qemu-gdb: extract parts of "qemu coroutine" implementation

qemu with hax to log dma reads & writes jcs.org/2018/11/12/vfio

Provide useful Python functions to reach and decipher a jmpbuf.

Signed-off-by: Paolo Bonzini <pbonzini@redhat.com>
Message-id: 1444636974-19950-3-git-send-email-pbonzini@redhat.com
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>

authored by

Paolo Bonzini and committed by

Stefan Hajnoczi 10 years ago 80ab31b2 1138f246

+27 -29

1 changed file

expand all

scripts

qemugdb

coroutine.py

+27 -29

scripts/qemugdb/coroutine.py

··· 47 47 '''Undo effect of glibc's PTR_MANGLE()''' 48 48 return gdb.parse_and_eval('(((uint64_t)%s >> 0x11) | ((uint64_t)%s << (64 - 0x11))) ^ (uint64_t)%s' % (val, val, pointer_guard)) 49 49 50 - def bt_jmpbuf(jmpbuf): 51 - '''Backtrace a jmpbuf''' 50 + def get_jmpbuf_regs(jmpbuf): 52 51 JB_RBX = 0 53 52 JB_RBP = 1 54 53 JB_R12 = 2 ··· 58 57 JB_RSP = 6 59 58 JB_PC = 7 60 59 61 - old_rbx = gdb.parse_and_eval('(uint64_t)$rbx') 62 - old_rbp = gdb.parse_and_eval('(uint64_t)$rbp') 63 - old_rsp = gdb.parse_and_eval('(uint64_t)$rsp') 64 - old_r12 = gdb.parse_and_eval('(uint64_t)$r12') 65 - old_r13 = gdb.parse_and_eval('(uint64_t)$r13') 66 - old_r14 = gdb.parse_and_eval('(uint64_t)$r14') 67 - old_r15 = gdb.parse_and_eval('(uint64_t)$r15') 68 - old_rip = gdb.parse_and_eval('(uint64_t)$rip') 69 - 70 60 pointer_guard = get_glibc_pointer_guard() 71 - gdb.execute('set $rbx = %s' % jmpbuf[JB_RBX]) 72 - gdb.execute('set $rbp = %s' % glibc_ptr_demangle(jmpbuf[JB_RBP], pointer_guard)) 73 - gdb.execute('set $rsp = %s' % glibc_ptr_demangle(jmpbuf[JB_RSP], pointer_guard)) 74 - gdb.execute('set $r12 = %s' % jmpbuf[JB_R12]) 75 - gdb.execute('set $r13 = %s' % jmpbuf[JB_R13]) 76 - gdb.execute('set $r14 = %s' % jmpbuf[JB_R14]) 77 - gdb.execute('set $r15 = %s' % jmpbuf[JB_R15]) 78 - gdb.execute('set $rip = %s' % glibc_ptr_demangle(jmpbuf[JB_PC], pointer_guard)) 61 + return {'rbx': jmpbuf[JB_RBX], 62 + 'rbp': glibc_ptr_demangle(jmpbuf[JB_RBP], pointer_guard), 63 + 'rsp': glibc_ptr_demangle(jmpbuf[JB_RSP], pointer_guard), 64 + 'r12': jmpbuf[JB_R12], 65 + 'r13': jmpbuf[JB_R13], 66 + 'r14': jmpbuf[JB_R14], 67 + 'r15': jmpbuf[JB_R15], 68 + 'rip': glibc_ptr_demangle(jmpbuf[JB_PC], pointer_guard) } 69 + 70 + def bt_jmpbuf(jmpbuf): 71 + '''Backtrace a jmpbuf''' 72 + regs = get_jmpbuf_regs(jmpbuf) 73 + old = dict() 74 + 75 + for i in regs: 76 + old[i] = gdb.parse_and_eval('(uint64_t)$%s' % i) 77 + 78 + for i in regs: 79 + gdb.execute('set $%s = %s' % (i, regs[i])) 79 80 80 81 gdb.execute('bt') 81 82 82 - gdb.execute('set $rbx = %s' % old_rbx) 83 - gdb.execute('set $rbp = %s' % old_rbp) 84 - gdb.execute('set $rsp = %s' % old_rsp) 85 - gdb.execute('set $r12 = %s' % old_r12) 86 - gdb.execute('set $r13 = %s' % old_r13) 87 - gdb.execute('set $r14 = %s' % old_r14) 88 - gdb.execute('set $r15 = %s' % old_r15) 89 - gdb.execute('set $rip = %s' % old_rip) 83 + for i in regs: 84 + gdb.execute('set $%s = %s' % (i, old[i])) 85 + 86 + def coroutine_to_jmpbuf(co): 87 + coroutine_pointer = co.cast(gdb.lookup_type('CoroutineUContext').pointer()) 88 + return coroutine_pointer['env']['__jmpbuf'] 90 89 91 90 92 91 class CoroutineCommand(gdb.Command): ··· 101 100 gdb.write('usage: qemu coroutine <coroutine-pointer>\n') 102 101 return 103 102 104 - coroutine_pointer = gdb.parse_and_eval(argv[0]).cast(gdb.lookup_type('CoroutineUContext').pointer()) 105 - bt_jmpbuf(coroutine_pointer['env']['__jmpbuf']) 103 + bt_jmpbuf(coroutine_to_jmpbuf(gdb.parse_and_eval(argv[0])))