[apple/xnu.git] / tools / lldbmacros / xnutriage.py

"""
    XNU Triage commands
"""
from xnu import *
import sys, shlex
from utils import *
import xnudefines
import re
import os.path

# Macro: xi
def OutputAddress(cmd_args=None):
    """ Returns out address and symbol corresponding to it without newline
        Parameters: <address whose symbol is needed>
    """
    if not cmd_args:
        print "No arguments passed"
        print OutputAddress.__doc__
        return False
    a = unsigned(cmd_args[0])
    cmd_str = "image lookup -a {:#x}".format(a)
    cmd_out = lldb_run_command(cmd_str)
    if len(cmd_out) != 0 and cmd_out != "ERROR:":
        cmd_out1 = cmd_out.split('\n')
        if len(cmd_out1) != 0:
            cmd_out2 = cmd_out1[1].split('`')
            if cmd_out2 != 0:
                cmd_out3 = cmd_out2[1].split(' at')
                if len(cmd_out3) != 0:
                    symbol_str = "{:#x} <{:s}>".format(unsigned(a), cmd_out3[0])
                    return symbol_str
    return ""

@lldb_command('xi')
def SymbolicateWithInstruction(cmd_args=None):
    """ Prints out address and symbol similar to x/i
        Usage: xi <address whose symbol is needed>
    """
    if not cmd_args:
        print "No arguments passed"
        print SymbolicateWithInstruction.__doc__
        return False
    a = ArgumentStringToInt(cmd_args[0])
    print OutputAddress([a])

# Macro: xi

# Macro: newbt
@lldb_command('newbt')
def NewBt(cmd_args=None):
    """ Prints all the instructions by walking the given stack pointer
    """
    if not cmd_args:
        print "No arguments passed"
        print NewBt.__doc__
        return False
    a = ArgumentStringToInt(cmd_args[0])
    while a != 0:
        if kern.arch == "x86_64" or kern.arch.startswith("arm64"):
            offset = 8
        else:
            offset = 4
        link_register = dereference(kern.GetValueFromAddress(a + offset, 'uintptr_t *'))
        cmd_str = "di -s {:#x} -c 1".format(link_register)
        cmd_out = lldb_run_command(cmd_str)
        if len(cmd_out) != 0:
            cmd_out1 = cmd_out.split('\n')
            if len(cmd_out1) != 0:
                print OutputAddress([unsigned(link_register)]) + ": " + cmd_out1[0].split(':')[1]
        a = dereference(kern.GetValueFromAddress(unsigned(a), 'uintptr_t *'))

# EndMacro: newbt

# Macro: parseLR
@lldb_command('parseLR')
def parseLR(cmd_args=None):
    """ Decode the LR value from panic log into source code location
    """
    global paniclog_data
    panic_found = 1

    if not paniclog_data:
        if kern.arch == "x86_64":
            paniclog_data += returnfunc("\n(lldb) paniclog\n", "paniclog -v")
        else:
            paniclog_data += returnfunc("\n(lldb) paniclog\n", "paniclog")

    if panic_found == 1:
        srch_string = "lr:\s+0x[a-fA-F0-9]+\s"
        lr_pc_srch = re.findall(srch_string, paniclog_data)
        if lr_pc_srch:
            print paniclog_data, lr_pc_srch
            for match in lr_pc_srch:
                sp=match.strip("lr: ")
                print sp
                print "(lldb) list *{:s}".format(sp)
                print lldb_run_command("list *{:s}".format(sp))

    else:
        print "Currently unsupported on x86_64 architecture"
#EndMacro: parseLR

# Macro: parseLRfromfile
@lldb_command('parseLRfromfile')
def parseLRfromfile(cmd_args=None):
    """ Decode the LR value from file into source code location
    """
    f = open('/tmp/lrparsefile', 'r')
    parse_data= f.read()
    srch_string = "lr:\s+0x[a-fA-F0-9]+\s"
    lr_pc_srch = re.findall(srch_string, parse_data)
    if lr_pc_srch:
        print paniclog_data, lr_pc_srch
        for match in lr_pc_srch:
            sp=match.strip("lr: ")
            print sp
            print "(lldb) list *{:s}".format(sp)
            print lldb_run_command("list *{:s}".format(sp))

#EndMacro: parseLRfromfile
Commit	Line	Data
39037602 A	1	"""
	2	XNU Triage commands
	3	"""
	4	from xnu import *
	5	import sys, shlex
	6	from utils import *
	7	import xnudefines
	8	import re
	9	import os.path
	10
	11	# Macro: xi
	12	def OutputAddress(cmd_args=None):
	13	""" Returns out address and symbol corresponding to it without newline
	14	Parameters: <address whose symbol is needed>
	15	"""
	16	if not cmd_args:
	17	print "No arguments passed"
	18	print OutputAddress.__doc__
	19	return False
	20	a = unsigned(cmd_args[0])
	21	cmd_str = "image lookup -a {:#x}".format(a)
	22	cmd_out = lldb_run_command(cmd_str)
	23	if len(cmd_out) != 0 and cmd_out != "ERROR:":
	24	cmd_out1 = cmd_out.split('\n')
	25	if len(cmd_out1) != 0:
	26	cmd_out2 = cmd_out1[1].split('`')
	27	if cmd_out2 != 0:
	28	cmd_out3 = cmd_out2[1].split(' at')
	29	if len(cmd_out3) != 0:
	30	symbol_str = "{:#x} <{:s}>".format(unsigned(a), cmd_out3[0])
	31	return symbol_str
	32	return ""
	33
	34	@lldb_command('xi')
	35	def SymbolicateWithInstruction(cmd_args=None):
	36	""" Prints out address and symbol similar to x/i
	37	Usage: xi <address whose symbol is needed>
	38	"""
	39	if not cmd_args:
	40	print "No arguments passed"
	41	print SymbolicateWithInstruction.__doc__
	42	return False
	43	a = ArgumentStringToInt(cmd_args[0])
	44	print OutputAddress([a])
	45
	46	# Macro: xi
	47
	48	# Macro: newbt
	49	@lldb_command('newbt')
	50	def NewBt(cmd_args=None):
	51	""" Prints all the instructions by walking the given stack pointer
	52	"""
	53	if not cmd_args:
	54	print "No arguments passed"
	55	print NewBt.__doc__
	56	return False
	57	a = ArgumentStringToInt(cmd_args[0])
	58	while a != 0:
5ba3f43e	59	if kern.arch == "x86_64" or kern.arch.startswith("arm64"):
39037602 A	60	offset = 8
	61	else:
	62	offset = 4
	63	link_register = dereference(kern.GetValueFromAddress(a + offset, 'uintptr_t *'))
	64	cmd_str = "di -s {:#x} -c 1".format(link_register)
	65	cmd_out = lldb_run_command(cmd_str)
	66	if len(cmd_out) != 0:
	67	cmd_out1 = cmd_out.split('\n')
	68	if len(cmd_out1) != 0:
	69	print OutputAddress([unsigned(link_register)]) + ": " + cmd_out1[0].split(':')[1]
	70	a = dereference(kern.GetValueFromAddress(unsigned(a), 'uintptr_t *'))
	71
	72	# EndMacro: newbt
	73
	74	# Macro: parseLR
	75	@lldb_command('parseLR')
	76	def parseLR(cmd_args=None):
	77	""" Decode the LR value from panic log into source code location
	78	"""
	79	global paniclog_data
	80	panic_found = 1
	81
	82	if not paniclog_data:
	83	if kern.arch == "x86_64":
	84	paniclog_data += returnfunc("\n(lldb) paniclog\n", "paniclog -v")
	85	else:
	86	paniclog_data += returnfunc("\n(lldb) paniclog\n", "paniclog")
	87
	88	if panic_found == 1:
	89	srch_string = "lr:\s+0x[a-fA-F0-9]+\s"
	90	lr_pc_srch = re.findall(srch_string, paniclog_data)
	91	if lr_pc_srch:
	92	print paniclog_data, lr_pc_srch
	93	for match in lr_pc_srch:
	94	sp=match.strip("lr: ")
	95	print sp
	96	print "(lldb) list *{:s}".format(sp)
	97	print lldb_run_command("list *{:s}".format(sp))
	98
	99	else:
	100	print "Currently unsupported on x86_64 architecture"
	101	#EndMacro: parseLR
	102
	103	# Macro: parseLRfromfile
	104	@lldb_command('parseLRfromfile')
	105	def parseLRfromfile(cmd_args=None):
	106	""" Decode the LR value from file into source code location
	107	"""
	108	f = open('/tmp/lrparsefile', 'r')
	109	parse_data= f.read()
	110	srch_string = "lr:\s+0x[a-fA-F0-9]+\s"
	111	lr_pc_srch = re.findall(srch_string, parse_data)
	112	if lr_pc_srch:
	113	print paniclog_data, lr_pc_srch
	114	for match in lr_pc_srch:
	115	sp=match.strip("lr: ")
	116	print sp
	117	print "(lldb) list *{:s}".format(sp)
	118	print lldb_run_command("list *{:s}".format(sp))
	119
	120	#EndMacro: parseLRfromfile
	121