Ways to detect rr using GDB's Python API

Robert O'Callahan robert at ocallahan.org
Thu May 31 22:58:43 UTC 2018


On Fri, Jun 1, 2018 at 10:37 AM, Dominik Czarnota <
dominik.b.czarnota at gmail.com> wrote:

> What are the ways to detect rr through GDB's Python API?
> I am aware of `gdb.execute('show prompt')` or checking if memory mappings
> points to /usr/lib/rr/* - but is there any better way?
>
> I need it as Pwndbg - a GDB plugin for asm debugging/reverse engineering (
> https://github.com/pwndbg/pwndbg) I am developing doesn't work with rr
> right now (see https://github.com/pwndbg/pwndbg/issues/476).
>

When a user does a function call into debuggee code, rr has to do special
magic, and the only way to detect that is happening is when gdb reads
siginfo before the call and writes it afterward. So printing $_siginfo
triggers rr's heuristics and can mess things up, unfortunately. So it would
be good to avoid using that when running with rr.

Can you test for the existence of `RRCmd`? rr defines that in its Python
code in its gdbinit (see `rr gdbinit`).

Rob
-- 
Su ot deraeppa sah dna Rehtaf eht htiw saw hcihw, efil lanrete eht uoy ot
mialcorp ew dna, ti ot yfitset dna ti nees evah ew; deraeppa efil eht. Efil
fo Drow eht gninrecnoc mialcorp ew siht - dehcuot evah sdnah ruo dna ta
dekool evah ew hcihw, seye ruo htiw nees evah ew hcihw, draeh evah ew
hcihw, gninnigeb eht morf saw hcihw taht.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.mozilla.org/pipermail/rr-dev/attachments/20180601/06f5c6be/attachment.html>


More information about the rr-dev mailing list