[lldb-dev] OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'

Lei Kong via lldb-dev lldb-dev at lists.llvm.org
Mon Sep 19 16:17:52 PDT 2016


Sharing the findings on lldb-dev.

Greg helped me figure out the issue, I need to check if symbol address is lldb.LLDB_INVALID_ADDRESS.
Things work fine now after the added checking.

The remaining issue is to figure out whether symbol.addr.file_addr or symbol.addr.load_addr should be used to get symbol address.
My test shows symbol.addr.file_addr should be used, at least for types defined in exetuables, contrary to what’s documented.


From: Greg Clayton<mailto:gclayton at apple.com>
Sent: Monday, September 19, 2016 03:24 PM
To: Lei Kong<mailto:leikong at msn.com>
Subject: Re: [lldb-dev] OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'


You do want to be using the load address, it probably works because your file address matches your load address because you are probably working on your main executable, but this won't work for shared libraries.

A few things:
- you probably want to make sure a symbol matches your regex first before asking it for the vtable address.
- not all symbols have addresses and asking for the file address or load address might return you lldb.LLDB_INVALID_ADDRESS. You should check for that before using the address in any way
- you should use the load address of your symbol:

def vtable_addr (symbol, target):
  load_addr = symbol.addr.GetLoadAddress(target)
  if load_addr != lldb.LLDB_INVALID_ADDRESS:
    return load_addr + 0x10
  else:
    return lldb.LLDB_INVALID_ADDRESS

The problem you were running into with overflow was probably because you were taking lldb.LLDB_INVALID_ADDRESS and adding 0x10, which would cause the integer to grow in size (http://stackoverflow.com/questions/2654149/count-bits-of-a-integer-in-python) and then not be able to be passed to the function that takes an lldb::addr_t. So diligently checking for lldb.LLDB_INVALID_ADDRESS will probably fix your problems. Also only try to compute the vtable stuff if the regex matches...

Greg

From: Greg Clayton<mailto:gclayton at apple.com>
Sent: Monday, September 19, 2016 01:10 PM
To: Lei Kong<mailto:leikong at msn.com>
Cc: Jim Ingham<mailto:jingham at apple.com>; lldb-dev at lists.llvm.org<mailto:lldb-dev at lists.llvm.org>
Subject: Re: [lldb-dev] OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'


> On Sep 19, 2016, at 1:09 PM, Greg Clayton <gclayton at apple.com> wrote:
>
>
>> On Sep 19, 2016, at 10:33 AM, Lei Kong <leikong at msn.com> wrote:
>>
>> You are right, it seems the argument is out of range, both vtableAddr and vtableAddr-8 are “8.5” byte long. Maybe there is something wrong with the way I get vtableAddress? I will clean up my full script and send it to you if the following does not provide enough information, thanks much.
>>
>> def vtable_addr (vtableSymbol):
>>    return vtableSymbol.addr.section.file_addr + vtableSymbol.addr.offset + 0x10
>
> You actually want to get the load address when reading from memory. This should be:
>
> def vtable_addr (vtableSymbol, target):
>    return vtableSymbol.addr.GetLoadAddress(target) + 0x10

If you actually wanted the file address of vtableSymbol's address, then you would do this:

def vtable_addr (vtableSymbol, target):
   return vtableSymbol.addr.GetFileAddress() + 0x10

No need to do the section + offset math yourself.

>
>>
>>
>> vtableAddr, type=<type 'long'>, value=0x1000000000000000f
>> vtableAddr-8, type=<type 'long'>, value=0x10000000000000007
>> Traceback (most recent call last):
>>  File "<input>", line 1, in <module>
>>  File "/home/leikong/repo/WindowsFabric/build.prod/test/fabdbg.py", line 199, in findall
>>    findtypes(pattern,ignorePureVirtualType)
>>  File "/home/leikong/repo/WindowsFabric/build.prod/test/fabdbg.py", line 156, in findtypes
>>    if ignorePureVirtualType and has_pure_virtual(vtableAddr, pureVirtualFuncs) :
>>  File "/home/leikong/repo/WindowsFabric/build.prod/test/fabdbg.py", line 100, in has_pure_virtual
>>    vtableEndAddr = lldb.process.ReadPointerFromMemory(vtableAddr-8, error)
>>  File "/home/leikong/bin/lldb/lib/python2.7/site-packages/lldb/__init__.py", line 9418, in ReadPointerFromMemory
>>    return _lldb.SBProcess_ReadPointerFromMemory(self, addr, error)
>> OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'
>>
>> From: Greg Clayton
>> Sent: Monday, September 19, 2016 09:12 AM
>> To: Lei Kong
>> Cc: Jim Ingham; lldb-dev at lists.llvm.org
>> Subject: Re: [lldb-dev] OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'
>>
>> Try printing the type of the value you are passing in the line:
>>
>>    vtableEndAddr = lldb.process.ReadPointerFromMemory(vtableAddr-8, error)
>>
>> print type(vtableAddr)
>> print type(vtableAddr-8)
>>
>> It seems like it thinks vtableAddr doesn't fit into a lldb::addr_t which is a uint64_t
>>
>>
>>
>>> On Sep 16, 2016, at 7:39 PM, Lei Kong via lldb-dev <lldb-dev at lists.llvm.org> wrote:
>>>
>>> I tried printing error.descryption, but it didn't work, because when the error happens, it seems ReadPointerFromMemory never returned to my code.
>>>
>>>
>>> read from address 0000000001223f68
>>> Traceback (most recent call last):
>>>  File "<input>", line 1, in <module>
>>>  File "/home/leikong/repo/WindowsFabric/build.prod/test/fabdbg.py", line 289, in findall
>>>    findtypes(pattern,ignorePureVirtualType)
>>>  File "/home/leikong/repo/WindowsFabric/build.prod/test/fabdbg.py", line 246, in findtypes
>>>    if ignorePureVirtualType and has_pure_virtual(vtableAddr, pureVirtualFuncs) :
>>>  File "/home/leikong/repo/WindowsFabric/build.prod/test/fabdbg.py", line 190, in has_pure_virtual
>>>    vtableEndAddr = lldb.process.ReadPointerFromMemory(vtableAddr-8, error)
>>>  File "/home/leikong/bin/lldb/lib/python2.7/site-packages/lldb/__init__.py", line 9418, in ReadPointerFromMemory
>>>    return _lldb.SBProcess_ReadPointerFromMemory(self, addr, error)
>>> OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'
>>>
>>>
>>>> Subject: Re: [lldb-dev] OverflowError: in method 'SBProcess_ReadPointerFromMemory', argument 2 of type 'lldb::addr_t'
>>>> From: jingham at apple.com
>>>> Date: Fri, 16 Sep 2016 17:12:24 -0700
>>>> CC: lldb-dev at lists.llvm.org
>>>> To: leikong at msn.com
>>>>
>>>> You passed an error into ReadPointerFromMemory. In the cases where you aren't getting what you expect, what does that error say?
>>>>
>>>> Jim
>>>>
>>>>> On Sep 16, 2016, at 5:06 PM, Lei Kong via lldb-dev <lldb-dev at lists.llvm.org> wrote:
>>>>>
>>>>> I ran into the error in the subject when running a python script with "script myfile.myscript()".
>>>>>
>>>>> The value addr_t parameter used is 0x0000000001223f68, the following works fine:
>>>>>
>>>>> (lldb) scr
>>>>> Python Interactive Interpreter. To exit, type 'quit()', 'exit()' or Ctrl-D.
>>>>>>>> e = lldb.SBError()
>>>>>>>> ptr = lldb.process.ReadPointerFromMemory(0x0000000001223f68, e)
>>>>>>>> print ptr
>>>>> 0
>>>>>>>>
>>>>>
>>>>> Any suggestion how to further investigate? Thanks.
>>>>>
>>>>> myfile.myscript() calls the following function in a loop (iterate through all vtable symbols), which contains the call ReadPointerFromMemory.
>>>>>
>>>>> def dump_vtbl(vtableAddr) :
>>>>> error = lldb.SBError()
>>>>> vtableEndAddr = lldb.process.ReadPointerFromMemory(vtableAddr+8, error)
>>>>> if not error.success :
>>>>> return False
>>>>> print "vtable: [%0.16x, %0.16x)" % (vtableAddr, vtableEndAddr)
>>>>> for addr in range(vtableAddr, vtableEndAddr, 8) :
>>>>> print "read from address %.016x" % addr
>>>>> try:
>>>>> funcAddr = lldb.process.ReadPointerFromMemory(addr, error)
>>>>> except:
>>>>> sys.exc_clear()
>>>>> continue
>>>>> if not error.success :
>>>>> continue
>>>>>
>>>>> _______________________________________________
>>>>> lldb-dev mailing list
>>>>> lldb-dev at lists.llvm.org
>>>>> http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev
>>>>
>>> _______________________________________________
>>> lldb-dev mailing list
>>> lldb-dev at lists.llvm.org
>>> http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-dev
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/lldb-dev/attachments/20160919/52b55bf6/attachment.html>


More information about the lldb-dev mailing list