def execute(self, argv):
super_blocks = gdb.lookup_symbol('super_blocks', None)[0].value()
sbtype = gdb.lookup_type('struct super_block')
try:
btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info')
except gdb.error:
# Load the module if it's not loaded yet
module_type = gdb.lookup_type('struct module')
modules = gdb.lookup_symbol('modules', None)[0].value()
for module in list_for_each_entry(modules, module_type, 'list'):
if module['name'].string() == "btrfs":
addr = module['module_core']
gdb.execute("add-symbol-file {} {}".format(path, addr))
btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info')
for sb in list_for_each_entry(super_blocks, sbtype, 's_list'):
if sb['s_type']['name'].string() == "btrfs":
fs_info = gdb.Value(sb['s_fs_info']).cast(btrfs_fs_info_type.pointer())
u = long(0)
for i in range(0, 16):
u <<= 8
u += int(fs_info['fsid'][i])
u = uuid.UUID(int=u)
print "{} -> {} {}".format(sb.address, sb['s_id'].string(), u)
def execute(self, argv):
super_blocks = gdb.lookup_symbol('super_blocks', None)[0].value()
sbtype = gdb.lookup_type('struct super_block')
try:
btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info')
except gdb.error:
# Load the module if it's not loaded yet
module_type = gdb.lookup_type('struct module')
modules = gdb.lookup_symbol('modules', None)[0].value()
for module in list_for_each_entry(modules, module_type, 'list'):
if module['name'].string() == "btrfs":
addr = module['module_core']
gdb.execute("add-symbol-file {} {}".format(path, addr))
btrfs_fs_info_type = gdb.lookup_type('struct btrfs_fs_info')
for sb in list_for_each_entry(super_blocks, sbtype, 's_list'):
if sb['s_type']['name'].string() == "btrfs":
fs_info = gdb.Value(sb['s_fs_info']).cast(
btrfs_fs_info_type.pointer())
u = 0
for i in range(0, 16):
u <<= 8
u += int(fs_info['fsid'][i])
u = uuid.UUID(int=u)
print "{} -> {} {}".format(sb.address, sb['s_id'].string(), u)
def get_fragment_instances():
# Walk the threadlist to find fragment instance ids. Assumes IMPALA-6416, so
# this will not work with releases older than Impala 2.12. It may be possible
# to search for FragmentInstanceState::Exec() in the older releases to get
# to the FInstIDs. Returns a dictionary of FInstID->[gdb thread ID].
# Note that multiple threads might be doing tasks for the same FInstID.
fragment_instances = defaultdict(list)
for thread in gdb.selected_inferior().threads():
thread.switch()
f = gdb.newest_frame()
while f:
# Skip unresolved frame
if gdb.Frame.name(f) is None:
f = gdb.Frame.older(f)
continue
if 'impala::Thread::SuperviseThread' in gdb.Frame.name(f):
gdb.Frame.select(f)
block = gdb.Frame.block(f)
gdb.lookup_symbol('thread_debug_info', block)
tdi = f.read_var('thread_debug_info')
# No valid thread_debug_info
if not tdi:
break
fi = str(tdi['instance_id_'])
if ':' in fi:
fragment_instances[fi.strip('"')].append(thread.num)
break
f = gdb.Frame.older(f)
return fragment_instances
def get_fragment_instances():
# Walk the threadlist to find fragment instance ids. Assumes IMPALA-6416, so
# this will not work with releases older than Impala 2.12. It may be possible
# to search for FragmentInstanceState::Exec() in the older releases to get
# to the FInstIDs. Returns a dictionary of FInstID->[gdb thread ID].
# Note that multiple threads might be doing tasks for the same FInstID.
fragment_instances = defaultdict(list)
for thread in gdb.selected_inferior().threads():
thread.switch()
f = gdb.newest_frame()
while f:
# Skip unresolved frame
if gdb.Frame.name(f) is None:
f = gdb.Frame.older(f)
continue
if 'impala::Thread::SuperviseThread' in gdb.Frame.name(f):
gdb.Frame.select(f)
block = gdb.Frame.block(f)
gdb.lookup_symbol('thread_debug_info', block)
tdi = f.read_var('thread_debug_info')
# No valid thread_debug_info
if not tdi:
break
hi = long(tdi['instance_id_']['hi'])
lo = long(tdi['instance_id_']['lo'])
fi = "%lx:%lx" % (hi, lo)
if fi != "0:0":
fragment_instances[fi.strip('"')].append(thread.num)
break
f = gdb.Frame.older(f)
return fragment_instances
def read_heap():
global heap_start;
heap_start = int(gdb.lookup_symbol("heap_start")[0].value());
global region_count;
region_count = int(gdb.lookup_symbol("region_count")[0].value());
regions_pointer = gdb.lookup_symbol("regions")[0].value();
global regions;
regions = [];
for i in range(region_count):
region = (regions_pointer + i).referenced_value();
regions.append(Region(size=int(region["size"]), reserved=str(region["reserved"])));
def qtNamespace(self):
if not self.currentQtNamespaceGuess is None:
return self.currentQtNamespaceGuess
# This only works when called from a valid frame.
try:
cand = "QArrayData::shared_null"
symbol = gdb.lookup_symbol(cand)[0]
if symbol:
ns = symbol.name[:-len(cand)]
self.qtNamespaceToReport = ns
self.qtNamespace = lambda: ns
return ns
except:
pass
try:
# This is Qt, but not 5.x.
cand = "QByteArray::shared_null"
symbol = gdb.lookup_symbol(cand)[0]
if symbol:
ns = symbol.name[:-len(cand)]
self.qtNamespaceToReport = ns
self.qtNamespace = lambda: ns
self.fallbackQtVersion = 0x40800
return ns
except:
pass
try:
# Last fall backs.
s = gdb.execute("ptype QByteArray", to_string=True)
if s.find("QMemArray") >= 0:
# Qt 3.
self.qtNamespaceToReport = ""
self.qtNamespace = lambda: ""
self.qtVersion = lambda: 0x30308
self.fallbackQtVersion = 0x30308
return ""
# Seemingly needed with Debian's GDB 7.4.1
pos1 = s.find("class")
pos2 = s.find("QByteArray")
if pos1 > -1 and pos2 > -1:
ns = s[s.find("class") + 6:s.find("QByteArray")]
self.qtNamespaceToReport = ns
self.qtNamespace = lambda: ns
return ns
except:
pass
self.currentQtNamespaceGuess = ""
return ""
def read_task_queues():
global queue_number
queue_number = int(gdb.execute("p sizeof(queues) / sizeof(queue_t)", to_string=True).split()[2])
global queues
global queues_sleeping
global tasks
queues = []
queues_sleeping = []
tasks = []
for i in range(queue_number):
queues.append([])
queue = gdb.lookup_symbol("queues")[0].value()[i]
node = queue["front"]
while (node != 0):
thread = node.referenced_value()["data"].cast(gdb.lookup_type("thread_t").pointer()).referenced_value()
add_thread_to_queue(queues[i], thread)
add_task(thread["parent"])
node = node.referenced_value()["next"]
queues_sleeping.append([])
queue = gdb.lookup_symbol("queues_sleeping")[0].value()[i]
node = queue["front"]
while (node != 0):
thread = node.referenced_value()["data"].cast(gdb.lookup_type("thread_t").pointer()).referenced_value()
add_thread_to_queue(queues_sleeping[i], thread)
add_task(thread["parent"])
node = node.referenced_value()["next"]
current_thread = gdb.lookup_symbol("current_thread")[0].value().referenced_value()
kernel_task = gdb.lookup_symbol("kernel_task")[0].value().referenced_value()
do_nothing_task = gdb.lookup_symbol("doNothing_task")[0].value().referenced_value()
add_task(current_thread["parent"])
add_task(do_nothing_task)
global kernel_task_id
global do_nothing_task_id
kernel_task_id = int(kernel_task["id"])
do_nothing_task_id = int(do_nothing_task["id"])
global current_thread_str
global kernel_task_str
global do_nothing_task_str
current_thread_str = current_thread.format_string()
kernel_task_str = kernel_task.format_string()
do_nothing_task_str = do_nothing_task.format_string()
def find_mutex_holder(graph, thread_dict, show):
frame = find_frame(r'std::mutex::lock\(\)')
if frame is None:
return
frame.select()
# Waiting for mutex locking!
mutex_this, _ = gdb.lookup_symbol("this", frame.block())
mutex_value = mutex_this.value(frame)
# The mutex holder is a LWPID
mutex_holder = int(mutex_value["_M_mutex"]["__data"]["__owner"])
mutex_holder_id = thread_dict[mutex_holder]
(_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid
mutex_waiter_id = thread_dict[mutex_waiter_lwpid]
if show:
print("Mutex at {} held by thread 0x{:x} (LWP {}) "
" waited on by thread 0x{:x} (LWP {})".format(mutex_value,
mutex_holder_id,
mutex_holder,
mutex_waiter_id,
mutex_waiter_lwpid))
if graph:
graph.add_edge(Thread(mutex_waiter_id, mutex_waiter_lwpid),
Lock(long(mutex_value), "Mutex"))
graph.add_edge(Lock(long(mutex_value), "Mutex"), Thread(mutex_holder_id, mutex_holder))
def invoke (self, args, from_tty):
try:
args = args.split(" ")
reg, fct = args[:2]
format = " ".join(args[2:])
except Exception:
print("Usage: reg_watch register function [format]")
return
try:
if not gdb.lookup_symbol(fct)[0]:
print("Error: cannot find symbol '{}'".format(fct))
return
except gdb.error: # No frame selected.
print("Error: Please start the execution before setting reg watchpoints")
return
disa = gdb.execute("disassemble {}".format(fct), to_string=True)
watchpoints = []
for line in disa.replace("=> ", "").split("\n"):
addr, _, rest = line.strip().partition(" ")
if not "%{}".format(reg) in rest:
continue
watchpoints.append(RegWatch_bpt(addr, line, reg[1:], format))
print("{} watchpoints added in function {}".format(len(watchpoints), fct))
def get_block_device(self):
all_bdevs = gdb.lookup_symbol('all_bdevs', None)[0].value()
for bdev in list_for_each_entry(all_bdevs, self.block_device_type,
'bd_list'):
if int(bdev['bd_disk']) != 0 and int(bdev['bd_part']) != 0:
return bdev
return None
def find_mutex_holder(graph, thread_dict, show):
frame = find_frame(r'std::mutex::lock\(\)')
if frame is None:
return
frame.select()
# Waiting for mutex locking!
mutex_this, _ = gdb.lookup_symbol("this", frame.block())
mutex_value = mutex_this.value(frame)
# The mutex holder is a LWPID
mutex_holder = int(mutex_value["_M_mutex"]["__data"]["__owner"])
mutex_holder_id = thread_dict[mutex_holder]
(_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid
mutex_waiter_id = thread_dict[mutex_waiter_lwpid]
if show:
print("Mutex at {} held by thread 0x{:x} (LWP {}) "
" waited on by thread 0x{:x} (LWP {})".format(
mutex_value, mutex_holder_id, mutex_holder, mutex_waiter_id,
mutex_waiter_lwpid))
if graph:
graph.add_edge(Thread(mutex_waiter_id, mutex_waiter_lwpid),
Lock(long(mutex_value), "Mutex"))
graph.add_edge(Lock(long(mutex_value), "Mutex"),
Thread(mutex_holder_id, mutex_holder))
def lookupEntryRefCodecSymbol(fnName):
"""Look up symbol for entry_ref_codec<...> static member functions."""
symName = f'{entryRefCodecClassName}::{fnName}'
sym, _ = gdb.lookup_symbol(symName)
if not sym or not sym.is_function:
raise Exception(f'required symbol {symName} does not exist or is not a function')
return sym
def get_wpstr(self, sym_name):
"Setup sym and wp_str for given symbol."
self.sym, ok = gdb.lookup_symbol(sym_name)
wp_addr = gdb.parse_and_eval(sym_name).address
self.wp_str = "*(%(type)s)(&%(address)s)" % dict(type=wp_addr.type, address=sym_name)
return self.wp_str
def get_symbol_value(symname, block=None, domain=None):
if domain is None:
domain = gdb.SYMBOL_VAR_DOMAIN
sym = gdb.lookup_symbol(symname, block, domain)[0]
if sym:
return sym.value()
raise MissingSymbolError("Cannot locate symbol {}".format(symname))
def invoke(self, arg, from_tty):
ports = False
arg_list = gdb.string_to_argv(arg)
if len(arg_list) > 1 or \
(len(arg_list) == 1 and arg_list[0] != "ports"):
print("usage: ovs_dump_dp_netdev [ports]")
return
elif len(arg_list) == 1:
ports = True
dp_netdevs = gdb.lookup_symbol('dp_netdevs')[0]
if dp_netdevs is None or not dp_netdevs.is_variable:
print("Can't find dp_netdevs global variable, are you sure "
"your debugging OVS?")
return
dp_netdevs = gdb.parse_and_eval('dp_netdevs')
for node in ForEachSHASH(dp_netdevs):
dp = node['data'].cast(
gdb.lookup_type('struct dp_netdev').pointer())
print("(struct dp_netdev *) {}: name = {}, class = "
"(struct dpif_class *) {}".format(dp, dp['name'],
dp['class']))
if ports:
for node in ForEachHMAP(dp['ports'], "struct dp_netdev_port",
"node"):
CmdDumpDpNetdevPorts.display_single_port(node, 4)
def try_pending_skips(evt=None):
for skip in list(to_skip): # make a copy for safe remove
skipargs = skip.split()
print 'loading skip: ' + skip
# If it is a function, make sure the symbol is defined
if len(skipargs) < 1 or skipargs[0] == 'function':
try:
# test if the function (aka symbol is defined)
symb, _ = gdb.lookup_symbol(skip)
if not symb:
continue
except gdb.error:
# no frame ?
continue
# yes, we can skip it
gdb.execute("skip " + str(skip))
to_skip.remove(skip)
# otherwise who knows what is happening
if not to_skip:
# no more functions to skip
try:
gdb.events.new_objfile.disconnect(try_pending_skips) # event fired when the binary is loaded
except (gdb.error, ValueError):
pass # was not connected
def invoke (self, args, from_tty):
try:
args = args.split(" ")
reg, fct = args[:2]
format = " ".join(args[2:])
except Exception:
print("Usage: reg_watch register function [format]")
return
try:
if not gdb.lookup_symbol(fct)[0]:
...
except gdb.error: # No frame selected.
...
disa = gdb.execute("disassemble {}".format(fct), to_string=True)
# => 0x0000000000466d50 <+0>: sub $0x28,%rsp
# 0x0000000000466d54 <+4>: movq $0x0,(%rsp)
# ...
watchpoints = []
for line in disa.replace("=> ", "").split("\n"):
addr, _, rest = line.strip().partition(" ")
...
print("{} watchpoints added in function {}".format(len(watchpoints), fct))
def munge_symbol (self, sym, block):
'''
Given a symbol in the context of a block, return a tuple of the printable
name for the symbol and its value in this frame.
@param sym A symbol, probably either an argument or a local.
@param block The frame block in which we are operating.
'''
# uh, pierce linkage names unless they are register values?
# maybe this is a trick to get the fully qualified type?
if len (sym.linkage_name):
nsym, is_field_of_this = gdb.lookup_symbol (sym.linkage_name, block)
if not nsym:
return sym.linkage_name, '<danger=ignored>'
if nsym and nsym.addr_class != gdb.SYMBOL_LOC_REGISTER:
sym = nsym
# load the value!
try:
val = self.frame.read_var (sym)
if val != None:
val = str (val)
# FIXME: would be nice to have a more precise exception here.
except RuntimeError, text:
val = text
def test_voidp_test(self):
var = gdb.lookup_symbol('voidp_test', None)[0]
self.assertTrue(var is not None)
for cpu, val in list(crash.types.percpu.get_percpu_var(var).items()):
self.assertTrue(val is not None)
self.assertTrue(val.type == self.voidp)
self.assertTrue(long(val) == 0xdeadbeef)
def initialize(self):
self.d = {}
self.d['FRAMETYPE_MASK'] = (1 << self.jit_value('FRAMETYPE_BITS')) - 1
self.d['FRAMESIZE_SHIFT'] = self.jit_value('FRAMESIZE_SHIFT')
self.d['FRAME_HEADER_SIZE_SHIFT'] = self.jit_value('FRAME_HEADER_SIZE_SHIFT')
self.d['FRAME_HEADER_SIZE_MASK'] = self.jit_value('FRAME_HEADER_SIZE_MASK')
self.compute_frame_info()
commonFrameLayout = gdb.lookup_type('js::jit::CommonFrameLayout')
self.d['typeCommonFrameLayout'] = commonFrameLayout
self.d['typeCommonFrameLayoutPointer'] = commonFrameLayout.pointer()
self.d['per_tls_context'] = gdb.lookup_global_symbol('js::TlsContext')
self.d['void_starstar'] = gdb.lookup_type('void').pointer().pointer()
jitframe = gdb.lookup_type("js::jit::JitFrameLayout")
self.d['jitFrameLayoutPointer'] = jitframe.pointer()
self.d['CalleeToken_Function'] = self.jit_value("CalleeToken_Function")
self.d['CalleeToken_FunctionConstructing'] = self.jit_value(
"CalleeToken_FunctionConstructing")
self.d['CalleeToken_Script'] = self.jit_value("CalleeToken_Script")
self.d['JSFunction'] = gdb.lookup_type("JSFunction").pointer()
self.d['JSScript'] = gdb.lookup_type("JSScript").pointer()
self.d['Value'] = gdb.lookup_type("JS::Value")
self.d['SOURCE_SLOT'] = self.value('js::ScriptSourceObject::SOURCE_SLOT')
self.d['NativeObject'] = gdb.lookup_type("js::NativeObject").pointer()
self.d['HeapSlot'] = gdb.lookup_type("js::HeapSlot").pointer()
self.d['ScriptSource'] = gdb.lookup_type("js::ScriptSource").pointer()
# ProcessExecutableMemory, used to identify if a pc is in the section
# pre-allocated by the JIT.
self.d['MaxCodeBytesPerProcess'] = self.jit_value('MaxCodeBytesPerProcess')
self.d['execMemory'] = gdb.lookup_symbol('::execMemory')[0].value()
def get_global_variable(name):
var = gdb.lookup_symbol(name)[0]
if var is None or not var.is_variable:
print("Can't find {} global variable, are you sure "
"your debugging OVS?".format(name))
return None
return gdb.parse_and_eval(name)
def initialize(self):
self.d = {}
self.d["FRAMETYPE_MASK"] = (1 << self.jit_value("FRAMETYPE_BITS")) - 1
self.d["FRAMESIZE_SHIFT"] = self.jit_value("FRAMESIZE_SHIFT")
self.d["FRAME_HEADER_SIZE_SHIFT"] = self.jit_value("FRAME_HEADER_SIZE_SHIFT")
self.d["FRAME_HEADER_SIZE_MASK"] = self.jit_value("FRAME_HEADER_SIZE_MASK")
self.compute_frame_info()
commonFrameLayout = gdb.lookup_type("js::jit::CommonFrameLayout")
self.d["typeCommonFrameLayout"] = commonFrameLayout
self.d["typeCommonFrameLayoutPointer"] = commonFrameLayout.pointer()
self.d["per_tls_context"] = gdb.lookup_global_symbol("js::TlsContext")
self.d["void_starstar"] = gdb.lookup_type("void").pointer().pointer()
jitframe = gdb.lookup_type("js::jit::JitFrameLayout")
self.d["jitFrameLayoutPointer"] = jitframe.pointer()
self.d["CalleeToken_Function"] = self.jit_value("CalleeToken_Function")
self.d["CalleeToken_FunctionConstructing"] = self.jit_value(
"CalleeToken_FunctionConstructing"
)
self.d["CalleeToken_Script"] = self.jit_value("CalleeToken_Script")
self.d["JSScript"] = gdb.lookup_type("JSScript").pointer()
self.d["Value"] = gdb.lookup_type("JS::Value")
self.d["SOURCE_SLOT"] = self.value("js::ScriptSourceObject::SOURCE_SLOT")
self.d["NativeObject"] = gdb.lookup_type("js::NativeObject").pointer()
self.d["HeapSlot"] = gdb.lookup_type("js::HeapSlot").pointer()
self.d["ScriptSource"] = gdb.lookup_type("js::ScriptSource").pointer()
# ProcessExecutableMemory, used to identify if a pc is in the section
# pre-allocated by the JIT.
self.d["MaxCodeBytesPerProcess"] = self.jit_value("MaxCodeBytesPerProcess")
self.d["execMemory"] = gdb.lookup_symbol("::execMemory")[0].value()
def get_hd_struct(self):
all_bdevs = gdb.lookup_symbol('all_bdevs', None)[0].value()
for bdev in list_for_each_entry(all_bdevs, self.block_device_type,
'bd_list'):
if int(bdev['bd_part']) != 0:
return bdev['bd_part'].dereference()
return None
def address(symbol):
if isinstance(symbol, six.integer_types):
return symbol
try:
return int(symbol, 0)
except:
pass
try:
symbol_obj = gdb.lookup_symbol(symbol)[0]
if symbol_obj:
return int(symbol_obj)
except Exception:
pass
try:
result = gdb.execute('info address %s' % symbol,
to_string=True,
from_tty=False)
address = re.search('0x[0-9a-fA-F]+', result).group()
return int(address, 0)
except gdb.error:
return None
try:
address = pwndbg.ida.LocByName(symbol)
if address:
return address
except Exception:
pass
def find_mutex_holder(graph, thread_dict, show):
"""Find mutex holder."""
frame = find_frame(r'std::mutex::lock\(\)')
if frame is None:
return
frame.select()
# Waiting for mutex locking!
mutex_this, _ = gdb.lookup_symbol("this", frame.block())
mutex_value = mutex_this.value(frame)
# The mutex holder is a LWPID
mutex_holder_lwpid = int(mutex_value["_M_mutex"]["__data"]["__owner"])
# At time thread_dict was initialized, the mutex holder may not have been found.
# Use the thread LWP as a substitute for showing output or generating the graph.
if mutex_holder_lwpid not in thread_dict:
print("Warning: Mutex at {} held by thread with LWP {}"
" not found in thread_dict. Using LWP to track thread.".format(
mutex_value, mutex_holder_lwpid))
mutex_holder = Thread(mutex_holder_lwpid, mutex_holder_lwpid, '"[unknown]"')
else:
mutex_holder = thread_dict[mutex_holder_lwpid]
(_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid
mutex_waiter = thread_dict[mutex_waiter_lwpid]
if show:
print("Mutex at {} held by {} waited on by {}".format(mutex_value, mutex_holder,
mutex_waiter))
if graph:
graph.add_edge(mutex_waiter, Lock(long(mutex_value), "Mutex"))
graph.add_edge(Lock(long(mutex_value), "Mutex"), mutex_holder)
def get_global_variable(name):
var = gdb.lookup_symbol(name)[0]
if var is None or not var.is_variable:
print("Can't find {} global variable, are you sure "
"your debugging OVS?".format(name))
return None
return gdb.parse_and_eval(name)
def invoke(self, arg, from_tty):
ports = False
wanted = False
arg_list = gdb.string_to_argv(arg)
if len(arg_list) > 1 or \
(len(arg_list) == 1 and arg_list[0] != "ports" and
arg_list[0] != "wanted"):
print("usage: ovs_dump_bridge [ports|wanted]")
return
elif len(arg_list) == 1:
if arg_list[0] == "ports":
ports = True
else:
wanted = True
dp_netdevs = gdb.lookup_symbol('all_bridges')[0]
if dp_netdevs is None or not dp_netdevs.is_variable:
print("Can't find all_bridges global variable, are you sure "
"your debugging OVS?")
return
all_bridges = gdb.parse_and_eval('all_bridges')
for node in ForEachHMAP(all_bridges, "struct bridge", "node"):
print("(struct bridge *) {}: name = {}, type = {}".format(
node, node['name'].string(), node['type'].string()))
if ports:
for port in ForEachHMAP(node['ports'], "struct port",
"hmap_node"):
CmdDumpBridgePorts.display_single_port(port, 4)
if wanted:
for port in ForEachSHASH(node['wanted_ports'],
typeobj="struct ovsrec_port"):
print(" (struct ovsrec_port *) {}: name = {}".format(
port, port['name'].string()))
def test_voidp_test(self):
var = gdb.lookup_symbol('voidp_test', None)[0]
self.assertTrue(var is not None)
for cpu, val in list(crash.types.percpu.get_percpu_var(var).items()):
self.assertTrue(val is not None)
self.assertTrue(val.type == self.voidp)
self.assertTrue(long(val) == 0xdeadbeef)
def symbol_address(symbol):
sym = gdb.lookup_global_symbol(symbol)
if sym == None:
sym = gdb.lookup_symbol(symbol)[0]
if sym is not None:
return sym.value().address
return None
def find_mutex_holder(graph, thread_dict, show):
"""Find mutex holder."""
frame = find_frame(r'std::mutex::lock\(\)')
if frame is None:
return
frame.select()
# Waiting for mutex locking!
mutex_this, _ = gdb.lookup_symbol("this", frame.block())
mutex_value = mutex_this.value(frame)
# The mutex holder is a LWPID
mutex_holder_lwpid = int(mutex_value["_M_mutex"]["__data"]["__owner"])
# At time thread_dict was initialized, the mutex holder may not have been found.
# Use the thread LWP as a substitute for showing output or generating the graph.
if mutex_holder_lwpid not in thread_dict:
print("Warning: Mutex at {} held by thread with LWP {}"
" not found in thread_dict. Using LWP to track thread.".format(
mutex_value, mutex_holder_lwpid))
mutex_holder = Thread(mutex_holder_lwpid, mutex_holder_lwpid,
'"[unknown]"')
else:
mutex_holder = thread_dict[mutex_holder_lwpid]
(_, mutex_waiter_lwpid, _) = gdb.selected_thread().ptid
mutex_waiter = thread_dict[mutex_waiter_lwpid]
if show:
print("Mutex at {} held by {} waited on by {}".format(
mutex_value, mutex_holder, mutex_waiter))
if graph:
graph.add_edge(mutex_waiter, Lock(long(mutex_value), "Mutex"))
graph.add_edge(Lock(long(mutex_value), "Mutex"), mutex_holder)
def get_wpstr(self, sym_name):
"Setup sym and wp_str for given symbol."
self.sym, ok = gdb.lookup_symbol(sym_name)
wp_addr = gdb.parse_and_eval(sym_name).address
self.wp_str = '*(%(type)s)(&%(address)s)' % dict(type=wp_addr.type,
address=sym_name)
return (self.wp_str)
def setUp(self):
self.stdout = sys.stdout
self.redirected = io.StringIO()
sys.stdout = self.redirected
self.command = CgroupCommand("cgroup")
# cgrp_dfl_root is available since v3.15-rc1
cgroup_root = gdb.lookup_symbol('cgrp_dfl_root', None)[0].value()
self.cgrp_dfl_root = cgroup_root['cgrp']
def invoke(self, argument, from_tty):
args = gdb.string_to_argv(argument)
if len(args) < 1:
self.print_usage()
return
domain = None
for arg in args:
if "domain=" in arg:
domain = arg.split("=")[1]
if domain:
symbol, _ = gdb.lookup_symbol(args[0], gdb.newest_frame().block(), domain_dict[domain])
else:
symbol, _ = gdb.lookup_symbol(args[0])
if not symbol:
print "not found in this frame"
return
self.print_symbol(symbol)
def run_test():
"Run through the tests one by one"
sym, ok = gdb.lookup_symbol("thread1_func")
gdb.execute("b thread1_func")
gdb.execute("c")
frame = gdb.selected_frame()
report(str(frame.function()) == "thread1_func", "break @ %s" % frame)
def invoke(self, arg, from_tty):
netdev_shash = gdb.lookup_symbol('netdev_shash')[0]
if netdev_shash is None or not netdev_shash.is_variable:
print("Can't find netdev_shash global variable, are you sure "
"your debugging OVS?")
return
netdev_shash = gdb.parse_and_eval('netdev_shash')
for netdev in ForEachSHASH(netdev_shash, "struct netdev"):
self.display_single_netdev(netdev)
def check_ready(self) -> Optional[gdb.Symbol]:
"""
Returns the result of looking up the symbol when a new object
file is loaded.
Returns:
:obj:`gdb.Symbol`: The requested symbol
"""
return gdb.lookup_symbol(self.name, None, self.domain)[0]
def is_class_vport_class(netdev_class):
netdev_class = netdev_class.cast(
gdb.lookup_type('struct netdev_class').pointer())
vport_construct = gdb.lookup_symbol('netdev_vport_construct')[0]
if netdev_class['construct'] == vport_construct.value():
return True
return False
def cb_sym(self, symtype, *args):
if symtype == addrxlat.SYM_VALUE:
ms = gdb.lookup_minimal_symbol(args[0])
if ms is not None:
return long(ms.value().address)
elif symtype == addrxlat.SYM_SIZEOF:
sym = gdb.lookup_symbol(args[0], None)[0]
if sym is not None:
return sym.type.sizeof
elif symtype == addrxlat.SYM_OFFSETOF:
sym = gdb.lookup_symbol(args[0], None, gdb.SYMBOL_STRUCT_DOMAIN)[0]
if sym is None:
# this works for typedefs:
sym = gdb.lookup_symbol(args[0], None)[0]
if sym is not None:
return offsetof(sym.type, args[1])
return super(TranslationContext, self).cb_sym(symtype, *args)
def is_class_vport_class(netdev_class):
netdev_class = netdev_class.cast(
gdb.lookup_type('struct netdev_class').pointer())
vport_construct = gdb.lookup_symbol('netdev_vport_construct')[0]
if netdev_class['construct'] == vport_construct.value():
return True
return False
def cb_sym(self, symtype, *args):
if symtype == addrxlat.SYM_VALUE:
ms = gdb.lookup_minimal_symbol(args[0])
if ms is not None:
return long(ms.value().address)
elif symtype == addrxlat.SYM_SIZEOF:
sym = gdb.lookup_symbol(args[0], None)[0]
if sym is not None:
return sym.type.sizeof
elif symtype == addrxlat.SYM_OFFSETOF:
sym = gdb.lookup_symbol(args[0], None, gdb.SYMBOL_STRUCT_DOMAIN)[0]
if sym is None:
# this works for typedefs:
sym = gdb.lookup_symbol(args[0], None)[0]
if sym is not None:
return offsetof(sym.type, args[1])
return super(TranslationContext, self).cb_sym(symtype, *args)
def test_classdev_iteration(self):
count = 0
block_class = gdb.lookup_symbol('block_class', None)[0].value()
for dev in classdevs.for_each_class_device(block_class):
self.assertTrue(type(dev) is gdb.Value)
self.assertTrue(dev.type == self.device_type)
count += 1
self.assertTrue(count > 0)
def get_value(name, domain=gdb.SYMBOL_VAR_DOMAIN):
if name in symbol_cache:
return symbol_cache[name]
sym = gdb.lookup_global_symbol(name, domain=domain)
if not sym:
try:
sym = gdb.lookup_symbol(name, domain=domain)[0]
except Exception, e:
print e
def __init__(self, cast_type_name, print_type_name, val):
self.val = val
self.cast_type_name = cast_type_name
self.print_type_name = print_type_name
cast_type_symbol, _ = gdb.lookup_symbol(cast_type_name)
if cast_type_symbol is None:
raise gdb.GdbError("Could not find type!")
self.cast_type = cast_type_symbol.type
self.casted_val = self.val.cast(self.cast_type)
def get_main_arena(addr=None):
if addr == None:
main_arena = gdb.lookup_symbol('main_arena')[0].value()
else:
main_arena = value_from_type('struct malloc_state', addr)
if main_arena == None:
print(red('Symbol \'main_arena\' not found. Try installing libc ' \
'debugging symbols or specifying the main arena address ' \
'and try again'))
return main_arena
def get_global_L():
gL, _ = gdb.lookup_symbol("globalL")
if gL:
return gL.value()
cycle = gdb.lookup_global_symbol("ngx_cycle")
if cycle:
cycle = cycle.value()
gL = ngxlua.ngx_lua_get_main_lua_vm(cycle)
if gL:
return gL
raise gdb.GdbError("No global L located (tried globalL and ngx_cycle)")
def check_break(sym_name):
"Setup breakpoint, continue and check we stopped."
sym, ok = gdb.lookup_symbol(sym_name)
bp = gdb.Breakpoint(sym_name)
gdb.execute("c")
# hopefully we came back
end_pc = gdb.parse_and_eval('$pc')
print ("%s == %s %d" % (end_pc, sym.value(), bp.hit_count))
bp.delete()
# can we test we hit bp?
return end_pc == sym.value()
def write_symbol (self, stream, sym, block):
if len (sym.linkage_name):
nsym, is_field_of_this = gdb.lookup_symbol (sym.linkage_name, block)
if nsym.addr_class != gdb.SYMBOL_LOC_REGISTER:
sym = nsym
stream.write (sym.print_name + "=")
try:
val = self.read_var (sym)
if val != None:
val = str (val)
# FIXME: would be nice to have a more precise exception here.
except RuntimeError, text:
val = text
def invoke(self, arg, from_tty):
# FIXME: Broken. lookup_global_symbol always works, but doesn't return
# results for static symbols. lookup_symbol does, but only
# works if there is a current frame, i.e. the program is running.
sym = gdb.lookup_symbol(arg)
if sym[0] == None:
# just remember the name, the BP will be created later
function_names[arg] = 1 # dummy value
print "Remembering symbol '%s' for later addition" % arg
else:
# FIXME: Minor code duplication
bp = gdb.Breakpoint(arg)
function_bps[bp] = arg
def check_hbreak(sym_name):
"Setup hardware breakpoint, continue and check we stopped."
sym, ok = gdb.lookup_symbol(sym_name)
gdb.execute("hbreak %s" % (sym_name))
gdb.execute("c")
# hopefully we came back
end_pc = gdb.parse_and_eval('$pc')
print ("%s == %s" % (end_pc, sym.value()))
if end_pc == sym.value():
gdb.execute("d 1")
return True
else:
return False
def children(self):
if VariableSetListPrinter.GLOBALSET is None:
block = gdb.lookup_global_symbol('init_hash_global_variable_set').symtab.static_block()
VariableSetListPrinter.GLOBALSET = gdb.lookup_symbol('global_variable_set', block)[0].value().address
ptr = self.val.address
i = 0
while long(ptr) != 0:
nm = '[%d] ' % (i)
yield (nm, ptr['set'])
if long(ptr['set']) == long(VariableSetListPrinter.GLOBALSET):
yield (nm, "global_variable_set")
else:
yield (nm, str(ptr['set'].dereference()))
i += 1
ptr = ptr['next']
def validate_args(list_of_args):
'''Validate the arguments passed to the current command.'''
if len(list_of_args) != 2:
return 1
addr = int(list_of_args[0])
if addr < 0:
return 2
temp_sym = gdb.lookup_symbol(list_of_args[1])
if temp_sym[0] == None:
return 3
return 0
def to_string(self):
if self.tag == 1000:
# it's an immediate value
if gdb.lookup_type('value').sizeof == 8:
debug_mask = 0xff00ffffff00ffff
debug_val = 0xD700D7D7D700D6D7
else:
debug_mask = 0xff00ffff
debug_val = 0xD700D6D7
n = self.val
if (n & debug_mask) == debug_val:
tag = int((n >> 16) & 0xff)
return debug_tags.get(tag,
"Debug_tag(0x%x)" % int(tag))
else:
return "I(%d)" % int(n >> 1)
# otherwise, it's a block
if self.tagname == 'Double_tag':
d = self.p.cast(gdb.lookup_type('double').pointer()).dereference()
s = '%f, wosize=1' % d
elif self.tagname == 'String_tag':
char = gdb.lookup_type('unsigned char')
val_size = gdb.lookup_type('value').sizeof
lastbyte = ((self.p + self.length - 1).cast(char.pointer()) + val_size - 1).dereference()
length_bytes = self.length * val_size - (lastbyte + 1)
string = (self.p.cast(char.array(length_bytes).pointer()).dereference())
s = str(string).strip()
elif self.tagname == 'Infix_tag':
s = 'offset=%d' % (-self.length)
elif self.tagname == 'Custom_tag':
ops = self.p.dereference().cast(gdb.lookup_type('struct custom_operations').pointer())
s = '%s, wosize=%d' % (str(ops), self.length)
elif self.tagname == 'Block':
s = '%d, wosize=%d' % (self.tag,self.length)
else:
s = 'wosize=%d' % self.length
markbits = gdb.lookup_symbol("global")[0].value()
gc = {
int(markbits['MARKED']): 'MARKED',
int(markbits['UNMARKED']): 'UNMARKED',
int(markbits['GARBAGE']): 'GARBAGE',
(3 << 8): 'NOT_MARKABLE'
}
return '%s(%s, %s)' % (self.tagname, s, gc[self.gc])
def invoke(self, sym, vnet=None):
sym = sym.string()
if sym.startswith("V_"):
sym = sym[len("V_"):]
if gdb.lookup_symbol("sysctl___kern_features_vimage")[0] is None:
return gdb.lookup_global_symbol(sym).value()
if vnet is None:
vnet = tdfind(gdb.selected_thread().ptid[2])['td_vnet']
if not vnet:
# If curthread->td_vnet == NULL, vnet0 is the current vnet.
vnet = gdb.lookup_global_symbol("vnet0").value()
base = vnet['vnet_data_base']
entry = gdb.lookup_global_symbol("vnet_entry_" + sym).value()
entry_addr = entry.address.cast(gdb.lookup_type("uintptr_t"))
ptr = gdb.Value(base + entry_addr).cast(entry.type.pointer())
return ptr.dereference()
def setup_arch(self):
archname = self.kdump.attr.arch.name
archclass = crash.arch.get_architecture(archname)
if not archclass:
raise NotImplementedError("Architecture {} is not supported yet."
.format(archname))
# Doesn't matter what symbol as long as it's everywhere
# Use vsnprintf since 'printk' can be dropped with CONFIG_PRINTK=n
sym = gdb.lookup_symbol('vsnprintf', None)[0]
if sym is None:
raise RuntimeError("Missing vsnprintf indicates there is no kernel image loaded.")
if sym.symtab.objfile.architecture.name() != archclass.ident:
raise TypeError("Dump file is for `{}' but provided kernel is for `{}'"
.format(archname, archclass.ident))
self.arch = archclass()
def Assign(self, listObj):
try:
if ( listObj.type == ListInspector.ListType ):
self._list = listObj
return
else:
raise TypeError("Invalid List Object Type!")
except Exception as exc:
#print(" Failed to assign from List object: %s" % str(exc))
pass
symbol, methodObj = gdb.lookup_symbol(listObj)
if ( symbol != None ):
self._list = symbol.value()
else:
addrInt = int(listObj, 0)
listObjPtr = gdb.Value(addrInt).cast(ListInspector.ListType.pointer())
self._list = listObjPtr.dereference()
def invoke(self, arg, from_tty):
addr = gdb.parse_and_eval(arg)
addr = ulong(addr)
ptep = ulong(gdb.lookup_symbol('mmu::page_table_root')[0].value().address)
level = 4
while level >= 0:
ptep1 = phys_cast(ptep, ulong_type)
pte = ulong(ptep1.dereference())
gdb.write('%016x %016x\n' % (ptep, pte))
if not pte & 1:
break
if level > 0 and pte & 0x80:
break
if level > 0:
pte &= ~ulong(0x80)
pte &= ~ulong(0x8000000000000fff)
level -= 1
ptep = pte + pt_index(addr, level) * 8
def __init__(self):
self._blocked = ListInspector("xSuspendedTaskList")
self._delayed1 = ListInspector("xDelayedTaskList1")
self._delayed2 = ListInspector("xDelayedTaskList2")
self._readyLists = []
readyTasksListsStr = "pxReadyTasksLists"
readyListsSym,methodType = gdb.lookup_symbol(readyTasksListsStr)
if ( readyListsSym != None ):
readyLists = readyListsSym.value()
minIndex, maxIndex = readyLists.type.range()
for i in range(minIndex, maxIndex+1):
readyList = readyLists[i]
FRReadyList = ListInspector( readyList )
self._readyLists.append(FRReadyList)
else:
print("Failed to Find Symbol: %s" % readyTasksListsStr)
raise ValueError("Invalid Symbol!")
def __call__(self):
message = json.loads(self.data)
sys.stdout.flush()
result = []
# resolve a specific variable
if message[u"type"] == u"variable":
frame = gdb.newest_frame()
block = frame.block()
# split on dots to get all the nested variables
tree = str(message[u"variable"]).split(".")
# take first element of tree - it's the top-level symbol
topSymbol = gdb.lookup_symbol(tree[0], block)[0]
value = topSymbol.value(frame)
for subSymbol in tree[1:]:
sys.stdout.flush()
value = value[subSymbol]
# if it's a struct or array, parse its values
if has_target(value.type) and is_resolvable(value.type.target()):
# iterate over value's fields
for field in value.type.target().fields():
result.append(parse_value_field(field, value, frame))
# otherwise, just return the literal value
else:
result = str(value)
# send response back to client
packet = {"event": "variable", "data": {"value": result}}
# See if the original message had an id number. If it did,
# echo it back in the response.
if message[u"id"]:
packet["id"] = message[u"id"]
conn.send(json.dumps(packet))
def invoke(self,args,from_tty):
argv = gdb.string_to_argv (args)
found=gdb.lookup_symbol(argv[0])
if found[0] == None:
print argv[0],'not found'
return
s=found[0] # get the symbol
v=s.value(gdb.newest_frame()) ## get the value
#if s.is_variable: print s.type,s.name,'=',v
t=s.type.target()
# print 'Type target:',s.type.target()
# print 'Type:',s.type
print '{'
self.dive(v, s.name,2)
print '}'
