Bug #13283


mdb-bhyve should lookup against private symbols

Added by Patrick Mooney almost 3 years ago. Updated almost 3 years ago.

mdb - modular debugger
Start date:
Due date:
% Done:


Estimated time:
Gerrit CR:
External Bug:


When using mdb-bhyve against an instance, it's possible to associate symbols with address ranges using ::nmadd. These go into a "private" table, not associated with any object files (relevant since mdb-bhyve is acting on guest memory with no notion of objects). Despite these private symbols existing in the mdb session, they are not used by actions such as $C, when attempting to resolve symbols for a given program counter address. This is because the t_lookup_by_addr hook in mdb-bhyve is a no-op:

        .t_lookup_by_addr =     (int (*)()) mdb_tgt_notsup,

This could be updated to use the private symbol list, allowing for a wider range of debugging possibilities.

Actions #1

Updated by Electric Monk almost 3 years ago

  • Gerrit CR set to 1052
Actions #2

Updated by Patrick Mooney almost 3 years ago

Testing for this change was straightforward. On a platform without it, symbols defined with ::nmadd would not be resolved when present in output such as $C. Similarly, attempting to use those defined names for a dcmd (such as SomeName::dis) would fail as well. With the proposed fix in place, resolution of those private symbols works in a range of contexts ($C, $r, etc), and the private names are able to be resolved to addresses as well.

Actions #3

Updated by Patrick Mooney almost 3 years ago

In a more concrete example, here is a VM loaded with ~20k symbols for its UEFI ROM (which is waiting for input):

[0]> $C
000000001ff79720 CpuDxe.CpuSleep+1()
000000001ff79770 DxeCore.CoreRestoreTpl+0xd3()
000000001ff797b0 DxeCore.CoreReleaseLock+0x89()
000000001ff797e0 DxeCore.CoreSignalEvent+0x50()
000000001ff79840 DxeCore.CoreWaitForEvent+0x6f()
000000001ff79950 Shell.FileInterfaceStdInRead+0x149()
000000001ff799e0 Shell.DoShellPrompt+0x117()
000000001ff79aa0 Shell.UefiMain+0x960()
000000001ff79af0 Shell._ModuleEntryPoint+0x3f()
000000001ff79b80 DxeCore.CoreStartImage+0x296()
000000001ff79c30 BdsDxe.EfiBootManagerBoot+0x515()
000000001ff79c80 BdsDxe.BootBootOptions+0x77()
000000001ff79e80 BdsDxe.BdsEntry+0xc12()
000000001ff79f90 DxeCore.DxeMain+0xa97()
000000001ff79fc0 DxeCore._ModuleEntryPoint+0x14()
000000001bfdc880 DxeIpl.InternalMathLShiftU64()
000000001bfdc900 DxeIpl.HandOffToDxeCore+0x2a2()
000000001bfdca80 DxeIpl.DxeLoadCore+0x51b()
000000001bfdcff0 PeiCore.PeiCore+0x74b()
000000001bfdd560 0x8216d8()
000000000081f610 0x8275c6()
000000000081f6f0 0x827f99()
000000000081fc60 0x8219bc()
000000000081fc90 0x82bc7d()
000000000081fcf0 0xfffccf0d()
000000000081ffd0 0xfffcd107()
00000000fffcc000 0xfffcd151()

Actions #4

Updated by Electric Monk almost 3 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

git commit 814f981e5647bb2970ff701c91b962eb330903dd

commit  814f981e5647bb2970ff701c91b962eb330903dd
Author: Patrick Mooney <>
Date:   2020-11-11T21:11:32.000Z

    13283 mdb-bhyve should lookup against private symbols
    Reviewed by: Robert Mustacchi <>
    Reviewed by: Toomas Soome <>
    Reviewed by: Hans Rosenfeld <>
    Approved by: Dan McDonald <>


Also available in: Atom PDF