "fixup_macho_loadcmds: "
           "requested stack_addr (top) 0x%llx, "
           "stack_size 0x%llx\n", req_stack_addr, req_stack_size );

   if (!is_plausible_tool_exe_name(argv[3]))
      fail("implausible tool exe name -- not of the form *-{x86,amd64}-darwin");

   fprintf(stderr, "fixup_macho_loadcmds: examining tool exe: %s\n", 
           argv[3] );
   modify_macho_loadcmds( argv[3], req_stack_addr - req_stack_size,
                          req_stack_size );

   return 0;
}

/*
      cmd LC_SEGMENT_64
  cmdsize 72
  segname __LINKEDIT
   vmaddr 0x0000000138dea000
   vmsize 0x00000000000ad000
  fileoff 2658304
 filesize 705632
  maxprot 0x00000007
 initprot 0x00000001
   nsects 0
    flags 0x0
*/

/*
      cmd LC_SEGMENT_64
  cmdsize 72
  segname __UNIXSTACK
   vmaddr 0x0000000133800000
   vmsize 0x0000000000800000
  fileoff 2498560
 filesize 0
  maxprot 0x00000007
 initprot 0x00000003
   nsects 0
    flags 0x0
*/