def execute(self, argv): super_blocks = gdb.lookup_symbol('super_blocks', None)[0].value() sbtype = gdb.lookup_type('struct super_block') try: btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info') except gdb.error: # Load the module if it's not loaded yet module_type = gdb.lookup_type('struct module') modules = gdb.lookup_symbol('modules', None)[0].value() for module in list_for_each_entry(modules, module_type, 'list'): if module['name'].string() == "btrfs": addr = module['module_core'] gdb.execute("add-symbol-file {} {}".format(path, addr)) btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info') for sb in list_for_each_entry(super_blocks, sbtype, 's_list'): if sb['s_type']['name'].string() == "btrfs": fs_info = gdb.Value(sb['s_fs_info']).cast(btrfs_fs_info_type.pointer()) u = long(0) for i in range(0, 16): u <<= 8 u += int(fs_info['fsid'][i]) u = uuid.UUID(int=u) print "{} -> {} {}".format(sb.address, sb['s_id'].string(), u)
def execute(self, argv): super_blocks = gdb.lookup_symbol('super_blocks', None)[0].value() sbtype = gdb.lookup_type('struct super_block') try: btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info') except gdb.error: # Load the module if it's not loaded yet module_type = gdb.lookup_type('struct module') modules = gdb.lookup_symbol('modules', None)[0].value() for module in list_for_each_entry(modules, module_type, 'list'): if module['name'].string() == "btrfs": addr = module['module_core'] gdb.execute("add-symbol-file {} {}".format(path, addr)) btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info') for sb in list_for_each_entry(super_blocks, sbtype, 's_list'): if sb['s_type']['name'].string() == "btrfs": fs_info = gdb.Value(sb['s_fs_info']).cast( btrfs_fs_info_type.pointer()) u = 0 for i in range(0, 16): u <<= 8 u += int(fs_info['fsid'][i]) u = uuid.UUID(int=u) print "{} -> {} {}".format(sb.address, sb['s_id'].string(), u)
def get_fragment_instances(): # Walk the threadlist to find fragment instance ids. Assumes IMPALA-6416, so # this will not work with releases older than Impala 2.12. It may be possible # to search for FragmentInstanceState::Exec() in the older releases to get # to the FInstIDs. Returns a dictionary of FInstID->[gdb thread ID]. # Note that multiple threads might be doing tasks for the same FInstID. fragment_instances = defaultdict(list) for thread in gdb.selected_inferior().threads(): thread.switch() f = gdb.newest_frame() while f: # Skip unresolved frame if gdb.Frame.name(f) is None: f = gdb.Frame.older(f) continue if 'impala::Thread::SuperviseThread' in gdb.Frame.name(f): gdb.Frame.select(f) block = gdb.Frame.block(f) gdb.lookup_symbol('thread_debug_info', block) tdi = f.read_var('thread_debug_info') # No valid thread_debug_info if not tdi: break fi = str(tdi['instance_id_']) if ':' in fi: fragment_instances[fi.strip('"')].append(thread.num) break f = gdb.Frame.older(f) return fragment_instances
def get_fragment_instances(): # Walk the threadlist to find fragment instance ids. Assumes IMPALA-6416, so # this will not work with releases older than Impala 2.12. It may be possible # to search for FragmentInstanceState::Exec() in the older releases to get # to the FInstIDs. Returns a dictionary of FInstID->[gdb thread ID]. # Note that multiple threads might be doing tasks for the same FInstID. fragment_instances = defaultdict(list) for thread in gdb.selected_inferior().threads(): thread.switch() f = gdb.newest_frame() while f: # Skip unresolved frame if gdb.Frame.name(f) is None: f = gdb.Frame.older(f) continue if 'impala::Thread::SuperviseThread' in gdb.Frame.name(f): gdb.Frame.select(f) block = gdb.Frame.block(f) gdb.lookup_symbol('thread_debug_info', block) tdi = f.read_var('thread_debug_info') # No valid thread_debug_info if not tdi: break hi = long(tdi['instance_id_']['hi']) lo = long(tdi['instance_id_']['lo']) fi = "%lx:%lx" % (hi, lo) if fi != "0:0": fragment_instances[fi.strip('"')].append(thread.num) break f = gdb.Frame.older(f) return fragment_instances
def read_heap(): global heap_start; heap_start = int(gdb.lookup_symbol("heap_start")[0].value()); global region_count; region_count = int(gdb.lookup_symbol("region_count")[0].value()); regions_pointer = gdb.lookup_symbol("regions")[0].value(); global regions; regions = []; for i in range(region_count): region = (regions_pointer + i).referenced_value(); regions.append(Region(size=int(region["size"]), reserved=str(region["reserved"])));
def qtNamespace(self): if not self.currentQtNamespaceGuess is None: return self.currentQtNamespaceGuess # This only works when called from a valid frame. try: cand = "QArrayData::shared_null" symbol = gdb.lookup_symbol(cand)[0] if symbol: ns = symbol.name[:-len(cand)] self.qtNamespaceToReport = ns self.qtNamespace = lambda: ns return ns except: pass try: # This is Qt, but not 5.x. cand = "QByteArray::shared_null" symbol = gdb.lookup_symbol(cand)[0] if symbol: ns = symbol.name[:-len(cand)] self.qtNamespaceToReport = ns self.qtNamespace = lambda: ns self.fallbackQtVersion = 0x40800 return ns except: pass try: # Last fall backs. s = gdb.execute("ptype QByteArray", to_string=True) if s.find("QMemArray") >= 0: # Qt 3. self.qtNamespaceToReport = "" self.qtNamespace = lambda: "" self.qtVersion = lambda: 0x30308 self.fallbackQtVersion = 0x30308 return "" # Seemingly needed with Debian's GDB 7.4.1 pos1 = s.find("class") pos2 = s.find("QByteArray") if pos1 > -1 and pos2 > -1: ns = s[s.find("class") + 6:s.find("QByteArray")] self.qtNamespaceToReport = ns self.qtNamespace = lambda: ns return ns except: pass self.currentQtNamespaceGuess = "" return ""
def read_task_queues(): global queue_number queue_number = int(gdb.execute("p sizeof(queues) / sizeof(queue_t)", to_string=True).split()[2]) global queues global queues_sleeping global tasks queues = [] queues_sleeping = [] tasks = [] for i in range(queue_number): queues.append([]) queue = gdb.lookup_symbol("queues")[0].value()[i] node = queue["front"] while (node != 0): thread = node.referenced_value()["data"].cast(gdb.lookup_type("thread_t").pointer()).referenced_value() add_thread_to_queue(queues[i], thread) add_task(thread["parent"]) node = node.referenced_value()["next"] queues_sleeping.append([]) queue = gdb.lookup_symbol("queues_sleeping")[0].value()[i] node = queue["front"] while (node != 0): thread = node.referenced_value()["data"].cast(gdb.lookup_type("thread_t").pointer()).referenced_value() add_thread_to_queue(queues_sleeping[i], thread) add_task(thread["parent"]) node = node.referenced_value()["next"] current_thread = gdb.lookup_symbol("current_thread")[0].value().referenced_value() kernel_task = gdb.lookup_symbol("kernel_task")[0].value().referenced_value() do_nothing_task = gdb.lookup_symbol("doNothing_task")[0].value().referenced_value() add_task(current_thread["parent"]) add_task(do_nothing_task) global kernel_task_id global do_nothing_task_id kernel_task_id = int(kernel_task["id"]) do_nothing_task_id = int(do_nothing_task["id"]) global current_thread_str global kernel_task_str global do_nothing_task_str current_thread_str = current_thread.format_string() kernel_task_str = kernel_task.format_string() do_nothing_task_str = do_nothing_task.format_string()
def find_mutex_holder(graph, thread_dict, show): frame = find_frame(r'std::mutex::lock\(\)') if frame is None: return frame.select() # Waiting for mutex locking! mutex_this, _ = gdb.lookup_symbol("this", frame.block()) mutex_value = mutex_this.value(frame) # The mutex holder is a LWPID mutex_holder = int(mutex_value["_M_mutex"]["__data"]["__owner"]) mutex_holder_id = thread_dict[mutex_holder] (_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid mutex_waiter_id = thread_dict[mutex_waiter_lwpid] if show: print("Mutex at {} held by thread 0x{:x} (LWP {}) " " waited on by thread 0x{:x} (LWP {})".format(mutex_value, mutex_holder_id, mutex_holder, mutex_waiter_id, mutex_waiter_lwpid)) if graph: graph.add_edge(Thread(mutex_waiter_id, mutex_waiter_lwpid), Lock(long(mutex_value), "Mutex")) graph.add_edge(Lock(long(mutex_value), "Mutex"), Thread(mutex_holder_id, mutex_holder))
def invoke (self, args, from_tty): try: args = args.split(" ") reg, fct = args[:2] format = " ".join(args[2:]) except Exception: print("Usage: reg_watch register function [format]") return try: if not gdb.lookup_symbol(fct)[0]: print("Error: cannot find symbol '{}'".format(fct)) return except gdb.error: # No frame selected. print("Error: Please start the execution before setting reg watchpoints") return disa = gdb.execute("disassemble {}".format(fct), to_string=True) watchpoints = [] for line in disa.replace("=> ", "").split("\n"): addr, _, rest = line.strip().partition(" ") if not "%{}".format(reg) in rest: continue watchpoints.append(RegWatch_bpt(addr, line, reg[1:], format)) print("{} watchpoints added in function {}".format(len(watchpoints), fct))
def get_block_device(self): all_bdevs = gdb.lookup_symbol('all_bdevs', None)[0].value() for bdev in list_for_each_entry(all_bdevs, self.block_device_type, 'bd_list'): if int(bdev['bd_disk']) != 0 and int(bdev['bd_part']) != 0: return bdev return None
def find_mutex_holder(graph, thread_dict, show): frame = find_frame(r'std::mutex::lock\(\)') if frame is None: return frame.select() # Waiting for mutex locking! mutex_this, _ = gdb.lookup_symbol("this", frame.block()) mutex_value = mutex_this.value(frame) # The mutex holder is a LWPID mutex_holder = int(mutex_value["_M_mutex"]["__data"]["__owner"]) mutex_holder_id = thread_dict[mutex_holder] (_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid mutex_waiter_id = thread_dict[mutex_waiter_lwpid] if show: print("Mutex at {} held by thread 0x{:x} (LWP {}) " " waited on by thread 0x{:x} (LWP {})".format( mutex_value, mutex_holder_id, mutex_holder, mutex_waiter_id, mutex_waiter_lwpid)) if graph: graph.add_edge(Thread(mutex_waiter_id, mutex_waiter_lwpid), Lock(long(mutex_value), "Mutex")) graph.add_edge(Lock(long(mutex_value), "Mutex"), Thread(mutex_holder_id, mutex_holder))
def lookupEntryRefCodecSymbol(fnName): """Look up symbol for entry_ref_codec<...> static member functions.""" symName = f'{entryRefCodecClassName}::{fnName}' sym, _ = gdb.lookup_symbol(symName) if not sym or not sym.is_function: raise Exception(f'required symbol {symName} does not exist or is not a function') return sym
def get_wpstr(self, sym_name): "Setup sym and wp_str for given symbol." self.sym, ok = gdb.lookup_symbol(sym_name) wp_addr = gdb.parse_and_eval(sym_name).address self.wp_str = "*(%(type)s)(&%(address)s)" % dict(type=wp_addr.type, address=sym_name) return self.wp_str
def get_symbol_value(symname, block=None, domain=None): if domain is None: domain = gdb.SYMBOL_VAR_DOMAIN sym = gdb.lookup_symbol(symname, block, domain)[0] if sym: return sym.value() raise MissingSymbolError("Cannot locate symbol {}".format(symname))
def invoke(self, arg, from_tty): ports = False arg_list = gdb.string_to_argv(arg) if len(arg_list) > 1 or \ (len(arg_list) == 1 and arg_list[0] != "ports"): print("usage: ovs_dump_dp_netdev [ports]") return elif len(arg_list) == 1: ports = True dp_netdevs = gdb.lookup_symbol('dp_netdevs')[0] if dp_netdevs is None or not dp_netdevs.is_variable: print("Can't find dp_netdevs global variable, are you sure " "your debugging OVS?") return dp_netdevs = gdb.parse_and_eval('dp_netdevs') for node in ForEachSHASH(dp_netdevs): dp = node['data'].cast( gdb.lookup_type('struct dp_netdev').pointer()) print("(struct dp_netdev *) {}: name = {}, class = " "(struct dpif_class *) {}".format(dp, dp['name'], dp['class'])) if ports: for node in ForEachHMAP(dp['ports'], "struct dp_netdev_port", "node"): CmdDumpDpNetdevPorts.display_single_port(node, 4)
def try_pending_skips(evt=None): for skip in list(to_skip): # make a copy for safe remove skipargs = skip.split() print 'loading skip: ' + skip # If it is a function, make sure the symbol is defined if len(skipargs) < 1 or skipargs[0] == 'function': try: # test if the function (aka symbol is defined) symb, _ = gdb.lookup_symbol(skip) if not symb: continue except gdb.error: # no frame ? continue # yes, we can skip it gdb.execute("skip " + str(skip)) to_skip.remove(skip) # otherwise who knows what is happening if not to_skip: # no more functions to skip try: gdb.events.new_objfile.disconnect(try_pending_skips) # event fired when the binary is loaded except (gdb.error, ValueError): pass # was not connected
def invoke (self, args, from_tty): try: args = args.split(" ") reg, fct = args[:2] format = " ".join(args[2:]) except Exception: print("Usage: reg_watch register function [format]") return try: if not gdb.lookup_symbol(fct)[0]: ... except gdb.error: # No frame selected. ... disa = gdb.execute("disassemble {}".format(fct), to_string=True) # => 0x0000000000466d50 <+0>: sub $0x28,%rsp # 0x0000000000466d54 <+4>: movq $0x0,(%rsp) # ... watchpoints = [] for line in disa.replace("=> ", "").split("\n"): addr, _, rest = line.strip().partition(" ") ... print("{} watchpoints added in function {}".format(len(watchpoints), fct))
def munge_symbol (self, sym, block): ''' Given a symbol in the context of a block, return a tuple of the printable name for the symbol and its value in this frame. @param sym A symbol, probably either an argument or a local. @param block The frame block in which we are operating. ''' # uh, pierce linkage names unless they are register values? # maybe this is a trick to get the fully qualified type? if len (sym.linkage_name): nsym, is_field_of_this = gdb.lookup_symbol (sym.linkage_name, block) if not nsym: return sym.linkage_name, '<danger=ignored>' if nsym and nsym.addr_class != gdb.SYMBOL_LOC_REGISTER: sym = nsym # load the value! try: val = self.frame.read_var (sym) if val != None: val = str (val) # FIXME: would be nice to have a more precise exception here. except RuntimeError, text: val = text
def test_voidp_test(self): var = gdb.lookup_symbol('voidp_test', None)[0] self.assertTrue(var is not None) for cpu, val in list(crash.types.percpu.get_percpu_var(var).items()): self.assertTrue(val is not None) self.assertTrue(val.type == self.voidp) self.assertTrue(long(val) == 0xdeadbeef)
def initialize(self): self.d = {} self.d['FRAMETYPE_MASK'] = (1 << self.jit_value('FRAMETYPE_BITS')) - 1 self.d['FRAMESIZE_SHIFT'] = self.jit_value('FRAMESIZE_SHIFT') self.d['FRAME_HEADER_SIZE_SHIFT'] = self.jit_value('FRAME_HEADER_SIZE_SHIFT') self.d['FRAME_HEADER_SIZE_MASK'] = self.jit_value('FRAME_HEADER_SIZE_MASK') self.compute_frame_info() commonFrameLayout = gdb.lookup_type('js::jit::CommonFrameLayout') self.d['typeCommonFrameLayout'] = commonFrameLayout self.d['typeCommonFrameLayoutPointer'] = commonFrameLayout.pointer() self.d['per_tls_context'] = gdb.lookup_global_symbol('js::TlsContext') self.d['void_starstar'] = gdb.lookup_type('void').pointer().pointer() jitframe = gdb.lookup_type("js::jit::JitFrameLayout") self.d['jitFrameLayoutPointer'] = jitframe.pointer() self.d['CalleeToken_Function'] = self.jit_value("CalleeToken_Function") self.d['CalleeToken_FunctionConstructing'] = self.jit_value( "CalleeToken_FunctionConstructing") self.d['CalleeToken_Script'] = self.jit_value("CalleeToken_Script") self.d['JSFunction'] = gdb.lookup_type("JSFunction").pointer() self.d['JSScript'] = gdb.lookup_type("JSScript").pointer() self.d['Value'] = gdb.lookup_type("JS::Value") self.d['SOURCE_SLOT'] = self.value('js::ScriptSourceObject::SOURCE_SLOT') self.d['NativeObject'] = gdb.lookup_type("js::NativeObject").pointer() self.d['HeapSlot'] = gdb.lookup_type("js::HeapSlot").pointer() self.d['ScriptSource'] = gdb.lookup_type("js::ScriptSource").pointer() # ProcessExecutableMemory, used to identify if a pc is in the section # pre-allocated by the JIT. self.d['MaxCodeBytesPerProcess'] = self.jit_value('MaxCodeBytesPerProcess') self.d['execMemory'] = gdb.lookup_symbol('::execMemory')[0].value()
def get_global_variable(name): var = gdb.lookup_symbol(name)[0] if var is None or not var.is_variable: print("Can't find {} global variable, are you sure " "your debugging OVS?".format(name)) return None return gdb.parse_and_eval(name)
def initialize(self): self.d = {} self.d["FRAMETYPE_MASK"] = (1 << self.jit_value("FRAMETYPE_BITS")) - 1 self.d["FRAMESIZE_SHIFT"] = self.jit_value("FRAMESIZE_SHIFT") self.d["FRAME_HEADER_SIZE_SHIFT"] = self.jit_value("FRAME_HEADER_SIZE_SHIFT") self.d["FRAME_HEADER_SIZE_MASK"] = self.jit_value("FRAME_HEADER_SIZE_MASK") self.compute_frame_info() commonFrameLayout = gdb.lookup_type("js::jit::CommonFrameLayout") self.d["typeCommonFrameLayout"] = commonFrameLayout self.d["typeCommonFrameLayoutPointer"] = commonFrameLayout.pointer() self.d["per_tls_context"] = gdb.lookup_global_symbol("js::TlsContext") self.d["void_starstar"] = gdb.lookup_type("void").pointer().pointer() jitframe = gdb.lookup_type("js::jit::JitFrameLayout") self.d["jitFrameLayoutPointer"] = jitframe.pointer() self.d["CalleeToken_Function"] = self.jit_value("CalleeToken_Function") self.d["CalleeToken_FunctionConstructing"] = self.jit_value( "CalleeToken_FunctionConstructing" ) self.d["CalleeToken_Script"] = self.jit_value("CalleeToken_Script") self.d["JSScript"] = gdb.lookup_type("JSScript").pointer() self.d["Value"] = gdb.lookup_type("JS::Value") self.d["SOURCE_SLOT"] = self.value("js::ScriptSourceObject::SOURCE_SLOT") self.d["NativeObject"] = gdb.lookup_type("js::NativeObject").pointer() self.d["HeapSlot"] = gdb.lookup_type("js::HeapSlot").pointer() self.d["ScriptSource"] = gdb.lookup_type("js::ScriptSource").pointer() # ProcessExecutableMemory, used to identify if a pc is in the section # pre-allocated by the JIT. self.d["MaxCodeBytesPerProcess"] = self.jit_value("MaxCodeBytesPerProcess") self.d["execMemory"] = gdb.lookup_symbol("::execMemory")[0].value()
def get_hd_struct(self): all_bdevs = gdb.lookup_symbol('all_bdevs', None)[0].value() for bdev in list_for_each_entry(all_bdevs, self.block_device_type, 'bd_list'): if int(bdev['bd_part']) != 0: return bdev['bd_part'].dereference() return None
def address(symbol): if isinstance(symbol, six.integer_types): return symbol try: return int(symbol, 0) except: pass try: symbol_obj = gdb.lookup_symbol(symbol)[0] if symbol_obj: return int(symbol_obj) except Exception: pass try: result = gdb.execute('info address %s' % symbol, to_string=True, from_tty=False) address = re.search('0x[0-9a-fA-F]+', result).group() return int(address, 0) except gdb.error: return None try: address = pwndbg.ida.LocByName(symbol) if address: return address except Exception: pass
def find_mutex_holder(graph, thread_dict, show): """Find mutex holder.""" frame = find_frame(r'std::mutex::lock\(\)') if frame is None: return frame.select() # Waiting for mutex locking! mutex_this, _ = gdb.lookup_symbol("this", frame.block()) mutex_value = mutex_this.value(frame) # The mutex holder is a LWPID mutex_holder_lwpid = int(mutex_value["_M_mutex"]["__data"]["__owner"]) # At time thread_dict was initialized, the mutex holder may not have been found. # Use the thread LWP as a substitute for showing output or generating the graph. if mutex_holder_lwpid not in thread_dict: print("Warning: Mutex at {} held by thread with LWP {}" " not found in thread_dict. Using LWP to track thread.".format( mutex_value, mutex_holder_lwpid)) mutex_holder = Thread(mutex_holder_lwpid, mutex_holder_lwpid, '"[unknown]"') else: mutex_holder = thread_dict[mutex_holder_lwpid] (_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid mutex_waiter = thread_dict[mutex_waiter_lwpid] if show: print("Mutex at {} held by {} waited on by {}".format(mutex_value, mutex_holder, mutex_waiter)) if graph: graph.add_edge(mutex_waiter, Lock(long(mutex_value), "Mutex")) graph.add_edge(Lock(long(mutex_value), "Mutex"), mutex_holder)
def invoke(self, arg, from_tty): ports = False wanted = False arg_list = gdb.string_to_argv(arg) if len(arg_list) > 1 or \ (len(arg_list) == 1 and arg_list[0] != "ports" and arg_list[0] != "wanted"): print("usage: ovs_dump_bridge [ports|wanted]") return elif len(arg_list) == 1: if arg_list[0] == "ports": ports = True else: wanted = True dp_netdevs = gdb.lookup_symbol('all_bridges')[0] if dp_netdevs is None or not dp_netdevs.is_variable: print("Can't find all_bridges global variable, are you sure " "your debugging OVS?") return all_bridges = gdb.parse_and_eval('all_bridges') for node in ForEachHMAP(all_bridges, "struct bridge", "node"): print("(struct bridge *) {}: name = {}, type = {}".format( node, node['name'].string(), node['type'].string())) if ports: for port in ForEachHMAP(node['ports'], "struct port", "hmap_node"): CmdDumpBridgePorts.display_single_port(port, 4) if wanted: for port in ForEachSHASH(node['wanted_ports'], typeobj="struct ovsrec_port"): print(" (struct ovsrec_port *) {}: name = {}".format( port, port['name'].string()))
def symbol_address(symbol): sym = gdb.lookup_global_symbol(symbol) if sym == None: sym = gdb.lookup_symbol(symbol)[0] if sym is not None: return sym.value().address return None
def find_mutex_holder(graph, thread_dict, show): """Find mutex holder.""" frame = find_frame(r'std::mutex::lock\(\)') if frame is None: return frame.select() # Waiting for mutex locking! mutex_this, _ = gdb.lookup_symbol("this", frame.block()) mutex_value = mutex_this.value(frame) # The mutex holder is a LWPID mutex_holder_lwpid = int(mutex_value["_M_mutex"]["__data"]["__owner"]) # At time thread_dict was initialized, the mutex holder may not have been found. # Use the thread LWP as a substitute for showing output or generating the graph. if mutex_holder_lwpid not in thread_dict: print("Warning: Mutex at {} held by thread with LWP {}" " not found in thread_dict. Using LWP to track thread.".format( mutex_value, mutex_holder_lwpid)) mutex_holder = Thread(mutex_holder_lwpid, mutex_holder_lwpid, '"[unknown]"') else: mutex_holder = thread_dict[mutex_holder_lwpid] (_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid mutex_waiter = thread_dict[mutex_waiter_lwpid] if show: print("Mutex at {} held by {} waited on by {}".format( mutex_value, mutex_holder, mutex_waiter)) if graph: graph.add_edge(mutex_waiter, Lock(long(mutex_value), "Mutex")) graph.add_edge(Lock(long(mutex_value), "Mutex"), mutex_holder)
def get_wpstr(self, sym_name): "Setup sym and wp_str for given symbol." self.sym, ok = gdb.lookup_symbol(sym_name) wp_addr = gdb.parse_and_eval(sym_name).address self.wp_str = '*(%(type)s)(&%(address)s)' % dict(type=wp_addr.type, address=sym_name) return (self.wp_str)
def setUp(self): self.stdout = sys.stdout self.redirected = io.StringIO() sys.stdout = self.redirected self.command = CgroupCommand("cgroup") # cgrp_dfl_root is available since v3.15-rc1 cgroup_root = gdb.lookup_symbol('cgrp_dfl_root', None)[0].value() self.cgrp_dfl_root = cgroup_root['cgrp']
def invoke(self, argument, from_tty): args = gdb.string_to_argv(argument) if len(args) < 1: self.print_usage() return domain = None for arg in args: if "domain=" in arg: domain = arg.split("=")[1] if domain: symbol, _ = gdb.lookup_symbol(args[0], gdb.newest_frame().block(), domain_dict[domain]) else: symbol, _ = gdb.lookup_symbol(args[0]) if not symbol: print "not found in this frame" return self.print_symbol(symbol)
def run_test(): "Run through the tests one by one" sym, ok = gdb.lookup_symbol("thread1_func") gdb.execute("b thread1_func") gdb.execute("c") frame = gdb.selected_frame() report(str(frame.function()) == "thread1_func", "break @ %s" % frame)
def invoke(self, arg, from_tty): netdev_shash = gdb.lookup_symbol('netdev_shash')[0] if netdev_shash is None or not netdev_shash.is_variable: print("Can't find netdev_shash global variable, are you sure " "your debugging OVS?") return netdev_shash = gdb.parse_and_eval('netdev_shash') for netdev in ForEachSHASH(netdev_shash, "struct netdev"): self.display_single_netdev(netdev)
def check_ready(self) -> Optional[gdb.Symbol]: """ Returns the result of looking up the symbol when a new object file is loaded. Returns: :obj:`gdb.Symbol`: The requested symbol """ return gdb.lookup_symbol(self.name, None, self.domain)[0]
def is_class_vport_class(netdev_class): netdev_class = netdev_class.cast( gdb.lookup_type('struct netdev_class').pointer()) vport_construct = gdb.lookup_symbol('netdev_vport_construct')[0] if netdev_class['construct'] == vport_construct.value(): return True return False
def cb_sym(self, symtype, *args): if symtype == addrxlat.SYM_VALUE: ms = gdb.lookup_minimal_symbol(args[0]) if ms is not None: return long(ms.value().address) elif symtype == addrxlat.SYM_SIZEOF: sym = gdb.lookup_symbol(args[0], None)[0] if sym is not None: return sym.type.sizeof elif symtype == addrxlat.SYM_OFFSETOF: sym = gdb.lookup_symbol(args[0], None, gdb.SYMBOL_STRUCT_DOMAIN)[0] if sym is None: # this works for typedefs: sym = gdb.lookup_symbol(args[0], None)[0] if sym is not None: return offsetof(sym.type, args[1]) return super(TranslationContext, self).cb_sym(symtype, *args)
def test_classdev_iteration(self): count = 0 block_class = gdb.lookup_symbol('block_class', None)[0].value() for dev in classdevs.for_each_class_device(block_class): self.assertTrue(type(dev) is gdb.Value) self.assertTrue(dev.type == self.device_type) count += 1 self.assertTrue(count > 0)
def get_value(name, domain=gdb.SYMBOL_VAR_DOMAIN): if name in symbol_cache: return symbol_cache[name] sym = gdb.lookup_global_symbol(name, domain=domain) if not sym: try: sym = gdb.lookup_symbol(name, domain=domain)[0] except Exception, e: print e
def __init__(self, cast_type_name, print_type_name, val): self.val = val self.cast_type_name = cast_type_name self.print_type_name = print_type_name cast_type_symbol, _ = gdb.lookup_symbol(cast_type_name) if cast_type_symbol is None: raise gdb.GdbError("Could not find type!") self.cast_type = cast_type_symbol.type self.casted_val = self.val.cast(self.cast_type)
def get_main_arena(addr=None): if addr == None: main_arena = gdb.lookup_symbol('main_arena')[0].value() else: main_arena = value_from_type('struct malloc_state', addr) if main_arena == None: print(red('Symbol \'main_arena\' not found. Try installing libc ' \ 'debugging symbols or specifying the main arena address ' \ 'and try again')) return main_arena
def get_global_L(): gL, _ = gdb.lookup_symbol("globalL") if gL: return gL.value() cycle = gdb.lookup_global_symbol("ngx_cycle") if cycle: cycle = cycle.value() gL = ngxlua.ngx_lua_get_main_lua_vm(cycle) if gL: return gL raise gdb.GdbError("No global L located (tried globalL and ngx_cycle)")
def check_break(sym_name): "Setup breakpoint, continue and check we stopped." sym, ok = gdb.lookup_symbol(sym_name) bp = gdb.Breakpoint(sym_name) gdb.execute("c") # hopefully we came back end_pc = gdb.parse_and_eval('$pc') print ("%s == %s %d" % (end_pc, sym.value(), bp.hit_count)) bp.delete() # can we test we hit bp? return end_pc == sym.value()
def write_symbol (self, stream, sym, block): if len (sym.linkage_name): nsym, is_field_of_this = gdb.lookup_symbol (sym.linkage_name, block) if nsym.addr_class != gdb.SYMBOL_LOC_REGISTER: sym = nsym stream.write (sym.print_name + "=") try: val = self.read_var (sym) if val != None: val = str (val) # FIXME: would be nice to have a more precise exception here. except RuntimeError, text: val = text
def invoke(self, arg, from_tty): # FIXME: Broken. lookup_global_symbol always works, but doesn't return # results for static symbols. lookup_symbol does, but only # works if there is a current frame, i.e. the program is running. sym = gdb.lookup_symbol(arg) if sym[0] == None: # just remember the name, the BP will be created later function_names[arg] = 1 # dummy value print "Remembering symbol '%s' for later addition" % arg else: # FIXME: Minor code duplication bp = gdb.Breakpoint(arg) function_bps[bp] = arg
def check_hbreak(sym_name): "Setup hardware breakpoint, continue and check we stopped." sym, ok = gdb.lookup_symbol(sym_name) gdb.execute("hbreak %s" % (sym_name)) gdb.execute("c") # hopefully we came back end_pc = gdb.parse_and_eval('$pc') print ("%s == %s" % (end_pc, sym.value())) if end_pc == sym.value(): gdb.execute("d 1") return True else: return False
def children(self): if VariableSetListPrinter.GLOBALSET is None: block = gdb.lookup_global_symbol('init_hash_global_variable_set').symtab.static_block() VariableSetListPrinter.GLOBALSET = gdb.lookup_symbol('global_variable_set', block)[0].value().address ptr = self.val.address i = 0 while long(ptr) != 0: nm = '[%d] ' % (i) yield (nm, ptr['set']) if long(ptr['set']) == long(VariableSetListPrinter.GLOBALSET): yield (nm, "global_variable_set") else: yield (nm, str(ptr['set'].dereference())) i += 1 ptr = ptr['next']
def validate_args(list_of_args): '''Validate the arguments passed to the current command.''' if len(list_of_args) != 2: return 1 addr = int(list_of_args[0]) if addr < 0: return 2 temp_sym = gdb.lookup_symbol(list_of_args[1]) if temp_sym[0] == None: return 3 return 0
def to_string(self): if self.tag == 1000: # it's an immediate value if gdb.lookup_type('value').sizeof == 8: debug_mask = 0xff00ffffff00ffff debug_val = 0xD700D7D7D700D6D7 else: debug_mask = 0xff00ffff debug_val = 0xD700D6D7 n = self.val if (n & debug_mask) == debug_val: tag = int((n >> 16) & 0xff) return debug_tags.get(tag, "Debug_tag(0x%x)" % int(tag)) else: return "I(%d)" % int(n >> 1) # otherwise, it's a block if self.tagname == 'Double_tag': d = self.p.cast(gdb.lookup_type('double').pointer()).dereference() s = '%f, wosize=1' % d elif self.tagname == 'String_tag': char = gdb.lookup_type('unsigned char') val_size = gdb.lookup_type('value').sizeof lastbyte = ((self.p + self.length - 1).cast(char.pointer()) + val_size - 1).dereference() length_bytes = self.length * val_size - (lastbyte + 1) string = (self.p.cast(char.array(length_bytes).pointer()).dereference()) s = str(string).strip() elif self.tagname == 'Infix_tag': s = 'offset=%d' % (-self.length) elif self.tagname == 'Custom_tag': ops = self.p.dereference().cast(gdb.lookup_type('struct custom_operations').pointer()) s = '%s, wosize=%d' % (str(ops), self.length) elif self.tagname == 'Block': s = '%d, wosize=%d' % (self.tag,self.length) else: s = 'wosize=%d' % self.length markbits = gdb.lookup_symbol("global")[0].value() gc = { int(markbits['MARKED']): 'MARKED', int(markbits['UNMARKED']): 'UNMARKED', int(markbits['GARBAGE']): 'GARBAGE', (3 << 8): 'NOT_MARKABLE' } return '%s(%s, %s)' % (self.tagname, s, gc[self.gc])
def invoke(self, sym, vnet=None): sym = sym.string() if sym.startswith("V_"): sym = sym[len("V_"):] if gdb.lookup_symbol("sysctl___kern_features_vimage")[0] is None: return gdb.lookup_global_symbol(sym).value() if vnet is None: vnet = tdfind(gdb.selected_thread().ptid[2])['td_vnet'] if not vnet: # If curthread->td_vnet == NULL, vnet0 is the current vnet. vnet = gdb.lookup_global_symbol("vnet0").value() base = vnet['vnet_data_base'] entry = gdb.lookup_global_symbol("vnet_entry_" + sym).value() entry_addr = entry.address.cast(gdb.lookup_type("uintptr_t")) ptr = gdb.Value(base + entry_addr).cast(entry.type.pointer()) return ptr.dereference()
def setup_arch(self): archname = self.kdump.attr.arch.name archclass = crash.arch.get_architecture(archname) if not archclass: raise NotImplementedError("Architecture {} is not supported yet." .format(archname)) # Doesn't matter what symbol as long as it's everywhere # Use vsnprintf since 'printk' can be dropped with CONFIG_PRINTK=n sym = gdb.lookup_symbol('vsnprintf', None)[0] if sym is None: raise RuntimeError("Missing vsnprintf indicates there is no kernel image loaded.") if sym.symtab.objfile.architecture.name() != archclass.ident: raise TypeError("Dump file is for `{}' but provided kernel is for `{}'" .format(archname, archclass.ident)) self.arch = archclass()
def Assign(self, listObj): try: if ( listObj.type == ListInspector.ListType ): self._list = listObj return else: raise TypeError("Invalid List Object Type!") except Exception as exc: #print(" Failed to assign from List object: %s" % str(exc)) pass symbol, methodObj = gdb.lookup_symbol(listObj) if ( symbol != None ): self._list = symbol.value() else: addrInt = int(listObj, 0) listObjPtr = gdb.Value(addrInt).cast(ListInspector.ListType.pointer()) self._list = listObjPtr.dereference()
def invoke(self, arg, from_tty): addr = gdb.parse_and_eval(arg) addr = ulong(addr) ptep = ulong(gdb.lookup_symbol('mmu::page_table_root')[0].value().address) level = 4 while level >= 0: ptep1 = phys_cast(ptep, ulong_type) pte = ulong(ptep1.dereference()) gdb.write('%016x %016x\n' % (ptep, pte)) if not pte & 1: break if level > 0 and pte & 0x80: break if level > 0: pte &= ~ulong(0x80) pte &= ~ulong(0x8000000000000fff) level -= 1 ptep = pte + pt_index(addr, level) * 8
def __init__(self): self._blocked = ListInspector("xSuspendedTaskList") self._delayed1 = ListInspector("xDelayedTaskList1") self._delayed2 = ListInspector("xDelayedTaskList2") self._readyLists = [] readyTasksListsStr = "pxReadyTasksLists" readyListsSym,methodType = gdb.lookup_symbol(readyTasksListsStr) if ( readyListsSym != None ): readyLists = readyListsSym.value() minIndex, maxIndex = readyLists.type.range() for i in range(minIndex, maxIndex+1): readyList = readyLists[i] FRReadyList = ListInspector( readyList ) self._readyLists.append(FRReadyList) else: print("Failed to Find Symbol: %s" % readyTasksListsStr) raise ValueError("Invalid Symbol!")
def __call__(self): message = json.loads(self.data) sys.stdout.flush() result = [] # resolve a specific variable if message[u"type"] == u"variable": frame = gdb.newest_frame() block = frame.block() # split on dots to get all the nested variables tree = str(message[u"variable"]).split(".") # take first element of tree - it's the top-level symbol topSymbol = gdb.lookup_symbol(tree[0], block)[0] value = topSymbol.value(frame) for subSymbol in tree[1:]: sys.stdout.flush() value = value[subSymbol] # if it's a struct or array, parse its values if has_target(value.type) and is_resolvable(value.type.target()): # iterate over value's fields for field in value.type.target().fields(): result.append(parse_value_field(field, value, frame)) # otherwise, just return the literal value else: result = str(value) # send response back to client packet = {"event": "variable", "data": {"value": result}} # See if the original message had an id number. If it did, # echo it back in the response. if message[u"id"]: packet["id"] = message[u"id"] conn.send(json.dumps(packet))
def invoke(self,args,from_tty): argv = gdb.string_to_argv (args) found=gdb.lookup_symbol(argv[0]) if found[0] == None: print argv[0],'not found' return s=found[0] # get the symbol v=s.value(gdb.newest_frame()) ## get the value #if s.is_variable: print s.type,s.name,'=',v t=s.type.target() # print 'Type target:',s.type.target() # print 'Type:',s.type print '{' self.dive(v, s.name,2) print '}'