I would suggest using python here. You can make a new LLDB command in a python
file and then "command script import /path/to/my/file.py". This python script
would install a new command and you can then just run that command. Happy to
help you get this script working off the mailing lists if you need help.
In the python you might be able to do something a bit smarter than trying to
subtract 24 from the PC. This if very error prone because opcodes for x86 vary
in size and this value might be in the middle of an opcode. It might be better
to get the function for the current PC and get its instructions in python:
>>> pc = frame.GetPCAddress()
>>> print(pc)
a.out`main + 36 [inlined] squares(int, int) at main.cpp:17
a.out`main + 36 at main.cpp:17
>>> function = pc.GetFunction()
>>> if not function.IsValid():
... function = pc.GetSymbol()
...
>>> print(function)
SBFunction: id = 0x7fff0122, name = main, type = main
Now "function" is either a lldb.SBFunction or lldb.SBSymbol. Both types have a
"GetInstructions(...)" method which can be used to grab a
lldb.SBInstructionList for all instructions in that function or symbol:
>>> instructions = function.GetInstructions(target)
>>> for instruction in instructions:
... print(instruction)
...
a.out[0x10f10]: pushq %rbp
a.out[0x10f11]: movq %rsp, %rbp
a.out[0x10f14]: subq $0x30, %rsp
a.out[0x10f18]: movl $0x0, -0x1c(%rbp)
a.out[0x10f1f]: movl %edi, -0x20(%rbp)
a.out[0x10f22]: movq %rsi, -0x28(%rbp)
a.out[0x10f26]: movl $0xa, -0xc(%rbp)
a.out[0x10f2d]: movl $0x14, -0x10(%rbp)
a.out[0x10f34]: movl -0xc(%rbp), %eax
a.out[0x10f37]: movl %eax, -0x8(%rbp)
a.out[0x10f3a]: movl -0x8(%rbp), %eax
a.out[0x10f3d]: imull -0x8(%rbp), %eax
a.out[0x10f41]: movl %eax, -0x14(%rbp)
a.out[0x10f44]: movl -0x10(%rbp), %eax
a.out[0x10f47]: movl %eax, -0x4(%rbp)
a.out[0x10f4a]: movl -0x4(%rbp), %eax
a.out[0x10f4d]: imull -0x4(%rbp), %eax
a.out[0x10f51]: movl %eax, -0x18(%rbp)
a.out[0x10f54]: movl -0x18(%rbp), %eax
a.out[0x10f57]: addl -0x14(%rbp), %eax
a.out[0x10f5a]: movl %eax, -0x14(%rbp)
a.out[0x10f5d]: movl -0x14(%rbp), %eax
a.out[0x10f60]: movl %eax, -0x2c(%rbp)
a.out[0x10f63]: movl -0x2c(%rbp), %esi
a.out[0x10f66]: leaq 0x35(%rip), %rdi
a.out[0x10f6d]: movb $0x0, %al
a.out[0x10f6f]: callq 0x10f82
a.out[0x10f74]: xorl %ecx, %ecx
a.out[0x10f76]: movl %eax, -0x30(%rbp)
a.out[0x10f79]: movl %ecx, %eax
a.out[0x10f7b]: addq $0x30, %rsp
a.out[0x10f7f]: popq %rbp
a.out[0x10f80]: retq
Each "instruction" is a "lldb.SBInstruction" that has a "GetAddress()" method
which returns the lldb.SBAddress for that instruction. You can compare that to
the PC value:
>>> for instruction in instructions:
... if instruction.GetAddress() == pc:
... print(instruction)
...
a.out[0x10f34]: movl -0xc(%rbp), %eax
So you can use this to find the index of the instruction that the PC is at
within "instructions":
>>> for (i, instruction) in enumerate(instructions):
... if instruction.GetAddress() == pc:
... print(instruction)
... break
...
a.out[0x10f34]: movl -0xc(%rbp), %eax
>>> print(i)
8
Now you can backup as many instructions as you want and not fear that you will
end up in the middle of an x86 instruction.
Greg
> On Sep 24, 2020, at 10:30 AM, Ted Woodward via lldb-dev
> wrote:
>
> I have a very simple lldb script:
>
> thread select 1
> disassemble --start-address $pc-24 --end-address $pc+24
>
>
> When I run lldb with -o “process launch -s” and -s “dis.lldb”, I get odd
> output – the disassembly from “thread select 1” and from the disassemble
> command run together.
>
> This is what I see with top-of-tree on Ubuntu 16:
>
> bin/lldb /bin/ls -o "process launch -s" -s dis.lldb
> (lldb) target create "/bin/ls"
> Current executable set to '/bin/ls' (x86_64).
> (lldb) process launch -s
> Process 32258 launched: '/bin/ls' (x86_64)
> (lldb) command source -s 0 'dis.lldb'
> Executing commands in '/local/mnt/ted/tip/full/dis.lldb'.
> (lldb) thread select 1
> (lldb) disassemble --start-address $pc-24 --end-address $pc+24
> * thread #1, name = 'ls', stop reason = signal SIGSTOP
> frame #0: 0x77dd7c30 ld-2.23.so`_start
> ld-2.23.so`_start:
> -> 0x77dd7c30 <+0>: movq %rsp, %rdi
> 0x77dd7c33 <+3>: callq 0x77dd89b0; _dl_start at
> rtld.c:353
>
> ld-2.23.so`_dl_start_user:
> 0x77dd7c38 <+0>: movq %rax, %r12
> 0x77dd7c3b <+3>: movl 0x225037(%rip), %eax ; _dl_skip_args
> ld-2.23.so`oom:
> 0x77dd7c18 <+13>: xorl %eax, %eax
> 0x77dd7c1a <+15>: callq 0x77de88f0; _dl_dprintf at
> dl-misc.c:275
> 0x77dd7c1f <+20>: movl $0x7f, %edi
> 0x77dd7c24 <+25>: callq 0x77df24f0; __GI__exit at
> _exit.c:27
> 0x77dd7c29:
