functrace traces the function calls a program makes.
It's like strace, but for userspace.
It works by using Debugging functionality to insert breakpoints
at call&ret instructions.
Previously, a breakpoint was removed after it was tripped.
After a breakpoint trips, we have to undo the 'int3' patch
from the instruction in order to continue the exceution.
To make a breakpoint persist, we switch to "single step" mode,
which stops the execution after a single instruction, and then we
insert the breakpoint at the previous instruction.
There is also some code that deals with an edge case where there are
breakpoints in two consecutive instructions.
For some reaason, some magic is required to convince gcc to give us
the implementation for "__cxa_demangle"
Thanks @predmond for finding this simpler form of magic :)
PT_SETTREGS sets the regsiters of the traced thread. It can only be
used when the tracee is stopped.
Also, refactor ptrace.
The implementation was getting long and cluttered the alraedy large
Process.cpp file.
This commit moves the bulk of the implementation to Kernel/Ptrace.cpp,
and factors out peek & poke to separate methods of the Process class.
This was a missing feature in the PT_TRACEME command.
This feature allows the tracer to interact with the tracee before the
tracee has started executing its program.
It will be useful for automatically inserting a breakpoint at a
debugged program's entry point.
PT_POKE writes a single word to the tracee's address space.
Some caveats:
- If the user requests to write to an address in a read-only region, we
temporarily change the page's protections to allow it.
- If the user requests to write to a region that's backed by a
SharedInodeVMObject, we replace the vmobject with a PrivateIndoeVMObject.
