def _get_minsymbol_as_string(self, name: str) -> str: sym = gdb.lookup_minimal_symbol(name) if sym is None: raise MissingSymbolError(name) val = sym.value() return val.address.cast(self.types.char_p_type).string()
def check_ready(self) -> Optional[gdb.MinSymbol]: """ Returns the result of looking up the minimal symbol when a new object file is loaded. Returns: :obj:`gdb.MinSymbol`: The requested minimal symbol """ return gdb.lookup_minimal_symbol(self.name, self.symbol_file, None)
def __call__(self, symtype, *args): if self.ctx is not None: try: return self.ctx.next_cb_sym(symtype, *args) except addrxlat.BaseException: self.ctx.clear_err() if symtype == addrxlat.SYM_VALUE: ms = gdb.lookup_minimal_symbol(args[0]) if ms is not None: return long(ms.value().address) raise addrxlat.NoDataError()
def __init__(self): super(x86_64Architecture, self).__init__() # PC for blocked threads try: thread_return = gdb.lookup_minimal_symbol("thread_return") self.rip = thread_return.value().address except Exception: raise RuntimeError("{} requires symbol 'thread_return'".format( self.__class__.__name__)) self.ulong_type = gdb.lookup_type('unsigned long') thread_info_type = gdb.lookup_type('struct thread_info') self.thread_info_p_type = thread_info_type.pointer() # Stop stack traces with addresses below this self.filter = KernelFrameFilter(0xffff000000000000)
def __init__(self): super(x86_64Architecture, self).__init__() # PC for blocked threads try: thread_return = gdb.lookup_minimal_symbol("thread_return") self.rip = thread_return.value().address except Exception: raise RuntimeError("{} requires symbol 'thread_return'" .format(self.__class__.__name__)) self.ulong_type = gdb.lookup_type('unsigned long') thread_info_type = gdb.lookup_type('struct thread_info') self.thread_info_p_type = thread_info_type.pointer() # Stop stack traces with addresses below this self.filter = KernelFrameFilter(0xffff000000000000)
def get_minsymbol_addr(symname: str) -> int: """ Looks up a minsymbol by name and returns its address. Args: symname (str): The name of minsymbol to lookup. Returns: int: The address of the minsymbol. Raises: MissingSymbolError: The minsymbol cannot be located """ sym = gdb.lookup_minimal_symbol(symname) if not sym: raise MissingSymbolError(f"Cannot locate minsymbol {symname}") addr = sym.value().address return int(addr)
def setUp(self): gdb.execute("file tests/test-percpu", to_string=True) try: print() print("--- Unsuppressable gdb output ---", end='') gdb.execute("run", to_string=False) msym = gdb.lookup_minimal_symbol('__per_cpu_load') self.baseaddr = msym.value().address self.test_struct = gdb.lookup_type("struct test_struct") self.ulong_type = gdb.lookup_type("long unsigned int") self.voidp = gdb.lookup_type("void").pointer() except gdb.error as e: # If we don't tear it down, the rest of the tests in # other files will fail due to it using the wrong core file self.tearDown() raise(e)
def cb_sym(self, symtype, *args): if symtype == addrxlat.SYM_VALUE: ms = gdb.lookup_minimal_symbol(args[0]) if ms is not None: return long(ms.value().address) elif symtype == addrxlat.SYM_SIZEOF: sym = gdb.lookup_symbol(args[0], None)[0] if sym is not None: return sym.type.sizeof elif symtype == addrxlat.SYM_OFFSETOF: sym = gdb.lookup_symbol(args[0], None, gdb.SYMBOL_STRUCT_DOMAIN)[0] if sym is None: # this works for typedefs: sym = gdb.lookup_symbol(args[0], None)[0] if sym is not None: return offsetof(sym.type, args[1]) return super(TranslationContext, self).cb_sym(symtype, *args)
def get_minsymbol_pointer(symname: str, gdbtype: gdb.Type) -> gdb.Value: """ Looks up a minsymbol by name and returns a typed pointer to it. Args: symname (str): The name of minsymbol to lookup. gdbtype (gdb.Type): The type of the minsymbol. Returns: gdb.Value: The pointer of given type to the minsymbol. Raises: MissingSymbolError: The minsymbol cannot be located """ sym = gdb.lookup_minimal_symbol(symname) if not sym: raise MissingSymbolError(f"Cannot locate minsymbol {symname}") addr = sym.value().address return addr.cast(gdbtype.pointer())
def setUp(self): gdb.execute("file tests/test-percpu", to_string=True) try: gdb.execute("set build-id-verbose 0") print() print("--- Unsuppressable gdb output ---", end='') gdb.execute("run", to_string=False) msym = gdb.lookup_minimal_symbol('__per_cpu_load') self.baseaddr = msym.value().address self.test_struct = gdb.lookup_type("struct test_struct") self.ulong_type = gdb.lookup_type("long unsigned int") self.voidp = gdb.lookup_type("void").pointer() except gdb.error as e: # If we don't tear it down, the rest of the tests in # other files will fail due to it using the wrong core file self.tearDown() raise(e)
def cb_sym(self, symtype: int, *args: str) -> int: if symtype == addrxlat.SYM_VALUE: ms = gdb.lookup_minimal_symbol(args[0]) if ms is not None: return int(ms.value().address) elif symtype == addrxlat.SYM_SIZEOF: sym = gdb.lookup_symbol(args[0], None)[0] if sym is not None: return sym.type.sizeof elif symtype == addrxlat.SYM_OFFSETOF: sym = gdb.lookup_symbol(args[0], None, gdb.SYMBOL_STRUCT_DOMAIN)[0] if sym is None: # this works for typedefs: sym = gdb.lookup_symbol(args[0], None)[0] if sym is not None: ret = offsetof(sym.type, args[1], True) if ret is None: raise RuntimeError("offsetof can't return None with errors=True") return super().cb_sym(symtype, *args)
def symbol_func(symname): ms = gdb.lookup_minimal_symbol(symname) if not ms: print("Cannot lookup symbol %s" % symname) raise RuntimeError("Cannot lookup symbol %s" % symname) return long(ms.value())
#!/usr/bin/env python # vim:set shiftwidth=4 softtabstop=4 expandtab textwidth=79: import gdb from kdumpfile import kdumpfile, KDUMP_KVADDR from util import list_for_each_entry from kdumpfile.exceptions import * #arch = "i386:x86-64" # #setup = { # 'i386:x86-64' : setup_thread_amd64, #} ulong_type = gdb.lookup_type('unsigned long') rip = gdb.lookup_minimal_symbol("thread_return").value() def setup_thread_amd64(thread, task): rsp = task['thread']['sp'].cast(ulong_type.pointer()) rbp = rsp.dereference().cast(ulong_type.pointer()) rbx = (rbp - 1).dereference() r12 = (rbp - 2).dereference() r13 = (rbp - 3).dereference() r14 = (rbp - 4).dereference() r15 = (rbp - 5).dereference() # The two pushes that don't have CFI info # rsp += 2 # ex = in_exception_stack(rsp)
def check_ready(self): return gdb.lookup_minimal_symbol(self.name, self.symbol_file, self.objfile)
def symbol_func(symname): ms = gdb.lookup_minimal_symbol(symname) if not ms: print ("Cannot lookup symbol %s" % symname) raise RuntimeError("Cannot lookup symbol %s" % symname) return long(ms.value())
def setup_kaslr_offset(cls): offset = long(gdb.lookup_minimal_symbol("_text").value().address) offset -= long( gdb.lookup_minimal_symbol("phys_startup_64").value().address) offset -= 0xffffffff80000000 cls.kaslr_offset = offset
#!/usr/bin/env python # vim:set shiftwidth=4 softtabstop=4 expandtab textwidth=79: import gdb from kdumpfile import kdumpfile, KDUMP_KVADDR from util import list_for_each_entry from kdumpfile.exceptions import * #arch = "i386:x86-64" # #setup = { # 'i386:x86-64' : setup_thread_amd64, #} ulong_type = gdb.lookup_type('unsigned long') rip = gdb.lookup_minimal_symbol("thread_return").value() def setup_thread_amd64(thread, task): rsp = task['thread']['sp'].cast(ulong_type.pointer()) rbp = rsp.dereference().cast(ulong_type.pointer()) rbx = (rbp - 1).dereference() r12 = (rbp - 2).dereference() r13 = (rbp - 3).dereference() r14 = (rbp - 4).dereference() r15 = (rbp - 5).dereference() # The two pushes that don't have CFI info # rsp += 2 # ex = in_exception_stack(rsp) # if ex: