#!/usr/bin/python import lldb import struct class OperatingSystemPlugIn(object): """Class that provides data for an instance of a LLDB 'OperatingSystemPython' plug-in class""" def __init__(self, process): '''Initialization needs a valid.SBProcess object. This plug-in will get created after a live process is valid and has stopped for the first time.''' self.process = None self.registers = None self.threads = None if type(process) is lldb.SBProcess and process.IsValid(): self.process = process self.threads = None # Will be an dictionary containing info for each thread def get_target(self): # NOTE: Don't use "lldb.target" when trying to get your target as the "lldb.target" # tracks the current target in the LLDB command interpreter which isn't the # correct thing to use for this plug-in. return self.process.target def create_thread(self, tid, context): if tid == 0x444444444: thread_info = { 'tid' : tid, 'name' : 'four' , 'queue' : 'queue4', 'state' : 'stopped', 'stop_reason' : 'none' } self.threads.append(thread_info) return thread_info return None def get_thread_info(self): if not self.threads: # The sample dictionary below shows the values that can be returned for a thread # tid => thread ID (mandatory) # name => thread name (optional key/value pair) # queue => thread dispatch queue name (optional key/value pair) # state => thred state (mandatory, set to 'stopped' for now) # stop_reason => thread stop reason. (mandatory, usually set to 'none') # Possible values include: # 'breakpoint' if the thread is stopped at a breakpoint # 'none' thread is just stopped because the process is stopped # 'trace' the thread just single stepped # The usual value for this while threads are in memory is 'none' # register_data_addr => the address of the register data in memory (optional key/value pair) # Specifying this key/value pair for a thread will avoid a call to get_register_data() # and can be used when your registers are in a thread context structure that is contiguous # in memory. Don't specify this if your register layout in memory doesn't match the layout # described by the dictionary returned from a call to the get_register_info() method. self.threads = [ { 'tid' : 0x111111111, 'core' : 0 } ] return self.threads def get_register_info(self): if self.registers == None: self.registers = dict() self.registers['sets'] = ['GPR'] self.registers['registers'] = [ { 'name':'rax' , 'bitsize' : 64, 'offset' : 0, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 0, 'dwarf' : 0}, { 'name':'rbx' , 'bitsize' : 64, 'offset' : 8, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 3, 'dwarf' : 3}, { 'name':'rcx' , 'bitsize' : 64, 'offset' : 16, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 2, 'dwarf' : 2, 'generic':'arg4', 'alt-name':'arg4', }, { 'name':'rdx' , 'bitsize' : 64, 'offset' : 24, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 1, 'dwarf' : 1, 'generic':'arg3', 'alt-name':'arg3', }, { 'name':'rdi' , 'bitsize' : 64, 'offset' : 32, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 5, 'dwarf' : 5, 'generic':'arg1', 'alt-name':'arg1', }, { 'name':'rsi' , 'bitsize' : 64, 'offset' : 40, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 4, 'dwarf' : 4, 'generic':'arg2', 'alt-name':'arg2', }, { 'name':'rbp' , 'bitsize' : 64, 'offset' : 48, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 6, 'dwarf' : 6, 'generic':'fp' , 'alt-name':'fp', }, { 'name':'rsp' , 'bitsize' : 64, 'offset' : 56, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 7, 'dwarf' : 7, 'generic':'sp' , 'alt-name':'sp', }, { 'name':'r8' , 'bitsize' : 64, 'offset' : 64, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 8, 'dwarf' : 8, 'generic':'arg5', 'alt-name':'arg5', }, { 'name':'r9' , 'bitsize' : 64, 'offset' : 72, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 9, 'dwarf' : 9, 'generic':'arg6', 'alt-name':'arg6', }, { 'name':'r10' , 'bitsize' : 64, 'offset' : 80, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 10, 'dwarf' : 10}, { 'name':'r11' , 'bitsize' : 64, 'offset' : 88, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 11, 'dwarf' : 11}, { 'name':'r12' , 'bitsize' : 64, 'offset' : 96, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 12, 'dwarf' : 12}, { 'name':'r13' , 'bitsize' : 64, 'offset' : 104, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 13, 'dwarf' : 13}, { 'name':'r14' , 'bitsize' : 64, 'offset' : 112, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 14, 'dwarf' : 14}, { 'name':'r15' , 'bitsize' : 64, 'offset' : 120, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 15, 'dwarf' : 15}, { 'name':'rip' , 'bitsize' : 64, 'offset' : 128, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'gcc' : 16, 'dwarf' : 16, 'generic':'pc', 'alt-name':'pc' }, { 'name':'rflags' , 'bitsize' : 64, 'offset' : 136, 'encoding':'uint' , 'format':'hex' , 'set': 0, 'generic':'flags', 'alt-name':'flags' }, { 'name':'cs' , 'bitsize' : 64, 'offset' : 144, 'encoding':'uint' , 'format':'hex' , 'set': 0 }, { 'name':'fs' , 'bitsize' : 64, 'offset' : 152, 'encoding':'uint' , 'format':'hex' , 'set': 0 }, { 'name':'gs' , 'bitsize' : 64, 'offset' : 160, 'encoding':'uint' , 'format':'hex' , 'set': 0 }, ] return self.registers def get_register_data(self, tid): return struct.pack('21Q',tid + 1,tid + 2,tid + 3,tid + 4,tid + 5,tid + 6,tid + 7,tid + 8,tid + 9,tid + 10,tid + 11,tid + 12,tid + 13,tid + 14,tid + 15,tid + 16,tid + 17,tid + 18,tid + 19,tid + 20,tid + 21);