1""" 2 KernelManagement Triage commands 3""" 4from xnu import * 5import sys, shlex 6from utils import * 7from ioreg import * 8import xnudefines 9import os.path 10 11## Symbol names 12WAITING_FOR_USER_SERVER_SYMNAME = '__WAITING_FOR_USER_SERVER__' 13 14def GetTokenMemberSafe(token, fn, member): 15 try: 16 return fn(getattr(token, member)) 17 except: 18 return '<error>' 19 20# Macro: showthreadswaitingforuserserver 21@lldb_command('showthreadswaitingforuserserver') 22def ShowThreadsWaitingForUserServer(cmd_args=None): 23 """ 24 For each task thread that is in __WAITING_FOR_USER_SERVER__, 25 prints the thread backtrace, the IOUserServerCheckInToken structure, its server name, and tag. 26 Usage: showthreadswaitingforuserserver 27 """ 28 29 ## Scan threads for interesting information 30 for t in kern.tasks: 31 for thread_obj in IterateQueue(t.threads, 'thread *', 'task_threads'): 32 show_bt = False 33 thread_val = GetLLDBThreadForKernelThread(thread_obj) 34 for frame in thread_val.frames: 35 function = frame.GetFunction() 36 if function and frame.GetFunctionName(): 37 if frame.GetFunctionName().startswith(WAITING_FOR_USER_SERVER_SYMNAME): 38 show_bt = True 39 arguments = frame.get_arguments() 40 if len(arguments) > 0: 41 token_arg = arguments[0] 42 arg_addr = int(token_arg.value, 0) 43 if arg_addr: 44 token = kern.GetValueFromAddress(arg_addr, 'IOUserServerCheckInToken *') 45 46 print('fServerName="' + GetTokenMemberSafe(token, GetString, 'fServerName') + '"') 47 print('fExecutableName="' + GetTokenMemberSafe(token, GetString, 'fExecutableName') + '"') 48 print('fKextBundleID="' + GetTokenMemberSafe(token, GetString, 'fKextBundleID') + '"') 49 print('fServerTag=' + GetTokenMemberSafe(token, GetNumber, 'fServerTag')) 50 51 ## Show entire thread summary and backtrace 52 if show_bt: 53 print(GetThreadSummary.header) 54 print(GetThreadSummary(thread_obj)) 55 print(GetThreadBackTrace(thread_obj, prefix=" ") + "\n") 56 print('-----\n') 57 return 58# EndMacro: showthreadswaitingforuserserver 59