/*
* logMemManInfo
*/
static void logMemManInfo( DWORD procid ) {
MemByType imageinfo;
MemInfo meminfo;
SYSTEM_INFO sysinfo;
DWORD i;
logPrintf( STR_VIRTUAL_MEM_INFO );
GetSystemInfo( &sysinfo );
logPrintf( STR_VIRTUAL_PAGE_SIZE,
INDENT, "", sysinfo.dwPageSize, sysinfo.dwPageSize / 1024 );
if( GetMemInfo( procid, &meminfo ) ) {
logPrintf( STR_RESERVED_MEM, INDENT, "" );
logMemManClass( &meminfo.res );
logPrintf( STR_COMMITTED_MEM, INDENT, "" );
logMemManClass( &meminfo.mapped );
logPrintf( STR_IMAGE_ADDR_SPACE_FOR, INDENT, "", TOTAL_MEM_STR );
logMemManClass( &meminfo.image );
for( i=0; i < meminfo.modcnt; i++ ) {
logPrintf( STR_IMAGE_ADDR_SPACE_FOR, INDENT, "",
meminfo.modlist[i] );
if( GetImageMemInfo( procid, meminfo.modlist[i], &imageinfo ) ) {
logMemManClass( &imageinfo );
} else {
logPrintf( STR_NOT_AVAILABLE, 2 * INDENT, "" );
}
}
FreeModuleList( meminfo.modlist, meminfo.modcnt );
} else {
logPrintf( STR_NOT_AVAILABLE, INDENT, "" );
}
}
static void logModules( DWORD pid, WORD indent ) {
char **modules;
char end[10];
DWORD cnt;
DWORD i;
ProcNode *pnode;
ModuleNode *mnode;
char *name;
pnode = FindProcess( pid );
if( pnode != NULL ) {
mnode = GetFirstModule( pnode );
while( mnode != NULL ) {
if( mnode->size == -1 ) {
strcpy( end, "????????" );
} else {
sprintf( end, "%08lX", mnode->base + mnode->size );
}
if( mnode->name == NULL ) {
name = "???";
} else {
name = mnode->name;
}
logPrintf( STR_MODULE_WITH_ADDR,
indent, "", mnode->base, end, name );
mnode = GetNextModule( mnode );
}
} else {
modules = GetModuleList( pid, &cnt );
if( modules == NULL ) {
logPrintf( STR_MODULE_LST_UNAVAILABLE );
} else {
for( i=0; i < cnt; i++ ) {
logPrintf( STR_MODULE, indent, "", modules[i] );
}
}
FreeModuleList( modules, cnt );
}
}
/*
* GetMemInfo
*/
BOOL GetMemInfo( DWORD procid, MemInfo *info ) {
PERF_COUNTER_DEFINITION *counter;
PERF_INSTANCE_DEFINITION *inst;
DWORD curpid;
DWORD i;
beginRead( TRUE );
initObj( &costlyData, &procAddrObject, N_PROCESS_ADDR_SPACE );
if( procAddrObject == NULL ) {
info->modlist = NULL;
info->modcnt = 0;
goto GETMEMINFO_ERROR;
}
info->modlist = GetModuleList( procid, &info->modcnt );
if( info->modlist == NULL ) goto GETMEMINFO_ERROR;
counter = findCounter( procAddrObject, N_PROCID );
if( counter == NULL ) goto GETMEMINFO_ERROR;
inst = getFirstInstance( procAddrObject );
for( i=0; ; i++ ) {
if( i >= procAddrObject->NumInstances || inst == NULL ) {
goto GETMEMINFO_ERROR;
}
curpid = getCounterDWORD( inst, counter );
if( curpid == procid ) break;
inst = getNextInstance( inst );
}
counter = findCounter( procAddrObject, N_MAP_SPACE_NO_ACC );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.noaccess = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_READ );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.read = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_WRITE );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.write = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_COPY );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.copy = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_EXEC );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.exec = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_EXECREAD );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.execread = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_EXECWRITE );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.execwrite = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_MAP_SPACE_EXECCOPY );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->mapped.execcopy = getCounterDWORD( inst, counter );
info->mapped.tot = info->mapped.noaccess + info->mapped.read
+ info->mapped.write + info->mapped.copy
+ info->mapped.exec + info->mapped.execread
+ info->mapped.execwrite + info->mapped.execcopy;
counter = findCounter( procAddrObject, N_RES_SPACE_NO_ACC );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.noaccess = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_READ );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.read = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_WRITE );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.write = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_COPY );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.copy = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_EXEC );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.exec = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_EXECREAD );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.execread = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_EXECWRITE );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.execwrite = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_RES_SPACE_EXECCOPY );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->res.execcopy = getCounterDWORD( inst, counter );
info->res.tot = info->res.noaccess + info->res.read
+ info->res.write + info->res.copy
+ info->res.exec + info->res.execread
+ info->res.execwrite + info->res.execcopy;
counter = findCounter( procAddrObject, N_IMAGE_SPACE_NO_ACC );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.noaccess = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_READ );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.read = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_WRITE );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.write = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_COPY );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.copy = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_EXEC );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.exec = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_EXECREAD );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.execread = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_EXECWRITE );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.execwrite = getCounterDWORD( inst, counter );
counter = findCounter( procAddrObject, N_IMAGE_SPACE_EXECCOPY );
if( counter == NULL ) goto GETMEMINFO_ERROR;
info->image.execcopy = getCounterDWORD( inst, counter );
info->image.tot = info->image.noaccess + info->image.read
+ info->image.write + info->image.copy
+ info->image.exec + info->image.execread
+ info->image.execwrite + info->image.execcopy;
endRead( TRUE );
return( TRUE );
GETMEMINFO_ERROR:
FreeModuleList( info->modlist, info->modcnt );
endRead( TRUE );
return( FALSE );
}
//*************************************************************************
// InitPICE()
//
//*************************************************************************
BOOLEAN InitPICE(void)
{
ULONG ulHandleScancode=0,ulHandleKbdEvent=0;
ARGS Args;
KIRQL Dirql;
KAFFINITY Affinity;
ULONG ulAddr;
ENTER_FUNC();
DPRINT((0,"InitPICE(): trace step 0.5\n"));
KeyboardIRQL = HalGetInterruptVector(Internal,
0,
0,
KEYBOARD_IRQ,
&Dirql,
&Affinity);
DPRINT((0,"KeyboardIRQL: %x\n", KeyboardIRQL));
DPRINT((0,"InitPICE(): trace step 1\n"));
// enable monochrome passthrough on BX type chipset
EnablePassThrough();
DPRINT((0,"InitPICE(): trace step 2\n"));
// now load all symbol files described in /etc/pice.conf
if(!LoadSymbolsFromConfig(FALSE))
{
DPRINT((0,"InitPICE: LoadSymbolsFromConfig() failed\n"));
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 3\n"));
// init the output console
// this might be one of the following depending setup
// a) monochrome card
// b) serial terminal (TODO)
if(!ConsoleInit())
{
DPRINT((0,"InitPICE: ConsoleInit() failed\n"));
UnloadSymbols();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 4\n"));
// print the initial screen template
PrintTemplate();
/*
DPRINT((0,"InitPICE(): trace step 5\n"));
// ask the user if he wants to abort the debugger load
if(!CheckLoadAbort())
{
Print(OUTPUT_WINDOW,"pICE: ABORT (abort by user)\n");
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
*/
DPRINT((0,"InitPICE(): trace step 6\n"));
// load the file /boot/System.map.
// !!! It must be consistent with the current kernel at all cost!!!
if(!LoadExports())
{
Print(OUTPUT_WINDOW,"pICE: failed to load exports\n");
Print(OUTPUT_WINDOW,"press any key to continue...\n");
while(!GetKeyPolled());
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 7\n"));
ScanExports("_KernelAddressSpace", &ulAddr);
my_init_mm = (PMADDRESS_SPACE) ulAddr;
DPRINT((0,"init_mm %x @ %x\n",&my_init_mm,my_init_mm));
if(!my_init_mm)
{
Print(OUTPUT_WINDOW,"pICE: ABORT (initial memory map not found)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
DbgPrint("pICE: ABORT (initial memory map not found)\n");
DbgPrint("pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 7.1\n"));
ScanExports("_ModuleListHead",&ulAddr);
pModuleListHead = (LIST_ENTRY*)ulAddr;
DPRINT((0,"pModuleListHead @ %X\n",pModuleListHead));
if(!pModuleListHead)
{
Print(OUTPUT_WINDOW,"pICE: ABORT (pModuleListHead not found)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 7.2\n"));
ScanExports("_PsProcessListHead",&ulAddr);
pPsProcessListHead = (LIST_ENTRY*)ulAddr;
DPRINT((0,"pPsProcessListHead @ %X\n",pPsProcessListHead));
if(!pPsProcessListHead)
{
Print(OUTPUT_WINDOW,"pICE: ABORT (PsProcessListHead not found)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 8\n"));
// end of the kernel
/*
ScanExports("_end",(PULONG)&kernel_end);
if(!kernel_end)
{
Print(OUTPUT_WINDOW,"pICE: ABORT (kernel size is unknown)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadExports();
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
*/
DPRINT((0,"InitPICE(): trace step 9\n"));
// the loaded module list
ScanExports("_NameSpaceRoot", &ulAddr);
pNameSpaceRoot = (PDIRECTORY_OBJECT *)ulAddr;
DPRINT((0,"pNameSpaceRoot @ %X\n",pNameSpaceRoot));
if(!pNameSpaceRoot)
{
Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't retreive name space root)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadExports();
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 10\n"));
// setup a linked list for use in module parsing routines.
if(!InitModuleList(&pdebug_module_head, 100))
{
Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't initialize kernel module list)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
FreeModuleList( pdebug_module_head );
while(!GetKeyPolled());
UnloadExports();
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
pdebug_module_tail = pdebug_module_head;
DPRINT((0,"InitPICE(): trace step 11\n"));
// do a sanity check on exports
if(!SanityCheckExports())
{
Print(OUTPUT_WINDOW,"pICE: ABORT (exports are conflicting with kernel symbols)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadExports();
UnloadSymbols();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 12\n"));
DPRINT((0,"InitPICE(): trace step 13\n"));
// patch the keyboard driver
if(!PatchKeyboardDriver())
{
Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't patch keyboard driver)\n");
Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
while(!GetKeyPolled());
UnloadSymbols();
UnloadExports();
ConsoleShutdown();
LEAVE_FUNC();
return FALSE;
}
DPRINT((0,"InitPICE(): trace step 14\n"));
// partial init of shadow registers
CurrentCS = GLOBAL_CODE_SEGMENT;
CurrentEIP = (ULONG)RealIsr;
CurrentDS = CurrentSS = GLOBAL_DATA_SEGMENT;
__asm__("\n\t \
mov %%esp,%%eax\n\t \
mov %%eax,_CurrentESP\n\t \
":::"eax");
// display version and symbol information
Ver(NULL);
// disable HW breakpoints
__asm__("\n\t \
xorl %%eax,%%eax\n\t \
mov %%eax,%%dr6\n\t \
mov %%eax,%%dr7\n\t \
mov %%dr0,%%eax\n\t \
mov %%dr1,%%eax\n\t \
mov %%dr2,%%eax\n\t \
mov %%dr3,%%eax"
:::"eax"
);
DPRINT((0,"InitPICE(): trace step 15\n"));
TakeIdtSnapshot();
DPRINT((0,"InitPICE(): trace step 16\n"));
// install all hooks
InstallTraceHook();
InstallGlobalKeyboardHook();
InstallSyscallHook();
InstallInt3Hook();
InstallDblFltHook();
InstallGPFaultHook();
InstallIntEHook();
InstallPrintkHook();
DPRINT((0,"InitPICE(): trace step 16\n"));
if(ulDoInitialBreak)
{
DPRINT((0,"about to do initial break...\n"));
// simulate an initial break
__asm__("\n\t \
pushfl\n\t \
pushl %cs\n\t \
pushl $initialreturnpoint\n\t \
pushl $" STR(REASON_CTRLF) "\n\t \
jmp NewInt31Handler\n\t \
initialreturnpoint:");
}
else
{
