#!/usr/bin/env python import lldb import struct class OperatingSystemPlugIn(object): """Class that provides data for an instance of a LLDB 'OperatingSystemPython' plug-in class""" def __init__(self, process): '''Initialization needs a valid.SBProcess object. This plug-in will get created after a live process is valid and has stopped for the first time.''' self.process = None self.registers = None self.threads = None if isinstance(process, lldb.SBProcess) and process.IsValid(): self.process = process self.threads = None # Will be an dictionary containing info for each thread def get_target(self): # NOTE: Don't use "lldb.target" when trying to get your target as the "lldb.target" # tracks the current target in the LLDB command interpreter which isn't the # correct thing to use for this plug-in. return self.process.target def create_thread(self, tid, context): if tid == 0x444444444: thread_info = { 'tid': tid, 'name': 'four', 'queue': 'queue4', 'state': 'stopped', 'stop_reason': 'none'} self.threads.append(thread_info) return thread_info return None def get_thread_info(self): if not self.threads: # The sample dictionary below shows the values that can be returned for a thread # tid => thread ID (mandatory) # name => thread name (optional key/value pair) # queue => thread dispatch queue name (optional key/value pair) # state => thred state (mandatory, set to 'stopped' for now) # stop_reason => thread stop reason. (mandatory, usually set to 'none') # Possible values include: # 'breakpoint' if the thread is stopped at a breakpoint # 'none' thread is just stopped because the process is stopped # 'trace' the thread just single stepped # The usual value for this while threads are in memory is 'none' # register_data_addr => the address of the register data in memory (optional key/value pair) # Specifying this key/value pair for a thread will avoid a call to get_register_data() # and can be used when your registers are in a thread context structure that is contiguous # in memory. Don't specify this if your register layout in memory doesn't match the layout # described by the dictionary returned from a call to the # get_register_info() method. self.threads = [{'tid': 0x111111111, 'name': 'one', 'queue': 'queue1', 'state': 'stopped', 'stop_reason': 'breakpoint'}, {'tid': 0x222222222, 'name': 'two', 'queue': 'queue2', 'state': 'stopped', 'stop_reason': 'none'}, {'tid': 0x333333333, 'name': 'three', 'queue': 'queue3', 'state': 'stopped', 'stop_reason': 'trace', 'register_data_addr': 0x100000000}] return self.threads def get_register_info(self): if self.registers is None: self.registers = dict() triple = self.process.target.triple if triple: arch = triple.split('-')[0] if arch == 'x86_64': self.registers['sets'] = ['GPR', 'FPU', 'EXC'] self.registers['registers'] = [ {'name': 'rax', 'bitsize': 64, 'offset': 0, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 0, 'dwarf': 0}, {'name': 'rbx', 'bitsize': 64, 'offset': 8, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 3, 'dwarf': 3}, {'name': 'rcx', 'bitsize': 64, 'offset': 16, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 2, 'dwarf': 2, 'generic': 'arg4', 'alt-name': 'arg4', }, {'name': 'rdx', 'bitsize': 64, 'offset': 24, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 1, 'dwarf': 1, 'generic': 'arg3', 'alt-name': 'arg3', }, {'name': 'rdi', 'bitsize': 64, 'offset': 32, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 5, 'dwarf': 5, 'generic': 'arg1', 'alt-name': 'arg1', }, {'name': 'rsi', 'bitsize': 64, 'offset': 40, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 4, 'dwarf': 4, 'generic': 'arg2', 'alt-name': 'arg2', }, {'name': 'rbp', 'bitsize': 64, 'offset': 48, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 6, 'dwarf': 6, 'generic': 'fp', 'alt-name': 'fp', }, {'name': 'rsp', 'bitsize': 64, 'offset': 56, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 7, 'dwarf': 7, 'generic': 'sp', 'alt-name': 'sp', }, {'name': 'r8', 'bitsize': 64, 'offset': 64, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 8, 'dwarf': 8, 'generic': 'arg5', 'alt-name': 'arg5', }, {'name': 'r9', 'bitsize': 64, 'offset': 72, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 9, 'dwarf': 9, 'generic': 'arg6', 'alt-name': 'arg6', }, {'name': 'r10', 'bitsize': 64, 'offset': 80, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 10, 'dwarf': 10}, {'name': 'r11', 'bitsize': 64, 'offset': 88, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 11, 'dwarf': 11}, {'name': 'r12', 'bitsize': 64, 'offset': 96, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 12, 'dwarf': 12}, {'name': 'r13', 'bitsize': 64, 'offset': 104, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 13, 'dwarf': 13}, {'name': 'r14', 'bitsize': 64, 'offset': 112, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 14, 'dwarf': 14}, {'name': 'r15', 'bitsize': 64, 'offset': 120, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 15, 'dwarf': 15}, {'name': 'rip', 'bitsize': 64, 'offset': 128, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'gcc': 16, 'dwarf': 16, 'generic': 'pc', 'alt-name': 'pc'}, {'name': 'rflags', 'bitsize': 64, 'offset': 136, 'encoding': 'uint', 'format': 'hex', 'set': 0, 'generic': 'flags', 'alt-name': 'flags'}, {'name': 'cs', 'bitsize': 64, 'offset': 144, 'encoding': 'uint', 'format': 'hex', 'set': 0}, {'name': 'fs', 'bitsize': 64, 'offset': 152, 'encoding': 'uint', 'format': 'hex', 'set': 0}, {'name': 'gs', 'bitsize': 64, 'offset': 160, 'encoding': 'uint', 'format': 'hex', 'set': 0}, ] return self.registers def get_register_data(self, tid): if tid == 0x111111111: return struct.pack( '21Q', 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21) elif tid == 0x222222222: return struct.pack( '21Q', 11, 12, 13, 14, 15, 16, 17, 18, 19, 110, 111, 112, 113, 114, 115, 116, 117, 118, 119, 120, 121) elif tid == 0x333333333: return struct.pack( '21Q', 21, 22, 23, 24, 25, 26, 27, 28, 29, 210, 211, 212, 213, 214, 215, 216, 217, 218, 219, 220, 221) elif tid == 0x444444444: return struct.pack( '21Q', 31, 32, 33, 34, 35, 36, 37, 38, 39, 310, 311, 312, 313, 314, 315, 316, 317, 318, 319, 320, 321) else: return struct.pack( '21Q', 41, 42, 43, 44, 45, 46, 47, 48, 49, 410, 411, 412, 413, 414, 415, 416, 417, 418, 419, 420, 421) return None