drgn (pronounced "dragon") is a debugger with an emphasis on programmability. drgn exposes the types and variables in a program for easy, expressive scripting in Python. For example, you can debug the Linux kernel:
>>> from drgn.helpers.linux import list_for_each_entry
>>> for mod in list_for_each_entry('struct module',
... prog['modules'].address_of_(),
... 'list'):
... if mod.refcnt.counter > 10:
... print(mod.name)
...
(char [56])"snd"
(char [56])"evdev"
(char [56])"i915"Although other debuggers like GDB have scripting support, drgn aims to make scripting as natural as possible so that debugging feels like coding. This makes it well-suited for introspecting the complex, inter-connected state in large programs. It is also designed as a library that can be used to build debugging and introspection tools; see the official tools.
drgn was developed for debugging the Linux kernel (as an alternative to the crash utility), but it can also debug userspace programs written in C. C++ support is in progress.
Documentation can be found at drgn.readthedocs.io.
Install dependencies:
Arch Linux:
$ sudo pacman -S --needed gcc libelf make pkgconf python python-pip python-setuptoolsDebian/Ubuntu:
$ sudo apt-get install gcc liblzma-dev libelf-dev libdw-dev make pkgconf python3 python3-dev python3-pip python3-setuptools zlib1g-devNote that Debian Stretch, Ubuntu Trusty, and Ubuntu Xenial (and older) ship Python versions which are too old. Python 3.6 or newer must be installed manually.
Fedora:
$ sudo dnf install elfutils-devel gcc make pkgconf python3 python3-devel python3-pip python3-setuptoolsOptionally, install:
- libkdumpfile if you want support for kdump-compressed kernel core dumps
Then, run:
$ sudo pip3 install drgnSee the installation documentation for more options.
drgn debugs the running kernel by default; run sudo drgn. To debug a
running program, run sudo drgn -p $PID. To debug a core dump (either a
kernel vmcore or a userspace core dump), run drgn -c $PATH. The program
must have debugging symbols available.
Then, you can access variables in the program with prog['name'], access
structure members with ., use various predefined helpers, and more:
$ sudo drgn
>>> prog['init_task'].comm
(char [16])"swapper/0"
>>> d_path(fget(find_task(prog, 1), 0).f_path.address_of_())
b'/dev/null'
>>> max(task.stime for task in for_each_task(prog))
(u64)4192109975952
>>> sum(disk.gendisk.part0.nr_sects for disk in for_each_disk(prog))
(sector_t)999705952See the user guide for more information.
Copyright (c) Facebook, Inc. and its affiliates.
drgn is licensed under the GPLv3 or later.