Skip to content
Permalink
Browse files

restructuring; tests are OK

  • Loading branch information...
DennisYurichev committed Aug 3, 2019
1 parent 00daaf2 commit 66054e190771709bbb781b36d3f9367d4875664e
Showing with 106 additions and 89 deletions.
  1. +1 −0 BPX.c
  2. +4 −1 Makefile.msvc
  3. +1 −0 cycle.c
  4. +92 −0 drx.c
  5. +5 −0 drx.h
  6. +1 −0 module.c
  7. +2 −0 tracer.c
  8. +0 −85 utils.c
  9. +0 −3 utils.h
1 BPX.c
@@ -24,6 +24,7 @@
#include "X86_register_helpers.h"
#include "process.h"
#include "fmt_utils.h"
#include "drx.h"

void BPX_option_free(struct BPX_option *o)
{
@@ -1,7 +1,7 @@
OPTIONS=$(TMP123) /Zi $(TMP125) /DRE_USE_MALLOC /I../../octothorpe /I../../porg /I../../x86_disasm /I../../bolt
OBJECTS=BP.obj BPF.obj BPM.obj BPX.obj bp_address.obj cc.obj cc_tests.obj cycle.obj lex.yy.obj module.obj one_time_INT3_BP.obj \
opts_parse.tab.obj opts_test.obj process.obj SEH.obj symbol.obj thread.obj utils.obj heap.obj ins_inputs.obj \
dep_analyzer.obj
dep_analyzer.obj drx.obj

SRC_PATH=..

@@ -79,6 +79,9 @@ thread.obj: $(SRC_PATH)\thread.c $(SRC_PATH)\thread.h
utils.obj: $(SRC_PATH)\utils.c $(SRC_PATH)\utils.h
cl $(SRC_PATH)\utils.c /c $(OPTIONS)

drx.obj: $(SRC_PATH)\drx.c $(SRC_PATH)\drx.h
cl $(SRC_PATH)\drx.c /c $(OPTIONS)

clean:
del *.obj
del *.exe
@@ -41,6 +41,7 @@
#include "SEH.h"
#include "fmt_utils.h"
#include "memutils.h"
#include "drx.h"

bool detaching=false;

92 drx.c
@@ -0,0 +1,92 @@
#include <windows.h>
#include "thread.h"
#include "BP.h"
#include "bp_address.h"
#include "logging.h"
#include "opts_aux.h"
#include "fmt_utils.h"
#include "oassert.h"

void set_or_update_DRx_breakpoint(struct BP *bp, CONTEXT *ctx, unsigned DRx_no)
{
oassert (bp->a->resolved);
if (verbose>0)
{
strbuf sb=STRBUF_INIT;
address_to_string(bp->a, &sb);
L ("%s(): begin. setting DRx-breakpoint %d for %s at 0x" PRI_ADR_HEX "\n", __func__, DRx_no, sb.buf, bp->a->abs_address);
strbuf_deinit (&sb);
};

if ((bp->t==BP_type_BPF && bp->u.bpf->drx==false) || bp->t==BP_type_BPX)
CONTEXT_setDRx_and_DR7 (ctx, DRx_no, bp->a->abs_address);
else if (bp->t==BP_type_BPM)
BPM_set_or_update_DRx_breakpoint(bp->u.bpm, bp->a->abs_address, DRx_no, ctx);
else
{
oassert(0);
fatal_error();
};

if (verbose>0)
L ("%s() end\n", __func__);
};

void set_or_update_DRx_for_thread(struct thread *t, struct BP *bp, unsigned DRx_no)
{
CONTEXT ctx;
ctx.ContextFlags = CONTEXT_ALL;
DWORD rt;
rt=GetThreadContext (t->THDL, &ctx); oassert (rt!=FALSE);

if (verbose>0)
L ("%s() going to call set_or_update_DRx_breakpoint for TID %d\n", __func__, t->TID);
set_or_update_DRx_breakpoint(bp, &ctx, DRx_no);

rt=SetThreadContext (t->THDL, &ctx); oassert (rt!=FALSE);
};

void set_or_update_all_DRx_breakpoints(struct process *p)
{
if (verbose>0)
L ("%s() begin\n", __func__);

// enum all breakpoints, pick out a->resolved ones
for (unsigned DRx_no=0; DRx_no<4; DRx_no++)
{
struct BP *bp=breakpoints[DRx_no];
if (bp)
{
//L ("%s() DRx_breakpoints[%d]=0x%p\n", __func__, DRx_no, bp);
}
else
{
if (verbose>0)
L ("%s() breakpoints[%d]==NULL\n", __func__, DRx_no);
continue;
};

//dump_BP (bp);

if (bp->a->resolved==false)
{
if (verbose>0)
L ("%s() breakpoints[%d]->a->resolved==false\n", __func__, DRx_no);
continue;
};

if (load_filename && p->we_are_loading_and_OEP_was_executed==false)
{
if (verbose>0)
L ("%s() p->we_are_loading_and_OEP_was_executed==false\n", __func__);
continue;
};
for (struct rbtree_node_t *_t=rbtree_minimum(p->threads); _t; _t=rbtree_succ(_t))
{
struct thread *t=(struct thread*)(_t->value);
set_or_update_DRx_for_thread (t, bp, DRx_no);
};
};
if (verbose>0)
L ("%s() end\n", __func__);
};
5 drx.h
@@ -0,0 +1,5 @@
#pragma once

void set_or_update_DRx_for_thread(struct thread *t, struct BP *bp, unsigned DRx_no);
void set_or_update_DRx_breakpoint(struct BP *bp, CONTEXT *ctx, unsigned DRx_no);
void set_or_update_all_DRx_breakpoints(struct process *p);
@@ -39,6 +39,7 @@
#include "fmt_utils.h"
#include "memutils.h"
#include "dep_analyzer.h"
#include "drx.h"

static address module_translate_adr_to_abs_address(struct module *m, address original_adr)
{
@@ -54,6 +54,7 @@ void help_and_exit()
printf ("\n");
printf ("<bpf_option>:\n");
printf ("\n");
printf ("drx - use DRx-type BP instead of INT3\n");
printf ("args:<n> - number of arguments to be dumped\n");
printf ("dump_args:size - try to dump each argument as a pointer to buffer with size of <size>\n");
printf ("trace:cc - turn on code coverage facility for this function)\n");
@@ -76,6 +77,7 @@ void help_and_exit()
printf ("\n");
printf ("<bpx_option>:\n");
printf ("\n");
printf ("drx - use DRx-type BP instead of INT3 (TBD)\n");
printf ("dump(<address>|<register>,<size>) - dump memory block\n");
printf ("set(<register>,<value>) - set register to value. FPU registers (STx) allowed\n");
printf ("copy(<address|register>,\"<C string>\") - copy C string to memory at address\n");
85 utils.c
@@ -46,91 +46,6 @@ void dump_TID_if_need(struct process *p, struct thread *t)
L ("TID=%d|", t->TID);
};

// FIXME: find another place for this function
void set_or_update_DRx_breakpoint(struct BP *bp, CONTEXT *ctx, unsigned DRx_no)
{
oassert (bp->a->resolved);
if (verbose>0)
{
strbuf sb=STRBUF_INIT;
address_to_string(bp->a, &sb);
L ("%s(): begin. setting DRx-breakpoint %d for %s at 0x" PRI_ADR_HEX "\n", __func__, DRx_no, sb.buf, bp->a->abs_address);
strbuf_deinit (&sb);
};

if ((bp->t==BP_type_BPF && bp->u.bpf->drx==false) || bp->t==BP_type_BPX)
CONTEXT_setDRx_and_DR7 (ctx, DRx_no, bp->a->abs_address);
else if (bp->t==BP_type_BPM)
BPM_set_or_update_DRx_breakpoint(bp->u.bpm, bp->a->abs_address, DRx_no, ctx);
else
{
oassert(0);
fatal_error();
};

if (verbose>0)
L ("%s() end\n", __func__);
};

void set_or_update_DRx_for_thread(struct thread *t, struct BP *bp, unsigned DRx_no)
{
CONTEXT ctx;
ctx.ContextFlags = CONTEXT_ALL;
DWORD rt;
rt=GetThreadContext (t->THDL, &ctx); oassert (rt!=FALSE);

if (verbose>0)
L ("%s() going to call set_or_update_DRx_breakpoint for TID %d\n", __func__, t->TID);
set_or_update_DRx_breakpoint(bp, &ctx, DRx_no);

rt=SetThreadContext (t->THDL, &ctx); oassert (rt!=FALSE);
};

void set_or_update_all_DRx_breakpoints(struct process *p)
{
if (verbose>0)
L ("%s() begin\n", __func__);

// enum all breakpoints, pick out a->resolved ones
for (unsigned DRx_no=0; DRx_no<4; DRx_no++)
{
struct BP *bp=breakpoints[DRx_no];
if (bp)
{
//L ("%s() DRx_breakpoints[%d]=0x%p\n", __func__, DRx_no, bp);
}
else
{
if (verbose>0)
L ("%s() breakpoints[%d]==NULL\n", __func__, DRx_no);
continue;
};

//dump_BP (bp);

if (bp->a->resolved==false)
{
if (verbose>0)
L ("%s() breakpoints[%d]->a->resolved==false\n", __func__, DRx_no);
continue;
};

if (load_filename && p->we_are_loading_and_OEP_was_executed==false)
{
if (verbose>0)
L ("%s() p->we_are_loading_and_OEP_was_executed==false\n", __func__);
continue;
};
for (struct rbtree_node_t *_t=rbtree_minimum(p->threads); _t; _t=rbtree_succ(_t))
{
struct thread *t=(struct thread*)(_t->value);
set_or_update_DRx_for_thread (t, bp, DRx_no);
};
};
if (verbose>0)
L ("%s() end\n", __func__);
};

bool MC_disas(address a, struct MemoryCache *mc, struct Da* out)
{
if (verbose>0)
@@ -21,9 +21,6 @@

void dump_PID_if_need(struct process *p);
void dump_TID_if_need(struct process *p, struct thread *t);
void set_or_update_DRx_for_thread(struct thread *t, struct BP *bp, unsigned DRx_no);
void set_or_update_DRx_breakpoint(struct BP *bp, CONTEXT *ctx, unsigned DRx_no);
void set_or_update_all_DRx_breakpoints(struct process *p);
bool MC_disas(address a, struct MemoryCache *mc, struct Da* out);
void dump_buf_as_array_of_strings(struct MemoryCache *mc, address a, size_t size);
bool read_REG_from_stack (struct MemoryCache *mc, CONTEXT *ctx, int idx, REG * out);

0 comments on commit 66054e1

Please sign in to comment.
You can’t perform that action at this time.