def getIrefTable(vmPath, offset): g = art.getFhandle(vmPath) g.seek(offset) #beginning of the global table fsize = os.fstat(g.fileno()).st_size off = g.tell() if off >= fsize: offset = off - fsize vmPath = getNFPath(vmPath) g = art.getFhandle(vmPath) g.seek(offset) segment_state = unpack_dec(g.read(4))[0] table_mem_map = hex(unpack_int(g.read(4))[0]) #print "TableMap "+table_mem_map table_begin = hex(unpack_int(g.read(4))[0]) #print "Irtentry "+table_begin ref_kind = unpack_dec(g.read(4))[0] #print "ref_kind "+ str(ref_kind) max_entries = unpack_dec(g.read(4))[0] #print "max entries "+ str(max_entries) num_holes = unpack_dec(g.read(4))[0] #print "num_holes "+ str(num_holes) last_known_state = unpack_dec(g.read(4))[0] #print "last_known_state "+ str(last_known_state) resizable = hex(unpack_int(g.read(4))[0]) #print "resizable "+ resizable return [segment_state, table_begin]
def getJVMPointer(nPath, rAddr): k = art.getFhandle(nPath) index = art.getIndex('Runtime', 'java_vm_') k.seek(rAddr + index) ret = hex(unpack_int(k.read(4))[0]) k.close() return ret
def getObjects(self, addrStart, objCount, jvm, lstList, mapList, bitmap_size_, heapBegin_): #heapBegin_ = int(heapBegin_, 16) [start, end] = art.getSE(lstList) objCount = int(objCount) [aPath, offset] = art.getOffset(addrStart, mapList) addr = art.getFhandle(aPath) addr.seek(offset) #obj = int(addrStart, 16) while (objCount > 0): oClass = hex(unpack_int(addr.read(4))[0]) if (art.validateAddr( int(oClass, 16), start, end)): # validating class pointer needs to edit #if (self.hasAddress(obj+offset, bitmap_size_, heapBegin_)): Validating object pointer to ensure its within heap boundary off = addr.tell() - 4 address = hex(start + off) objSize = jvm.dumpRefs(oClass, addr, address, off) if (objSize % 8 != 0): objSize = 8 * (int(objSize / 8) + (objSize % 8 > 0)) if (objSize == 0): objSize = 8 offset += objSize addr.seek(offset) objCount = objCount - 1 else: objSize = 8 offset += objSize addr.seek(offset) addr.close()
def printRefs(refs, lstList, mapList): [start, end] = art.getSE(lstList) if refs: for ref in refs: [aPath, offset] = art.getOffset(ref, mapList) addr = art.getFhandle(aPath) dumpRefs(ref, addr, ref, offset)
def getLibsOffset(vmPath, offset): index = art.getIndex('JavaVMExt', 'libraries_') g = art.getFhandle(vmPath) g.seek(offset+index) libraries_ = hex(unpack_int(g.read(4))[0]) g.close() return libraries_
def getPointer(addr, off): [tpath, offset] = art.getOffset(addr, memList) g = art.getFhandle(tpath) g.seek(offset+off) newAddr = hex(unpack_int(g.read(4))[0]) g.close() return newAddr
def getTLPointer(self, nPath, rAddr): k = art.getFhandle(nPath) index = types.art_types.get('Runtime')[1].get('thread_list_')[0] k.seek(rAddr + index) TLPointer = hex(unpack_int(k.read(4))[0]) k.close() return TLPointer
def getObject(self, addrStart, jvm2, lstList, mapList): [start, end] = art.getSE(lstList) [aPath, offset] = art.getOffset(addrStart, mapList) addr = art.getFhandle(aPath) addr.seek(offset) oClass = hex(struct.unpack("<I", addr.read(4))[0]) if (art.validateAddr(int(oClass, 16), start, end)): off = addr.tell() - 4 objSize = jvm2.dumpRefs(oClass, addr, off, start)
def printRefs(refs, lstList, mapList): [start, end] = art.getSE(lstList) if refs: for ref in refs: [klass, monitor, refFile, refOff] = cls.getOKlass(ref, mapList) name = cls.resolveName(klass, mapList) if not name in notList: #print ref [aPath, offset] = art.getOffset(ref, mapList) addr = art.getFhandle(aPath) dumpRefs(ref, addr, ref, offset)
def getObject(self, addrStart, jvm2, lstList, mapList, bitmap_size_, heapBegin_): ret = [] [start, end] = art.getSE(lstList) [aPath, offset] = art.getOffset(addrStart, mapList) addr = art.getFhandle(aPath) addr.seek(offset) oClass = hex(unpack_int(addr.read(4))[0]) if (art.validateAddr(int(oClass, 16), start, end)): off = addr.tell() - 4 objSize, ret = jvm2.dumpRefs(oClass, addr, off) addr.close() return ret
def getSuperClass(super_class_,fDict, ret): superC = True while superC: [sPath, sOffset] = art.getOffset(super_class_, mapList) sAddr = art.getFhandle(sPath) [name, classFlag, primType, ifields_,methods_, sfields_, dexCache, objSize, refSize, super_class_] = cls.getClassMembers(super_class_, sAddr, sOffset, mapList) sAddr.close() if (name =="java.lang.Object" or super_class_ == None): superC = False elif ifields_!="0x0": ret.append("Super Class Offset " + name) fields = fld.getFields(ifields_, mapList) for key, values in fields.items(): fieldIdx = values[2] cl,type ,name = dx.getMeta(dexCache,fieldIdx,mapList, memList) fDict[values[3]] = [name,type]
def regionHdr(self, regionAddr, num_regions_, memList): [regPath, offset] = art.getOffset(regionAddr, memList) g = art.getFhandle(regPath) g.seek(offset) count = 0 TLAB = [] NonTLAB = [] while (count < num_regions_): regBegin = g.tell() g.seek(regBegin + 16) state_ = struct.unpack("<B", g.read(1))[0] if (state_ > 0): g.seek(regBegin + 33) is_a_tlab_ = struct.unpack("<?", g.read(1))[0] if (is_a_tlab_ == True): g.seek(regBegin) idx = struct.unpack("<i", g.read(4))[0] begin_ = hex(struct.unpack("<I", g.read(4))[0]) top_ = hex(struct.unpack("<I", g.read(4))[0]) end_ = hex(struct.unpack("<I", g.read(4))[0]) #g.seek(regBegin+28) #liveBytes = struct.unpack("<i", g.read(4))[0] #print "Tlab "+str(liveBytes) g.seek(regBegin + 36) thread = hex(struct.unpack("<I", g.read(4))[0]) TLAB.append( str(idx) + "\t" + begin_ + "\t" + top_ + "\t" + end_ + "\t" + thread) else: g.seek(regBegin) idx = struct.unpack("<i", g.read(4))[0] begin_ = hex(struct.unpack("<I", g.read(4))[0]) top_ = hex(struct.unpack("<I", g.read(4))[0]) end_ = hex(struct.unpack("<I", g.read(4))[0]) g.seek(regBegin + 20) objAlloc = struct.unpack("<i", g.read(4))[0] #g.seek(regBegin+28) #liveBytes = struct.unpack("<i", g.read(4))[0] #print "NonTlab "+str(liveBytes) NonTLAB.append( str(idx) + "\t" + begin_ + "\t" + top_ + "\t" + end_ + "\t" + str(objAlloc)) g.seek(regBegin + 40) else: g.seek(regBegin + 40) count = count + 1 return [TLAB, NonTLAB]
def getBitmap(self, regionSPath, offset, memList): mark_bitmap = self.readPointer( regionSPath, offset, 164) #GetLiveBitmap for region space returns mark_bitmap #print "live_bitmap " + mark_bitmap #GetLiveBitmap for region space returns mark_bitmap [bitmapPath, offset] = art.getOffset(mark_bitmap, memList) g = art.getFhandle(bitmapPath) g.seek(offset) memmap = hex(unpack_int(g.read(4))[0]) begin_ = hex(unpack_int(g.read(4))[0]) bitmap_size_ = unpack_dec(g.read(4))[0] #print "Bitmap size = "+ str(bitmap_size_) heapBegin_ = hex(unpack_int(g.read(4))[0]) name_ = art.getNames(hex(int(mark_bitmap, 16) + 16), memList) #print memmap, begin_, bitmap_size_, heapBegin_, name_ g.close() return [bitmap_size_, heapBegin_]
def getObjects(self, addrStart, objCount, jvm, lstList, mapList): [start, end] = art.getSE(lstList) objCount = int(objCount) [aPath, offset] = art.getOffset(addrStart, mapList) addr = art.getFhandle(aPath) addr.seek(offset) while (objCount > 0): oClass = hex(struct.unpack("<I", addr.read(4))[0]) if (art.validateAddr(int(oClass, 16), start, end)): off = addr.tell() - 4 objSize = jvm.dumpRefs(oClass, addr, off, start) if (objSize % 8 != 0): objSize = 8 * (int(objSize / 8) + (objSize % 8 > 0)) if (objSize == 0): objSize = 8 offset += objSize addr.seek(offset) objCount = objCount - 1 else: objSize = 8 offset += objSize addr.seek(offset)
def readInt(self, nPath, rAddr, index): k = art.getFhandle(nPath) k.seek(rAddr + index) addr = struct.unpack("<i", k.read(4))[0] return addr
def readPointer(self, nPath, rAddr, index): k = art.getFhandle(nPath) k.seek(rAddr + index) addr = hex(struct.unpack("<I", k.read(4))[0]) return addr
def getPointer(addr, off): [tpath, offset] = art.getOffset(addr, memList) g = art.getFhandle(tpath) g.seek(offset + off) newAddr = hex(struct.unpack("<I", g.read(4))[0]) return newAddr
def getJVMPointer(nPath, rAddr): k = art.getFhandle(nPath) index = art.getIndex('Runtime', 'java_vm_') k.seek(rAddr + index) return hex(struct.unpack("<I", k.read(4))[0])
def readInt(self, nPath, rAddr, index): k = art.getFhandle(nPath) k.seek(rAddr + index) addr = unpack_dec(k.read(4))[0] k.close() return addr
def readPointer(self, nPath, rAddr, index): k = art.getFhandle(nPath) k.seek(rAddr + index) addr = hex(unpack_int(k.read(4))[0]) k.close() return addr
def readBool(self, nPath, rAddr, index): k = art.getFhandle(nPath) k.seek(rAddr + index) addr = struct.unpack("<?", k.read(1))[0] k.close() return addr
def regionHdr(self, regionAddr, num_regions_, memList): [regPath, offset] = art.getOffset(regionAddr, memList) g = art.getFhandle(regPath) g.seek(offset) count = 0 TLAB = [] NonTLAB = [] oCount = 0 while (count < num_regions_): regBegin = g.tell() g.seek(regBegin + 16) state_ = struct.unpack("<B", g.read(1))[0] #g.seek(regBegin+17) #type = struct.unpack("<B", g.read(1))[0] #print "Region Type "+str(type) if ( state_ > 0 ): # non-free region state_=1 means kRegionStateAllocated, our none-free regions are type = 3 (kRegionTypeToSpace), 4 (kRegionTypeNone) g.seek(regBegin + 33) is_a_tlab_ = struct.unpack("<?", g.read(1))[0] if (is_a_tlab_ == True): g.seek(regBegin) idx = unpack_dec(g.read(4))[0] begin_ = hex(unpack_int(g.read(4))[0]) top_ = hex(unpack_int(g.read(4))[0]) end_ = hex(unpack_int(g.read(4))[0]) #for debug to be removed #Android 8 /art/runtime/gc/space/region_space-inl.h line 249 g.seek(regBegin + 28) liveBytes = unpack_dec(g.read(4))[0] diff = int(top_, 16) - int(begin_, 16) need_bitmap = liveBytes != -1 and liveBytes != diff #print "Tlab "+str(need_bitmap) #end debug g.seek(regBegin + 36) thread = hex(unpack_int(g.read(4))[0]) TLAB.append( str(idx) + "\t" + begin_ + "\t" + top_ + "\t" + end_ + "\t" + str(need_bitmap) + "(" + str(liveBytes) + " " + str(diff) + ")" + "\t\t\t" + thread) else: g.seek(regBegin) idx = unpack_dec(g.read(4))[0] begin_ = hex(unpack_int(g.read(4))[0]) top_ = hex(unpack_int(g.read(4))[0]) end_ = hex(unpack_int(g.read(4))[0]) g.seek(regBegin + 20) objAlloc = unpack_dec(g.read(4))[0] oCount = oCount + objAlloc #for debug to be removed g.seek(regBegin + 28) liveBytes = unpack_dec(g.read(4))[0] diff = int(top_, 16) - int(begin_, 16) need_bitmap = liveBytes != -1 and liveBytes != diff #print "NonTlab "+str(need_bitmap) #end debug NonTLAB.append( str(idx) + "\t" + begin_ + "\t" + top_ + "\t" + end_ + "\t" + str(objAlloc) + "\t" + str(need_bitmap) + "(" + str(liveBytes) + " " + str(diff) + ")") g.seek(regBegin + 40) else: g.seek(regBegin + 40) count = count + 1 g.close() print "NonTlab Total " + str(oCount) return [TLAB, NonTLAB]
def getLibsOffset(vmPath, offset): index = art.getIndex('JavaVMExt', 'libraries_') g = art.getFhandle(vmPath) g.seek(offset + index) libraries_ = hex(struct.unpack("<I", g.read(4))[0]) return libraries_