python-docs-id/howto/remote_debugging.po at 3.14 · python/python-docs-id

History

864 lines (730 loc) · 29.1 KB

Raw

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

281

282

283

284

285

286

287

288

289

290

291

292

293

294

295

296

297

298

299

300

301

302

303

304

305

306

307

308

309

310

311

312

313

314

315

316

317

318

319

320

321

322

323

324

325

326

327

328

329

330

331

332

333

334

335

336

337

338

339

340

341

342

343

344

345

346

347

348

349

350

351

352

353

354

355

356

357

358

359

360

361

362

363

364

365

366

367

368

369

370

371

372

373

374

375

376

377

378

379

380

381

382

383

384

385

386

387

388

389

390

391

392

393

394

395

396

397

398

399

400

401

402

403

404

405

406

407

408

409

410

411

412

413

414

415

416

417

418

419

420

421

422

423

424

425

426

427

428

429

430

431

432

433

434

435

436

437

438

439

440

441

442

443

444

445

446

447

448

449

450

451

452

453

454

455

456

457

458

459

460

461

462

463

464

465

466

467

468

469

470

471

472

473

474

475

476

477

478

479

480

481

482

483

484

485

486

487

488

489

490

491

492

493

494

495

496

497

498

499

500

501

502

503

504

505

506

507

508

509

510

511

512

513

514

515

516

517

518

519

520

521

522

523

524

525

526

527

528

529

530

531

532

533

534

535

536

537

538

539

540

541

542

543

544

545

546

547

548

549

550

551

552

553

554

555

556

557

558

559

560

561

562

563

564

565

566

567

568

569

570

571

572

573

574

575

576

577

578

579

580

581

582

583

584

585

586

587

588

589

590

591

592

593

594

595

596

597

598

599

600

601

602

603

604

605

606

607

608

609

610

611

612

613

614

615

616

617

618

619

620

621

622

623

624

625

626

627

628

629

630

631

632

633

634

635

636

637

638

639

640

641

642

643

644

645

646

647

648

649

650

651

652

653

654

655

656

657

658

659

660

661

662

663

664

665

666

667

668

669

670

671

672

673

674

675

676

677

678

679

680

681

682

683

684

685

686

687

688

689

690

691

692

693

694

695

696

697

698

699

700

701

702

703

704

705

706

707

708

709

710

711

712

713

714

715

716

717

718

719

720

721

722

723

724

725

726

727

728

729

730

731

732

733

734

735

736

737

738

739

740

741

742

743

744

745

746

747

748

749

750

751

752

753

754

755

756

757

758

759

760

761

762

763

764

765

766

767

768

769

770

771

772

773

774

775

776

777

778

779

780

781

782

783

784

785

786

787

788

789

790

791

792

793

794

795

796

797

798

799

800

801

802

803

804

805

806

807

808

809

810

811

812

813

814

815

816

817

818

819

820

821

822

823

824

825

826

827

828

829

830

831

832

833

834

835

836

837

838

839

840

841

842

843

844

845

846

847

848

849

850

851

852

853

854

855

856

857

858

859

860

861

862

863

864

# SOME DESCRIPTIVE TITLE.

# This file is distributed under the same license as the Python package.

# FIRST AUTHOR <EMAIL@ADDRESS>, YEAR.

# Translators:

# python-doc bot, 2025

#, fuzzy

msgid ""

msgstr ""

"Project-Id-Version: Python 3.14\n"

"Report-Msgid-Bugs-To: \n"

"POT-Creation-Date: 2026-03-25 14:54+0000\n"

"PO-Revision-Date: 2025-09-16 00:00+0000\n"

"Last-Translator: python-doc bot, 2025\n"

"Language-Team: Indonesian (https://app.transifex.com/python-doc/teams/5390/"

"id/)\n"

"MIME-Version: 1.0\n"

"Content-Type: text/plain; charset=UTF-8\n"

"Content-Transfer-Encoding: 8bit\n"

"Language: id\n"

"Plural-Forms: nplurals=1; plural=0;\n"

msgid "Remote debugging attachment protocol"

msgstr ""

msgid ""

"This protocol enables external tools to attach to a running CPython process "

"and execute Python code remotely."

msgstr ""

msgid ""

"Most platforms require elevated privileges to attach to another Python "

"process."

msgstr ""

msgid "Disabling remote debugging"

msgstr ""

msgid "To disable remote debugging support, use any of the following:"

msgstr ""

msgid ""

"Set the :envvar:`PYTHON_DISABLE_REMOTE_DEBUG` environment variable to ``1`` "

"before starting the interpreter."

msgstr ""

msgid "Use the :option:`-X disable_remote_debug` command-line option."

msgstr ""

msgid "Compile Python with the :option:`--without-remote-debug` build flag."

msgstr ""

msgid "Permission requirements"

msgstr ""

msgid ""

"Attaching to a running Python process for remote debugging requires elevated "

"privileges on most platforms. The specific requirements and troubleshooting "

"steps depend on your operating system:"

msgstr ""

msgid "Linux"

msgstr ""

msgid ""

"The tracer process must have the ``CAP_SYS_PTRACE`` capability or equivalent "

"privileges. You can only trace processes you own and can signal. Tracing may "

"fail if the process is already being traced, or if it is running with set-"

"user-ID or set-group-ID. Security modules like Yama may further restrict "

"tracing."

msgstr ""

msgid "To temporarily relax ptrace restrictions (until reboot), run:"

msgstr ""

msgid "``echo 0 | sudo tee /proc/sys/kernel/yama/ptrace_scope``"

msgstr ""

msgid ""

"Disabling ``ptrace_scope`` reduces system hardening and should only be done "

"in trusted environments."

msgstr ""

msgid ""

"If running inside a container, use ``--cap-add=SYS_PTRACE`` or ``--"

"privileged``, and run as root if needed."

msgstr ""

msgid "Try re-running the command with elevated privileges:"

msgstr ""

msgid "``sudo -E !!``"

msgstr ""

msgid "macOS"

msgstr "macOS"

msgid ""

"To attach to another process, you typically need to run your debugging tool "

"with elevated privileges. This can be done by using ``sudo`` or running as "

"root."

msgstr ""

msgid ""

"Even when attaching to processes you own, macOS may block debugging unless "

"the debugger is run with root privileges due to system security restrictions."

msgstr ""

msgid "Windows"

msgstr "Windows"

msgid ""

"To attach to another process, you usually need to run your debugging tool "

"with administrative privileges. Start the command prompt or terminal as "

"Administrator."

msgstr ""

msgid ""

"Some processes may still be inaccessible even with Administrator rights, "

"unless you have the ``SeDebugPrivilege`` privilege enabled."

msgstr ""

msgid ""

"To resolve file or folder access issues, adjust the security permissions:"

msgstr ""

msgid "Right-click the file or folder and select **Properties**."

msgstr ""

msgid "Go to the **Security** tab to view users and groups with access."

msgstr ""

msgid "Click **Edit** to modify permissions."

msgstr ""

msgid "Select your user account."

msgstr ""

msgid "In **Permissions**, check **Read** or **Full control** as needed."

msgstr ""

msgid "Click **Apply**, then **OK** to confirm."

msgstr ""

msgid ""

"Ensure you've satisfied all :ref:`permission-requirements` before proceeding."

msgstr ""

msgid ""

"This section describes the low-level protocol that enables external tools to "

"inject and execute a Python script within a running CPython process."

msgstr ""

msgid ""

"This mechanism forms the basis of the :func:`sys.remote_exec` function, "

"which instructs a remote Python process to execute a ``.py`` file. However, "

"this section does not document the usage of that function. Instead, it "

"provides a detailed explanation of the underlying protocol, which takes as "

"input the ``pid`` of a target Python process and the path to a Python source "

"file to be executed. This information supports independent reimplementation "

"of the protocol, regardless of programming language."

msgstr ""

msgid ""

"The execution of the injected script depends on the interpreter reaching a "

"safe evaluation point. As a result, execution may be delayed depending on "

"the runtime state of the target process."

msgstr ""

msgid ""

"Once injected, the script is executed by the interpreter within the target "

"process the next time a safe evaluation point is reached. This approach "

"enables remote execution capabilities without modifying the behavior or "

"structure of the running Python application."

msgstr ""

msgid ""

"Subsequent sections provide a step-by-step description of the protocol, "

"including techniques for locating interpreter structures in memory, safely "

"accessing internal fields, and triggering code execution. Platform-specific "

"variations are noted where applicable, and example implementations are "

"included to clarify each operation."

msgstr ""

msgid "Locating the PyRuntime structure"

msgstr ""

msgid ""

"CPython places the ``PyRuntime`` structure in a dedicated binary section to "

"help external tools find it at runtime. The name and format of this section "

"vary by platform. For example, ``.PyRuntime`` is used on ELF systems, and "

"``__DATA,__PyRuntime`` is used on macOS. Tools can find the offset of this "

"structure by examining the binary on disk."

msgstr ""

msgid ""

"The ``PyRuntime`` structure contains CPython’s global interpreter state and "

"provides access to other internal data, including the list of interpreters, "

"thread states, and debugger support fields."

msgstr ""

msgid ""

"To work with a remote Python process, a debugger must first find the memory "

"address of the ``PyRuntime`` structure in the target process. This address "

"can’t be hardcoded or calculated from a symbol name, because it depends on "

"where the operating system loaded the binary."

msgstr ""

msgid ""

"The method for finding ``PyRuntime`` depends on the platform, but the steps "

"are the same in general:"

msgstr ""

msgid ""

"Find the base address where the Python binary or shared library was loaded "

"in the target process."

msgstr ""

msgid ""

"Use the on-disk binary to locate the offset of the ``.PyRuntime`` section."

msgstr ""

msgid ""

"Add the section offset to the base address to compute the address in memory."

msgstr ""

msgid ""

"The sections below explain how to do this on each supported platform and "

"include example code."

msgstr ""

msgid "Linux (ELF)"

msgstr ""

msgid "To find the ``PyRuntime`` structure on Linux:"

msgstr ""

msgid ""

"Read the process’s memory map (for example, ``/proc/<pid>/maps``) to find "

"the address where the Python executable or ``libpython`` was loaded."

msgstr ""

msgid ""

"Parse the ELF section headers in the binary to get the offset of the ``."

"PyRuntime`` section."

msgstr ""

msgid ""

"Add that offset to the base address from step 1 to get the memory address of "

"``PyRuntime``."

msgstr ""

msgid "The following is an example implementation::"

msgstr ""

msgid ""

"def find_py_runtime_linux(pid: int) -> int:\n"

" # Step 1: Try to find the Python executable in memory\n"

" binary_path, base_address = find_mapped_binary(\n"

" pid, name_contains=\"python\"\n"

" )\n"

"\n"

" # Step 2: Fallback to shared library if executable is not found\n"

" if binary_path is None:\n"

" binary_path, base_address = find_mapped_binary(\n"

" pid, name_contains=\"libpython\"\n"

" )\n"

"\n"

" # Step 3: Parse ELF headers to get .PyRuntime section offset\n"

" section_offset = parse_elf_section_offset(\n"

" binary_path, \".PyRuntime\"\n"

" )\n"

"\n"

" # Step 4: Compute PyRuntime address in memory\n"

" return base_address + section_offset"

msgstr ""

msgid ""

"On Linux systems, there are two main approaches to read memory from another "

"process. The first is through the ``/proc`` filesystem, specifically by "

"reading from ``/proc/[pid]/mem`` which provides direct access to the "

"process's memory. This requires appropriate permissions - either being the "

"same user as the target process or having root access. The second approach "

"is using the ``process_vm_readv()`` system call which provides a more "

"efficient way to copy memory between processes. While ptrace's "

"``PTRACE_PEEKTEXT`` operation can also be used to read memory, it is "

"significantly slower as it only reads one word at a time and requires "

"multiple context switches between the tracer and tracee processes."

msgstr ""

msgid ""

"For parsing ELF sections, the process involves reading and interpreting the "

"ELF file format structures from the binary file on disk. The ELF header "

"contains a pointer to the section header table. Each section header contains "

"metadata about a section including its name (stored in a separate string "

"table), offset, and size. To find a specific section like .PyRuntime, you "

"need to walk through these headers and match the section name. The section "

"header then provides the offset where that section exists in the file, which "

"can be used to calculate its runtime address when the binary is loaded into "

"memory."

msgstr ""

msgid ""

"You can read more about the ELF file format in the `ELF specification "

"<https://en.wikipedia.org/wiki/Executable_and_Linkable_Format>`_."

msgstr ""

msgid "macOS (Mach-O)"

msgstr ""

msgid "To find the ``PyRuntime`` structure on macOS:"

msgstr ""

msgid ""

"Call ``task_for_pid()`` to get the ``mach_port_t`` task port for the target "

"process. This handle is needed to read memory using APIs like "

"``mach_vm_read_overwrite`` and ``mach_vm_region``."

msgstr ""

msgid ""

"Scan the memory regions to find the one containing the Python executable or "

"``libpython``."

msgstr ""

msgid ""

"Load the binary file from disk and parse the Mach-O headers to find the "

"section named ``PyRuntime`` in the ``__DATA`` segment. On macOS, symbol "

"names are automatically prefixed with an underscore, so the ``PyRuntime`` "

"symbol appears as ``_PyRuntime`` in the symbol table, but the section name "

"is not affected."

msgstr ""

msgid ""

"def find_py_runtime_macos(pid: int) -> int:\n"

" # Step 1: Get access to the process's memory\n"

" handle = get_memory_access_handle(pid)\n"

"\n"

" # Step 2: Try to find the Python executable in memory\n"

" binary_path, base_address = find_mapped_binary(\n"

" handle, name_contains=\"python\"\n"

" )\n"

"\n"

" # Step 3: Fallback to libpython if the executable is not found\n"

" if binary_path is None:\n"

" binary_path, base_address = find_mapped_binary(\n"

" handle, name_contains=\"libpython\"\n"

" )\n"

"\n"

" # Step 4: Parse Mach-O headers to get __DATA,__PyRuntime section offset\n"

" section_offset = parse_macho_section_offset(\n"

" binary_path, \"__DATA\", \"__PyRuntime\"\n"

" )\n"

"\n"

" # Step 5: Compute the PyRuntime address in memory\n"

" return base_address + section_offset"

msgstr ""

msgid ""

"On macOS, accessing another process's memory requires using Mach-O specific "

"APIs and file formats. The first step is obtaining a ``task_port`` handle "

"via ``task_for_pid()``, which provides access to the target process's memory "

"space. This handle enables memory operations through APIs like "

"``mach_vm_read_overwrite()``."

msgstr ""

msgid ""

"The process memory can be examined using ``mach_vm_region()`` to scan "

"through the virtual memory space, while ``proc_regionfilename()`` helps "

"identify which binary files are loaded at each memory region. When the "

"Python binary or library is found, its Mach-O headers need to be parsed to "

"locate the ``PyRuntime`` structure."

msgstr ""

msgid ""

"The Mach-O format organizes code and data into segments and sections. The "

"``PyRuntime`` structure lives in a section named ``__PyRuntime`` within the "

"``__DATA`` segment. The actual runtime address calculation involves finding "

"the ``__TEXT`` segment which serves as the binary's base address, then "

"locating the ``__DATA`` segment containing our target section. The final "

"address is computed by combining the base address with the appropriate "

"section offsets from the Mach-O headers."

msgstr ""

msgid ""

"Note that accessing another process's memory on macOS typically requires "

"elevated privileges - either root access or special security entitlements "

"granted to the debugging process."

msgstr ""

msgid "Windows (PE)"

msgstr ""

msgid "To find the ``PyRuntime`` structure on Windows:"

msgstr ""

msgid ""

"Use the ToolHelp API to enumerate all modules loaded in the target process. "

"This is done using functions such as `CreateToolhelp32Snapshot <https://"

"learn.microsoft.com/en-us/windows/win32/api/tlhelp32/nf-tlhelp32-"

"createtoolhelp32snapshot>`_, `Module32First <https://learn.microsoft.com/en-"

"us/windows/win32/api/tlhelp32/nf-tlhelp32-module32first>`_, and "

"`Module32Next <https://learn.microsoft.com/en-us/windows/win32/api/tlhelp32/"

"nf-tlhelp32-module32next>`_."

msgstr ""

msgid ""

"Identify the module corresponding to :file:`python.exe` or :file:`python{XY}."

"dll`, where ``X`` and ``Y`` are the major and minor version numbers of the "

"Python version, and record its base address."

msgstr ""

msgid ""

"Locate the ``PyRuntim`` section. Due to the PE format's 8-character limit on "

"section names (defined as ``IMAGE_SIZEOF_SHORT_NAME``), the original name "

"``PyRuntime`` is truncated. This section contains the ``PyRuntime`` "

"structure."

msgstr ""

msgid ""

"Retrieve the section’s relative virtual address (RVA) and add it to the base "

"address of the module."

msgstr ""

msgid ""

"def find_py_runtime_windows(pid: int) -> int:\n"

" # Step 1: Try to find the Python executable in memory\n"

" binary_path, base_address = find_loaded_module(\n"

" pid, name_contains=\"python\"\n"

" )\n"

"\n"

" # Step 2: Fallback to shared pythonXY.dll if the executable is not\n"

" # found\n"

" if binary_path is None:\n"

" binary_path, base_address = find_loaded_module(\n"

" pid, name_contains=\"python3\"\n"

" )\n"

"\n"

" # Step 3: Parse PE section headers to get the RVA of the PyRuntime\n"

" # section. The section name appears as \"PyRuntim\" due to the\n"

" # 8-character limit defined by the PE format (IMAGE_SIZEOF_SHORT_NAME).\n"

" section_rva = parse_pe_section_offset(binary_path, \"PyRuntim\")\n"

"\n"

" # Step 4: Compute PyRuntime address in memory\n"

" return base_address + section_rva"

msgstr ""

msgid ""

"On Windows, accessing another process's memory requires using the Windows "

"API functions like ``CreateToolhelp32Snapshot()`` and ``Module32First()/"

"Module32Next()`` to enumerate loaded modules. The ``OpenProcess()`` function "

"provides a handle to access the target process's memory space, enabling "

"memory operations through ``ReadProcessMemory()``."

msgstr ""

msgid ""

"The process memory can be examined by enumerating loaded modules to find the "

"Python binary or DLL. When found, its PE headers need to be parsed to locate "

"the ``PyRuntime`` structure."

msgstr ""

msgid ""

"The PE format organizes code and data into sections. The ``PyRuntime`` "

"structure lives in a section named \"PyRuntim\" (truncated from "

"\"PyRuntime\" due to PE's 8-character name limit). The actual runtime "

"address calculation involves finding the module's base address from the "

"module entry, then locating our target section in the PE headers. The final "

"address is computed by combining the base address with the section's virtual "

"address from the PE section headers."

msgstr ""

msgid ""

"Note that accessing another process's memory on Windows typically requires "

"appropriate privileges - either administrative access or the "

"``SeDebugPrivilege`` privilege granted to the debugging process."

msgstr ""

msgid "Reading _Py_DebugOffsets"

msgstr ""

msgid ""

"Once the address of the ``PyRuntime`` structure has been determined, the "

"next step is to read the ``_Py_DebugOffsets`` structure located at the "

"beginning of the ``PyRuntime`` block."

msgstr ""

msgid ""

"This structure provides version-specific field offsets that are needed to "

"safely read interpreter and thread state memory. These offsets vary between "

"CPython versions and must be checked before use to ensure they are "

"compatible."

msgstr ""

msgid "To read and check the debug offsets, follow these steps:"

msgstr ""

msgid ""

"Read memory from the target process starting at the ``PyRuntime`` address, "

"covering the same number of bytes as the ``_Py_DebugOffsets`` structure. "

"This structure is located at the very start of the ``PyRuntime`` memory "

"block. Its layout is defined in CPython’s internal headers and stays the "

"same within a given minor version, but may change in major versions."

msgstr ""

msgid "Check that the structure contains valid data:"

msgstr ""

msgid "The ``cookie`` field must match the expected debug marker."

msgstr ""

msgid ""

"The ``version`` field must match the version of the Python interpreter used "

"by the debugger."

msgstr ""

msgid ""

"If either the debugger or the target process is using a pre-release version "

"(for example, an alpha, beta, or release candidate), the versions must match "

"exactly."

msgstr ""

msgid ""

"The ``free_threaded`` field must have the same value in both the debugger "

"and the target process."

msgstr ""

msgid ""

"If the structure is valid, the offsets it contains can be used to locate "

"fields in memory. If any check fails, the debugger should stop the operation "

"to avoid reading memory in the wrong format."

msgstr ""

msgid ""

"The following is an example implementation that reads and checks "

"``_Py_DebugOffsets``::"

msgstr ""

msgid ""

"def read_debug_offsets(pid: int, py_runtime_addr: int) -> DebugOffsets:\n"

" # Step 1: Read memory from the target process at the PyRuntime address\n"

" data = read_process_memory(\n"

" pid, address=py_runtime_addr, size=DEBUG_OFFSETS_SIZE\n"

" )\n"

"\n"

" # Step 2: Deserialize the raw bytes into a _Py_DebugOffsets structure\n"

" debug_offsets = parse_debug_offsets(data)\n"

"\n"

" # Step 3: Validate the contents of the structure\n"

" if debug_offsets.cookie != EXPECTED_COOKIE:\n"

" raise RuntimeError(\"Invalid or missing debug cookie\")\n"

" if debug_offsets.version != LOCAL_PYTHON_VERSION:\n"

" raise RuntimeError(\n"

" \"Mismatch between caller and target Python versions\"\n"

" )\n"

" if debug_offsets.free_threaded != LOCAL_FREE_THREADED:\n"

" raise RuntimeError(\"Mismatch in free-threaded configuration\")\n"

"\n"

" return debug_offsets"

msgstr ""

msgid "**Process suspension recommended**"

msgstr ""

msgid ""

"To avoid race conditions and ensure memory consistency, it is strongly "

"recommended that the target process be suspended before performing any "

"operations that read or write internal interpreter state. The Python runtime "

"may concurrently mutate interpreter data structures—such as creating or "

"destroying threads—during normal execution. This can result in invalid "

"memory reads or writes."

msgstr ""

msgid ""

"A debugger may suspend execution by attaching to the process with ``ptrace`` "

"or by sending a ``SIGSTOP`` signal. Execution should only be resumed after "

"debugger-side memory operations are complete."

msgstr ""

msgid ""

"Some tools, such as profilers or sampling-based debuggers, may operate on a "

"running process without suspension. In such cases, tools must be explicitly "

"designed to handle partially updated or inconsistent memory. For most "

"debugger implementations, suspending the process remains the safest and most "

"robust approach."

msgstr ""

msgid "Locating the interpreter and thread state"

msgstr ""

msgid ""

"Before code can be injected and executed in a remote Python process, the "

"debugger must choose a thread in which to schedule execution. This is "

"necessary because the control fields used to perform remote code injection "

"are located in the ``_PyRemoteDebuggerSupport`` structure, which is embedded "

"in a ``PyThreadState`` object. These fields are modified by the debugger to "

"request execution of injected scripts."

msgstr ""

msgid ""

"The ``PyThreadState`` structure represents a thread running inside a Python "

"interpreter. It maintains the thread’s evaluation context and contains the "

"fields required for debugger coordination. Locating a valid "

"``PyThreadState`` is therefore a key prerequisite for triggering execution "

"remotely."

msgstr ""

msgid ""

"A thread is typically selected based on its role or ID. In most cases, the "

"main thread is used, but some tools may target a specific thread by its "

"native thread ID. Once the target thread is chosen, the debugger must locate "

"both the interpreter and the associated thread state structures in memory."

msgstr ""

msgid "The relevant internal structures are defined as follows:"

msgstr ""

msgid ""

"``PyInterpreterState`` represents an isolated Python interpreter instance. "

"Each interpreter maintains its own set of imported modules, built-in state, "

"and thread state list. Although most Python applications use a single "

"interpreter, CPython supports multiple interpreters in the same process."

msgstr ""

msgid ""

"``PyThreadState`` represents a thread running within an interpreter. It "

"contains execution state and the control fields used by the debugger."

msgstr ""

msgid "To locate a thread:"

msgstr ""

msgid ""

"Use the offset ``runtime_state.interpreters_head`` to obtain the address of "

"the first interpreter in the ``PyRuntime`` structure. This is the entry "

"point to the linked list of active interpreters."

msgstr ""

msgid ""

"Use the offset ``interpreter_state.threads_main`` to access the main thread "

"state associated with the selected interpreter. This is typically the most "

"reliable thread to target."

msgstr ""

msgid ""

"Optionally, use the offset ``interpreter_state.threads_head`` to iterate "

"through the linked list of all thread states. Each ``PyThreadState`` "

"structure contains a ``native_thread_id`` field, which may be compared to a "

"target thread ID to find a specific thread."

msgstr ""

msgid ""

"Once a valid ``PyThreadState`` has been found, its address can be used in "

"later steps of the protocol, such as writing debugger control fields and "

"scheduling execution."

msgstr ""

msgid ""

"The following is an example implementation that locates the main thread "

"state::"

msgstr ""

msgid ""

"def find_main_thread_state(\n"

" pid: int, py_runtime_addr: int, debug_offsets: DebugOffsets,\n"

") -> int:\n"

" # Step 1: Read interpreters_head from PyRuntime\n"

" interp_head_ptr = (\n"

" py_runtime_addr + debug_offsets.runtime_state.interpreters_head\n"

" )\n"

" interp_addr = read_pointer(pid, interp_head_ptr)\n"

" if interp_addr == 0:\n"

" raise RuntimeError(\"No interpreter found in the target process\")\n"

"\n"

" # Step 2: Read the threads_main pointer from the interpreter\n"

" threads_main_ptr = (\n"

" interp_addr + debug_offsets.interpreter_state.threads_main\n"

" )\n"

" thread_state_addr = read_pointer(pid, threads_main_ptr)\n"

" if thread_state_addr == 0:\n"

" raise RuntimeError(\"Main thread state is not available\")\n"

"\n"

" return thread_state_addr"

msgstr ""

msgid ""

"The following example demonstrates how to locate a thread by its native "

"thread ID::"

msgstr ""

msgid ""

"def find_thread_by_id(\n"

" pid: int,\n"

" interp_addr: int,\n"

" debug_offsets: DebugOffsets,\n"

" target_tid: int,\n"

") -> int:\n"

" # Start at threads_head and walk the linked list\n"

" thread_ptr = read_pointer(\n"

" pid,\n"

" interp_addr + debug_offsets.interpreter_state.threads_head\n"

" )\n"

"\n"

" while thread_ptr:\n"

" native_tid_ptr = (\n"

" thread_ptr + debug_offsets.thread_state.native_thread_id\n"

" )\n"

" native_tid = read_int(pid, native_tid_ptr)\n"

" if native_tid == target_tid:\n"

" return thread_ptr\n"

" thread_ptr = read_pointer(\n"

" pid,\n"

" thread_ptr + debug_offsets.thread_state.next\n"

" )\n"

"\n"

" raise RuntimeError(\"Thread with the given ID was not found\")"

msgstr ""

msgid ""

"Once a valid thread state has been located, the debugger can proceed with "

"modifying its control fields and scheduling execution, as described in the "

"next section."

msgstr ""

msgid "Writing control information"

msgstr ""

msgid ""

"Once a valid ``PyThreadState`` structure has been identified, the debugger "

"may modify control fields within it to schedule the execution of a specified "

"Python script. These control fields are checked periodically by the "

"interpreter, and when set correctly, they trigger the execution of remote "

"code at a safe point in the evaluation loop."

msgstr ""

msgid ""

"Each ``PyThreadState`` contains a ``_PyRemoteDebuggerSupport`` structure "

"used for communication between the debugger and the interpreter. The "

"locations of its fields are defined by the ``_Py_DebugOffsets`` structure "

"and include the following:"

msgstr ""

msgid ""

"``debugger_script_path``: A fixed-size buffer that holds the full path to a "

"Python source file (``.py``). This file must be accessible and readable by "

"the target process when execution is triggered."

msgstr ""

msgid ""

"``debugger_pending_call``: An integer flag. Setting this to ``1`` tells the "

"interpreter that a script is ready to be executed."

msgstr ""

msgid ""

"``eval_breaker``: A field checked by the interpreter during execution. "

"Setting bit 5 (``_PY_EVAL_PLEASE_STOP_BIT``, value ``1U << 5``) in this "

"field causes the interpreter to pause and check for debugger activity."

msgstr ""

msgid ""

"To complete the injection, the debugger must perform the following steps:"

msgstr ""

msgid "Write the full script path into the ``debugger_script_path`` buffer."

msgstr ""

msgid "Set ``debugger_pending_call`` to ``1``."

msgstr ""

msgid ""

"Read the current value of ``eval_breaker``, set bit 5 "

"(``_PY_EVAL_PLEASE_STOP_BIT``), and write the updated value back. This "

"signals the interpreter to check for debugger activity."

msgstr ""

msgid ""

"def inject_script(\n"

" pid: int,\n"

" thread_state_addr: int,\n"

" debug_offsets: DebugOffsets,\n"

" script_path: str\n"

") -> None:\n"

" # Compute the base offset of _PyRemoteDebuggerSupport\n"

" support_base = (\n"

" thread_state_addr +\n"

" debug_offsets.debugger_support.remote_debugger_support\n"

" )\n"

"\n"

" # Step 1: Write the script path into debugger_script_path\n"

" script_path_ptr = (\n"

" support_base +\n"

" debug_offsets.debugger_support.debugger_script_path\n"

" )\n"

" write_string(pid, script_path_ptr, script_path)\n"

"\n"

" # Step 2: Set debugger_pending_call to 1\n"

" pending_ptr = (\n"

" support_base +\n"

" debug_offsets.debugger_support.debugger_pending_call\n"

" )\n"

" write_int(pid, pending_ptr, 1)\n"

"\n"

" # Step 3: Set _PY_EVAL_PLEASE_STOP_BIT (bit 5, value 1 << 5) in\n"

" # eval_breaker\n"

" eval_breaker_ptr = (\n"

" thread_state_addr +\n"

" debug_offsets.debugger_support.eval_breaker\n"

" )\n"

" breaker = read_int(pid, eval_breaker_ptr)\n"

" breaker |= (1 << 5)\n"

" write_int(pid, eval_breaker_ptr, breaker)"

msgstr ""

msgid ""

"Once these fields are set, the debugger may resume the process (if it was "

"suspended). The interpreter will process the request at the next safe "

"evaluation point, load the script from disk, and execute it."

msgstr ""

msgid ""

"It is the responsibility of the debugger to ensure that the script file "

"remains present and accessible to the target process during execution."

msgstr ""

msgid ""

"Script execution is asynchronous. The script file cannot be deleted "

"immediately after injection. The debugger should wait until the injected "

"script has produced an observable effect before removing the file. This "

"effect depends on what the script is designed to do. For example, a debugger "

"might wait until the remote process connects back to a socket before "

"removing the script. Once such an effect is observed, it is safe to assume "

"the file is no longer needed."

msgstr ""

msgid "Summary"

msgstr ""

msgid "To inject and execute a Python script in a remote process:"

msgstr ""

msgid "Locate the ``PyRuntime`` structure in the target process’s memory."

msgstr ""

msgid ""

"Read and validate the ``_Py_DebugOffsets`` structure at the beginning of "

"``PyRuntime``."

msgstr ""

msgid "Use the offsets to locate a valid ``PyThreadState``."

msgstr ""

msgid "Write the path to a Python script into ``debugger_script_path``."

msgstr ""

msgid "Set the ``debugger_pending_call`` flag to ``1``."

msgstr ""

msgid "Set ``_PY_EVAL_PLEASE_STOP_BIT`` in the ``eval_breaker`` field."

msgstr ""

msgid ""

"Resume the process (if suspended). The script will execute at the next safe "

"evaluation point."

msgstr ""

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

FilesExpand file tree

remote_debugging.po

Latest commit

History

remote_debugging.po

File metadata and controls