1from __future__ import absolute_import, division, print_function 2 3from builtins import hex, range 4from future.utils import raise_ 5import six 6from xnu import * 7from utils import * 8from process import * 9from misc import * 10from memory import * 11from ipc import * 12 13 14# Macro: showallprocrunqcount 15 16@lldb_command('showallprocrunqcount') 17def ShowAllProcRunQCount(cmd_args=None): 18 """ Prints out the runq count for all processors 19 """ 20 out_str = "Processor\t# Runnable\n" 21 processor_itr = kern.globals.processor_list 22 while processor_itr: 23 out_str += "{:d}\t\t{:d}\n".format(processor_itr.cpu_id, processor_itr.runq.count) 24 processor_itr = processor_itr.processor_list 25 # out_str += "RT:\t\t{:d}\n".format(kern.globals.rt_runq.count) 26 print(out_str) 27 28# EndMacro: showallprocrunqcount 29 30# Macro: showinterrupts 31 32@lldb_command('showinterrupts') 33def ShowInterrupts(cmd_args=None): 34 """ Prints IRQ, IPI and TMR counts for each CPU 35 """ 36 37 if not kern.arch.startswith('arm64'): 38 print("showinterrupts is only supported on arm64") 39 return 40 41 base_address = kern.GetLoadAddressForSymbol('CpuDataEntries') 42 struct_size = 16 43 x = 0 44 y = 0 45 while x < unsigned(kern.globals.machine_info.physical_cpu): 46 element = kern.GetValueFromAddress(base_address + (y * struct_size), 'uintptr_t *')[1] 47 if element: 48 cpu_data_entry = Cast(element, 'cpu_data_t *') 49 print("CPU {} IRQ: {:d}\n".format(y, cpu_data_entry.cpu_stat.irq_ex_cnt)) 50 print("CPU {} IPI: {:d}\n".format(y, cpu_data_entry.cpu_stat.ipi_cnt)) 51 print("CPU {} PMI: {:d}\n".format(y, cpu_data_entry.cpu_monotonic.mtc_npmis)) 52 print("CPU {} TMR: {:d}\n".format(y, cpu_data_entry.cpu_stat.timer_cnt)) 53 x = x + 1 54 y = y + 1 55 56# EndMacro: showinterrupts 57 58# Macro: showactiveinterrupts 59 60@lldb_command('showactiveinterrupts') 61def ShowActiveInterrupts(cmd_args=None): 62 """ Prints the interrupts that are unmasked & active with the Interrupt Controller 63 Usage: showactiveinterrupts <address of Interrupt Controller object> 64 """ 65 if not cmd_args: 66 print("No arguments passed") 67 print(ShowActiveInterrupts.__doc__) 68 return False 69 aic = kern.GetValueFromAddress(cmd_args[0], 'AppleInterruptController *') 70 if not aic: 71 print("unknown arguments:", str(cmd_args)) 72 return False 73 74 aic_base = unsigned(aic._aicBaseAddress) 75 current_interrupt = 0 76 aic_imc_base = aic_base + 0x4180 77 aic_him_offset = 0x80 78 current_pointer = aic_imc_base 79 unmasked = dereference(kern.GetValueFromAddress(current_pointer, 'uintptr_t *')) 80 active = dereference(kern.GetValueFromAddress(current_pointer + aic_him_offset, 'uintptr_t *')) 81 group_count = 0 82 mask = 1 83 while current_interrupt < 192: 84 if (((unmasked & mask) == 0) and (active & mask)): 85 print("Interrupt {:d} unmasked and active\n".format(current_interrupt)) 86 current_interrupt = current_interrupt + 1 87 if (current_interrupt % 32 == 0): 88 mask = 1 89 group_count = group_count + 1 90 unmasked = dereference(kern.GetValueFromAddress(current_pointer + (4 * group_count), 'uintptr_t *')) 91 active = dereference(kern.GetValueFromAddress((current_pointer + aic_him_offset) + (4 * group_count), 'uintptr_t *')) 92 else: 93 mask = mask << 1 94# EndMacro: showactiveinterrupts 95 96# Macro: showirqbyipitimerratio 97@lldb_command('showirqbyipitimerratio') 98def ShowIrqByIpiTimerRatio(cmd_args=None): 99 """ Prints the ratio of IRQ by sum of IPI & TMR counts for each CPU 100 """ 101 if kern.arch == "x86_64": 102 print("This macro is not supported on x86_64 architecture") 103 return 104 105 out_str = "IRQ-IT Ratio: " 106 base_address = kern.GetLoadAddressForSymbol('CpuDataEntries') 107 struct_size = 16 108 x = 0 109 y = 0 110 while x < unsigned(kern.globals.machine_info.physical_cpu): 111 element = kern.GetValueFromAddress(base_address + (y * struct_size), 'uintptr_t *')[1] 112 if element: 113 cpu_data_entry = Cast(element, 'cpu_data_t *') 114 out_str += " CPU {} [{:.2f}]".format(y, float(cpu_data_entry.cpu_stat.irq_ex_cnt)/(cpu_data_entry.cpu_stat.ipi_cnt + cpu_data_entry.cpu_stat.timer_cnt)) 115 x = x + 1 116 y = y + 1 117 print(out_str) 118 119# EndMacro: showirqbyipitimerratio 120 121#Macro: showinterruptsourceinfo 122@lldb_command('showinterruptsourceinfo') 123def showinterruptsourceinfo(cmd_args = None): 124 """ Extract information of interrupt source causing interrupt storms. 125 """ 126 if not cmd_args: 127 print("No arguments passed") 128 return False 129 #Dump IOInterruptVector object 130 print("--- Dumping IOInterruptVector object ---\n") 131 object_info = lldb_run_command("dumpobject {:s} IOInterruptVector".format(cmd_args[0])) 132 print(object_info) 133 print("--- Dumping IOFilterInterruptEventSource object ---\n") 134 #Dump the IOFilterInterruptEventSource object. 135 target_info=re.search('target =\s+(.*)',object_info) 136 target= target_info.group() 137 target= target.split() 138 #Dump the Object pointer of the source who is triggering the Interrupts. 139 vector_info=lldb_run_command("dumpobject {:s} ".format(target[2])) 140 print(vector_info) 141 owner_info= re.search('owner =\s+(.*)',vector_info) 142 owner= owner_info.group() 143 owner= owner.split() 144 print("\n\n") 145 out=lldb_run_command(" dumpobject {:s}".format(owner[2])) 146 print(out) 147 148# EndMacro: showinterruptsourceinfo 149 150@lldb_command('showcurrentabstime') 151def ShowCurrentAbsTime(cmd_args=None): 152 """ Routine to print latest absolute time known to system before being stopped. 153 Usage: showcurrentabstime 154 """ 155 156 print("Last dispatch time known: %d MATUs" % GetRecentTimestamp()) 157 158bucketStr = ["FIXPRI (>UI)", "TIMESHARE_FG", "TIMESHARE_IN", "TIMESHARE_DF", "TIMESHARE_UT", "TIMESHARE_BG"] 159 160@header("{:<18s} | {:>20s} | {:>20s} | {:>10s} | {:>10s}".format('Thread Group', 'Pending (us)', 'Interactivity Score', 'TG Boost', 'Highest Thread Pri')) 161def GetSchedClutchBucketSummary(clutch_bucket): 162 tg_boost = kern.globals.sched_clutch_bucket_group_pri_boost[clutch_bucket.scb_group.scbg_clutch.sc_tg_priority] 163 pending_delta = kern.GetNanotimeFromAbstime(GetRecentTimestamp() - clutch_bucket.scb_group.scbg_pending_data.scct_timestamp) // 1000 164 if (int)(clutch_bucket.scb_group.scbg_pending_data.scct_timestamp) == 18446744073709551615: 165 pending_delta = 0 166 return "0x{:<16x} | {:>20d} | {:>20d} | {:>10d} | {:>10d}".format(clutch_bucket.scb_group.scbg_clutch.sc_tg, pending_delta, clutch_bucket.scb_group.scbg_interactivity_data.scct_count, tg_boost, SchedPriorityStableQueueRootPri(clutch_bucket.scb_thread_runq, 'struct thread', 'th_clutch_runq_link')) 167 168def ShowSchedClutchForPset(pset): 169 root_clutch = pset.pset_clutch_root 170 print("\n{:s} : {:d}\n\n".format("Current Timestamp", GetRecentTimestamp())) 171 print("{:>10s} | {:>20s} | {:>30s} | {:>25s} | {:<18s} | {:>10s} | {:>10s} | {:>15s} | ".format("Root", "Root Buckets", "Clutch Buckets", "Threads", "Address", "Pri (Base)", "Count", "Deadline (us)") + GetSchedClutchBucketSummary.header) 172 print("=" * 300) 173 print("{:>10s} | {:>20s} | {:>30s} | {:>25s} | 0x{:<16x} | {:>10d} | {:>10d} | {:>15s} | ".format("Root", "*", "*", "*", addressof(root_clutch), (root_clutch.scr_priority if root_clutch.scr_thr_count > 0 else -1), root_clutch.scr_thr_count, "*")) 174 print("-" * 300) 175 176 for i in range(0, 6): 177 root_bucket = root_clutch.scr_unbound_buckets[i] 178 root_bucket_deadline = 0 179 if root_bucket.scrb_clutch_buckets.scbrq_count != 0 and i != 0: 180 root_bucket_deadline = kern.GetNanotimeFromAbstime(root_bucket.scrb_pqlink.deadline - GetRecentTimestamp()) // 1000 181 print("{:>10s} | {:>20s} | {:>30s} | {:>25s} | 0x{:<16x} | {:>10s} | {:>10s} | {:>15d} | ".format("*", bucketStr[int(root_bucket.scrb_bucket)], "*", "*", addressof(root_bucket), "*", "*", root_bucket_deadline)) 182 clutch_bucket_runq = root_bucket.scrb_clutch_buckets 183 clutch_bucket_list = [] 184 for pri in range(0,128): 185 clutch_bucket_circleq = clutch_bucket_runq.scbrq_queues[pri] 186 for clutch_bucket in IterateCircleQueue(clutch_bucket_circleq, 'struct sched_clutch_bucket', 'scb_runqlink'): 187 clutch_bucket_list.append(clutch_bucket) 188 if len(clutch_bucket_list) > 0: 189 clutch_bucket_list.sort(key=lambda x: x.scb_priority, reverse=True) 190 for clutch_bucket in clutch_bucket_list: 191 print("{:>10s} | {:>20s} | {:>30s} | {:>25s} | {:<18s} | {:>10s} | {:>10s} | {:>15s} | ".format("", "", "", "", "", "", "", "")) 192 print("{:>10s} | {:>20s} | {:>30s} | {:>25s} | 0x{:<16x} | {:>10d} | {:>10d} | {:>15s} | ".format("*", "*", clutch_bucket.scb_group.scbg_clutch.sc_tg.tg_name, "*", clutch_bucket, clutch_bucket.scb_priority, clutch_bucket.scb_thr_count, "*") + GetSchedClutchBucketSummary(clutch_bucket)) 193 runq = clutch_bucket.scb_clutchpri_prioq 194 for thread in IterateSchedPriorityQueue(runq, 'struct thread', 'th_clutch_pri_link'): 195 thread_name = GetThreadName(thread)[-24:] 196 if len(thread_name) == 0: 197 thread_name = "<unnamed thread>" 198 print("{:>10s} | {:>20s} | {:>30s} | {:<25s} | 0x{:<16x} | {:>10d} | {:>10s} | {:>15s} | ".format("*", "*", "*", thread_name, thread, thread.base_pri, "*", "*")) 199 print("-" * 300) 200 root_bucket = root_clutch.scr_bound_buckets[i] 201 root_bucket_deadline = 0 202 if root_bucket.scrb_bound_thread_runq.count != 0: 203 root_bucket_deadline = kern.GetNanotimeFromAbstime(root_bucket.scrb_pqlink.deadline - GetRecentTimestamp()) // 1000 204 print("{:>10s} | {:>20s} | {:>30s} | {:>25s} | 0x{:<16x} | {:>10s} | {:>10d} | {:>15d} | ".format("*", bucketStr[int(root_bucket.scrb_bucket)] + " [Bound]", "*", "*", addressof(root_bucket), "*", root_bucket.scrb_bound_thread_runq.count, root_bucket_deadline)) 205 if root_bucket.scrb_bound_thread_runq.count == 0: 206 print("-" * 300) 207 continue 208 thread_runq = root_bucket.scrb_bound_thread_runq 209 for pri in range(0, 128): 210 thread_circleq = thread_runq.queues[pri] 211 for thread in IterateCircleQueue(thread_circleq, 'struct thread', 'runq_links'): 212 thread_name = GetThreadName(thread)[-24:] 213 if len(thread_name) == 0: 214 thread_name = "<unnamed thread>" 215 print("{:>10s} | {:>20s} | {:>30s} | {:<25s} | 0x{:<16x} | {:>10d} | {:>10s} | {:>15s} | ".format("*", "*", "*", thread_name, thread, thread.base_pri, "*", "*")) 216 print("-" * 300) 217 218@lldb_command('showschedclutch') 219def ShowSchedClutch(cmd_args=[]): 220 """ Routine to print the clutch scheduler hierarchy. 221 Usage: showschedclutch <pset> 222 """ 223 if not cmd_args: 224 raise ArgumentError("Invalid argument") 225 pset = kern.GetValueFromAddress(cmd_args[0], "processor_set_t") 226 ShowSchedClutchForPset(pset) 227 228@lldb_command('showschedclutchroot') 229def ShowSchedClutchRoot(cmd_args=[]): 230 """ show information about the root of the sched clutch hierarchy 231 Usage: showschedclutchroot <root> 232 """ 233 if not cmd_args: 234 raise ArgumentError("Invalid argument") 235 root = kern.GetValueFromAddress(cmd_args[0], "struct sched_clutch_root *") 236 if not root: 237 print("unknown arguments:", str(cmd_args)) 238 return False 239 print("{:>30s} : 0x{:<16x}".format("Root", root)) 240 print("{:>30s} : 0x{:<16x}".format("Pset", root.scr_pset)) 241 print("{:>30s} : {:d}".format("Priority", (root.scr_priority if root.scr_thr_count > 0 else -1))) 242 print("{:>30s} : {:d}".format("Urgency", root.scr_urgency)) 243 print("{:>30s} : {:d}".format("Threads", root.scr_thr_count)) 244 print("{:>30s} : {:d}".format("Current Timestamp", GetRecentTimestamp())) 245 print("{:>30s} : {:b} (BG/UT/DF/IN/FG/FIX/NULL)".format("Runnable Root Buckets Bitmap", int(root.scr_runnable_bitmap[0]))) 246 247@lldb_command('showschedclutchrootbucket') 248def ShowSchedClutchRootBucket(cmd_args=[]): 249 """ show information about a root bucket in the sched clutch hierarchy 250 Usage: showschedclutchrootbucket <root_bucket> 251 """ 252 if not cmd_args: 253 raise ArgumentError("Invalid argument") 254 root_bucket = kern.GetValueFromAddress(cmd_args[0], "struct sched_clutch_root_bucket *") 255 if not root_bucket: 256 print("unknown arguments:", str(cmd_args)) 257 return False 258 print("{:<30s} : 0x{:<16x}".format("Root Bucket", root_bucket)) 259 print("{:<30s} : {:s}".format("Bucket Name", bucketStr[int(root_bucket.scrb_bucket)])) 260 print("{:<30s} : {:d}".format("Deadline", (root_bucket.scrb_pqlink.deadline if root_bucket.scrb_clutch_buckets.scbrq_count != 0 else 0))) 261 print("{:<30s} : {:d}".format("Current Timestamp", GetRecentTimestamp())) 262 print("\n") 263 clutch_bucket_runq = root_bucket.scrb_clutch_buckets 264 clutch_bucket_list = [] 265 for pri in range(0,128): 266 clutch_bucket_circleq = clutch_bucket_runq.scbrq_queues[pri] 267 for clutch_bucket in IterateCircleQueue(clutch_bucket_circleq, 'struct sched_clutch_bucket', 'scb_runqlink'): 268 clutch_bucket_list.append(clutch_bucket) 269 if len(clutch_bucket_list) > 0: 270 print("=" * 240) 271 print("{:>30s} | {:>18s} | {:>20s} | {:>20s} | ".format("Name", "Clutch Bucket", "Priority", "Count") + GetSchedClutchBucketSummary.header) 272 print("=" * 240) 273 clutch_bucket_list.sort(key=lambda x: x.scb_priority, reverse=True) 274 for clutch_bucket in clutch_bucket_list: 275 print("{:>30s} | 0x{:<16x} | {:>20d} | {:>20d} | ".format(clutch_bucket.scb_group.scbg_clutch.sc_tg.tg_name, clutch_bucket, clutch_bucket.scb_priority, clutch_bucket.scb_thr_count) + GetSchedClutchBucketSummary(clutch_bucket)) 276 277def SchedClutchBucketDetails(clutch_bucket): 278 print("{:<30s} : 0x{:<16x}".format("Clutch Bucket", clutch_bucket)) 279 print("{:<30s} : {:s}".format("Scheduling Bucket", bucketStr[(int)(clutch_bucket.scb_bucket)])) 280 print("{:<30s} : 0x{:<16x}".format("Clutch Bucket Group", clutch_bucket.scb_group)) 281 print("{:<30s} : {:s}".format("TG Name", clutch_bucket.scb_group.scbg_clutch.sc_tg.tg_name)) 282 print("{:<30s} : {:d}".format("Priority", clutch_bucket.scb_priority)) 283 print("{:<30s} : {:d}".format("Thread Count", clutch_bucket.scb_thr_count)) 284 print("{:<30s} : 0x{:<16x}".format("Thread Group", clutch_bucket.scb_group.scbg_clutch.sc_tg)) 285 print("{:<30s} : {:6d} (inherited from clutch bucket group)".format("Interactivity Score", clutch_bucket.scb_group.scbg_interactivity_data.scct_count)) 286 print("{:<30s} : {:6d} (inherited from clutch bucket group)".format("Last Timeshare Update Tick", clutch_bucket.scb_group.scbg_timeshare_tick)) 287 print("{:<30s} : {:6d} (inherited from clutch bucket group)".format("Priority Shift", clutch_bucket.scb_group.scbg_pri_shift)) 288 print("\n") 289 runq = clutch_bucket.scb_clutchpri_prioq 290 thread_list = [] 291 for thread in IterateSchedPriorityQueue(runq, 'struct thread', 'th_clutch_pri_link'): 292 thread_list.append(thread) 293 if len(thread_list) > 0: 294 print("=" * 240) 295 print(GetThreadSummary.header + "{:s}".format("Process Name")) 296 print("=" * 240) 297 for thread in thread_list: 298 proc = thread.t_tro.tro_proc 299 print(GetThreadSummary(thread) + "{:s}".format(GetProcName(proc))) 300 301@lldb_command('showschedclutchbucket') 302def ShowSchedClutchBucket(cmd_args=[]): 303 """ show information about a clutch bucket in the sched clutch hierarchy 304 Usage: showschedclutchbucket <clutch_bucket> 305 """ 306 if not cmd_args: 307 raise ArgumentError("Invalid argument") 308 clutch_bucket = kern.GetValueFromAddress(cmd_args[0], "struct sched_clutch_bucket *") 309 if not clutch_bucket: 310 print("unknown arguments:", str(cmd_args)) 311 return False 312 SchedClutchBucketDetails(clutch_bucket) 313 314@lldb_command('abs2nano') 315def ShowAbstimeToNanoTime(cmd_args=[]): 316 """ convert mach_absolute_time units to nano seconds 317 Usage: (lldb) abs2nano <timestamp in MATUs> 318 """ 319 if not cmd_args: 320 raise ArgumentError("Invalid argument") 321 timedata = ArgumentStringToInt(cmd_args[0]) 322 ns = kern.GetNanotimeFromAbstime(timedata) 323 us = float(ns) / 1000 324 ms = us / 1000 325 s = ms / 1000 326 327 if s > 60 : 328 m = s // 60 329 h = m // 60 330 d = h // 24 331 332 print("{:d} ns, {:f} us, {:f} ms, {:f} s, {:f} m, {:f} h, {:f} d".format(ns, us, ms, s, m, h, d)) 333 else: 334 print("{:d} ns, {:f} us, {:f} ms, {:f} s".format(ns, us, ms, s)) 335 336 # Macro: showschedhistory 337 338def GetRecentTimestamp(): 339 """ 340 Return a recent timestamp. 341 TODO: on x86, if not in the debugger, then look at the scheduler 342 """ 343 if kern.arch == 'x86_64': 344 most_recent_dispatch = GetSchedMostRecentDispatch(False) 345 if most_recent_dispatch > kern.globals.debugger_entry_time : 346 return most_recent_dispatch 347 else : 348 return kern.globals.debugger_entry_time 349 else : 350 return GetSchedMostRecentDispatch(False) 351 352def GetSchedMostRecentDispatch(show_processor_details=False): 353 """ Return the most recent dispatch on the system, printing processor 354 details if argument is true. 355 """ 356 357 most_recent_dispatch = 0 358 359 for current_processor in IterateLinkedList(kern.globals.processor_list, 'processor_list') : 360 active_thread = current_processor.active_thread 361 thread_id = 0 362 363 if unsigned(active_thread) != 0 : 364 task_val = active_thread.t_tro.tro_task 365 proc_val = active_thread.t_tro.tro_proc 366 proc_name = "<unknown>" if unsigned(proc_val) == 0 else GetProcName(proc_val) 367 thread_id = active_thread.thread_id 368 369 last_dispatch = unsigned(current_processor.last_dispatch) 370 371 if kern.arch == 'x86_64': 372 cpu_data = kern.globals.cpu_data_ptr[current_processor.cpu_id] 373 if (cpu_data != 0) : 374 cpu_debugger_time = max(cpu_data.debugger_entry_time, cpu_data.debugger_ipi_time) 375 time_since_dispatch = unsigned(cpu_debugger_time - last_dispatch) 376 time_since_dispatch_us = kern.GetNanotimeFromAbstime(time_since_dispatch) / 1000.0 377 time_since_debugger = unsigned(cpu_debugger_time - kern.globals.debugger_entry_time) 378 time_since_debugger_us = kern.GetNanotimeFromAbstime(time_since_debugger) / 1000.0 379 380 if show_processor_details: 381 print("Processor last dispatch: {:16d} Entered debugger: {:16d} ({:8.3f} us after dispatch, {:8.3f} us after debugger) Active thread: 0x{t:<16x} 0x{thread_id:<8x} {proc_name:s}".format(last_dispatch, cpu_debugger_time, 382 time_since_dispatch_us, time_since_debugger_us, t=active_thread, thread_id=thread_id, proc_name=proc_name)) 383 else: 384 if show_processor_details: 385 print("Processor last dispatch: {:16d} Active thread: 0x{t:<16x} 0x{thread_id:<8x} {proc_name:s}".format(last_dispatch, t=active_thread, thread_id=thread_id, proc_name=proc_name)) 386 387 if last_dispatch > most_recent_dispatch: 388 most_recent_dispatch = last_dispatch 389 390 return most_recent_dispatch 391 392@header("{:<18s} {:<10s} {:>16s} {:>16s} {:>16s} {:>16s} {:>18s} {:>16s} {:>16s} {:>16s} {:>16s} {:2s} {:2s} {:2s} {:>2s} {:<19s} {:<9s} {:>10s} {:>10s} {:>10s} {:>10s} {:>10s} {:>11s} {:>8s}".format("thread", "id", "on-core", "off-core", "runnable", "prichange", "last-duration (us)", "since-off (us)", "since-on (us)", "pending (us)", "pri-change (us)", "BP", "SP", "TP", "MP", "sched-mode", "state", "cpu-usage", "delta", "sch-usage", "stamp", "shift", "task", "thread-name")) 393def ShowThreadSchedHistory(thread, most_recent_dispatch): 394 """ Given a thread and the most recent dispatch time of a thread on the 395 system, print out details about scheduler history for the thread. 396 """ 397 398 thread_name = "" 399 400 uthread = GetBSDThread(thread) 401 # Doing the straightforward thing blows up weirdly, so use some indirections to get back on track 402 if unsigned(uthread.pth_name) != 0 : 403 thread_name = str(kern.GetValueFromAddress(unsigned(uthread.pth_name), 'char*')) 404 405 task = thread.t_tro.tro_task 406 407 task_name = "unknown" 408 p = GetProcFromTask(task) 409 if task and p: 410 task_name = GetProcName(p) 411 412 sched_mode = "" 413 414 mode = str(thread.sched_mode) 415 if "TIMESHARE" in mode: 416 sched_mode+="timeshare" 417 elif "FIXED" in mode: 418 sched_mode+="fixed" 419 elif "REALTIME" in mode: 420 sched_mode+="realtime" 421 422 if (unsigned(thread.bound_processor) != 0): 423 sched_mode+="-bound" 424 425 # TH_SFLAG_THROTTLED 426 if (unsigned(thread.sched_flags) & 0x0004): 427 sched_mode+="-BG" 428 429 state = thread.state 430 431 thread_state_chars = {0x0:'', 0x1:'W', 0x2:'S', 0x4:'R', 0x8:'U', 0x10:'H', 0x20:'A', 0x40:'P', 0x80:'I'} 432 state_str = '' 433 mask = 0x1 434 while mask <= 0x80 : 435 state_str += thread_state_chars[int(state & mask)] 436 mask = mask << 1 437 438 last_on = thread.computation_epoch 439 last_off = thread.last_run_time 440 last_runnable = thread.last_made_runnable_time 441 last_prichange = thread.last_basepri_change_time 442 443 if int(last_runnable) == 18446744073709551615 : 444 last_runnable = 0 445 446 if int(last_prichange) == 18446744073709551615 : 447 last_prichange = 0 448 449 time_on_abs = unsigned(last_off - last_on) 450 time_on_us = kern.GetNanotimeFromAbstime(time_on_abs) / 1000.0 451 452 time_pending_abs = unsigned(most_recent_dispatch - last_runnable) 453 time_pending_us = kern.GetNanotimeFromAbstime(time_pending_abs) / 1000.0 454 455 if int(last_runnable) == 0 : 456 time_pending_us = 0 457 458 last_prichange_abs = unsigned(most_recent_dispatch - last_prichange) 459 last_prichange_us = kern.GetNanotimeFromAbstime(last_prichange_abs) / 1000.0 460 461 if int(last_prichange) == 0 : 462 last_prichange_us = 0 463 464 time_since_off_abs = unsigned(most_recent_dispatch - last_off) 465 time_since_off_us = kern.GetNanotimeFromAbstime(time_since_off_abs) / 1000.0 466 time_since_on_abs = unsigned(most_recent_dispatch - last_on) 467 time_since_on_us = kern.GetNanotimeFromAbstime(time_since_on_abs) / 1000.0 468 469 fmt = "0x{t:<16x} 0x{t.thread_id:<8x} {t.computation_epoch:16d} {t.last_run_time:16d} {last_runnable:16d} {last_prichange:16d} {time_on_us:18.3f} {time_since_off_us:16.3f} {time_since_on_us:16.3f} {time_pending_us:16.3f} {last_prichange_us:16.3f}" 470 fmt2 = " {t.base_pri:2d} {t.sched_pri:2d} {t.task_priority:2d} {t.max_priority:2d} {sched_mode:19s}" 471 fmt3 = " {state:9s} {t.cpu_usage:10d} {t.cpu_delta:10d} {t.sched_usage:10d} {t.sched_stamp:10d} {t.pri_shift:10d} {name:s} {thread_name:s}" 472 473 out_str = fmt.format(t=thread, time_on_us=time_on_us, time_since_off_us=time_since_off_us, time_since_on_us=time_since_on_us, last_runnable=last_runnable, time_pending_us=time_pending_us, last_prichange=last_prichange, last_prichange_us=last_prichange_us) 474 out_str += fmt2.format(t=thread, sched_mode=sched_mode) 475 out_str += fmt3.format(t=thread, state=state_str, name=task_name, thread_name=thread_name) 476 477 print(out_str) 478 479def SortThreads(threads, column): 480 if column != 'on-core' and column != 'off-core' and column != 'last-duration': 481 raise ArgumentError("unsupported sort column") 482 if column == 'on-core': 483 threads.sort(key=lambda t: t.computation_epoch) 484 elif column == 'off-core': 485 threads.sort(key=lambda t: t.last_run_time) 486 else: 487 threads.sort(key=lambda t: t.last_run_time - t.computation_epoch) 488 489@lldb_command('showschedhistory', 'S:') 490def ShowSchedHistory(cmd_args=None, cmd_options=None): 491 """ Routine to print out thread scheduling history, optionally sorted by a 492 column. 493 494 Usage: showschedhistory [-S on-core|off-core|last-duration] [<thread-ptr> ...] 495 """ 496 497 sort_column = None 498 if '-S' in cmd_options: 499 sort_column = cmd_options['-S'] 500 501 if cmd_args: 502 most_recent_dispatch = GetSchedMostRecentDispatch(False) 503 504 print(ShowThreadSchedHistory.header) 505 506 if sort_column: 507 threads = [] 508 for thread_ptr in cmd_args: 509 threads.append(kern.GetValueFromAddress(ArgumentStringToInt(thread_ptr), 'thread *')) 510 511 SortThreads(threads, sort_column) 512 513 for thread in threads: 514 ShowThreadSchedHistory(thread, most_recent_dispatch) 515 else: 516 for thread_ptr in cmd_args: 517 thread = kern.GetValueFromAddress(ArgumentStringToInt(thread_ptr), 'thread *') 518 ShowThreadSchedHistory(thread, most_recent_dispatch) 519 520 return 521 522 run_buckets = kern.globals.sched_run_buckets 523 524 run_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_RUN')] 525 fixpri_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_FIXPRI')] 526 share_fg_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_FG')] 527 share_df_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_DF')] 528 share_ut_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_UT')] 529 share_bg_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_BG')] 530 531 sched_pri_shifts = kern.globals.sched_run_buckets 532 533 share_fg_shift = sched_pri_shifts[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_FG')] 534 share_df_shift = sched_pri_shifts[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_DF')] 535 share_ut_shift = sched_pri_shifts[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_UT')] 536 share_bg_shift = sched_pri_shifts[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_BG')] 537 538 539 print("Processors: {g.processor_avail_count:d} Runnable threads: {:d} Fixpri threads: {:d}\n".format(run_count, fixpri_count, g=kern.globals)) 540 print("FG Timeshare threads: {:d} DF Timeshare threads: {:d} UT Timeshare threads: {:d} BG Timeshare threads: {:d}\n".format(share_fg_count, share_df_count, share_ut_count, share_bg_count)) 541 print("Mach factor: {g.sched_mach_factor:d} Load factor: {g.sched_load_average:d} Sched tick: {g.sched_tick:d} timestamp: {g.sched_tick_last_abstime:d} interval:{g.sched_tick_interval:d}\n".format(g=kern.globals)) 542 print("Fixed shift: {g.sched_fixed_shift:d} FG shift: {:d} DF shift: {:d} UT shift: {:d} BG shift: {:d}\n".format(share_fg_shift, share_df_shift, share_ut_shift, share_bg_shift, g=kern.globals)) 543 print("sched_pri_decay_band_limit: {g.sched_pri_decay_band_limit:d} sched_decay_usage_age_factor: {g.sched_decay_usage_age_factor:d}\n".format(g=kern.globals)) 544 545 if kern.arch == 'x86_64': 546 print("debugger_entry_time: {g.debugger_entry_time:d}\n".format(g=kern.globals)) 547 548 most_recent_dispatch = GetSchedMostRecentDispatch(True) 549 print("Most recent dispatch: " + str(most_recent_dispatch)) 550 551 print(ShowThreadSchedHistory.header) 552 553 if sort_column: 554 threads = [t for t in IterateQueue(kern.globals.threads, 'thread *', 'threads')] 555 556 SortThreads(threads, sort_column) 557 558 for thread in threads: 559 ShowThreadSchedHistory(thread, most_recent_dispatch) 560 else: 561 for thread in IterateQueue(kern.globals.threads, 'thread *', 'threads'): 562 ShowThreadSchedHistory(thread, most_recent_dispatch) 563 564 565# EndMacro: showschedhistory 566 567def int32(n): 568 n = n & 0xffffffff 569 return (n ^ 0x80000000) - 0x80000000 570 571# Macro: showallprocessors 572 573def ShowGroupSetSummary(runq, task_map): 574 """ Internal function to print summary of group run queue 575 params: runq - value representing struct run_queue * 576 """ 577 578 print(" runq: count {: <10d} highq: {: <10d} urgency {: <10d}\n".format(runq.count, int32(runq.highq), runq.urgency)) 579 580 runq_queue_i = 0 581 runq_queue_count = sizeof(runq.queues) // sizeof(runq.queues[0]) 582 583 for runq_queue_i in range(runq_queue_count) : 584 runq_queue_head = addressof(runq.queues[runq_queue_i]) 585 runq_queue_p = runq_queue_head.next 586 587 if unsigned(runq_queue_p) != unsigned(runq_queue_head): 588 runq_queue_this_count = 0 589 590 for entry in ParanoidIterateLinkageChain(runq_queue_head, "sched_entry_t", "entry_links", circleQueue=True): 591 runq_queue_this_count += 1 592 593 print(" Queue [{: <#012x}] Priority {: <3d} count {:d}\n".format(runq_queue_head, runq_queue_i, runq_queue_this_count)) 594 for entry in ParanoidIterateLinkageChain(runq_queue_head, "sched_entry_t", "entry_links", circleQueue=True): 595 group_addr = unsigned(entry) - (sizeof(dereference(entry)) * unsigned(entry.sched_pri)) 596 group = kern.GetValueFromAddress(unsigned(group_addr), 'sched_group_t') 597 task = task_map.get(unsigned(group), 0x0) 598 if task == 0x0 : 599 print("Cannot find task for group: {: <#012x}".format(group)) 600 print("\tEntry [{: <#012x}] Priority {: <3d} Group {: <#012x} Task {: <#012x}\n".format(unsigned(entry), entry.sched_pri, unsigned(group), unsigned(task))) 601 602@lldb_command('showrunq') 603def ShowRunq(cmd_args=None): 604 """ Routine to print information of a runq 605 Usage: showrunq <runq> 606 """ 607 608 if not cmd_args: 609 print("No arguments passed") 610 print(ShowRunq.__doc__) 611 return False 612 613 runq = kern.GetValueFromAddress(cmd_args[0], 'struct run_queue *') 614 ShowRunQSummary(runq) 615 616def ShowRunQSummary(runq): 617 """ Internal function to print summary of run_queue 618 params: runq - value representing struct run_queue * 619 """ 620 621 print(" runq: count {: <10d} highq: {: <10d} urgency {: <10d}\n".format(runq.count, int32(runq.highq), runq.urgency)) 622 623 runq_queue_i = 0 624 runq_queue_count = sizeof(runq.queues) // sizeof(runq.queues[0]) 625 626 for runq_queue_i in range(runq_queue_count) : 627 runq_queue_head = addressof(runq.queues[runq_queue_i]) 628 runq_queue_p = runq_queue_head.head 629 630 if unsigned(runq_queue_p): 631 runq_queue_this_count = 0 632 633 for thread in ParanoidIterateLinkageChain(runq_queue_head, "thread_t", "runq_links", circleQueue=True): 634 runq_queue_this_count += 1 635 636 print(" Queue [{: <#012x}] Priority {: <3d} count {:d}\n".format(runq_queue_head, runq_queue_i, runq_queue_this_count)) 637 print("\t" + GetThreadSummary.header + "\n") 638 for thread in ParanoidIterateLinkageChain(runq_queue_head, "thread_t", "runq_links", circleQueue=True): 639 print("\t" + GetThreadSummary(thread) + "\n") 640 if config['verbosity'] > vHUMAN : 641 print("\t" + GetThreadBackTrace(thread, prefix="\t\t") + "\n") 642 643def ShowRTRunQSummary(rt_runq): 644 if (hex(rt_runq.count) == hex(0xfdfdfdfd)) : 645 print(" Realtime Queue ({:<#012x}) uninitialized\n".format(rt_runq)) 646 return 647 print(" Realtime Queue ({:<#012x}) Count {:d}\n".format(rt_runq, rt_runq.count)) 648 if rt_runq.count != 0: 649 rt_pri_bitmap = int(rt_runq.bitmap[0]) 650 for rt_index in IterateBitmap(rt_pri_bitmap): 651 rt_pri_rq = addressof(rt_runq.rt_queue_pri[rt_index]) 652 print(" Realtime Queue Index {:d} ({:<#012x}) Count {:d}\n".format(rt_index, rt_pri_rq, rt_pri_rq.pri_count)) 653 print("\t" + GetThreadSummary.header + "\n") 654 for rt_runq_thread in ParanoidIterateLinkageChain(rt_pri_rq.pri_queue, "thread_t", "runq_links", circleQueue=False): 655 print("\t" + GetThreadSummary(rt_runq_thread) + "\n") 656 657def ShowGrrrSummary(grrr_runq): 658 """ Internal function to print summary of grrr_run_queue 659 params: grrr_runq - value representing struct grrr_run_queue * 660 """ 661 print(" GRRR Info: Count {: <10d} Weight {: <10d} Current Group {: <#012x}\n".format(grrr_runq.count, 662 grrr_runq.weight, grrr_runq.current_group)) 663 grrr_group_i = 0 664 grrr_group_count = sizeof(grrr_runq.groups) // sizeof(grrr_runq.groups[0]) 665 for grrr_group_i in range(grrr_group_count) : 666 grrr_group = addressof(grrr_runq.groups[grrr_group_i]) 667 if grrr_group.count > 0: 668 print(" Group {: <3d} [{: <#012x}] ".format(grrr_group.index, grrr_group)) 669 print("Count {:d} Weight {:d}\n".format(grrr_group.count, grrr_group.weight)) 670 grrr_group_client_head = addressof(grrr_group.clients) 671 print(GetThreadSummary.header) 672 for thread in ParanoidIterateLinkageChain(grrr_group_client_head, "thread_t", "runq_links", circleQueue=True): 673 print("\t" + GetThreadSummary(thread) + "\n") 674 if config['verbosity'] > vHUMAN : 675 print("\t" + GetThreadBackTrace(thread, prefix="\t\t") + "\n") 676 677def ShowActiveThread(processor): 678 if (processor.active_thread != 0) : 679 print("\t" + GetThreadSummary.header + "\n") 680 print("\t" + GetThreadSummary(processor.active_thread) + "\n") 681 682@lldb_command('showallprocessors') 683@lldb_command('showscheduler') 684def ShowScheduler(cmd_args=None): 685 """ Routine to print information of all psets and processors 686 Usage: showscheduler 687 """ 688 node = addressof(kern.globals.pset_node0) 689 show_grrr = 0 690 show_priority_runq = 0 691 show_priority_pset_runq = 0 692 show_group_pset_runq = 0 693 show_clutch = 0 694 show_edge = 0 695 sched_string = str(kern.globals.sched_string) 696 697 if sched_string == "traditional": 698 show_priority_runq = 1 699 elif sched_string == "traditional_with_pset_runqueue": 700 show_priority_pset_runq = 1 701 elif sched_string == "grrr": 702 show_grrr = 1 703 elif sched_string == "multiq": 704 show_priority_runq = 1 705 show_group_pset_runq = 1 706 elif sched_string == "dualq": 707 show_priority_pset_runq = 1 708 show_priority_runq = 1 709 elif sched_string == "amp": 710 show_priority_pset_runq = 1 711 show_priority_runq = 1 712 elif sched_string == "clutch": 713 show_clutch = 1 714 elif sched_string == "edge": 715 show_edge = 1 716 else : 717 print("Unknown sched_string {:s}".format(sched_string)) 718 719 print("Scheduler: {:s}\n".format(sched_string)) 720 721 if show_clutch == 0 and show_edge == 0: 722 run_buckets = kern.globals.sched_run_buckets 723 run_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_RUN')] 724 fixpri_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_FIXPRI')] 725 share_fg_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_FG')] 726 share_df_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_DF')] 727 share_ut_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_UT')] 728 share_bg_count = run_buckets[GetEnumValue('sched_bucket_t::TH_BUCKET_SHARE_BG')] 729 print("Processors: {g.processor_avail_count:d} Runnable threads: {:d} Fixpri threads: {:d}\n".format(run_count, fixpri_count, g=kern.globals)) 730 print("FG Timeshare threads: {:d} DF Timeshare threads: {:d} UT Timeshare threads: {:d} BG Timeshare threads: {:d}\n".format(share_fg_count, share_df_count, share_ut_count, share_bg_count)) 731 732 processor_offline = GetEnumValue('processor_state_t::PROCESSOR_OFF_LINE') 733 processor_idle = GetEnumValue('processor_state_t::PROCESSOR_IDLE') 734 processor_dispatching = GetEnumValue('processor_state_t::PROCESSOR_DISPATCHING') 735 processor_running = GetEnumValue('processor_state_t::PROCESSOR_RUNNING') 736 737 if show_group_pset_runq: 738 if hasattr(kern.globals, "multiq_sanity_check"): 739 print("multiq scheduler config: deep-drain {g.deep_drain:d}, ceiling {g.drain_ceiling:d}, depth limit {g.drain_depth_limit:d}, band limit {g.drain_band_limit:d}, sanity check {g.multiq_sanity_check:d}\n".format(g=kern.globals)) 740 else: 741 print("multiq scheduler config: deep-drain {g.deep_drain:d}, ceiling {g.drain_ceiling:d}, depth limit {g.drain_depth_limit:d}, band limit {g.drain_band_limit:d}\n".format(g=kern.globals)) 742 743 # Create a group->task mapping 744 task_map = {} 745 for task in kern.tasks: 746 task_map[unsigned(task.sched_group)] = task 747 for task in kern.terminated_tasks: 748 task_map[unsigned(task.sched_group)] = task 749 750 print(" \n") 751 752 while node != 0: 753 pset = node.psets 754 pset = kern.GetValueFromAddress(unsigned(pset), 'struct processor_set *') 755 756 while pset != 0: 757 print("Processor Set {: <#012x} Count {:d} (cpu_id {:<#x}-{:<#x})\n".format(pset, 758 unsigned(pset.cpu_set_count), pset.cpu_set_low, pset.cpu_set_hi)) 759 760 rt_runq = kern.GetValueFromAddress(unsigned(addressof(pset.rt_runq)), 'struct rt_queue *') 761 ShowRTRunQSummary(rt_runq) 762 763 if show_priority_pset_runq: 764 runq = kern.GetValueFromAddress(unsigned(addressof(pset.pset_runq)), 'struct run_queue *') 765 ShowRunQSummary(runq) 766 767 if show_group_pset_runq: 768 print("Main Runq:\n") 769 runq = kern.GetValueFromAddress(unsigned(addressof(pset.pset_runq)), 'struct run_queue *') 770 ShowGroupSetSummary(runq, task_map) 771 print("All Groups:\n") 772 # TODO: Possibly output task header for each group 773 for group in IterateQueue(kern.globals.sched_groups, "sched_group_t", "sched_groups"): 774 if (group.runq.count != 0) : 775 task = task_map.get(unsigned(group), "Unknown task!") 776 print("Group {: <#012x} Task {: <#012x}\n".format(unsigned(group), unsigned(task))) 777 ShowRunQSummary(group.runq) 778 print(" \n") 779 780 processor_array = kern.globals.processor_array 781 782 print("Active Processors:\n") 783 active_bitmap = int(pset.cpu_state_map[processor_dispatching]) | int(pset.cpu_state_map[processor_running]) 784 for cpuid in IterateBitmap(active_bitmap): 785 processor = processor_array[cpuid] 786 if processor != 0: 787 print(" " + GetProcessorSummary(processor)) 788 ShowActiveThread(processor) 789 790 if show_priority_runq: 791 runq = processor.runq 792 ShowRunQSummary(runq) 793 if show_grrr: 794 grrr_runq = processor.grrr_runq 795 ShowGrrrSummary(grrr_runq) 796 print(" \n") 797 798 799 print("Idle Processors:\n") 800 idle_bitmap = int(pset.cpu_state_map[processor_idle]) & int(pset.primary_map) 801 for cpuid in IterateBitmap(idle_bitmap): 802 processor = processor_array[cpuid] 803 if processor != 0: 804 print(" " + GetProcessorSummary(processor)) 805 ShowActiveThread(processor) 806 807 if show_priority_runq: 808 ShowRunQSummary(processor.runq) 809 print(" \n") 810 811 812 print("Idle Secondary Processors:\n") 813 idle_bitmap = int(pset.cpu_state_map[processor_idle]) & ~(int(pset.primary_map)) 814 for cpuid in IterateBitmap(idle_bitmap): 815 processor = processor_array[cpuid] 816 if processor != 0: 817 print(" " + GetProcessorSummary(processor)) 818 ShowActiveThread(processor) 819 820 if show_priority_runq: 821 print(ShowRunQSummary(processor.runq)) 822 print(" \n") 823 824 825 print("Other Processors:\n") 826 other_bitmap = 0 827 for i in range(processor_offline, processor_idle): 828 other_bitmap |= int(pset.cpu_state_map[i]) 829 other_bitmap &= int(pset.cpu_bitmask) 830 for cpuid in IterateBitmap(other_bitmap): 831 processor = processor_array[cpuid] 832 if processor != 0: 833 print(" " + GetProcessorSummary(processor)) 834 ShowActiveThread(processor) 835 836 if show_priority_runq: 837 ShowRunQSummary(processor.runq) 838 print(" \n") 839 840 if show_clutch or show_edge: 841 cluster_type = "SMP" 842 if pset.pset_type == 1: 843 cluster_type = "E" 844 elif pset.pset_type == 2: 845 cluster_type = "P" 846 print("=== Clutch Scheduler Hierarchy Pset{:d} (Type: {:s}) ] ===\n\n".format(pset.pset_cluster_id, cluster_type)) 847 ShowSchedClutchForPset(pset) 848 849 pset = pset.pset_list 850 851 node = node.node_list 852 853 print("\nCrashed Threads Queue: ({:<#012x})\n".format(addressof(kern.globals.crashed_threads_queue))) 854 first = True 855 for thread in ParanoidIterateLinkageChain(kern.globals.crashed_threads_queue, "thread_t", "runq_links"): 856 if first: 857 print("\t" + GetThreadSummary.header) 858 first = False 859 print("\t" + GetThreadSummary(thread)) 860 861 def dump_mpsc_thread_queue(name, head): 862 head = addressof(head) 863 print("\n{:s}: ({:<#012x})\n".format(name, head)) 864 first = True 865 for thread in IterateMPSCQueue(head.mpd_queue, 'struct thread', 'mpsc_links'): 866 if first: 867 print("\t" + GetThreadSummary.header) 868 first = False 869 print("\t" + GetThreadSummary(thread)) 870 871 dump_mpsc_thread_queue("Terminate Queue", kern.globals.thread_terminate_queue) 872 dump_mpsc_thread_queue("Waiting For Kernel Stacks Queue", kern.globals.thread_stack_queue) 873 dump_mpsc_thread_queue("Thread Exception Queue", kern.globals.thread_exception_queue) 874 dump_mpsc_thread_queue("Thread Deallocate Queue", kern.globals.thread_deallocate_queue) 875 876 print("\n") 877 878 print("\n") 879 880# EndMacro: showallprocessors 881 882 883def ParanoidIterateLinkageChain(queue_head, element_type, field_name, field_ofst=0, circleQueue=False): 884 """ Iterate over a Linkage Chain queue in kernel of type queue_head_t or circle_queue_head_t. (osfmk/kern/queue.h method 1 or circle_queue.h) 885 This is equivalent to the qe_foreach_element() macro 886 Blows up aggressively and descriptively when something goes wrong iterating a queue. 887 Prints correctness errors, and throws exceptions on 'cannot proceed' errors 888 If this is annoying, set the global 'enable_paranoia' to false. 889 890 params: 891 queue_head - value : Value object for queue_head. 892 element_type - lldb.SBType : pointer type of the element which contains the queue_chain_t. Typically its structs like thread, task etc.. 893 - str : OR a string describing the type. ex. 'task *' 894 field_name - str : Name of the field (in element) which holds a queue_chain_t 895 field_ofst - int : offset from the 'field_name' (in element) which holds a queue_chain_t 896 This is mostly useful if a particular element contains an array of queue_chain_t 897 returns: 898 A generator does not return. It is used for iterating. 899 value : An object thats of type (element_type). Always a pointer object 900 example usage: 901 for thread in IterateQueue(kern.globals.threads, 'thread *', 'threads'): 902 print thread.thread_id 903 """ 904 905 if isinstance(element_type, six.string_types): 906 element_type = gettype(element_type) 907 908 # Some ways of constructing a queue head seem to end up with the 909 # struct object as the value and not a pointer to the struct head 910 # In that case, addressof will give us a pointer to the struct, which is what we need 911 if not queue_head.GetSBValue().GetType().IsPointerType() : 912 queue_head = addressof(queue_head) 913 914 if circleQueue: 915 # Mosh the value into a brand new value, to really get rid of its old cvalue history 916 queue_head = kern.GetValueFromAddress(unsigned(queue_head), 'struct circle_queue_head *').head 917 else: 918 # Mosh the value into a brand new value, to really get rid of its old cvalue history 919 queue_head = kern.GetValueFromAddress(unsigned(queue_head), 'struct queue_entry *') 920 921 if unsigned(queue_head) == 0: 922 if not circleQueue and ParanoidIterateLinkageChain.enable_paranoia: 923 print("bad queue_head_t: {:s}".format(queue_head)) 924 return 925 926 if element_type.IsPointerType(): 927 struct_type = element_type.GetPointeeType() 928 else: 929 struct_type = element_type 930 931 elem_ofst = getfieldoffset(struct_type, field_name) + field_ofst 932 933 try: 934 link = queue_head.next 935 last_link = queue_head 936 try_read_next = unsigned(queue_head.next) 937 except: 938 print("Exception while looking at queue_head: {:>#18x}".format(unsigned(queue_head))) 939 raise 940 941 if ParanoidIterateLinkageChain.enable_paranoia: 942 if unsigned(queue_head.next) == 0: 943 raise ValueError("NULL next pointer on head: queue_head {:>#18x} next: {:>#18x} prev: {:>#18x}".format(queue_head, queue_head.next, queue_head.prev)) 944 if unsigned(queue_head.prev) == 0: 945 print("NULL prev pointer on head: queue_head {:>#18x} next: {:>#18x} prev: {:>#18x}".format(queue_head, queue_head.next, queue_head.prev)) 946 if unsigned(queue_head.next) == unsigned(queue_head) and unsigned(queue_head.prev) != unsigned(queue_head): 947 print("corrupt queue_head {:>#18x} next: {:>#18x} prev: {:>#18x}".format(queue_head, queue_head.next, queue_head.prev)) 948 949 if ParanoidIterateLinkageChain.enable_debug : 950 print("starting at queue_head {:>#18x} next: {:>#18x} prev: {:>#18x}".format(queue_head, queue_head.next, queue_head.prev)) 951 952 addr = 0 953 obj = 0 954 955 try: 956 while True: 957 if not circleQueue and unsigned(queue_head) == unsigned(link): 958 break; 959 if ParanoidIterateLinkageChain.enable_paranoia: 960 if unsigned(link.next) == 0: 961 raise ValueError("NULL next pointer: queue_head {:>#18x} link: {:>#18x} next: {:>#18x} prev: {:>#18x}".format(queue_head, link, link.next, link.prev)) 962 if unsigned(link.prev) == 0: 963 print("NULL prev pointer: queue_head {:>#18x} link: {:>#18x} next: {:>#18x} prev: {:>#18x}".format(queue_head, link, link.next, link.prev)) 964 if unsigned(last_link) != unsigned(link.prev): 965 print("Corrupt prev pointer: queue_head {:>#18x} link: {:>#18x} next: {:>#18x} prev: {:>#18x} prev link: {:>#18x} ".format( 966 queue_head, link, link.next, link.prev, last_link)) 967 968 addr = unsigned(link) - unsigned(elem_ofst); 969 obj = kern.GetValueFromAddress(addr, element_type) 970 if ParanoidIterateLinkageChain.enable_debug : 971 print("yielding link: {:>#18x} next: {:>#18x} prev: {:>#18x} addr: {:>#18x} obj: {:>#18x}".format(link, link.next, link.prev, addr, obj)) 972 yield obj 973 last_link = link 974 link = link.next 975 if circleQueue and unsigned(queue_head) == unsigned(link): 976 break; 977 except: 978 exc_info = sys.exc_info() 979 try: 980 print("Exception while iterating queue: {:>#18x} link: {:>#18x} addr: {:>#18x} obj: {:>#18x} last link: {:>#18x}".format(queue_head, link, addr, obj, last_link)) 981 except: 982 import traceback 983 traceback.print_exc() 984 raise_(exc_info[0], exc_info[1], exc_info[2]) 985 986ParanoidIterateLinkageChain.enable_paranoia = True 987ParanoidIterateLinkageChain.enable_debug = False 988 989def LinkageChainEmpty(queue_head): 990 if not queue_head.GetSBValue().GetType().IsPointerType() : 991 queue_head = addressof(queue_head) 992 993 # Mosh the value into a brand new value, to really get rid of its old cvalue history 994 # avoid using GetValueFromAddress 995 queue_head = value(queue_head.GetSBValue().CreateValueFromExpression(None,'(void *)'+str(unsigned(queue_head)))) 996 queue_head = cast(queue_head, 'struct queue_entry *') 997 998 link = queue_head.next 999 1000 return unsigned(queue_head) == unsigned(link) 1001 1002def bit_first(bitmap): 1003 return bitmap.bit_length() - 1 1004 1005def lsb_first(bitmap): 1006 bitmap = bitmap & -bitmap 1007 return bit_first(bitmap) 1008 1009def IterateBitmap(bitmap): 1010 """ Iterate over a bitmap, returning the index of set bits starting from 0 1011 1012 params: 1013 bitmap - value : bitmap 1014 returns: 1015 A generator does not return. It is used for iterating. 1016 value : index of a set bit 1017 example usage: 1018 for cpuid in IterateBitmap(running_bitmap): 1019 print processor_array[cpuid] 1020 """ 1021 i = lsb_first(bitmap) 1022 while (i >= 0): 1023 yield i 1024 bitmap = bitmap & ~((1 << (i + 1)) - 1) 1025 i = lsb_first(bitmap) 1026 1027 1028# Macro: showallcallouts 1029 1030from kevent import GetKnoteKqueue 1031 1032def ShowThreadCall(prefix, call, recent_timestamp, pqueue, is_pending=False): 1033 """ 1034 Print a description of a thread_call_t and its relationship to its expected fire time 1035 """ 1036 func = call.tc_func 1037 param0 = call.tc_param0 1038 param1 = call.tc_param1 1039 1040 is_iotes = False 1041 1042 func_name = kern.Symbolicate(func) 1043 1044 extra_string = "" 1045 1046 strip_func = kern.StripKernelPAC(unsigned(func)) 1047 1048 func_syms = kern.SymbolicateFromAddress(strip_func) 1049 # returns an array of SBSymbol 1050 1051 if func_syms and func_syms[0] : 1052 func_name = func_syms[0].GetName() 1053 1054 try : 1055 if ("IOTimerEventSource::timeoutAndRelease" in func_name or 1056 "IOTimerEventSource::timeoutSignaled" in func_name) : 1057 iotes = Cast(call.tc_param0, 'IOTimerEventSource*') 1058 try: 1059 func = iotes.action 1060 param0 = iotes.owner 1061 param1 = unsigned(iotes) 1062 except AttributeError: 1063 # This is horrible, horrible, horrible. But it works. Needed because IOEventSource hides the action member in an 1064 # anonymous union when XNU_PRIVATE_SOURCE is set. To grab it, we work backwards from the enabled member. 1065 func = dereference(kern.GetValueFromAddress(addressof(iotes.enabled) - sizeof('IOEventSource::Action'), 'uint64_t *')) 1066 param0 = iotes.owner 1067 param1 = unsigned(iotes) 1068 1069 workloop = iotes.workLoop 1070 thread = workloop.workThread 1071 1072 is_iotes = True 1073 1074 # re-symbolicate the func we found inside the IOTES 1075 strip_func = kern.StripKernelPAC(unsigned(func)) 1076 func_syms = kern.SymbolicateFromAddress(strip_func) 1077 if func_syms and func_syms[0] : 1078 func_name = func_syms[0].GetName() 1079 else : 1080 func_name = str(FindKmodNameForAddr(func)) 1081 1082 # cast from IOThread to thread_t, because IOThread is sometimes opaque 1083 thread = Cast(thread, 'thread_t') 1084 thread_id = thread.thread_id 1085 thread_name = GetThreadName(thread) 1086 1087 extra_string += "workloop thread: {:#x} ({:#x}) {:s}".format(thread, thread_id, thread_name) 1088 1089 if "filt_timerexpire" in func_name : 1090 knote = Cast(call.tc_param0, 'struct knote *') 1091 kqueue = GetKnoteKqueue(knote) 1092 proc = kqueue.kq_p 1093 proc_name = GetProcName(proc) 1094 proc_pid = GetProcPID(proc) 1095 1096 extra_string += "kq: {:#018x} {:s}[{:d}]".format(kqueue, proc_name, proc_pid) 1097 1098 if "mk_timer_expire" in func_name : 1099 timer = Cast(call.tc_param0, 'struct mk_timer *') 1100 port = timer.port 1101 1102 extra_string += "port: {:#018x} {:s}".format(port, GetPortDestinationSummary(port)) 1103 1104 if "workq_kill_old_threads_call" in func_name : 1105 workq = Cast(call.tc_param0, 'struct workqueue *') 1106 proc = workq.wq_proc 1107 proc_name = GetProcName(proc) 1108 proc_pid = GetProcPID(proc) 1109 1110 extra_string += "{:s}[{:d}]".format(proc_name, proc_pid) 1111 1112 if ("workq_add_new_threads_call" in func_name or 1113 "realitexpire" in func_name): 1114 proc = Cast(call.tc_param0, 'struct proc *') 1115 proc_name = GetProcName(proc) 1116 proc_pid = GetProcPID(proc) 1117 1118 extra_string += "{:s}[{:d}]".format(proc_name, proc_pid) 1119 1120 except: 1121 print("exception generating extra_string for call: {:#018x}".format(call)) 1122 if ShowThreadCall.enable_debug : 1123 raise 1124 1125 if (func_name == "") : 1126 func_name = FindKmodNameForAddr(func) 1127 1128 # e.g. func may be 0 if there is a bug 1129 if func_name is None : 1130 func_name = "No func_name!" 1131 1132 if (call.tc_flags & GetEnumValue('thread_call_flags_t::THREAD_CALL_FLAG_CONTINUOUS')) : 1133 timer_fire = call.tc_pqlink.deadline - (recent_timestamp + kern.globals.mach_absolutetime_asleep) 1134 soft_timer_fire = call.tc_soft_deadline - (recent_timestamp + kern.globals.mach_absolutetime_asleep) 1135 else : 1136 timer_fire = call.tc_pqlink.deadline - recent_timestamp 1137 soft_timer_fire = call.tc_soft_deadline - recent_timestamp 1138 1139 timer_fire_s = kern.GetNanotimeFromAbstime(timer_fire) / 1000000000.0 1140 soft_timer_fire_s = kern.GetNanotimeFromAbstime(soft_timer_fire) / 1000000000.0 1141 1142 hardtogo = "" 1143 softtogo = "" 1144 1145 if call.tc_pqlink.deadline != 0 : 1146 hardtogo = "{:18.06f}".format(timer_fire_s); 1147 1148 if call.tc_soft_deadline != 0 : 1149 softtogo = "{:18.06f}".format(soft_timer_fire_s); 1150 1151 leeway = call.tc_pqlink.deadline - call.tc_soft_deadline 1152 leeway_s = kern.GetNanotimeFromAbstime(leeway) / 1000000000.0 1153 1154 ttd_s = kern.GetNanotimeFromAbstime(call.tc_ttd) / 1000000000.0 1155 1156 if (is_pending) : 1157 pending_time = call.tc_pending_timestamp - recent_timestamp 1158 pending_time = kern.GetNanotimeFromAbstime(pending_time) / 1000000000.0 1159 1160 flags = int(call.tc_flags) 1161 # TODO: extract this out of the thread_call_flags_t enum 1162 thread_call_flags = {0x0:'', 0x1:'A', 0x2:'W', 0x4:'D', 0x8:'R', 0x10:'S', 0x20:'O', 1163 0x40:'P', 0x80:'L', 0x100:'C', 0x200:'V'} 1164 1165 flags_str = '' 1166 mask = 0x1 1167 while mask <= 0x200 : 1168 flags_str += thread_call_flags[int(flags & mask)] 1169 mask = mask << 1 1170 1171 if is_iotes : 1172 flags_str += 'I' 1173 1174 colon = ":" 1175 1176 if pqueue is not None : 1177 if addressof(call.tc_pqlink) == pqueue.pq_root : 1178 colon = "*" 1179 1180 if (is_pending) : 1181 print(("{:s}{:#018x}{:s} {:18d} {:18d} {:18s} {:18s} {:18.06f} {:18.06f} {:18.06f} {:9s} " + 1182 "{:#018x} ({:#018x}, {:#018x}) ({:s}) {:s}").format(prefix, 1183 unsigned(call), colon, call.tc_soft_deadline, call.tc_pqlink.deadline, 1184 softtogo, hardtogo, pending_time, ttd_s, leeway_s, flags_str, 1185 func, param0, param1, func_name, extra_string)) 1186 else : 1187 print(("{:s}{:#018x}{:s} {:18d} {:18d} {:18s} {:18s} {:18.06f} {:18.06f} {:9s} " + 1188 "{:#018x} ({:#018x}, {:#018x}) ({:s}) {:s}").format(prefix, 1189 unsigned(call), colon, call.tc_soft_deadline, call.tc_pqlink.deadline, 1190 softtogo, hardtogo, ttd_s, leeway_s, flags_str, 1191 func, param0, param1, func_name, extra_string)) 1192 1193ShowThreadCall.enable_debug = False 1194 1195@header("{:>18s} {:>18s} {:>18s} {:>18s} {:>18s} {:>18s} {:>18s} {:9s} {:>18s}".format( 1196 "entry", "soft_deadline", "deadline", 1197 "soft to go (s)", "hard to go (s)", "duration (s)", "leeway (s)", "flags", "(*func) (param0, param1)")) 1198def PrintThreadGroup(group): 1199 header = PrintThreadGroup.header 1200 pending_header = "{:>18s} {:>18s} {:>18s} {:>18s} {:>18s} {:>18s} {:>18s} {:9s} {:>18s}".format( 1201 "entry", "soft_deadline", "deadline", 1202 "soft to go (s)", "hard to go (s)", "pending", "duration (s)", "leeway (s)", "flags", "(*func) (param0, param1)") 1203 1204 recent_timestamp = GetRecentTimestamp() 1205 1206 idle_timestamp_distance = group.idle_timestamp - recent_timestamp 1207 idle_timestamp_distance_s = kern.GetNanotimeFromAbstime(idle_timestamp_distance) / 1000000000.0 1208 1209 is_parallel = "" 1210 1211 if (group.tcg_flags & GetEnumValue('thread_call_group_flags_t::TCG_PARALLEL')) : 1212 is_parallel = " (parallel)" 1213 1214 print("Group: {g.tcg_name:s} ({:#18x}){:s}".format(unsigned(group), is_parallel, g=group)) 1215 print("\t" +"Thread Priority: {g.tcg_thread_pri:d}\n".format(g=group)) 1216 print(("\t" +"Active: {g.active_count:<3d} Idle: {g.idle_count:<3d} " + 1217 "Blocked: {g.blocked_count:<3d} Pending: {g.pending_count:<3d} " + 1218 "Target: {g.target_thread_count:<3d}\n").format(g=group)) 1219 1220 if unsigned(group.idle_timestamp) != 0 : 1221 print("\t" +"Idle Timestamp: {g.idle_timestamp:d} ({:03.06f})\n".format(idle_timestamp_distance_s, 1222 g=group)) 1223 1224 print("\t" +"Pending Queue: ({:>#18x})\n".format(addressof(group.pending_queue))) 1225 if not LinkageChainEmpty(group.pending_queue) : 1226 print("\t\t" + pending_header) 1227 for call in ParanoidIterateLinkageChain(group.pending_queue, "thread_call_t", "tc_qlink"): 1228 ShowThreadCall("\t\t", call, recent_timestamp, None, is_pending=True) 1229 1230 print("\t" +"Delayed Queue (Absolute Time): ({:>#18x}) timer: ({:>#18x})\n".format( 1231 addressof(group.delayed_queues[0]), addressof(group.delayed_timers[0]))) 1232 if not LinkageChainEmpty(group.delayed_queues[0]) : 1233 print("\t\t" + header) 1234 for call in ParanoidIterateLinkageChain(group.delayed_queues[0], "thread_call_t", "tc_qlink"): 1235 ShowThreadCall("\t\t", call, recent_timestamp, group.delayed_pqueues[0]) 1236 1237 print("\t" +"Delayed Queue (Continuous Time): ({:>#18x}) timer: ({:>#18x})\n".format( 1238 addressof(group.delayed_queues[1]), addressof(group.delayed_timers[1]))) 1239 if not LinkageChainEmpty(group.delayed_queues[1]) : 1240 print("\t\t" + header) 1241 for call in ParanoidIterateLinkageChain(group.delayed_queues[1], "thread_call_t", "tc_qlink"): 1242 ShowThreadCall("\t\t", call, recent_timestamp, group.delayed_pqueues[1]) 1243 1244def PrintThreadCallThreads() : 1245 callout_flag = GetEnumValue('thread_tag_t::THREAD_TAG_CALLOUT') 1246 recent_timestamp = GetRecentTimestamp() 1247 1248 for thread in IterateQueue(kern.globals.kernel_task.threads, 'thread *', 'task_threads'): 1249 if (thread.thread_tag & callout_flag) : 1250 print(" {:#20x} {:#12x} {:s}".format(thread, thread.thread_id, GetThreadName(thread))) 1251 state = thread.thc_state 1252 if state and state.thc_call : 1253 print("\t" + PrintThreadGroup.header) 1254 ShowThreadCall("\t", state.thc_call, recent_timestamp, None) 1255 soft_deadline = state.thc_call_soft_deadline 1256 slop_time = state.thc_call_hard_deadline - soft_deadline 1257 slop_time = kern.GetNanotimeFromAbstime(slop_time) / 1000000000.0 1258 print("\t original soft deadline {:d}, hard deadline {:d} (leeway {:.06f}s)".format( 1259 soft_deadline, state.thc_call_hard_deadline, slop_time)) 1260 enqueue_time = state.thc_call_pending_timestamp - soft_deadline 1261 enqueue_time = kern.GetNanotimeFromAbstime(enqueue_time) / 1000000000.0 1262 print("\t time to enqueue after deadline: {:.06f}s (enqueued at: {:d})".format( 1263 enqueue_time, state.thc_call_pending_timestamp)) 1264 wait_time = state.thc_call_start - state.thc_call_pending_timestamp 1265 wait_time = kern.GetNanotimeFromAbstime(wait_time) / 1000000000.0 1266 print("\t time to start executing after enqueue: {:.06f}s (executing at: {:d})".format( 1267 wait_time, state.thc_call_start)) 1268 1269 if (state.thc_IOTES_invocation_timestamp) : 1270 iotes_acquire_time = state.thc_IOTES_invocation_timestamp - state.thc_call_start 1271 iotes_acquire_time = kern.GetNanotimeFromAbstime(iotes_acquire_time) / 1000000000.0 1272 print("\t IOTES acquire time: {:.06f}s (acquired at: {:d})".format( 1273 iotes_acquire_time, state.thc_IOTES_invocation_timestamp)) 1274 1275 1276@lldb_command('showcalloutgroup') 1277def ShowCalloutGroup(cmd_args=None): 1278 """ Prints out the pending and delayed thread calls for a specific group 1279 1280 Pass 'threads' to show the thread call threads themselves. 1281 1282 Callout flags: 1283 1284 A - Allocated memory owned by thread_call.c 1285 W - Wait - thread waiting for call to finish running 1286 D - Delayed - deadline based 1287 R - Running - currently executing on a thread 1288 S - Signal - call from timer interrupt instead of thread 1289 O - Once - pend the enqueue if re-armed while running 1290 P - Reschedule pending - enqueue is pending due to re-arm while running 1291 L - Rate-limited - (App Nap) 1292 C - Continuous time - Timeout is in mach_continuous_time 1293 I - Callout is an IOTimerEventSource 1294 """ 1295 if not cmd_args: 1296 print("No arguments passed") 1297 print(ShowCalloutGroup.__doc__) 1298 return False 1299 1300 if "threads" in cmd_args[0] : 1301 PrintThreadCallThreads() 1302 return 1303 1304 group = kern.GetValueFromAddress(cmd_args[0], 'struct thread_call_group *') 1305 if not group: 1306 print("unknown arguments:", str(cmd_args)) 1307 return False 1308 1309 PrintThreadGroup(group) 1310 1311@lldb_command('showallcallouts') 1312def ShowAllCallouts(cmd_args=None): 1313 """ Prints out the pending and delayed thread calls for the thread call groups 1314 1315 Callout flags: 1316 1317 A - Allocated memory owned by thread_call.c 1318 W - Wait - thread waiting for call to finish running 1319 D - Delayed - deadline based 1320 R - Running - currently executing on a thread 1321 S - Signal - call from timer interrupt instead of thread 1322 O - Once - pend the enqueue if re-armed while running 1323 P - Reschedule pending - enqueue is pending due to re-arm while running 1324 L - Rate-limited - (App Nap) 1325 C - Continuous time - Timeout is in mach_continuous_time 1326 I - Callout is an IOTimerEventSource 1327 V - Callout is validly initialized 1328 """ 1329 index_max = GetEnumValue('thread_call_index_t::THREAD_CALL_INDEX_MAX') 1330 1331 for i in range (1, index_max) : 1332 group = addressof(kern.globals.thread_call_groups[i]) 1333 PrintThreadGroup(group) 1334 1335 print("Thread Call Threads:") 1336 PrintThreadCallThreads() 1337 1338# EndMacro: showallcallouts 1339 1340