symbols.c

Linux下的类似softice的调试工具

				if(PICE_strcmpi((LPSTR)pModTemp->name,pSymbols->name) == 0)
				{
					DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "found symbols for module %s\n", pModTemp->name);
					pElfSym = (Elf32_Sym*)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
					pElfStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
					pElfShdr = (Elf32_Shdr*)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
					DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pElfSym = %p\n", pElfSym);
					DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pElfStr = %p\n", pElfStr);
					DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "pElfShdr = %p\n", pElfShdr);
					for(i=0;i<(pSymbols->ulSizeOfGlobals/sizeof(Elf32_Sym));i++)
					{
						if((ELF32_ST_BIND(pElfSym->st_info)==STB_GLOBAL || ELF32_ST_BIND(pElfSym->st_info)==STB_LOCAL || ELF32_ST_BIND(pElfSym->st_info)==STB_LOCAL)&&
						   ELF32_ST_TYPE(pElfSym->st_info)==STT_FUNC && 
						   (pElfSym->st_shndx<SHN_LORESERVE || pElfSym->st_shndx==SHN_ABS || pElfSym->st_shndx==SHN_COMMON))
						{
							LPSTR pName = &pElfStr[pElfSym->st_name];
							ULONG start,end;

						    if(pMod->size)
                            {
                                start = ((ULONG)pModTemp+pElfShdr[pElfSym->st_shndx].sh_offset);
							    start = (start+pElfShdr[pElfSym->st_shndx].sh_addralign)&~(pElfShdr[pElfSym->st_shndx].sh_addralign-1);

							    start += pElfSym->st_value;
                            }
                            else
                            {
                                start = pElfSym->st_value;
                            }

							end = start+pElfSym->st_size;

							DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "[%u] %.8X %.8X %.8X %.8X %.8X %.8X %.8X %.8X %.8X\n", 
                                    i,
                                    start,
                                    end,
									pElfSym->st_shndx,
									pElfShdr[pElfSym->st_shndx].sh_addr,
									pElfShdr[pElfSym->st_shndx].sh_offset,
									pElfShdr[pElfSym->st_shndx].sh_size,
									pElfShdr[pElfSym->st_shndx].sh_type,
									pElfShdr[pElfSym->st_shndx].sh_link,
									pElfShdr[pElfSym->st_shndx].sh_addralign);

                            if(ulValue>=start && ulValue<end)
							{
							    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "[%u] %.8X %.8X %.8X %.8X %.8X %.8X %.8X\n", 
										pElfSym->st_shndx,
										((ULONG)pModTemp+pElfShdr[pElfSym->st_shndx].sh_offset),
										pElfShdr[pElfSym->st_shndx].sh_addr,
										pElfShdr[pElfSym->st_shndx].sh_offset,
										pElfShdr[pElfSym->st_shndx].sh_size,
										pElfShdr[pElfSym->st_shndx].sh_type,
										pElfShdr[pElfSym->st_shndx].sh_link,
										pElfShdr[pElfSym->st_shndx].sh_addralign);
								DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "in section [%u] %8x value = %x module struct %x (%x)\n", pElfSym->st_shndx,pElfShdr[pElfSym->st_shndx].sh_offset,ulValue,sizeof(struct module),((sizeof(struct module)+0x10)&~0x0F));
								DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "[%u] %32s %.8X %.8X %.8X %.8X %.8X %.8X\n", i,pName,pElfSym->st_name,pElfSym->st_value,pElfSym->st_info,pElfSym->st_other,pElfSym->st_size,pElfSym->st_shndx);
								DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "start %x end %x\n", start,end);
                            
                                if(pulstart)
                                    *pulstart = start;
                                if(pulend)
                                    *pulend = end;
								return pName;
							}

						}
						pElfSym++;
					}
				}
			}
        }while((pMod = pMod->next));
	}

    LEAVE_FUNC();
	return NULL;
}

//************************************************************************* 
// FindDataSectionOffset() 
// 
//************************************************************************* 
ULONG FindDataSectionOffset(Elf32_Shdr* pSHdr)
{

	 ENTER_FUNC();

	 while(1)
	 {
		  DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "sh_offset %.8X sh_addr = %.8X\n", pSHdr->sh_offset,pSHdr->sh_addr);
		  if((pSHdr->sh_flags & (SHF_WRITE|SHF_ALLOC)	) == (SHF_WRITE|SHF_ALLOC))
		  {
			   return pSHdr->sh_offset;
		  }
		  pSHdr++;
	 }

	 LEAVE_FUNC();
	 return 0;
}

//************************************************************************* 
// FindFunctionInModuleByNameViaKsyms() 
// 
//************************************************************************* 
ULONG FindFunctionInModuleByNameViaKsyms(struct module* pMod,LPSTR szFunctionname)
{
    ULONG i;

    ENTER_FUNC();

    if(pMod->nsyms)
    {
        DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "%u symbols for module %s\n", pMod->nsyms,pMod->name);
        for(i=0;i<pMod->nsyms;i++)
        {
            DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "%s\n", pMod->syms[i].name);
            if(PICE_strcmpi((LPSTR)pMod->syms[i].name,szFunctionname) == 0)
            {
                DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "symbol was in exports\n");
                LEAVE_FUNC();
                return pMod->syms[i].value;
            }
        }
    }

    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "symbol wasn't in exports\n");
    LEAVE_FUNC();
    return 0;
}

//************************************************************************* 
// FindFunctionInModuleByName() 
// 
//************************************************************************* 
ULONG FindFunctionInModuleByName(LPSTR szFunctionname,struct module* pMod)
{
    ULONG i,addr;
    PICE_SYMBOLFILE_HEADER* pSymbols=NULL;
	Elf32_Sym* pElfSym;
	LPSTR pElfStr;
	Elf32_Shdr* pElfShdr;

    ENTER_FUNC();
    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "FindFunctionInModuleByName(%s)\n", szFunctionname);

    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "mod size = %08lX\n", pMod->size);
    if(pMod == &fake_kernel_module)
    {
        DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "module is kernel\n");
        addr = KERNEL_START;
    }
    else
    {
        DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "module is %s\n", pMod->name);
        addr = (ULONG)pMod;
    }

    addr += sizeof(struct module);

    pSymbols = FindSymbolTableForModule(addr);
    if(pSymbols)
    {
        DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "found symbol table for %s\n", pSymbols->name);
		pElfSym = (Elf32_Sym*)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
		pElfStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
        pElfShdr = (Elf32_Shdr*)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);

		for(i=0;i<(pSymbols->ulSizeOfGlobals/sizeof(Elf32_Sym));i++)
		{
            DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "BIND = %.8X TYPE = %.8X\n", ELF32_ST_BIND(pElfSym->st_info),ELF32_ST_TYPE(pElfSym->st_info));

			if((ELF32_ST_BIND(pElfSym->st_info)==STB_GLOBAL || ELF32_ST_BIND(pElfSym->st_info)==STB_LOCAL || ELF32_ST_BIND(pElfSym->st_info)==STB_WEAK) &&
			    (ELF32_ST_TYPE(pElfSym->st_info)==STT_FUNC || ELF32_ST_TYPE(pElfSym->st_info)==STT_OBJECT) && 
			   (pElfSym->st_shndx<SHN_LORESERVE))
			{
                LPSTR pName = &pElfStr[pElfSym->st_name];
                ULONG start;

				DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "[%u] %.8X  %.8X %.8X %.8X %.8X %.8X %.8X %.8X\n", 
						pElfSym->st_shndx,
                        pElfSym->st_value,
						((ULONG)pMod+pElfShdr[pElfSym->st_shndx].sh_offset),
						pElfShdr[pElfSym->st_shndx].sh_addr,
						pElfShdr[pElfSym->st_shndx].sh_offset,
						pElfShdr[pElfSym->st_shndx].sh_size,
						pElfShdr[pElfSym->st_shndx].sh_type,
						pElfShdr[pElfSym->st_shndx].sh_link,
						pElfShdr[pElfSym->st_shndx].sh_addralign);

                if(pMod->size && pMod != &fake_kernel_module)
                {
				    start = ((ULONG)pMod+pElfShdr[pElfSym->st_shndx].sh_offset);

				    start = (start+pElfShdr[pElfSym->st_shndx].sh_addralign)&~(pElfShdr[pElfSym->st_shndx].sh_addralign-1);

				    start += pElfSym->st_value;
                }
                else
                {
				    start = pElfSym->st_value;
                }

                DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "%s @ %x\n", pName,start);

                if(PICE_strcmpi(pName,szFunctionname) == 0 && start)
                {
                    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "symbol was in symbol table\n");
                    LEAVE_FUNC();
                    return start;
                }
            }
            pElfSym++;
        }

    }

    // for all symbols in BSS we can't find their location via the external symbols since
    // insmod puts BSS and data anywhere it likes.
    // so we try to look up the symbol via the kernel symbol table
    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "try lookup via kernel symbol table\n");
    LEAVE_FUNC();
    return FindFunctionInModuleByNameViaKsyms(pMod,szFunctionname);
}

///////////////////////////////////////////////////////////////////////////
/// TYPE STUFF
///////////////////////////////////////////////////////////////////////////

//************************************************************************* 
// ExtractTypeNumber() 
// 
//************************************************************************* 
ULONG ExtractTypeNumber(LPSTR p)
{
	LPSTR pTypeNumber;
	ULONG ulTypeNumber = 0;

	ENTER_FUNC();
    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "ExtractTypeNumber(%s)\n", p);
	pTypeNumber = PICE_strchr(p,'(');
	if(pTypeNumber)
	{
		pTypeNumber++;
		ulTypeNumber = ExtractNumber(pTypeNumber);
		ulTypeNumber <<= 16;
		pTypeNumber = PICE_strchr(p,',');
        if(pTypeNumber)
        {
		    pTypeNumber++;
		    ulTypeNumber += ExtractNumber(pTypeNumber);
        }
        else
        {
            ulTypeNumber = 0;
        }
	}
	return ulTypeNumber;
}

//************************************************************************* 
// FindTypeDefinitionForCombinedTypes() 
// 
//************************************************************************* 
LPSTR FindTypeDefinitionForCombinedTypes(PICE_SYMBOLFILE_HEADER* pSymbols,ULONG ulTypeNumber,ULONG ulFileNumber)
{
    ULONG i;
    PSTAB_ENTRY pStab;
    LPSTR pStr,pName,pTypeNumber,pTypeDefIncluded,pNameTemp;
    int nStabLen;
    int nOffset=0,nNextOffset=0,nLen;
	static char szAccumulatedName[2048];
	ULONG ulCurrentTypeNumber,ulCurrentFileNumber=0;
    static char szCurrentPath[256];

    ENTER_FUNC();

	*szAccumulatedName = 0;

    pStab = (PSTAB_ENTRY )((ULONG)pSymbols + pSymbols->ulOffsetToStabs);
    nStabLen = pSymbols->ulSizeOfStabs;
    pStr = (LPSTR)((ULONG)pSymbols + pSymbols->ulOffsetToStabsStrings);

    for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
    {
        pName = &pStr[pStab->n_strx + nOffset];

        switch(pStab->n_type)
        {
            case N_UNDF:
                nOffset += nNextOffset;
                nNextOffset = pStab->n_value;
                break;
            case N_SO:
                if((nLen = strlen(pName)))
                {
                    if(pName[nLen-1]!='/')
                    {
						ulCurrentFileNumber++;
                        if(strlen(szCurrentPath))
                        {
                            strcat(szCurrentPath,pName);
                            DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "changing source file %s\n", szCurrentPath);
                        }
                        else
                        {
                            DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "changing source file %s\n", pName);
                        }
                    }
                    else
                        PICE_strcpy(szCurrentPath,pName);
                }
                else
				{
                    szCurrentPath[0]=0;
				}
				break;
			case N_GSYM:
                if(ulCurrentFileNumber == ulFileNumber)
                {
                    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "%s\n", pName);

					// handle multi-line symbols
					if(PICE_strchr(pName,'\\'))
					{
						if(strlen(szAccumulatedName))
						{
							strcat(szAccumulatedName,pName);
						}
						else
						{
							PICE_strcpy(szAccumulatedName,pName);
						}
                        szAccumulatedName[strlen(szAccumulatedName)-1]=0;
                        //DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "accum. %s\n", szAccumulatedName);
					}
                    else
                    {
						if(strlen(szAccumulatedName)==0)
                        {
                            PICE_strcpy(szAccumulatedName,pName);
                        }
                        else
                        {
                            strcat(szAccumulatedName,pName);
                        }
                        pNameTemp = szAccumulatedName;

                        // symbol-name:type-identifier type-number =
				        nLen = StrLenUpToWhiteChar(pNameTemp, ":");
                        if((pTypeDefIncluded = PICE_strchr(pNameTemp,'=')) && pNameTemp[nLen+1]=='G')
                        {
                            DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "symbol includes type definition (%s)\n", pNameTemp);
                            pTypeNumber = pNameTemp+nLen+1;
                            if((ulCurrentTypeNumber = ExtractTypeNumber(pTypeNumber)) )
                            {
                                DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "type-number %x\n", ulCurrentTypeNumber);
                                if(ulCurrentTypeNumber == ulTypeNumber)
                                {
                                    DPRINT(PICE_DEBUG, DBT_SYMBOLS, DBL_INFO, "typenumber %x matches!\n", ulCurrentTypeNumber);
                                    return pNameTemp;
                                }
                            }
				        }
                        *szAccumulatedName = 0;
                    }
                }
				break;
        }
        pStab++;
    }
    return NULL;
}

//************************************************************************* 
// FindTypeDefinition() 
// 
//************************************************************************* 
LPSTR FindTypeDefinition(PICE_SYMBOLFILE_HEADER* pSymbols,ULONG ulTypeNumber,ULONG ulFileNumber)
{
    ULONG i;
    PSTAB_ENTRY pStab;
    LPSTR pStr,pName,pTypeString;
    int nStabLen;
    int nOffset=0,nNextOffset=0,strLen;
	static char szAccumulatedName[2048];
	ULONG ulCurrentTypeNumber,ulCurrentFileNumber=0;
	LPSTR pTypeSymbol;
    static char szCurrentPath[256];