llvm::DIInstruction getFilename returns filename with a directory, I just want the filename - llvm

I'm trying to get debugging metadata from an llvm Instruction using the DILocation class.
However, when I query the DILocation for the filename where the instruction came from, I get a filename with a
directory tagged onto the front.
I though it would return just the file
and the entire directory path should be retrieved via a call to getDirectory().
For example, instead of XMain_0.c I end up with pbg/XMain_0.c
I compiled my bitcode like this:
XMain_0.o: pbg/XMain_0.c
$(CC) <snip> -c pbg/XMain_0.c
Does the fact that I passed in my source with a directory on it
mean that the metadata saves the source filename as the input?
Here's a cut down example:
const llvm::Instruction* inst //passed in
MDNode *n = inst->getMetadata("dbg");
DILocation loc(n);
file = loc.getFilename().str(); // => pbg/XMain_0.c
dir = loc.getDirectory().str(); // => /projects/pbg/pbg-m/DIR
Are there calls I can make to "normalize" this data or do I need to do it by hand?
Clang 3.1 if that matters.


I think it depends on the invocation of the compiler. If you run:
clang -c somedir/somefile.c
Then the full somedir/somefile.c will be the filename.
How does your invocation look like?
There is nothing weird about it. The debugger will look for source files relative to some project root, and if you compile files likes this, it's the way they are going to be found. gcc does the same thing:
/tmp$ pwd
/tmp
/tmp$ cat subdir/test.c
int foo() {
return 42;
}
/tmp$ gcc -g -O0 -c subdir/test.c -o test.o
/tmp$ readelf --debug-dump=info test.o | grep -A4 compile_unit
<0><b>: Abbrev Number: 1 (DW_TAG_compile_unit)
<c> DW_AT_producer : (indirect string, offset: 0x0): GNU C 4.6.3
<10> DW_AT_language : 1 (ANSI C)
<11> DW_AT_name : (indirect string, offset: 0xc): subdir/test.c
<15> DW_AT_comp_dir : (indirect string, offset: 0x1a): /tmp

Related

Go-QT Binding: QAbstractAnimation No such file or directory

I am using go-QT binding(https://github.com/therecipe/qt). My code is compiling & working good for amd64 but when I try to cross compile it for arm devices (Raspberrypi), it gives below error. Please advise how to solve this issue
**src/github.com/therecipe/qt/core/core.cpp:9:30: fatal error:
QAbstractAnimation: No such file or directory
compilation terminated.**
Environment Variables
GOARCH="arm"
GOBIN=""
GOEXE=""
GOHOSTARCH="amd64"
GOHOSTOS="linux"
GOOS="linux"
GOPATH="/home/minhaj/GoLang"
GORACE=""
GOROOT="/usr/local/go"
GOTOOLDIR="/usr/local/go/pkg/tool/linux_amd64"
GCCGO="gccgo"
GOARM=""
CC="arm-linux-gnueabi-gcc"
GOGCCFLAGS="-fPIC -marm -pthread -fmessage-length=0 -fdebug-prefix-
map=/tmp/go-build728594690=/tmp/go-build -gno-record-gcc-switches"
CXX="arm-linux-gnueabi-g++"
CGO_ENABLED="1"
PKG_CONFIG="pkg-config"
CGO_CFLAGS="-g -O2"
CGO_CPPFLAGS=""
CGO_CXXFLAGS="-g -O2"
CGO_FFLAGS="-g -O2"
CGO_LDFLAGS="-g -O2"
Compilation Result
go build -v IndoorMass/
crypto
encoding
encoding/base64
crypto/sha256
unicode/utf16
flag
encoding/json
golang.org/x/image/math/fixed
github.com/golang/freetype/raster
golang.org/x/image/font
github.com/icza/mjpeg
github.com/golang/freetype/truetype
github.com/skip2/go-qrcode/bitset
github.com/skip2/go-qrcode/reedsolomon
path/filepath
io/ioutil
github.com/skip2/go-qrcode
container/list
golang.org/x/net/context
github.com/mattn/go-sqlite3
IndoorMass/General
github.com/tidwall/match
github.com/tidwall/gjson
compress/gzip
crypto/subtle
crypto/cipher
crypto/aes
internal/syscall/unix
math/rand
math/big
crypto/rand
crypto/des
crypto/elliptic
crypto/sha512
encoding/asn1
crypto/ecdsa
crypto/hmac
crypto/internal/cipherhw
crypto/md5
crypto/rc4
crypto/rsa
crypto/sha1
crypto/dsa
crypto/x509/pkix
encoding/hex
encoding/pem
internal/nettrace
internal/singleflight
net
crypto/x509
vendor/golang_org/x/crypto/chacha20poly1305/internal/chacha20
vendor/golang_org/x/crypto/poly1305
vendor/golang_org/x/crypto/chacha20poly1305
vendor/golang_org/x/crypto/curve25519
crypto/tls
vendor/golang_org/x/net/http2/hpack
vendor/golang_org/x/net/idna
vendor/golang_org/x/net/lex/httplex
vendor/golang_org/x/text/transform
vendor/golang_org/x/text/unicode/norm
vendor/golang_org/x/text/width
mime
mime/quotedprintable
net/textproto
mime/multipart
net/http/httptrace
net/http/internal
path
net/http
IndoorMass/Server
github.com/kaey/framebuffer
os/exec
github.com/mrmorphic/hwio
github.com/DexterInd/GrovePi/Software/Go/grovepi
IndoorMass/Sensor
github.com/therecipe/qt
github.com/therecipe/qt/core
# github.com/therecipe/qt/core
src/github.com/therecipe/qt/core/core.cpp:9:30: fatal error:
QAbstractAnimation: No such file or directory
compilation terminated.
IndoorMass/DB
IndoorMass/Manager

C++ Name Mangler [duplicate]

Is there any way to get back the mangled name from demangled name in g++.
For example , I have the demangled name func(char*, int), what should I do to get the mangled name i.e _Z4funcPci back?
My question is g++ specific.

You can simply use g++ to compile an empty function with the signature you require and extract the name from that. For example:
echo "int f1(char *, int) {} " | g++ -x c++ -S - -o- | grep "^_.*:$" | sed -e 's/:$//'
gives output
_Z2f1Pci
which is I think what you require. Make sure that you include any relevant header files as they will affect the way the symbols are mangled.

Based on the Bojan Nikolic's approach, here's a better script:
mangle.bash:
IFS='::' read -a array <<< "$1"
indexes=("${!array[#]}")
prefix=""
middle=""
suffix=""
rettype=""
if [ -z "$2" ]; then
rettype="void"
fi
for index in "${indexes[#]}"
do
#echo "$index ${array[index]}"
if [ $index == ${indexes[-1]} ]; then
#echo "last"
middle="$rettype ${array[index]};"
elif [ -n "${array[index]}" ]; then
#echo "not empty"
prefix="${prefix}struct ${array[index]}{"
suffix="${suffix}};"
fi
done
#echo "$prefix$middle$suffix $rettype $1{}"
echo "$prefix$middle$suffix $rettype $1{}" | g++ -x c++ -S - -o- | grep "^_.*:$" | sed -e 's/:$//'
Use:
$ ./mangle.bash "abc::def::ghi()"
_ZN3abc3def3ghiEv
$ ./mangle.bash "abc::def::ghi(int i, char c)"
_ZN3abc3def3ghiEic
$ ./mangle.bash "abc::def::def(int i, char c)" constr
_ZN3abc3defC2Eic
$ ./mangle.bash "abc::def::~def()" destr
_ZN3abc3defD2Ev
But as to constructors and destructors, remember that there are C0 C1 C2 and D0 D1 D2 ones.

What's worst, sometimes you cannot mangle a name because you must get more than one result.
See https://reverseengineering.stackexchange.com/q/4323/4398 (there are multiple destructors in VFT, and all of them are demangled as ClassName::~ClassName()). (The same applies to constructors, I have seen C0 and C2 constructors.)
On the other hand, that answer references the Itanium ABI: https://refspecs.linuxbase.org/cxxabi-1.75.html#mangling-type where mangling is specified.
The itanium-abi Haskell package: it did not work for me (May 2014)
There is a Haskell package
http://hackage.haskell.org/package/itanium-abi
that promises both demangling and mangling, but I could run only the demangling:
Installation on Ubuntu Precise:
sudo aptitude install ghc
sudo aptitude install cabal-install
cabal update
cabal install itanium-abi
Then you run ghci and after import ABI.Itanium and import Data.Either you get:
Prelude ABI.Itanium Data.Either> cxxNameToText $ head (rights [ demangleName "_ZTI13QSystemLocale" ])
"typeinfo for QSystemLocale"
There is mangleName, but it takes a DecodedName which is a data structure rather than a string, and that data structure is produced only by demangleName (unless I overlooked something). Hopefully, this will get better in some future release.
The clang code
I did not try the clang code.

Eclipse - Error in re-setting breakpoint in C++ Project

I'm using Eclipse Juno with the CDT Plugin, but I've tried in Indigo as well and this problem happens there too. I'm on Ubuntu 12.04.
I've created a new C++ project with the following code. I've set a breakpoint on the second line.
#include <iostream>
using namespace std;
int main() {
cout << "Hello world" << endl;
cout << "Hi there" << endl; // I've set a breakpoint here using eclipse
}
And my Makefile is this
CXX := g++
CXXFLAGS := -g -c
LDFLAGS := -g -std=c++11
OBJ_FILES := main.o
.PHONY: all clean
all: $(OBJ_FILES)
$(CXX) $(LDFLAGS) $(OBJ_FILES) -o proj2
main.o: main.cpp
$(CXX) $(CXXFLAGS) main.cpp -o main.o
clean:
rm -rf *.o proj2
When I run this in Debug mode in eclipse, everything builds fine, but when it runs, gdb spits out this message:
Error in re-setting breakpoint 1: Function "/home/gulshan/Code/EECS281Workspace/Project 2/main.cpp:7" not defined.
It might be worth noting that in this case I've unchecked the option eclipse gives you to break at startup, but when that option is check, it is able to break at the first line without any problem.
What's going on? Here is the GDB trace in case that helps.
707,811 2-environment-cd "/home/gulshan/Code/EECS281Workspace/Project 2"
707,811 2^done
707,812 (gdb)
707,812 3-gdb-set breakpoint pending on
707,813 3^done
707,813 (gdb)
707,814 4-gdb-set detach-on-fork on
707,814 4^done
707,814 (gdb)
707,815 5-enable-pretty-printing
707,815 5^done
707,815 (gdb)
707,815 6-gdb-set python print-stack none
707,816 6^done
707,816 (gdb)
707,816 7-gdb-set print object on
707,817 7^done
707,817 (gdb)
707,818 8-gdb-set print sevenbit-strings on
707,818 8^done
707,818 (gdb)
707,818 9-gdb-set host-charset UTF-8
707,818 9^done
707,819 (gdb)
707,819 10-gdb-set target-charset UTF-8
707,819 10^done
707,819 (gdb)
707,820 11-gdb-set target-wide-charset UTF-32
707,820 11^done
707,820 (gdb)
707,820 12source .gdbinit
707,821 &"source .gdbinit\n"
707,821 &".gdbinit: No such file or directory.\n"
707,821 12^error,msg=".gdbinit: No such file or directory."
707,821 (gdb)
707,822 13-gdb-set target-async off
707,822 13^done
707,822 (gdb)
707,823 14-gdb-set auto-solib-add on
707,823 14^done
707,824 (gdb)
707,827 15-file-exec-and-symbols --thread-group i1 "/home/gulshan/Code/EECS281Workspace/Project 2/pr\
oj2"
707,828 15^done
707,828 (gdb)
707,834 16-break-insert --thread-group i1 -f "\"/home/gulshan/Code/EECS281Workspace/Project 2/main.c\
pp\":7"
707,836 16^done,bkpt={number="1",type="breakpoint",disp="keep",enabled="y",addr="0x00000000004007d4"\
,func="main()",file="main.cpp",fullname="/home/gulshan/Code/EECS281Workspace/Project 2/main.cpp",lin\
e="7",times="0",original-location="/home/gulshan/Code/EECS281Workspace/Project 2/main.cpp:7"}
707,837 (gdb)
707,843 17-inferior-tty-set --thread-group i1 /dev/pts/2
707,844 17^done
707,844 (gdb)
707,847 18-exec-run --thread-group i1
707,848 =thread-group-started,id="i1",pid="22982"
707,848 =thread-created,id="1",group-id="i1"
707,848 18^running
707,848 *running,thread-id="all"
707,848 (gdb)
707,849 19-list-thread-groups --available
707,851 =library-loaded,id="/lib64/ld-linux-x86-64.so.2",target-name="/lib64/ld-linux-x86-64.so.2",h\
ost-name="/lib64/ld-linux-x86-64.so.2",symbols-loaded="0",thread-group="i1"
707,870 &"Error in re-setting breakpoint 1: Function \"/home/gulshan/Code/EECS281Workspace/Project 2\
/main.cpp:7\" not defined.\n"
707,872 =breakpoint-modified,bkpt={number="1",type="breakpoint",disp="keep",enabled="n",addr="<PENDI\
NG>",pending="/home/gulshan/Code/EECS281Workspace/Project 2/main.cpp:7",times="0",original-location=\
"/home/gulshan/Code/EECS281Workspace/Project 2/main.cpp:7"}
707,873 =library-loaded,id="/usr/lib/x86_64-linux-gnu/libstdc++.so.6",target-name="/usr/lib/x86_64-l\
inux-gnu/libstdc++.so.6",host-name="/usr/lib/x86_64-linux-gnu/libstdc++.so.6",symbols-loaded="0",thr\
ead-group="i1"
707,874 =library-loaded,id="/lib/x86_64-linux-gnu/libc.so.6",target-name="/lib/x86_64-linux-gnu/libc\
.so.6",host-name="/lib/x86_64-linux-gnu/libc.so.6",symbols-loaded="0",thread-group="i1"
707,874 =library-loaded,id="/lib/x86_64-linux-gnu/libm.so.6",target-name="/lib/x86_64-linux-gnu/libm\
.so.6",host-name="/lib/x86_64-linux-gnu/libm.so.6",symbols-loaded="0",thread-group="i1"
707,874 =library-loaded,id="/lib/x86_64-linux-gnu/libgcc_s.so.1",target-name="/lib/x86_64-linux-gnu/\
libgcc_s.so.1",host-name="/lib/x86_64-linux-gnu/libgcc_s.so.1",symbols-loaded="0",thread-group="i1"
708,269 =thread-exited,id="1",group-id="i1"
708,270 =thread-group-exited,id="i1",exit-code="0"
708,270 *stopped,reason="exited-normally"
708,270 (gdb)
708,278 20-gdb-exit
708,278 21-data-evaluate-expression $_exitcode
708,291 19^error,msg="Quit"
708,291 (gdb)
708,292 20^exit
708,292 22-break-delete --thread-group i1 1

Looks like there's a bug in GDB 7.4 that has a problem with setting breakpoints using paths with spaces: http://sourceware.org/bugzilla/show_bug.cgi?id=13798
I've removed all of the spaces in the path containing the file and it works now.

It may happen also if you have modified the code during a debug session. Just Run/"Remove all breakpoints" solves the problem.

Getting mangled name from demangled name

Is there any way to get back the mangled name from demangled name in g++.
For example , I have the demangled name func(char*, int), what should I do to get the mangled name i.e _Z4funcPci back?
My question is g++ specific.

You can simply use g++ to compile an empty function with the signature you require and extract the name from that. For example:
echo "int f1(char *, int) {} " | g++ -x c++ -S - -o- | grep "^_.*:$" | sed -e 's/:$//'
gives output
_Z2f1Pci
which is I think what you require. Make sure that you include any relevant header files as they will affect the way the symbols are mangled.

Based on the Bojan Nikolic's approach, here's a better script:
mangle.bash:
IFS='::' read -a array <<< "$1"
indexes=("${!array[#]}")
prefix=""
middle=""
suffix=""
rettype=""
if [ -z "$2" ]; then
rettype="void"
fi
for index in "${indexes[#]}"
do
#echo "$index ${array[index]}"
if [ $index == ${indexes[-1]} ]; then
#echo "last"
middle="$rettype ${array[index]};"
elif [ -n "${array[index]}" ]; then
#echo "not empty"
prefix="${prefix}struct ${array[index]}{"
suffix="${suffix}};"
fi
done
#echo "$prefix$middle$suffix $rettype $1{}"
echo "$prefix$middle$suffix $rettype $1{}" | g++ -x c++ -S - -o- | grep "^_.*:$" | sed -e 's/:$//'
Use:
$ ./mangle.bash "abc::def::ghi()"
_ZN3abc3def3ghiEv
$ ./mangle.bash "abc::def::ghi(int i, char c)"
_ZN3abc3def3ghiEic
$ ./mangle.bash "abc::def::def(int i, char c)" constr
_ZN3abc3defC2Eic
$ ./mangle.bash "abc::def::~def()" destr
_ZN3abc3defD2Ev
But as to constructors and destructors, remember that there are C0 C1 C2 and D0 D1 D2 ones.

What's worst, sometimes you cannot mangle a name because you must get more than one result.
See https://reverseengineering.stackexchange.com/q/4323/4398 (there are multiple destructors in VFT, and all of them are demangled as ClassName::~ClassName()). (The same applies to constructors, I have seen C0 and C2 constructors.)
On the other hand, that answer references the Itanium ABI: https://refspecs.linuxbase.org/cxxabi-1.75.html#mangling-type where mangling is specified.
The itanium-abi Haskell package: it did not work for me (May 2014)
There is a Haskell package
http://hackage.haskell.org/package/itanium-abi
that promises both demangling and mangling, but I could run only the demangling:
Installation on Ubuntu Precise:
sudo aptitude install ghc
sudo aptitude install cabal-install
cabal update
cabal install itanium-abi
Then you run ghci and after import ABI.Itanium and import Data.Either you get:
Prelude ABI.Itanium Data.Either> cxxNameToText $ head (rights [ demangleName "_ZTI13QSystemLocale" ])
"typeinfo for QSystemLocale"
There is mangleName, but it takes a DecodedName which is a data structure rather than a string, and that data structure is produced only by demangleName (unless I overlooked something). Hopefully, this will get better in some future release.
The clang code
I did not try the clang code.

How to log all commands run By system() System Call

I am trying to debug a C++ application which invokes many command line applications such as grep, etc through a the system() system call. I need to see all the commands the application is executing through the system() call.
I tried to view these commands by enabling history and view the .history file. But these commands are not executed through a terminal. The history file has only the commands executed interactively.
Any idea how this can be done?

Define a new macro with similar name:
#define system(_x) std::cout << _x << std::endl; (system)(_x);
The system macro replaces the system function and:
It prints the command to the standard output (or elsewhere).
It calls the system function.
Thanks to Hasturkun's suggestion, the following is better:
#define system(_x) (std::cout << (_x) << std::endl, system(_x))
That returns the result of system function call, too ;-)

To trace every command executed by "yourProgram":
truss -s!all -daDf -t exec yourProgram
eg:
$ truss -s!all -daDf -t exec sh -c "/bin/echo hello world;/bin/date"
Base time stamp: 1282164973.7245 [ Wed Aug 18 22:56:13 CEST 2010 ]
5664: 0.0000 0.0000 execve("/usr/bin/i86/ksh93", 0x080471DC, 0x080471EC) argc = 3
5664: argv: sh -c /bin/echo hello world;/bin/date
5665: 0.0106 0.0106 execve("/bin/echo", 0x08067484, 0x080674F8) argc = 3
5665: argv: /bin/echo hello world
hello world
5664: 0.0126 0.0126 execve("/bin/date", 0x080674E0, 0x080674F8) argc = 1
5664: argv: /bin/date
Wed Aug 18 22:56:13 CEST 2010
If you want to correlate these execs to system() calls, you can use that command:
truss -t execve -f -u 'libc:system' yourProgram
eg:
$ cat a.c
main()
{
system("echo a b c");
system("pwd");
}
$ truss -t execve -f -u 'libc:system' ./a
20073: execve("a", 0x08047240, 0x08047248) argc = 1
20073/1#1: -> libc:system(0x8050a5c, 0x0)
20074/1: execve("/bin/sh", 0x080471BC, 0x08047248) argc = 3
a b c
20073/1#1: <- libc:system() = 0
20073/1#1: -> libc:system(0x8050a68, 0x0)
20076/1: execve("/bin/sh", 0x080471BC, 0x08047248) argc = 3
/tmp
20073/1#1: <- libc:system() = 0
Finally, if you are using Solaris 10 or newer, you can use Dtrace for this task like this:
dtrace -Z -q -c yourProgram -n ' pid$target:libc:system:entry { printf("system(\"%s\")\n", copyinstr(arg0)); } '
which will give that output with the same "a" code:
a b c
/tmp
system("echo a b c")
system("pwd")
PS: By the way system() isn't a system call but a standard library function.

You can use truss or strace (Not sure which one comes with Solaris) to run the program and trace the calls to system.
For truss the relevant command will be something like truss -caf program_name