def main():
wps = WPS()
try:
opts, args = GetOpt(argv[1:], 'i:b:e:p:ahv')
except GetoptError, e:
print 'ERROR:', e
usage()
def main():
bssid = None
essid = None
iface = None
pfile = None
probeall = False
verbose = False
try:
opts, args = GetOpt(argv[1:], "b:e:i:p:ainvh")
except GetoptError, e:
print 'Usage Error:', e
usage()
def main():
display = False
verbose = True
auto = False
run = False
threshold = 25
timeout = 3
name = None
port = '/dev/ttyUSB0'
try:
(opts, args) = GetOpt(sys.argv[1:], 'p:t:c:n:abqh')
except GetoptError, e:
print e
usage()
def main():
file = None
freq = None
size = None
action = None
address = 0
try:
opts, args = GetOpt(sys.argv[1:], "f:s:a:r:w:eh", [
"frequency=", "size=", "address=", "read=", "write=", "erase",
"help"
])
except GetoptError, e:
print e
usage()
def main():
fname = None
freq = None
action = None
verify = False
address = 0
size = 0
data = ""
try:
opts, args = GetOpt(sys.argv[1:], "f:s:a:r:w:eipvh", [
"frequency=", "size=", "address=", "read=", "write=", "id",
"erase", "verify", "pin-mappings", "help"
])
except GetoptError, e:
print e
usage()
def main():
freq = None
do_read = False
do_write = False
verify = False
address = 0
size = 0
data = ""
try:
opts, args = GetOpt(sys.argv[1:], "f:s:r:w:ph", [
"frequency=", "size=", "read=", "write=", "pin-mappings",
"help"
])
except GetoptError, e:
print e
usage()
def main():
host = None
port = None
baudrate = 115200
login = None
passwd = None
source = None
destination = None
time = None
quiet = False
try:
opts, args = GetOpt(sys.argv[1:], 'p:b:s:d:t:qh', [
'port=', 'baudrate=', 'source=', 'destination=', 'time=', 'quiet',
'help', 'telnet=', 'login='******'pass='******'Usage error:', e
usage()
def main():
freq = None
do_read = False
do_write = False
do_clock = False
num_loops = 0
verify = False
address = 0
size = 0
data = ""
mode = 0 # Default SPI operation mode
serial_number = None
try:
opts, args = GetOpt(sys.argv[1:], "f:l:m:n:r:s:w:chp", [
"frequency=", "loop=", "mode=", "snum=", "read=", "size=",
"write=", "clock", "help", "pin-mappings"
])
except GetoptError, e:
print e
usage()
def main():
dump_file = None
log_file = None
elf = None
framePointer = 0
stackPointer = 0
programCounter = 0
stackSize = 0
gdb_path = '/usr/bin/gdb'
nm_path = '/usr/bin/nm'
readelf_path = '/usr/bin/readelf'
try:
opts, args = GetOpt(sys.argv[1:], 'r:e:G:N:d:t:g:h', [
'dump_file=', 'elf=', 'gdb_path=', 'nm_path=', 'readelf_path=',
'log_file=', 'help'
])
except GetoptError, e:
print ' '
print ' '
print '*************************************************************'
print 'Usage error:', e
usage()
def main():
dump_file = None
log_file = None
elf = None
framePointer = 0
stackPointer = 0
programCounter = 0
stackSize = 0
gdb_path='/usr/bin/gdb'
nm_path='/usr/bin/nm'
readelf_path='/usr/bin/readelf'
try:
opts, args = GetOpt(sys.argv[1:],'r:e:G:N:d:t:g:h', ['dump_file=', 'elf=','gdb_path=','nm_path=','readelf_path=','log_file=','help'])
except GetoptError as e:
print(' ')
print(' ')
print('*************************************************************')
print('Usage error:', e)
usage()
for opt, arg in opts:
if opt in ('-r', '--dump_file'):
dump_file = arg
elif opt in ('-e', '--elf'):
elf = arg
elif opt in ('-G', '--gdb_path'):
gdb_path = arg
elif opt in ('-N', '--nm_path'):
nm_path = arg
elif opt in ('-E', '--readelf_path'):
readelf_path = arg
elif opt in ('-t', '--log_file'):
log_file = arg
elif opt in ('-h', '--help'):
usage()
print('')
print('')
print('*************************************************************')
print('dump_file :', dump_file)
print('log_file :', log_file)
print('Tinyara_elf_file :', elf)
print('*************************************************************')
print('')
if not elf :
print('Usage error: Must specify -e option, please find below for proper usage')
usage()
if log_file is not None:
if not os.path.exists(log_file):
print('{0} does not exist. Please provide the proper path for log_file...'.format(log_file))
sys.exit(1)
if dump_file is not None:
if not os.path.exists(dump_file):
print('{0} does not exist. Plz provide proper path for dump_file...'.format(dump_file))
sys.exit(1)
if not log_file and not dump_file:
print('Usage error: Must specify one of the -t or -e options. Plz find below for proper usage')
usage()
if not os.path.exists(elf):
print('{0} does not exist. Cannot proceed without System.map Exiting...'.format(elf))
sys.exit(1)
if not os.path.exists(gdb_path):
print('{0} does not exist. Cannot proceed without GDB Tool Exiting...'.format(gdb_path))
sys.exit(1)
if not os.access(gdb_path, os.X_OK):
print("!!! No execute permissions on gdb path {0}".format(gdb_path))
print("!!! Please check the path settings")
print("!!! If this tool is being run from a shared location, contact the maintainer")
sys.exit(1)
if not os.path.exists(nm_path):
print('{0} does not exist. Cannot proceed without NM Tool Exiting...'.format(nm_path))
sys.exit(1)
if not os.access(nm_path, os.X_OK):
print("!!! No execute permissions on gdb path {0}".format(nm_path))
print("!!! Please check the path settings")
print("!!! If this tool is being run from a shared location, contact the maintainer")
sys.exit(1)
if not os.path.exists(readelf_path):
print('{0} does not exist. Cannot proceed without readelf Tool Exiting...'.format(readelf_path))
sys.exit(1)
if not os.access(readelf_path, os.X_OK):
print("!!! No execute permissions on readelf path {0}".format(readelf_path))
print("!!! Please check the path settings")
print("!!! If this tool is being run from a shared location, contact the maintainer")
sys.exit(1)
try:
# Calling the Constructor with the initial set of arguments
rParser = dumpParser(dump_file=dump_file,elf=elf,gdb_path=gdb_path,nm_path=nm_path,readelf_path=readelf_path,log_file=log_file, debug=False)
# Setup the Symbol table lookup with given System.map file
rParser.setup_symbol_table(elf,debug=False)
# Find offset
global g_stext
g_stext = rParser.get_address_of_symbol("_stext")
global g_etext
g_etext = rParser.get_address_of_symbol("_etext")
# If the log file is given, then parse that log file only and exit
if log_file is not None:
rParser.parse_file(log_file,debug=False)
return None
# If the log file not given, Consider full dump
# Unwind the Callstack by obtaining FP, SP and PC from the proper global variable
# task_ctxt_regs is used if SEC_DEBUG is enabled , else current_regs is used
current_regs_pointer = rParser.get_address_of_symbol("current_regs")
if current_regs_pointer is not None:
ctxt_regs = rParser.read_word(current_regs_pointer)
if ctxt_regs != 0x0:
print('current_regs is not NULL')
else:
cpu_ctxt_regs_pointer = rParser.get_address_of_symbol("cpu_ctxt_regs")
if cpu_ctxt_regs_pointer is not None:
ctxt_regs = cpu_ctxt_regs_pointer
if ctxt_regs is None:
print('System is not crashed')
return None
framePointer = rParser.read_word(ctxt_regs+(4* FP))
stackPointer = rParser.read_word(ctxt_regs+(4* SP))
linkRegister = rParser.read_word(ctxt_regs+(4*LR))
programCounter = rParser.read_word(ctxt_regs+(4*PC))
# There are spl case where PC can be invalid, So assigning LR to PC
if ( programCounter < g_stext or programCounter > g_etext):
# This is possible for a prefetch abort. so am taking care by assigning LR to PC
print("It's a Prefetch abort at Addr : ", hex(programCounter))
programCounter = linkRegister
# Explicitly getting the PC and LR symbol names for display purpose
temp1 = rParser.symbol_table_lookup(programCounter)
if temp1 is None:
temp1_symname = 'UNKNOWN'
temp1_offset = 0x0
else:
temp1_symname, temp1_offset = temp1
temp2 = rParser.symbol_table_lookup(linkRegister)
if temp2 is None:
temp2_symname = 'UNKNOWN'
temp2_offset = 0x0
else:
temp2_symname, temp2_offset = temp2
# Reading the Current Task from g_readytorun list, usually head is the current
# Since its a pointer, first am getting pointer address and then reading the
# contents of that Pointer to get the proper task address
current_task_pointer = rParser.get_address_of_symbol('g_readytorun')
current_task_addr = rParser.read_word(current_task_pointer)
# Reading the stack size value from tbe tcb_s struct
stackSize = rParser.read_word(current_task_addr+0x2c)
print('&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&')
print('')
print("Board Crashed at :")
print("PC: [0x{0:x}] {1}+0x{2:x}]\"".format(programCounter,temp1_symname,temp1_offset))
print("LR: [0x{0:x}] {1}+0x{2:x}]\"".format(linkRegister,temp2_symname,temp2_offset))
print(' ')
print("FP: 0x{0:x} and SP: 0x{1:x}".format(framePointer, stackPointer))
print(' ')
print('CALL STACK of Aborted task: ')
print('*******************************************************************')
rParser.unwind_backtrace_with_framepointer(framePointer,stackPointer,linkRegister,programCounter,stackSize)
print('')
print('')
print('&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&')
g_mmheap = rParser.get_address_of_symbol("g_mmheap")
# Read config information
fd = open(config_path, 'r')
data = fd.read()
fd.close()
if not 'CONFIG_DEBUG_MM_HEAPINFO=y' in data:
print('DEBUG_MM_HEAPINFO is not enable. Enable DEBUG_MM_HEAPINFO to see heap usage')
return
# This information depends on the mm_heap_s structure
SIZE_OF_MM_SEM = 4
SIZE_OF_MM_HOLDER = 4
SIZE_OF_MM_COUNTS_HELD = 4
HEAP_SIZE_POINT = SIZE_OF_MM_SEM + SIZE_OF_MM_HOLDER + SIZE_OF_MM_COUNTS_HELD
SIZE_OF_MM_HEAPSIZE = 4
PEAK_ALLOC_SIZE_POINT = HEAP_SIZE_POINT + SIZE_OF_MM_HEAPSIZE
SIZE_OF_PEAK_ALLOC_SIZE = 4
TOTAL_ALLOC_SIZE_POINT = PEAK_ALLOC_SIZE_POINT + SIZE_OF_PEAK_ALLOC_SIZE
SIZE_OF_TOTAL_ALLOC_SIZE = 4
SIZE_OF_HEAPINFO_TCB_INFO = 16
SIZE_OF_ALLOC_NODE = 16
ALLOC_LIST_POINT = TOTAL_ALLOC_SIZE_POINT + SIZE_OF_TOTAL_ALLOC_SIZE
max_tasks = 0
# get MAX_TASKS num
if 'CONFIG_MAX_TASKS=' in data:
index = data.find('CONFIG_MAX_TASKS=')
index += len('CONFIG_MAX_TASKS=')
while data[index] != '\n' :
max_tasks *= 10
max_tasks += int(data[index])
index += 1
HEAP_START_POINT = (ALLOC_LIST_POINT + (max_tasks * SIZE_OF_HEAPINFO_TCB_INFO))
if 'CONFIG_MM_SMALL=y' in data:
MM_ALLOC_BIT = 0x8000
else:
MM_ALLOC_BIT = 0x80000000
start_heap = rParser.read_word(g_mmheap + HEAP_START_POINT)
end_heap = rParser.read_word(g_mmheap + HEAP_START_POINT + 4)
print('')
print('')
print('Details of Heap Usages (Size in Bytes)')
print('')
print('start heap address : ', hex(start_heap))
print('end heap address : ', hex(end_heap))
print('')
point = start_heap + SIZE_OF_ALLOC_NODE
stack_size = [0 for i in range(max_tasks)]
idle_stack_size = 0
if 'CONFIG_IDLETHREAD_STACKSIZE=' in data:
index = data.find('CONFIG_IDLETHREAD_STACKSIZE=')
index += len('CONFIG_IDLETHREAD_STACKSIZE=')
while data[index] != '\n' :
idle_stack_size *= 10
idle_stack_size += int(data[index])
index += 1
stack_size[0] = idle_stack_size
print('******************************************************************')
print(' MemAddr | Size | Status | Pid | Owner ')
print('----------|----------|--------|-------|---------------------------')
f = open(file_data, 'w')
while point < end_heap:
size = rParser.read_word(point)
preceding = rParser.read_word(point + 4)
owner = rParser.read_word(point + 8)
pid = rParser.read_halfword(point + 12)
if preceding & MM_ALLOC_BIT :
fd_popen = subprocess.Popen([debug_cmd, '-e', elf_path, hex(owner)], stdout=subprocess.PIPE).stdout
data = fd_popen.read().decode()
fd_popen.close()
if pid >= 0:
print('{:^10}|'.format(hex(point)), '{:>6}'.format(size), ' |', '{:^7}|'.format('Alloc'), '{:^6}|'.format(pid), data[14:], end=' ')
f.write(str(size) + ' 0 ' + str(hex(point)) + ' ' + str(pid) + ' ' + data[14:])
else: # If pid is less than 0, it is the stack size of (-pid)
stack_size[(-pid) & (max_tasks - 1)] = size
print('{:^10}|'.format(hex(point)), '{:>6}'.format(size), ' |', '{:^7}|'.format('Alloc'), '{:^6}|'.format(-pid), data[14:], end=' ')
f.write(str(size) + ' 1 ' + str(hex(point)) + ' ' + str(-pid) + ' ' + data[14:])
else:
print('{:^10}|'.format(hex(point)), '{:>6}'.format(size), ' |', '{:^7}|'.format('Free'), '{:6}|'.format(""))
f.write(str(size) +' 2 ' + str(hex(point)))
# next node
point = point + size
f.close()
print('')
print('***********************************************************')
print(' Summary of Heap Usages (Size in Bytes)')
print('***********************************************************')
heap_size = rParser.read_word(g_mmheap + HEAP_SIZE_POINT)
print('HEAP SIZE : ', heap_size)
peack_alloc_size = rParser.read_word(g_mmheap + PEAK_ALLOC_SIZE_POINT)
print('PEAK ALLOC SIZE : ', peack_alloc_size)
total_alloc_size = rParser.read_word(g_mmheap + TOTAL_ALLOC_SIZE_POINT)
print('TOTAL ALLOC SIZE : ', total_alloc_size)
print('FREE SIZE : ', heap_size - total_alloc_size)
print('')
print('***********************************************************')
print(' PID | STACK SIZE | CUR ALLOC SIZE | PEAK ALLOC SIZE |')
print('-------|------------|-------------------|-----------------|')
INVALID_PROCESS_ID = 0xFFFFFFFF
alloc_list = ALLOC_LIST_POINT + g_mmheap
for i in range(0, max_tasks):
pid = rParser.read_word(alloc_list)
if pid != INVALID_PROCESS_ID :
# This information depends on the heapinfo_tcb_info_t
cur_alloc = rParser.read_word(alloc_list + 4)
peak_alloc = rParser.read_word(alloc_list + 8)
print('{:^7}|'.format(pid), '{:>7}'.format(stack_size[i]), ' |', '{:>13}'.format(cur_alloc), ' |', '{:>13}'.format(peak_alloc), ' |')
# next alloc list
alloc_list += SIZE_OF_HEAPINFO_TCB_INFO
except Exception as e:
print("ERROR:", e)
def main():
display = False
verbose = True
auto = False
run = False
threshold = 25
timeout = 5
name = None
port = '/dev/ttyUSB0'
try:
(opts, args) = GetOpt(sys.argv[1:], 'p:t:c:n:abqh')
except GetoptError as e:
print(e)
usage()
for opt, arg in opts:
if opt == '-t':
timeout = int(arg)
elif opt == '-c':
threshold = int(arg)
elif opt == '-p':
port = arg
elif opt == '-n':
name = arg
auto = True
run = True
elif opt == '-a':
auto = True
elif opt == '-b':
display = True
elif opt == '-q':
verbose = False
else:
usage()
baud = Baudrate(port, threshold=threshold, timeout=timeout, name=name, verbose=verbose, auto=auto)
if display:
print("")
for rate in baud.BAUDRATES:
print("\t{}".format(rate))
print("")
else:
print("")
print("Starting baudrate detection on {}, turn on your serial device now.".format(port))
print("Press Ctl+C to quit.")
print("")
baud.Open()
try:
rate = baud.Detect()
print("\nDetected baudrate: {}".format(rate))
if name is None:
print("\nSave minicom configuration as: "),
name = sys.stdin.readline().strip()
print("")
(ok, config) = baud.MinicomConfig(name)
if name and name is not None:
if ok:
if not run:
print("Configuration saved. Run minicom now [n/Y]? "),
yn = sys.stdin.readline().strip()
print("")
if yn == "" or yn.lower().startswith('y'):
run = True
if run:
subprocess.call(["minicom", name])
else:
print(config)
else:
print(config)
except KeyboardInterrupt:
pass
baud.Close()
def main():
dump_file = None
log_file = None
elf = None
framePointer = 0
stackPointer = 0
programCounter = 0
stackSize = 0
have_ram_kernel_text = False
gdb_path='/usr/bin/gdb'
nm_path='/usr/bin/nm'
readelf_path='/usr/bin/readelf'
try:
opts, args = GetOpt(sys.argv[1:],'r:e:G:N:d:t:g:h', ['dump_file=','gdb_path=','nm_path=','readelf_path=','log_file=','help'])
except GetoptError as e:
print(' ')
print(' ')
print('*************************************************************')
print('Usage error:', e)
usage()
for opt, arg in opts:
if opt in ('-r', '--dump_file'):
dump_file = arg
elif opt in ('-G', '--gdb_path'):
gdb_path = arg
elif opt in ('-N', '--nm_path'):
nm_path = arg
elif opt in ('-E', '--readelf_path'):
readelf_path = arg
elif opt in ('-t', '--log_file'):
log_file = arg
elif opt in ('-h', '--help'):
usage()
# Read tinyara extension from Make.defs
with open(MAKEFILE_PATH, 'r') as fd:
lines = fd.readlines()
for line in lines:
if 'EXEEXT =' in line:
ext = (line.split("=")[1].strip())
elf = (BIN_PATH + 'tinyara' + ext)
if not log_file and not dump_file:
print('Usage error: Must specify one of the -t or -e options. Plz find below for proper usage')
usage()
access_check_list = [
("gdb", gdb_path),
("nm", nm_path),
("readelf", readelf_path)
]
exist_check_list = [
("dump_file", dump_file),
("log_file", log_file),
("elf", elf)
] + access_check_list
for name, path in exist_check_list:
if path and not os.path.exists(path):
print(f"{path} does not exist. Please provide the proper path for {name}...")
sys.exit(1)
for name, path in access_check_list:
if not os.access(path, os.X_OK):
print(f"!!! No execute permissions on {name} path {path}")
print("!!! Please check the path settings")
print("!!! If this tool is being run from a shared location, contact the maintainer")
sys.exit(1)
# Format log file if timestamp is present at the start of each line
format_log_file(log_file)
# Get the number of application binaries, names, text address and sizes
find_number_of_binaries(log_file)
print('')
print('')
print('*************************************************************')
print('dump_file :', dump_file)
print('log_file :', log_file)
if (g_app_idx > 0):
print('Number of binaries : %d [kernel + apps]' % (g_app_idx + 1))
else:
print('Number of binary : 1 [kernel]')
print('"kernel" elf_file :', elf)
for app_idx in range(g_app_idx):
print('"app%d" elf_file :' % (app_idx + 1), BIN_PATH + app_name[app_idx] + '_dbg ')
print('*************************************************************')
print('')
# Read config information
fd = open(CONFIG_PATH, 'r')
data = fd.read()
fd.close()
try:
if 'CONFIG_ARCH_HAVE_RAM_KERNEL_TEXT=y' in data:
have_ram_kernel_text = True
# Calling the Constructor with the initial set of arguments
rParser = dumpParser(dump_file=dump_file,elf=elf,gdb_path=gdb_path,nm_path=nm_path,readelf_path=readelf_path,log_file=log_file, debug=False)
# Setup the Symbol table lookup with given System.map file
rParser.setup_symbol_table(elf,debug=False)
# Find offset
global g_stext_flash
g_stext_flash = rParser.get_address_of_symbol("_stext_flash")
global g_etext_flash
g_etext_flash = rParser.get_address_of_symbol("_etext_flash")
if (have_ram_kernel_text):
global g_stext_ram
g_stext_ram = rParser.get_address_of_symbol("_stext_ram")
global g_etext_ram
g_etext_ram = rParser.get_address_of_symbol("_etext_ram")
# Find the point of crash in the kernel, application or common binaries
find_crash_point(log_file, elf)
# Get ARM arch family
if ('CONFIG_ARCH_FAMILY="armv8-m"' in data) or ('CONFIG_ARCH_FAMILY="armv7-m"' in data):
#If architecture is cortex M, then run return without further script execution
return None
if not 'CONFIG_DEBUG_MM_HEAPINFO=y' in data:
print('DEBUG_MM_HEAPINFO is not enable. Enable DEBUG_MM_HEAPINFO to see heap usage')
return
# If the log file is given, then parse that log file only and exit
if log_file is not None:
rParser.parse_file(log_file,debug=False)
return None
# If the log file not given, Consider full dump
# Unwind the Callstack by obtaining FP, SP and PC from the proper global variable
# task_ctxt_regs is used if SEC_DEBUG is enabled , else current_regs is used
current_regs_pointer = rParser.get_address_of_symbol("current_regs")
if current_regs_pointer is not None:
ctxt_regs = rParser.read_word(current_regs_pointer)
if ctxt_regs != 0x0:
print('current_regs is not NULL')
else:
cpu_ctxt_regs_pointer = rParser.get_address_of_symbol("cpu_ctxt_regs")
if cpu_ctxt_regs_pointer is not None:
ctxt_regs = cpu_ctxt_regs_pointer
if ctxt_regs is None:
print('System is not crashed')
return None
framePointer = rParser.read_word(ctxt_regs+(4* FP))
stackPointer = rParser.read_word(ctxt_regs+(4* SP))
linkRegister = rParser.read_word(ctxt_regs+(4*LR))
programCounter = rParser.read_word(ctxt_regs+(4*PC))
# There are spl case where PC can be invalid, So assigning LR to PC
if (not(programCounter >= g_stext_flash and programCounter <= g_etext_flash)):
if (have_ram_kernel_text):
if (not(programCounter >= g_stext_ram and programCounter <= g_etext_ram)):
# This is possible for a prefetch abort. so am taking care by assigning LR to PC
print("It's a Prefetch abort at Addr : ", hex(programCounter))
programCounter = linkRegister
else:
# This is possible for a prefetch abort. so am taking care by assigning LR to PC
print("It's a Prefetch abort at Addr : ", hex(programCounter))
programCounter = linkRegister
# Explicitly getting the PC and LR symbol names for display purpose
temp1 = rParser.symbol_table_lookup(programCounter)
if temp1 is None:
temp1_symname = 'UNKNOWN'
temp1_offset = 0x0
else:
temp1_symname, temp1_offset = temp1
temp2 = rParser.symbol_table_lookup(linkRegister)
if temp2 is None:
temp2_symname = 'UNKNOWN'
temp2_offset = 0x0
else:
temp2_symname, temp2_offset = temp2
# Reading the Current Task from g_readytorun list, usually head is the current
# Since its a pointer, first am getting pointer address and then reading the
# contents of that Pointer to get the proper task address
current_task_pointer = rParser.get_address_of_symbol('g_readytorun')
current_task_addr = rParser.read_word(current_task_pointer)
# Reading the stack size value from tbe tcb_s struct
stackSize = rParser.read_word(current_task_addr+0x2c)
print('&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&')
print('')
print("Board Crashed at :")
print("PC: [0x{0:x}] {1}+0x{2:x}]\"".format(programCounter,temp1_symname,temp1_offset))
print("LR: [0x{0:x}] {1}+0x{2:x}]\"".format(linkRegister,temp2_symname,temp2_offset))
print(' ')
print("FP: 0x{0:x} and SP: 0x{1:x}".format(framePointer, stackPointer))
print(' ')
print('CALL STACK of Aborted task: ')
print('*******************************************************************')
rParser.unwind_backtrace_with_framepointer(framePointer,stackPointer,linkRegister,programCounter,stackSize)
print('')
print('')
print('&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&&')
g_kmmheap = rParser.get_address_of_symbol("g_kmmheap")
# This information depends on the mm_heap_s structure
SIZE_OF_MM_SEM = 8
SIZE_OF_MM_HOLDER = 4
SIZE_OF_MM_COUNTS_HELD = 4
HEAP_SIZE_POINT = SIZE_OF_MM_SEM + SIZE_OF_MM_HOLDER + SIZE_OF_MM_COUNTS_HELD
SIZE_OF_MM_HEAPSIZE = 4
PEAK_ALLOC_SIZE_POINT = HEAP_SIZE_POINT + SIZE_OF_MM_HEAPSIZE
SIZE_OF_PEAK_ALLOC_SIZE = 4
TOTAL_ALLOC_SIZE_POINT = PEAK_ALLOC_SIZE_POINT + SIZE_OF_PEAK_ALLOC_SIZE
SIZE_OF_TOTAL_ALLOC_SIZE = 4
SIZE_OF_MAX_GROUP = 4
SIZE_OF_HEAPINFO_TCB_INFO = 16
# Read HEAPINFO_PATH to procure HEAPINFO_USER_GROUP_NUM value
heapinfo_user_group_num = 0
with open(HEAPINFO_PATH) as searchfile:
for line in searchfile:
if 'HEAPINFO_USER_GROUP_DELIM_NUM' in line:
word = line.split(' ')
# word[2] contains the value
heapinfo_user_group_delim_num = int(word[2], 16)
heapinfo_user_group_num = heapinfo_user_group_delim_num + 1
break
TOTAL_HEAPINFO_TCB_INFO_POINT = SIZE_OF_TOTAL_ALLOC_SIZE + SIZE_OF_MAX_GROUP + (SIZE_OF_HEAPINFO_TCB_INFO * heapinfo_user_group_num)
ALLOC_LIST_POINT = TOTAL_ALLOC_SIZE_POINT + TOTAL_HEAPINFO_TCB_INFO_POINT
SIZE_OF_ALLOC_NODE = 16
max_tasks = 0
# get MAX_TASKS num
if 'CONFIG_MAX_TASKS=' in data:
index = data.find('CONFIG_MAX_TASKS=')
index += len('CONFIG_MAX_TASKS=')
while data[index] != '\n' :
max_tasks *= 10
max_tasks += int(data[index])
index += 1
HEAP_START_POINT = (ALLOC_LIST_POINT + (max_tasks * SIZE_OF_HEAPINFO_TCB_INFO))
if 'CONFIG_MM_SMALL=y' in data:
MM_ALLOC_BIT = 0x8000
else:
MM_ALLOC_BIT = 0x80000000
start_heap = rParser.read_word(g_kmmheap + HEAP_START_POINT)
end_heap = rParser.read_word(g_kmmheap + HEAP_START_POINT + 4)
print('')
print('')
print('Details of Heap Usages (Size in Bytes)')
print('')
print('start heap address : ', hex(start_heap))
print('end heap address : ', hex(end_heap))
print('')
point = start_heap + SIZE_OF_ALLOC_NODE
stack_size = [0 for i in range(max_tasks)]
idle_stack_size = 0
if 'CONFIG_IDLETHREAD_STACKSIZE=' in data:
index = data.find('CONFIG_IDLETHREAD_STACKSIZE=')
index += len('CONFIG_IDLETHREAD_STACKSIZE=')
while data[index] != '\n' :
idle_stack_size *= 10
idle_stack_size += int(data[index])
index += 1
stack_size[0] = idle_stack_size
print('******************************************************************')
print(' MemAddr | Size | Status | Pid | Owner ')
print('----------|----------|--------|-------|---------------------------')
f = open(file_data, 'w')
while point < end_heap:
size = rParser.read_word(point)
preceding = rParser.read_word(point + 4)
owner = rParser.read_word(point + 8)
pid = rParser.read_halfword(point + 12)
if preceding & MM_ALLOC_BIT :
fd_popen = subprocess.Popen([debug_cmd, '-e', elf, hex(owner)], stdout=subprocess.PIPE).stdout
data = fd_popen.read().decode()
fd_popen.close()
if pid >= 0:
print('{:^10}|'.format(hex(point)), '{:>6}'.format(size), ' |', '{:^7}|'.format('Alloc'), '{:^6}|'.format(pid), data[13:], end=' ')
f.write(str(size) + ' 0 ' + str(hex(point)) + ' ' + str(pid) + ' ' + data[14:])
else: # If pid is less than 0, it is the stack size of (-pid)
stack_size[(-pid) & (max_tasks - 1)] = size
print('{:^10}|'.format(hex(point)), '{:>6}'.format(size), ' |', '{:^7}|'.format('Alloc'), '{:^6}|'.format(-pid), data[13:], end=' ')
f.write(str(size) + ' 1 ' + str(hex(point)) + ' ' + str(-pid) + ' ' + data[14:])
else:
print('{:^10}|'.format(hex(point)), '{:>6}'.format(size), ' |', '{:^7}|'.format('Free'), '{:6}|'.format(""))
f.write(str(size) +' 2 ' + str(hex(point)))
# next node
point = point + size
f.close()
print('')
print('***********************************************************')
print(' Summary of Heap Usages (Size in Bytes)')
print('***********************************************************')
heap_size = rParser.read_word(g_kmmheap + HEAP_SIZE_POINT)
print('HEAP SIZE : ', heap_size)
peack_alloc_size = rParser.read_word(g_kmmheap + PEAK_ALLOC_SIZE_POINT)
print('PEAK ALLOC SIZE : ', peack_alloc_size)
total_alloc_size = rParser.read_word(g_kmmheap + TOTAL_ALLOC_SIZE_POINT)
print('TOTAL ALLOC SIZE : ', total_alloc_size)
print('FREE SIZE : ', heap_size - total_alloc_size)
print('')
print('***********************************************************')
print(' PID | STACK SIZE | CUR ALLOC SIZE | PEAK ALLOC SIZE |')
print('-------|------------|-------------------|-----------------|')
INVALID_PROCESS_ID = 0xFFFFFFFF
alloc_list = ALLOC_LIST_POINT + g_kmmheap
for i in range(0, max_tasks):
pid = rParser.read_word(alloc_list)
if pid != INVALID_PROCESS_ID :
# This information depends on the heapinfo_tcb_info_t
cur_alloc = rParser.read_word(alloc_list + 4)
peak_alloc = rParser.read_word(alloc_list + 8)
print('{:^7}|'.format(pid), '{:>7}'.format(stack_size[i]), ' |', '{:>13}'.format(cur_alloc), ' |', '{:>13}'.format(peak_alloc), ' |')
# next alloc list
alloc_list += SIZE_OF_HEAPINFO_TCB_INFO
except Exception as e:
print("ERROR:", e)
t = 0
size = 0
address = 0
doid = False
doerase = False
verbose = False
chip = None
port = None
infile = None
config = None
outfile = None
flipfile = None
try:
opts, args = GetOpt(sys.argv[1:], "iela:s:r:w:c:f:P:p:vh", [
"id", "erase", "list", "address=", "size=", "read=", "write=",
"chip=", "word-flip=", "port=", "path=", "verbose", "help"
])
except GetoptError, e:
print e
usage()
for opt, arg in opts:
if opt in ('-i', '--id'):
ACTIONS['vendorid'] = True
ACTIONS['productid'] = True
elif opt in ('-e', '--erase'):
ACTIONS['erase'] = True
elif opt in ('-l', '--list'):
list_chips()
sys.exit(0)
elif opt in ('-a', '--address'):
print ""
print "Usage: %s -s source.ip -d dst.ip" % sys.argv[0]
print ""
print "\t-s Connect back IP [LHOST]"
print "\t-d Destination IP of Socket Listener [RHOST]"
print "\t-h Print this Help Menu"
print ""
sys.exit(1)
# Hacky but whatever it gets the point across.
if len(sys.argv) < 3:
usage()
try:
(opts, args) = GetOpt(sys.argv[1:], 's:d:h')
except GetoptError, e:
usage()
for opt, arg in opts:
if opt == "-s":
connectback_ip = arg.split(".")
for a in connectback_ip:
if int(a) == 0:
print "IP cannot have NULL Bytes :("
sys.exit(1)
IP_1 = struct.pack("<B", int(connectback_ip[0]))
IP_2 = struct.pack("<B", int(connectback_ip[1]))
IP_3 = struct.pack("<B", int(connectback_ip[2]))
IP_4 = struct.pack("<B", int(connectback_ip[3]))
elif opt == "-d":
