would OS X support be possible?

[cartazio]

1. would it be possible (wrt the design/architecture) to port proot to support (recent) OS X? (or similar bsd-ish systems?)
2. What would be needed to make such a thing happen? (I might be interested in trying to help, if its a tractable goal)

[cedric-vincent]

Hello Carter,

On Tue, Jan 13, 2015 at 08:37:50PM -0800, Carter Tazio Schonwald wrote:

1. would it be possible (wrt the design/architecture) to port proot to
   support (recent) OS X? (or similar bsd-ish systems?)

2. What would be needed to make such a thing happen? (I might be
   interested in trying to help, if its a tractable goal)

As of my understanding, support for ptrace in OS X is quite limited.
For instance, it doesn't support the "stop on syscall" feature, which
required for PRoot.

I wonder if GDB has a workaround for this limitation. Please, could
you try the following commands on OS X, then tell me what happens:

shell$ gdb true

(gdb) catch syscall

(gdb) run

Regards,
Cédric.

[gboddin]

Yup,
Starting from Maverick gdb looks replaced by lldb :

Gregorys-MBP:~ root# lldb

(lldb) catch syscall

error: 'catch' is not a valid command.

(lldb) ?

error: '?' is not a valid command.

(lldb) help

Debugger commands:



  apropos           -- Find a list of debugger commands related to a particular

                       word/subject.

  breakpoint        -- A set of commands for operating on breakpoints. Also see

                       _regexp-break.

  command           -- A set of commands for managing or customizing the

                       debugger commands.

  disassemble       -- Disassemble bytes in the current function, or elsewhere

                       in the executable program as specified by the user.

  expression        -- Evaluate a C/ObjC/C++ expression in the current program

                       context, using user defined variables and variables

                       currently in scope.

  frame             -- A set of commands for operating on the current thread's

                       frames.

  gdb-remote        -- Connect to a remote GDB server.  If no hostname is

                       provided, localhost is assumed.

  gui               -- Switch into the curses based GUI mode.

  help              -- Show a list of all debugger commands, or give details

                       about specific commands.

  kdp-remote        -- Connect to a remote KDP server.  udp port 41139 is the

                       default port number.

  log               -- A set of commands for operating on logs.

  memory            -- A set of commands for operating on memory.

  platform          -- A set of commands to manage and create platforms.

  plugin            -- A set of commands for managing or customizing plugin

                       commands.

  process           -- A set of commands for operating on a process.

  quit              -- Quit out of the LLDB debugger.

  register          -- A set of commands to access thread registers.

  script            -- Pass an expression to the script interpreter for

                       evaluation and return the results. Drop into the

                       interactive interpreter if no expression is given.

  settings          -- A set of commands for manipulating internal settable

                       debugger variables.

  source            -- A set of commands for accessing source file information

  target            -- A set of commands for operating on debugger targets.

  thread            -- A set of commands for operating on one or more threads

                       within a running process.

  type              -- A set of commands for operating on the type system

  version           -- Show version of LLDB debugger.

  watchpoint        -- A set of commands for operating on watchpoints.



Current command abbreviations (type 'help command alias' for more info):



  add-dsym  -- ('target symbols add')  Add a debug symbol file to one of the

               target's current modules by specifying a path to a debug symbols

               file, or using the options to specify a module to download

               symbols for.

  attach    -- ('_regexp-attach')  Attach to a process id if in decimal,

               otherwise treat the argument as a process name to attach to.

  b         -- ('_regexp-break')  Set a breakpoint using a regular expression

               to specify the location, where <linenum> is in decimal and

               <address> is in hex.

  bt        -- ('_regexp-bt')  Show a backtrace.  An optional argument is

               accepted; if that argument is a number, it specifies the number

               of frames to display.  If that argument is 'all', full

               backtraces of all threads are displayed.

  c         -- ('process continue')  Continue execution of all threads in the

               current process.

  call      -- ('expression --')  Evaluate a C/ObjC/C++ expression in the

               current program context, using user defined variables and

               variables currently in scope.

  continue  -- ('process continue')  Continue execution of all threads in the

               current process.

  detach    -- ('process detach')  Detach from the current process being

               debugged.

  di        -- ('disassemble')  Disassemble bytes in the current function, or

               elsewhere in the executable program as specified by the user.

  dis       -- ('disassemble')  Disassemble bytes in the current function, or

               elsewhere in the executable program as specified by the user.

  display   -- ('_regexp-display')  Add an expression evaluation stop-hook.

  down      -- ('_regexp-down')  Go down "n" frames in the stack (1 frame by

               default).

  env       -- ('_regexp-env')  Implements a shortcut to viewing and setting

               environment variables.

  exit      -- ('quit')  Quit out of the LLDB debugger.

  f         -- ('frame select')  Select a frame by index from within the

               current thread and make it the current frame.

  file      -- ('target create')  Create a target using the argument as the

               main executable.

  finish    -- ('thread step-out')  Finish executing the function of the

               currently selected frame and return to its call site in

               specified thread (current thread, if none specified).

  image     -- ('target modules')  A set of commands for accessing information

               for one or more target modules.

  j         -- ('_regexp-jump')  Sets the program counter to a new address.

  jump      -- ('_regexp-jump')  Sets the program counter to a new address.

  kill      -- ('process kill')  Terminate the current process being debugged.

  l         -- ('_regexp-list')  Implements the GDB 'list' command in all of

               its forms except FILE:FUNCTION and maps them to the appropriate

               'source list' commands.

  list      -- ('_regexp-list')  Implements the GDB 'list' command in all of

               its forms except FILE:FUNCTION and maps them to the appropriate

               'source list' commands.

  n         -- ('thread step-over')  Source level single step in specified

               thread (current thread, if none specified), stepping over

               calls.

  next      -- ('thread step-over')  Source level single step in specified

               thread (current thread, if none specified), stepping over

               calls.

  nexti     -- ('thread step-inst-over')  Single step one instruction in

               specified thread (current thread, if none specified), stepping

               over calls.

  ni        -- ('thread step-inst-over')  Single step one instruction in

               specified thread (current thread, if none specified), stepping

               over calls.

  p         -- ('expression --')  Evaluate a C/ObjC/C++ expression in the

               current program context, using user defined variables and

               variables currently in scope.

  po        -- ('expression -O  -- ')  Evaluate a C/ObjC/C++ expression in the

               current program context, using user defined variables and

               variables currently in scope.

  print     -- ('expression --')  Evaluate a C/ObjC/C++ expression in the

               current program context, using user defined variables and

               variables currently in scope.

  q         -- ('quit')  Quit out of the LLDB debugger.

  r         -- ('process launch -c /bin/sh --')  Launch the executable in the

               debugger.

  rbreak    -- ('breakpoint set -r %1')  Sets a breakpoint or set of

               breakpoints in the executable.

  repl      -- ('expression -r  -- ')  Evaluate a C/ObjC/C++ expression in the

               current program context, using user defined variables and

               variables currently in scope.

  run       -- ('process launch -c /bin/sh --')  Launch the executable in the

               debugger.

  s         -- ('thread step-in')  Source level single step in specified thread

               (current thread, if none specified).

  si        -- ('thread step-inst')  Single step one instruction in specified

               thread (current thread, if none specified).

  step      -- ('thread step-in')  Source level single step in specified thread

               (current thread, if none specified).

  stepi     -- ('thread step-inst')  Single step one instruction in specified

               thread (current thread, if none specified).

  t         -- ('thread select')  Select a thread as the currently active

               thread.

  tbreak    -- ('_regexp-tbreak')  Set a one shot breakpoint using a regular

               expression to specify the location, where <linenum> is in

               decimal and <address> is in hex.

  undisplay -- ('_regexp-undisplay')  Remove an expression evaluation

               stop-hook.

  up        -- ('_regexp-up')  Go up "n" frames in the stack (1 frame by

               default).

  x         -- ('memory read')  Read from the memory of the process being

               debugged.



For more information on any command, type 'help <command-name>'.

(lldb) 

[kad]

In 10.10:

GNU gdb 6.3.50-20050815 (Apple version gdb-1824) (Wed Feb  6 22:51:23 UTC 2013)
...
(gdb) catch syscall
Unknown event kind specified for catch
(gdb)

[cedric-vincent]

On Tue, Jun 23, 2015 at 08:26:32AM -0700, Alexander D. Kanevskiy wrote:

In 10.10:

GNU gdb 6.3.50-20050815 (Apple version gdb-1824) (Wed Feb  6 22:51:23 UTC 2013)
...
(gdb) catch syscall
Unknown event kind specified for catch

Hm, even GDB doesn't have a workaround for this limitation. That
means it is not possible to port PRoot on MacOSX.

Regards,
C�dric.

[kad]

I don't know how much it's useful, but there is article http://uninformed.org/index.cgi?v=4&a=3&p=14 that can help to overcome some of ptrace() @ MacOS weaknesses.

Maybe few other articles might be useful https://github.com/rentzsch/mach_override https://github.com/rentzsch/mach_inject http://soundly.me/osx-injection-override-tutorial-hello-world/

Obviously, it wouldn't be exactly same code for MacOS as under Linux for proot, but might give some ideas.

[oxr463]

Hm, even GDB doesn't have a workaround for this limitation. That
means it is not possible to port PRoot on MacOSX.

If anyone finds out a way to get around this in the future, this can be re-opened.