/*! \brief Print address...
*
* Tries to lookup line number, file name and function name for the given
* address and prints it.
* If no such information is found the address is printed in the format
* <module: offset>, otherwise the format will be
* <module: offset (filename:linenumber (functionname))>
*
* \retval TRUE Module containing \a Address was found, \a Address was printed.
* \retval FALSE No module containing \a Address was found, nothing was printed.
*/
BOOLEAN
KdbSymPrintAddress(
IN PVOID Address,
IN PKTRAP_FRAME Context)
{
int i;
PMEMORY_AREA MemoryArea = NULL;
PROS_SECTION_OBJECT SectionObject;
PLDR_DATA_TABLE_ENTRY LdrEntry;
#if 0
PROSSYM_KM_OWN_CONTEXT FileContext;
#endif
ULONG_PTR RelativeAddress;
NTSTATUS Status;
ROSSYM_LINEINFO LineInfo = {0};
struct {
enum _ROSSYM_REGNAME regname;
size_t ctx_offset;
} regmap[] = {
{ ROSSYM_X86_EDX, FIELD_OFFSET(KTRAP_FRAME, Edx) },
{ ROSSYM_X86_EAX, FIELD_OFFSET(KTRAP_FRAME, Eax) },
{ ROSSYM_X86_ECX, FIELD_OFFSET(KTRAP_FRAME, Ecx) },
{ ROSSYM_X86_EBX, FIELD_OFFSET(KTRAP_FRAME, Ebx) },
{ ROSSYM_X86_ESI, FIELD_OFFSET(KTRAP_FRAME, Esi) },
{ ROSSYM_X86_EDI, FIELD_OFFSET(KTRAP_FRAME, Edi) },
{ ROSSYM_X86_EBP, FIELD_OFFSET(KTRAP_FRAME, Ebp) },
{ ROSSYM_X86_ESP, FIELD_OFFSET(KTRAP_FRAME, HardwareEsp) }
};
if (Context)
{
#if 0
// Disable arguments for now
DPRINT("Has Context %x (EBP %x)\n", Context, Context->Ebp);
LineInfo.Flags = ROSSYM_LINEINFO_HAS_REGISTERS;
#endif
for (i = 0; i < sizeof(regmap) / sizeof(regmap[0]); i++) {
memcpy
(&LineInfo.Registers.Registers[regmap[i].regname],
((PCHAR)Context)+regmap[i].ctx_offset,
sizeof(ULONG_PTR));
DPRINT("DWARF REG[%d] -> %x\n", regmap[i].regname, LineInfo.Registers.Registers[regmap[i].regname]);
}
}
if (!KdbpSymbolsInitialized || !KdbpSymFindModule(Address, NULL, -1, &LdrEntry))
return FALSE;
RelativeAddress = (ULONG_PTR)Address - (ULONG_PTR)LdrEntry->DllBase;
Status = KdbSymGetAddressInformation
(LdrEntry->PatchInformation,
RelativeAddress,
&LineInfo);
if (NT_SUCCESS(Status))
{
DbgPrint("<%wZ:%x (%s:%d (%s))>",
&LdrEntry->BaseDllName, RelativeAddress, LineInfo.FileName, LineInfo.LineNumber, LineInfo.FunctionName);
if (Context && LineInfo.NumParams)
{
int i;
char *comma = "";
DbgPrint("(");
for (i = 0; i < LineInfo.NumParams; i++) {
DbgPrint
("%s%s=%llx",
comma,
LineInfo.Parameters[i].ValueName,
LineInfo.Parameters[i].Value);
comma = ",";
}
DbgPrint(")");
}
return TRUE;
}
else if (Address < MmSystemRangeStart)
{
MemoryArea = MmLocateMemoryAreaByAddress(&PsGetCurrentProcess()->Vm, Address);
if (!MemoryArea || MemoryArea->Type != MEMORY_AREA_SECTION_VIEW)
{
goto end;
}
SectionObject = MemoryArea->Data.SectionData.Section;
if (!(SectionObject->AllocationAttributes & SEC_IMAGE)) goto end;
#if 0
if (MemoryArea->StartingAddress != (PVOID)KdbpImageBase)
{
if (KdbpRosSymInfo)
{
RosSymDelete(KdbpRosSymInfo);
KdbpRosSymInfo = NULL;
KdbpImageBase = 0;
}
if ((FileContext = KdbpCaptureFileForSymbols(SectionObject->FileObject)))
{
if (RosSymCreateFromFile(FileContext, &KdbpRosSymInfo))
KdbpImageBase = (ULONG_PTR)MemoryArea->StartingAddress;
KdbpReleaseFileForSymbols(FileContext);
}
}
if (KdbpRosSymInfo)
{
RelativeAddress = (ULONG_PTR)Address - KdbpImageBase;
RosSymFreeInfo(&LineInfo);
Status = KdbSymGetAddressInformation
(KdbpRosSymInfo,
RelativeAddress,
&LineInfo);
if (NT_SUCCESS(Status))
{
DbgPrint
("<%wZ:%x (%s:%d (%s))>",
&SectionObject->FileObject->FileName,
RelativeAddress,
LineInfo.FileName,
LineInfo.LineNumber,
LineInfo.FunctionName);
if (Context && LineInfo.NumParams)
{
int i;
char *comma = "";
DbgPrint("(");
for (i = 0; i < LineInfo.NumParams; i++) {
DbgPrint
("%s%s=%llx",
comma,
LineInfo.Parameters[i].ValueName,
LineInfo.Parameters[i].Value);
comma = ",";
}
DbgPrint(")");
}
return TRUE;
}
}
#endif
}
end:
DbgPrint("<%wZ:%x>", &LdrEntry->BaseDllName, RelativeAddress);
return TRUE;
}
/*! \brief Loads a symbol file.
*
* \param FileName Filename of the symbol file to load.
* \param RosSymInfo Pointer to a ROSSYM_INFO which gets filled.
*
* \sa KdbpSymUnloadModuleSymbols
*/
VOID
KdbpSymLoadModuleSymbols(
IN PUNICODE_STRING FileName,
OUT PROSSYM_INFO *RosSymInfo)
{
OBJECT_ATTRIBUTES ObjectAttributes;
HANDLE FileHandle;
NTSTATUS Status;
IO_STATUS_BLOCK IoStatusBlock;
PFILE_OBJECT FileObject;
PROSSYM_KM_OWN_CONTEXT FileContext;
/* Allow KDB to break on module load */
KdbModuleLoaded(FileName);
if (!LoadSymbols)
{
*RosSymInfo = NULL;
return;
}
/* Try to find cached (already loaded) symbol file */
*RosSymInfo = KdbpSymFindCachedFile(FileName);
if (*RosSymInfo)
{
DPRINT("Found cached symbol file %wZ\n", FileName);
return;
}
/* Open the file */
InitializeObjectAttributes(&ObjectAttributes,
FileName,
OBJ_CASE_INSENSITIVE | OBJ_KERNEL_HANDLE,
NULL,
NULL);
DPRINT("Attempting to open image: %wZ\n", FileName);
Status = ZwOpenFile(&FileHandle,
FILE_READ_ACCESS | SYNCHRONIZE,
&ObjectAttributes,
&IoStatusBlock,
FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_NON_DIRECTORY_FILE | FILE_SYNCHRONOUS_IO_NONALERT);
if (!NT_SUCCESS(Status))
{
DPRINT("Could not open image file(%x): %wZ\n", Status, FileName);
return;
}
DPRINT("Loading symbols from %wZ...\n", FileName);
Status = ObReferenceObjectByHandle
(FileHandle,
FILE_READ_DATA | SYNCHRONIZE,
NULL,
KernelMode,
(PVOID*)&FileObject,
NULL);
if (!NT_SUCCESS(Status))
{
DPRINT("Could not get the file object\n");
ZwClose(FileHandle);
return;
}
if ((FileContext = KdbpCaptureFileForSymbols(FileObject)))
{
if (RosSymCreateFromFile(FileContext, RosSymInfo))
{
/* add file to cache */
int i;
UNICODE_STRING TruncatedName = *FileName;
for (i = (TruncatedName.Length / sizeof(WCHAR)) - 1; i >= 0; i--)
if (TruncatedName.Buffer[i] == '\\') {
TruncatedName.Buffer += i+1;
TruncatedName.Length -= (i+1)*sizeof(WCHAR);
TruncatedName.MaximumLength -= (i+1)*sizeof(WCHAR);
break;
}
KdbpSymAddCachedFile(&TruncatedName, *RosSymInfo);
DPRINT("Installed symbols: %wZ %p\n", &TruncatedName, *RosSymInfo);
}
KdbpReleaseFileForSymbols(FileContext);
}
ObDereferenceObject(FileObject);
ZwClose(FileHandle);
}
/*! \brief Loads a symbol file.
*
* \param FileName Filename of the symbol file to load.
* \param RosSymInfo Pointer to a ROSSYM_INFO which gets filled.
*
* \sa KdbpSymUnloadModuleSymbols
*/
static VOID
KdbpSymLoadModuleSymbols(
IN PUNICODE_STRING FileName,
OUT PROSSYM_INFO *RosSymInfo)
{
OBJECT_ATTRIBUTES ObjectAttributes;
HANDLE FileHandle;
NTSTATUS Status;
IO_STATUS_BLOCK IoStatusBlock;
/* Allow KDB to break on module load */
KdbModuleLoaded(FileName);
if (!LoadSymbols)
{
*RosSymInfo = NULL;
return;
}
/* Try to find cached (already loaded) symbol file */
*RosSymInfo = KdbpSymFindCachedFile(FileName);
if (*RosSymInfo)
{
DPRINT("Found cached symbol file %wZ\n", FileName);
return;
}
/* Open the file */
InitializeObjectAttributes(&ObjectAttributes,
FileName,
0,
NULL,
NULL);
DPRINT("Attempting to open image: %wZ\n", FileName);
Status = ZwOpenFile(&FileHandle,
FILE_READ_ACCESS | SYNCHRONIZE,
&ObjectAttributes,
&IoStatusBlock,
FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_SYNCHRONOUS_IO_NONALERT);
if (!NT_SUCCESS(Status))
{
DPRINT("Could not open image file: %wZ\n", FileName);
return;
}
DPRINT("Loading symbols from %wZ...\n", FileName);
if (!RosSymCreateFromFile(&FileHandle, RosSymInfo))
{
DPRINT("Failed to load symbols from %wZ\n", FileName);
return;
}
ZwClose(FileHandle);
DPRINT("Symbols loaded.\n");
/* add file to cache */
KdbpSymAddCachedFile(FileName, *RosSymInfo);
DPRINT("Installed symbols: %wZ %p\n", FileName, *RosSymInfo);
}
