Created
April 4, 2018 23:28
-
-
Save ajeddeloh/88b7130030460ef2270841ebe3e1e44c to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
### | |
### Load debuging information about GNU GRUB 2 modules into GDB | |
### automatically. Needs readelf, Perl and gmodule.pl script | |
### | |
### $Id: .gdbinit,v 1.1 2006/05/14 11:38:08 lkundrak Exp $ | |
### Lubomir Kundrak <lkudrak@skosi.org> | |
### | |
set architecture i386 | |
#set architecture i386:x64-32:intel | |
#set architecture i8086 | |
# Add section numbers and addresses to .segments.tmp | |
define dump_module_sections | |
set $mod = $arg0 | |
# FIXME: save logging status | |
set logging file .segments.tmp | |
set logging redirect on | |
set logging overwrite off | |
set logging on | |
printf "%s", $mod->name | |
set $segment = $mod->segment | |
while ($segment) | |
printf " %i 0x%x", $segment->section, $segment->addr | |
set $segment = $segment->next | |
end | |
printf "\n" | |
set logging off | |
# FIXME: restore logging status | |
end | |
document dump_module_sections | |
Gather information about module whose mod structure was | |
given for use with match_and_load_symbols | |
end | |
# Generate and execute GDB commands and delete temporary files | |
# afterwards | |
define match_and_load_symbols | |
shell perl gmodule.pl <.segments.tmp >.loadsym.gdb | |
source .loadsym.gdb | |
shell rm -f .segments.tmp .loadsym.gdb | |
end | |
document match_and_load_symbols | |
Launch script, that matches section names with information | |
generated by dump_module_sections and load debugging info | |
apropriately | |
end | |
### | |
define load_module | |
dump_module_sections $arg0 | |
match_and_load_symbols | |
end | |
document load_module | |
Load debugging information for module given as argument. | |
end | |
define load_all_modules | |
set $this = grub_dl_head | |
while ($this != 0) | |
dump_module_sections $this->mod | |
set $this = $this->next | |
end | |
match_and_load_symbols | |
end | |
document load_all_modules | |
Load debugging information for all loaded modules. | |
end | |
set output-radix 16 | |
file kernel.exec | |
target remote :1234 | |
watch *0x3cec8166 | |
define get_header_from_ptr_gdb | |
# rewriting c in gdb macros: my favorite activity, original c code in comments | |
set $ptr = $arg0 | |
#if ((grub_addr_t) ptr & (GRUB_MM_ALIGN - 1)) | |
if ((grub_addr_t) $ptr & (16 - 1)) | |
print "ptr is not aligned, dunno if we care" | |
end | |
#for (*r = grub_mm_base; *r; *r = (*r)->next) | |
set $r = grub_mm_base | |
while $r != 0 | |
# if ((grub_addr_t) ptr > (grub_addr_t) ((*r) + 1) && (grub_addr_t) ptr <= (grub_addr_t) ((*r) + 1) + (*r)->size) | |
if ((grub_addr_t) $ptr > (grub_addr_t) ($r + 1) && (grub_addr_t) $ptr <= (grub_addr_t) ($r + 1) + $r->size) | |
loop_break | |
end | |
#end of for | |
set $r = $r.next | |
end | |
if ($r == 0) | |
print "out of range pointer" | |
return | |
end | |
# *p = (grub_mm_header_t) ptr - 1; | |
set $p = (grub_mm_header_t) $ptr - 1 | |
# if ((*p)->magic == GRUB_MM_FREE_MAGIC) | |
if $p->magic == 0x2d3c2808 | |
print "double free" | |
return | |
end | |
#if ((*p)->magic != GRUB_MM_ALLOC_MAGIC) | |
if $p->magic != 0x6db08fa4 | |
print "alloc magic broken" | |
return | |
end | |
print "memory header" | |
print $p | |
print "region" | |
print $r | |
end | |
# this address is the "free magic broken" address for 1618.0.0 | |
break | |
# inform when module is loaded | |
break grub_dl_add | |
commands | |
silent | |
load_module mod | |
cont | |
end |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment