scottt/gdbcall-load.py

## gdbcall-load.py
#!/usr/bin/gdb --python
# vim: set filetype=python:

import sys
import optparse
import struct
import logging
import signal

import elftools.elf.elffile
import gdb

# gdbcall type: must match gdbcall.h
(GDBCALL_GDB,
 GDBCALL_PYTHON,
 GDBCALL_PYTHON_VA,
) = (
 0xdeadbeef,
 0xdead5a5a,
 0xdead8877,
)

GDBCALL_TYPES = set( v for (k, v) in globals().iteritems() if k.startswith('GDBCALL_') )

def _parse_gdbcall_tlv(elffile, section):
    (f, s) = (elffile, section)
    if f.little_endian:
        endian_fmt = '<'
    else:
        endian_fmt = '>'

    int32_fmt = '%sI' % (endian_fmt,)
    (offset, d) = (0, s.data())
    while offset < len(d):
        t = struct.unpack_from(int32_fmt, d, offset)[0]; offset += 4
        l = struct.unpack_from(int32_fmt, d, offset)[0]; offset += 4
        yield (t, (d, offset, l)); offset += l

def _parse_gdbcalls(filename):
    '-> (type, value) ...'
    f = elftools.elf.elffile.ELFFile(open(filename))
    s = f.get_section_by_name('.note.gdbcall')
    if s is None: # no section with the name
        return []

    if f.little_endian:
        endian_fmt = '<'
    else:
        endian_fmt = '>'
    if f.elfclass == 64:
        (addr_fmt, addr_size) = ('Q', 8)
    elif f.elfclass == 32:
        (addr_fmt, addr_size) = ('I', 4)

    addr_fmt = '%s%s' % (endian_fmt, addr_fmt)
    type_with_addr = GDBCALL_TYPES

    out = []
    for (t, (d, offset, l)) in _parse_gdbcall_tlv(f, s):
        if t not in type_with_addr:
            logging.error(str((t, d, offset, l)))
        assert(t in type_with_addr)
        addr = struct.unpack_from(addr_fmt, d, offset)[0]
        cmd = struct.unpack_from('%ds' % (l - addr_size,), d, offset + addr_size)[0]
        cmd = ','.join(x for x in cmd.split('\x00') if x)
        logging.debug('0x%x, 0x%08x, 0x%x, %d, %r' % (t, addr, offset, l, cmd))
        out.append((t, addr, cmd))
    return out

breakpoint_handler = {}

def _on_breakpoint_hit(e):
    if not isinstance(e, gdb.BreakpointEvent):
        return True
    for b in e.breakpoints:
        f = breakpoint_handler[b.number]
        f()
    gdb.execute('continue')
    return True

def _gdbcall_setup_breakpoint(t, addr, cmd, options):
    global breakpoint_handler
    # parse addr, cmd from type

    def run_command():
        gdb.execute(cmd)

    def run_python():
        eval(cmd_code, globals())

    bp = gdb.Breakpoint('*0x%x' % (addr,), internal=True)
    if options.debug > 1:
        bp.silent = False
    else:
        bp.silent = True
    if t == GDBCALL_GDB:
        breakpoint_handler[bp.number] = run_command
    elif t == GDBCALL_PYTHON:
        # unescape string, e.g. "f()" -> f()
        cmd0 = eval(cmd)
        cmd_code = compile(cmd0, '<gdbcall>', 'single')
        breakpoint_handler[bp.number] = run_python
    elif t == GDBCALL_PYTHON_VA:
        cmd_code = compile(cmd, '<gdbcall>', 'single')
        breakpoint_handler[bp.number] = run_python
    else:
        logging.info('gdbcall-load: unknown type: 0x%x, addr: 0x%x, cmd: %r' % (t, addr, cmd))

def _gdbcall_setup(filename, options):
    gdb.events.stop.connect(_on_breakpoint_hit)
    for (t, addr, cmd) in _parse_gdbcalls(filename):
        _gdbcall_setup_breakpoint(t, addr, cmd, options)

def gdb_fix_argv():
    '''
    gdb breaks sys.argv[0] in the way it embeds Python
    ./gdb-python-script -> sys.argv: ['']
    when argv should be: [ './gdb-python-script' ]
    ./gdb-python-script 0 1 2 -> sys.argv: ['0', '1', '2']
    when argv should be should be:  [ './gdb-python-script', '0', '1', '2' ]
    '''
    try:
        f = open('/proc/%d/cmdline' % (os.getpid(),))
    except IOError:
        return
    l = f.readline()
    f.close()
    cmdline = l.split('\x00')
    if cmdline[-1] == '':
        cmdline = cmdline[:-1]
    if cmdline[0].endswith('gdb') and cmdline[1] == '--python':
        sys.argv = cmdline[2:]

def on_inferior_exit(filename):
    exitcode = gdb.parse_and_eval('$_exitcode')
    if exitcode.type.code == gdb.TYPE_CODE_INT:
        sys.exit(int(exitcode))
    else:
        siginfo = gdb.parse_and_eval('$_siginfo')
        if siginfo.type.code != gdb.TYPE_CODE_VOID:
            signal_names = dict( (getattr(signal, x), x)
                                for x in dir(signal) if x.startswith('SIG') )
            sig = siginfo['si_signo']
            msg = [ '%s terminated by signal %d' % (filename, sig,) ]
            signame = signal_names.get(int(sig))
            if signame is not None:
                msg.append(' (%s)' % (signame,))
            if sig == signal.SIGSEGV:
                # $_siginfo._sifields._sigfault.si_addr
                try:
                    addr = siginfo['_sifields']['_sigfault']['si_addr']
                except gdb.error:
                    pass
                if addr is not None:
                    msg.append(' while accessing address: %s' % (addr,))
            logging.error(''.join(msg))
        else:
            logging.error('%s terminated abnormally\n' % (filename,))
        sys.exit(3)

def main(args):
    op = optparse.OptionParser(option_list = [
        optparse.Option('-d', '--debug', type=int, default=0, help='debug level'),
    ])
    (options, args) = op.parse_args(args)
    if options.debug:
        level = logging.DEBUG
    else:
        level = logging.WARNING
    logging.basicConfig(format='%(message)s', level=level)
    filename = args[0]

    gdb.execute('set python print-stack full')
    gdb.execute('set print inferior-events off')

    _gdbcall_setup(filename, options)
    gdb.execute('file %s' % (filename,))
    sys.argv = args
    gdb.execute('run')
    on_inferior_exit(filename)

if __name__ == '__main__':
    gdb_fix_argv()
    main(sys.argv[1:])

## gdbcall.h
#ifndef GDB_CALL_H
#define GDB_CALL_H

/* .note.gdbcall section format: TLV,
 * Type   (4 byte)
 * Length (4 byte, number of bytes for the variable length value that follows.
 *         Does not include the 4 bytes for the length field itself.)
 * Value  (variable length)
 *
 *
 * See:
 * http://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html
 * http://sourceware.org/binutils/docs/as/Symbol-Names.html#index-local-labels-217
 */

#define GDB(cmd, args...) \
0: nop; \
.pushsection .note.gdbcall,"?","note"; \
.balign 4; \
.4byte 0xdeadbeef; /* type */ \
.4byte 2f-1f;      /* length */ \
1: .8byte 0b; \
.asciz #cmd #args; \
.balign 4; \
2: .popsection;

#define GDBPY(stmt, args...) \
0: nop; \
.pushsection .note.gdbcall,"?","note"; \
.balign 4; \
.4byte 0xdead8877; /* type */ \
.4byte 2f-1f;      /* length */ \
1: .8byte 0b; \
.asciz #stmt #args; \
.balign 4; \
2: .popsection;

#endif

## hanoi.S
#include <sys/syscall.h>
#include "gdbcall.h"

.section .text
.global _start
_start:
movq $3, %rdi
movq $0, %rsi
movq $2, %rdx
GDBPY(import sys, gdb)
GDBPY(gdb.execute('set variable $rdi = %d' % (int(sys.argv[1]),)))
call hanoi

/* exit_group(0) */
movq $SYS_exit_group, %rax
movq $0, %rdi
syscall

.type hanoi,STT_FUNC
hanoi:
cmp $1, %rdi
jg recurse
GDB(printf "move %d, %d, %d\n", $rdi - 1, $rsi, $rdx)
ret

recurse:
/* tmp = 0 + 1 + 2 - src - dst */
push %rbx
movq $3, %rbx
sub %rsi, %rbx
sub %rdx, %rbx
/* hanoi(n-1, src, tmp) */
push %rdi
dec %rdi
push %rsi
push %rdx
movq %rbx, %rdx
call hanoi
pop %rdx
pop %rsi
pop %rdi
GDB(printf "move %d, %d, %d\n", $rdi - 1, $rsi, $rdx)
/* hanoi(n-1, tmp, dst) */
dec %rdi
movq %rbx, %rsi
call hanoi
pop %rbx
ret
	#!/usr/bin/gdb --python
	# vim: set filetype=python:

	import sys
	import optparse
	import struct
	import logging
	import signal

	import elftools.elf.elffile
	import gdb

	# gdbcall type: must match gdbcall.h
	(GDBCALL_GDB,
	GDBCALL_PYTHON,
	GDBCALL_PYTHON_VA,
	) = (
	0xdeadbeef,
	0xdead5a5a,
	0xdead8877,
	)

	GDBCALL_TYPES = set( v for (k, v) in globals().iteritems() if k.startswith('GDBCALL_') )

	def _parse_gdbcall_tlv(elffile, section):
	(f, s) = (elffile, section)
	if f.little_endian:
	endian_fmt = '<'
	else:
	endian_fmt = '>'

	int32_fmt = '%sI' % (endian_fmt,)
	(offset, d) = (0, s.data())
	while offset < len(d):
	t = struct.unpack_from(int32_fmt, d, offset)[0]; offset += 4
	l = struct.unpack_from(int32_fmt, d, offset)[0]; offset += 4
	yield (t, (d, offset, l)); offset += l

	def _parse_gdbcalls(filename):
	'-> (type, value) ...'
	f = elftools.elf.elffile.ELFFile(open(filename))
	s = f.get_section_by_name('.note.gdbcall')
	if s is None: # no section with the name
	return []

	if f.little_endian:
	endian_fmt = '<'
	else:
	endian_fmt = '>'
	if f.elfclass == 64:
	(addr_fmt, addr_size) = ('Q', 8)
	elif f.elfclass == 32:
	(addr_fmt, addr_size) = ('I', 4)

	addr_fmt = '%s%s' % (endian_fmt, addr_fmt)
	type_with_addr = GDBCALL_TYPES

	out = []
	for (t, (d, offset, l)) in _parse_gdbcall_tlv(f, s):
	if t not in type_with_addr:
	logging.error(str((t, d, offset, l)))
	assert(t in type_with_addr)
	addr = struct.unpack_from(addr_fmt, d, offset)[0]
	cmd = struct.unpack_from('%ds' % (l - addr_size,), d, offset + addr_size)[0]
	cmd = ','.join(x for x in cmd.split('\x00') if x)
	logging.debug('0x%x, 0x%08x, 0x%x, %d, %r' % (t, addr, offset, l, cmd))
	out.append((t, addr, cmd))
	return out

	breakpoint_handler = {}

	def _on_breakpoint_hit(e):
	if not isinstance(e, gdb.BreakpointEvent):
	return True
	for b in e.breakpoints:
	f = breakpoint_handler[b.number]
	f()
	gdb.execute('continue')
	return True

	def _gdbcall_setup_breakpoint(t, addr, cmd, options):
	global breakpoint_handler
	# parse addr, cmd from type

	def run_command():
	gdb.execute(cmd)

	def run_python():
	eval(cmd_code, globals())

	bp = gdb.Breakpoint('*0x%x' % (addr,), internal=True)
	if options.debug > 1:
	bp.silent = False
	else:
	bp.silent = True
	if t == GDBCALL_GDB:
	breakpoint_handler[bp.number] = run_command
	elif t == GDBCALL_PYTHON:
	# unescape string, e.g. "f()" -> f()
	cmd0 = eval(cmd)
	cmd_code = compile(cmd0, '<gdbcall>', 'single')
	breakpoint_handler[bp.number] = run_python
	elif t == GDBCALL_PYTHON_VA:
	cmd_code = compile(cmd, '<gdbcall>', 'single')
	breakpoint_handler[bp.number] = run_python
	else:
	logging.info('gdbcall-load: unknown type: 0x%x, addr: 0x%x, cmd: %r' % (t, addr, cmd))

	def _gdbcall_setup(filename, options):
	gdb.events.stop.connect(_on_breakpoint_hit)
	for (t, addr, cmd) in _parse_gdbcalls(filename):
	_gdbcall_setup_breakpoint(t, addr, cmd, options)

	def gdb_fix_argv():
	'''
	gdb breaks sys.argv[0] in the way it embeds Python
	./gdb-python-script -> sys.argv: ['']
	when argv should be: [ './gdb-python-script' ]
	./gdb-python-script 0 1 2 -> sys.argv: ['0', '1', '2']
	when argv should be should be: [ './gdb-python-script', '0', '1', '2' ]
	'''
	try:
	f = open('/proc/%d/cmdline' % (os.getpid(),))
	except IOError:
	return
	l = f.readline()
	f.close()
	cmdline = l.split('\x00')
	if cmdline[-1] == '':
	cmdline = cmdline[:-1]
	if cmdline[0].endswith('gdb') and cmdline[1] == '--python':
	sys.argv = cmdline[2:]

	def on_inferior_exit(filename):
	exitcode = gdb.parse_and_eval('$_exitcode')
	if exitcode.type.code == gdb.TYPE_CODE_INT:
	sys.exit(int(exitcode))
	else:
	siginfo = gdb.parse_and_eval('$_siginfo')
	if siginfo.type.code != gdb.TYPE_CODE_VOID:
	signal_names = dict( (getattr(signal, x), x)
	for x in dir(signal) if x.startswith('SIG') )
	sig = siginfo['si_signo']
	msg = [ '%s terminated by signal %d' % (filename, sig,) ]
	signame = signal_names.get(int(sig))
	if signame is not None:
	msg.append(' (%s)' % (signame,))
	if sig == signal.SIGSEGV:
	# $_siginfo._sifields._sigfault.si_addr
	try:
	addr = siginfo['_sifields']['_sigfault']['si_addr']
	except gdb.error:
	pass
	if addr is not None:
	msg.append(' while accessing address: %s' % (addr,))
	logging.error(''.join(msg))
	else:
	logging.error('%s terminated abnormally\n' % (filename,))
	sys.exit(3)

	def main(args):
	op = optparse.OptionParser(option_list = [
	optparse.Option('-d', '--debug', type=int, default=0, help='debug level'),
	])
	(options, args) = op.parse_args(args)
	if options.debug:
	level = logging.DEBUG
	else:
	level = logging.WARNING
	logging.basicConfig(format='%(message)s', level=level)
	filename = args[0]

	gdb.execute('set python print-stack full')
	gdb.execute('set print inferior-events off')

	_gdbcall_setup(filename, options)
	gdb.execute('file %s' % (filename,))
	sys.argv = args
	gdb.execute('run')
	on_inferior_exit(filename)

	if __name__ == '__main__':
	gdb_fix_argv()
	main(sys.argv[1:])
	#ifndef GDB_CALL_H
	#define GDB_CALL_H

	/* .note.gdbcall section format: TLV,
	* Type (4 byte)
	* Length (4 byte, number of bytes for the variable length value that follows.
	* Does not include the 4 bytes for the length field itself.)
	* Value (variable length)
	*
	*
	* See:
	* http://gcc.gnu.org/onlinedocs/gcc/Variadic-Macros.html
	* http://sourceware.org/binutils/docs/as/Symbol-Names.html#index-local-labels-217
	*/

	#define GDB(cmd, args...) \
	0: nop; \
	.pushsection .note.gdbcall,"?","note"; \
	.balign 4; \
	.4byte 0xdeadbeef; /* type */ \
	.4byte 2f-1f; /* length */ \
	1: .8byte 0b; \
	.asciz #cmd #args; \
	.balign 4; \
	2: .popsection;

	#define GDBPY(stmt, args...) \
	0: nop; \
	.pushsection .note.gdbcall,"?","note"; \
	.balign 4; \
	.4byte 0xdead8877; /* type */ \
	.4byte 2f-1f; /* length */ \
	1: .8byte 0b; \
	.asciz #stmt #args; \
	.balign 4; \
	2: .popsection;

	#endif
	#include <sys/syscall.h>
	#include "gdbcall.h"

	.section .text
	.global _start
	_start:
	movq $3, %rdi
	movq $0, %rsi
	movq $2, %rdx
	GDBPY(import sys, gdb)
	GDBPY(gdb.execute('set variable $rdi = %d' % (int(sys.argv[1]),)))
	call hanoi

	/* exit_group(0) */
	movq $SYS_exit_group, %rax
	movq $0, %rdi
	syscall

	.type hanoi,STT_FUNC
	hanoi:
	cmp $1, %rdi
	jg recurse
	GDB(printf "move %d, %d, %d\n", $rdi - 1, $rsi, $rdx)
	ret

	recurse:
	/* tmp = 0 + 1 + 2 - src - dst */
	push %rbx
	movq $3, %rbx
	sub %rsi, %rbx
	sub %rdx, %rbx
	/* hanoi(n-1, src, tmp) */
	push %rdi
	dec %rdi
	push %rsi
	push %rdx
	movq %rbx, %rdx
	call hanoi
	pop %rdx
	pop %rsi
	pop %rdi
	GDB(printf "move %d, %d, %d\n", $rdi - 1, $rsi, $rdx)
	/* hanoi(n-1, tmp, dst) */
	dec %rdi
	movq %rbx, %rsi
	call hanoi
	pop %rbx
	ret