#!/usr/bin/env python #---------------------------------------------------------------------- # Be sure to add the python path that points to the LLDB shared library. # On MacOSX csh, tcsh: # setenv PYTHONPATH /Applications/Xcode.app/Contents/SharedFrameworks/LLDB.framework/Resources/Python # On MacOSX sh, bash: # export PYTHONPATH=/Applications/Xcode.app/Contents/SharedFrameworks/LLDB.framework/Resources/Python #---------------------------------------------------------------------- import optparse import os import platform import sys import subprocess #---------------------------------------------------------------------- # Code that auto imports LLDB #---------------------------------------------------------------------- try: # Just try for LLDB in case PYTHONPATH is already correctly setup import lldb except ImportError: lldb_python_dirs = list() # lldb is not in the PYTHONPATH, try some defaults for the current platform platform_system = platform.system() if platform_system == 'Darwin': # On Darwin, try the currently selected Xcode directory xcode_dir = subprocess.check_output("xcode-select --print-path", shell=True) if xcode_dir: lldb_python_dirs.append( os.path.realpath( xcode_dir + '/../SharedFrameworks/LLDB.framework/Resources/Python')) lldb_python_dirs.append( xcode_dir + '/Library/PrivateFrameworks/LLDB.framework/Resources/Python') lldb_python_dirs.append( '/System/Library/PrivateFrameworks/LLDB.framework/Resources/Python') success = False for lldb_python_dir in lldb_python_dirs: if os.path.exists(lldb_python_dir): if not (sys.path.__contains__(lldb_python_dir)): sys.path.append(lldb_python_dir) try: import lldb except ImportError: pass else: print('imported lldb from: "%s"' % (lldb_python_dir)) success = True break if not success: print("error: couldn't locate the 'lldb' module, please set PYTHONPATH correctly") sys.exit(1) def print_threads(process, options): if options.show_threads: for thread in process: print('%s %s' % (thread, thread.GetFrameAtIndex(0))) def run_commands(command_interpreter, commands): return_obj = lldb.SBCommandReturnObject() for command in commands: command_interpreter.HandleCommand(command, return_obj) if return_obj.Succeeded(): print(return_obj.GetOutput()) else: print(return_obj) if options.stop_on_error: break def main(argv): description = '''Debugs a program using the LLDB python API and uses asynchronous broadcast events to watch for process state changes.''' epilog = '''Examples: #---------------------------------------------------------------------- # Run "/bin/ls" with the arguments "-lAF /tmp/", and set a breakpoint # at "malloc" and backtrace and read all registers each time we stop #---------------------------------------------------------------------- % ./process_events.py --breakpoint malloc --stop-command bt --stop-command 'register read' -- /bin/ls -lAF /tmp/ ''' optparse.OptionParser.format_epilog = lambda self, formatter: self.epilog parser = optparse.OptionParser( description=description, prog='process_events', usage='usage: process_events [options] program [arg1 arg2]', epilog=epilog) parser.add_option( '-v', '--verbose', action='store_true', dest='verbose', help="Enable verbose logging.", default=False) parser.add_option( '-b', '--breakpoint', action='append', type='string', metavar='BPEXPR', dest='breakpoints', help='Breakpoint commands to create after the target has been created, the values will be sent to the "_regexp-break" command which supports breakpoints by name, file:line, and address.') parser.add_option( '-a', '--arch', type='string', dest='arch', help='The architecture to use when creating the debug target.', default=None) parser.add_option( '--platform', type='string', metavar='platform', dest='platform', help='Specify the platform to use when creating the debug target. Valid values include "localhost", "darwin-kernel", "ios-simulator", "remote-freebsd", "remote-macosx", "remote-ios", "remote-linux".', default=None) parser.add_option( '-l', '--launch-command', action='append', type='string', metavar='CMD', dest='launch_commands', help='LLDB command interpreter commands to run once after the process has launched. This option can be specified more than once.', default=[]) parser.add_option( '-s', '--stop-command', action='append', type='string', metavar='CMD', dest='stop_commands', help='LLDB command interpreter commands to run each time the process stops. This option can be specified more than once.', default=[]) parser.add_option( '-c', '--crash-command', action='append', type='string', metavar='CMD', dest='crash_commands', help='LLDB command interpreter commands to run in case the process crashes. This option can be specified more than once.', default=[]) parser.add_option( '-x', '--exit-command', action='append', type='string', metavar='CMD', dest='exit_commands', help='LLDB command interpreter commands to run once after the process has exited. This option can be specified more than once.', default=[]) parser.add_option( '-T', '--no-threads', action='store_false', dest='show_threads', help="Don't show threads when process stops.", default=True) parser.add_option( '--ignore-errors', action='store_false', dest='stop_on_error', help="Don't stop executing LLDB commands if the command returns an error. This applies to all of the LLDB command interpreter commands that get run for launch, stop, crash and exit.", default=True) parser.add_option( '-n', '--run-count', type='int', dest='run_count', metavar='N', help='How many times to run the process in case the process exits.', default=1) parser.add_option( '-t', '--event-timeout', type='int', dest='event_timeout', metavar='SEC', help='Specify the timeout in seconds to wait for process state change events.', default=lldb.UINT32_MAX) parser.add_option( '-e', '--environment', action='append', type='string', metavar='ENV', dest='env_vars', help='Environment variables to set in the inferior process when launching a process.') parser.add_option( '-d', '--working-dir', type='string', metavar='DIR', dest='working_dir', help='The current working directory when launching a process.', default=None) parser.add_option( '-p', '--attach-pid', type='int', dest='attach_pid', metavar='PID', help='Specify a process to attach to by process ID.', default=-1) parser.add_option( '-P', '--attach-name', type='string', dest='attach_name', metavar='PROCESSNAME', help='Specify a process to attach to by name.', default=None) parser.add_option( '-w', '--attach-wait', action='store_true', dest='attach_wait', help='Wait for the next process to launch when attaching to a process by name.', default=False) try: (options, args) = parser.parse_args(argv) except: return attach_info = None launch_info = None exe = None if args: exe = args.pop(0) launch_info = lldb.SBLaunchInfo(args) if options.env_vars: launch_info.SetEnvironmentEntries(options.env_vars, True) if options.working_dir: launch_info.SetWorkingDirectory(options.working_dir) elif options.attach_pid != -1: if options.run_count == 1: attach_info = lldb.SBAttachInfo(options.attach_pid) else: print("error: --run-count can't be used with the --attach-pid option") sys.exit(1) elif not options.attach_name is None: if options.run_count == 1: attach_info = lldb.SBAttachInfo( options.attach_name, options.attach_wait) else: print("error: --run-count can't be used with the --attach-name option") sys.exit(1) else: print('error: a program path for a program to debug and its arguments are required') sys.exit(1) # Create a new debugger instance debugger = lldb.SBDebugger.Create() debugger.SetAsync(True) command_interpreter = debugger.GetCommandInterpreter() # Create a target from a file and arch if exe: print("Creating a target for '%s'" % exe) error = lldb.SBError() target = debugger.CreateTarget( exe, options.arch, options.platform, True, error) if target: # Set any breakpoints that were specified in the args if we are launching. We use the # command line command to take advantage of the shorthand breakpoint # creation if launch_info and options.breakpoints: for bp in options.breakpoints: debugger.HandleCommand("_regexp-break %s" % (bp)) run_commands(command_interpreter, ['breakpoint list']) for run_idx in range(options.run_count): # Launch the process. Since we specified synchronous mode, we won't return # from this function until we hit the breakpoint at main error = lldb.SBError() if launch_info: if options.run_count == 1: print('Launching "%s"...' % (exe)) else: print('Launching "%s"... (launch %u of %u)' % (exe, run_idx + 1, options.run_count)) process = target.Launch(launch_info, error) else: if options.attach_pid != -1: print('Attaching to process %i...' % (options.attach_pid)) else: if options.attach_wait: print('Waiting for next to process named "%s" to launch...' % (options.attach_name)) else: print('Attaching to existing process named "%s"...' % (options.attach_name)) process = target.Attach(attach_info, error) # Make sure the launch went ok if process and process.GetProcessID() != lldb.LLDB_INVALID_PROCESS_ID: pid = process.GetProcessID() print('Process is %i' % (pid)) if attach_info: # continue process if we attached as we won't get an # initial event process.Continue() listener = debugger.GetListener() # sign up for process state change events stop_idx = 0 done = False while not done: event = lldb.SBEvent() if listener.WaitForEvent(options.event_timeout, event): if lldb.SBProcess.EventIsProcessEvent(event): state = lldb.SBProcess.GetStateFromEvent(event) if state == lldb.eStateInvalid: # Not a state event print('process event = %s' % (event)) else: print("process state changed event: %s" % (lldb.SBDebugger.StateAsCString(state))) if state == lldb.eStateStopped: if stop_idx == 0: if launch_info: print("process %u launched" % (pid)) run_commands( command_interpreter, ['breakpoint list']) else: print("attached to process %u" % (pid)) for m in target.modules: print(m) if options.breakpoints: for bp in options.breakpoints: debugger.HandleCommand( "_regexp-break %s" % (bp)) run_commands( command_interpreter, ['breakpoint list']) run_commands( command_interpreter, options.launch_commands) else: if options.verbose: print("process %u stopped" % (pid)) run_commands( command_interpreter, options.stop_commands) stop_idx += 1 print_threads(process, options) print("continuing process %u" % (pid)) process.Continue() elif state == lldb.eStateExited: exit_desc = process.GetExitDescription() if exit_desc: print("process %u exited with status %u: %s" % (pid, process.GetExitStatus(), exit_desc)) else: print("process %u exited with status %u" % (pid, process.GetExitStatus())) run_commands( command_interpreter, options.exit_commands) done = True elif state == lldb.eStateCrashed: print("process %u crashed" % (pid)) print_threads(process, options) run_commands( command_interpreter, options.crash_commands) done = True elif state == lldb.eStateDetached: print("process %u detached" % (pid)) done = True elif state == lldb.eStateRunning: # process is running, don't say anything, # we will always get one of these after # resuming if options.verbose: print("process %u resumed" % (pid)) elif state == lldb.eStateUnloaded: print("process %u unloaded, this shouldn't happen" % (pid)) done = True elif state == lldb.eStateConnected: print("process connected") elif state == lldb.eStateAttaching: print("process attaching") elif state == lldb.eStateLaunching: print("process launching") else: print('event = %s' % (event)) else: # timeout waiting for an event print("no process event for %u seconds, killing the process..." % (options.event_timeout)) done = True # Now that we are done dump the stdout and stderr process_stdout = process.GetSTDOUT(1024) if process_stdout: print("Process STDOUT:\n%s" % (process_stdout)) while process_stdout: process_stdout = process.GetSTDOUT(1024) print(process_stdout) process_stderr = process.GetSTDERR(1024) if process_stderr: print("Process STDERR:\n%s" % (process_stderr)) while process_stderr: process_stderr = process.GetSTDERR(1024) print(process_stderr) process.Kill() # kill the process else: if error: print(error) else: if launch_info: print('error: launch failed') else: print('error: attach failed') lldb.SBDebugger.Terminate() if __name__ == '__main__': main(sys.argv[1:])