public string GetTypeNameFromSymbol(PdbSymbol type)
{
if (type == null)
{
return("");
}
PdbSymbolTag tag = type.SymTag;
string name = type.Name;
if (name != null)
{
return(name);
}
if (tag == PdbSymbolTag.PointerType)
{
return(GetTypeNameFromSymbol(type.Type) + "*");
}
else if (tag == PdbSymbolTag.BaseType)
{
ulong size = type.Length;
PdbSymbolBaseType baseType = type.BaseType;
switch (baseType)
{
case PdbSymbolBaseType.Char: return("char");
case PdbSymbolBaseType.WChar: return("char");
case PdbSymbolBaseType.Int: return(size == 2 ? "s16" : size == 4 ? "s32" : size == 8 ? "s64" : "");
case PdbSymbolBaseType.UInt: return(size == 2 ? "u16" : size == 4 ? "u32" : size == 8 ? "u64" : "");
case PdbSymbolBaseType.Float: return("float");
case PdbSymbolBaseType.Bool: return("bool");
case PdbSymbolBaseType.Long: return("s64");
case PdbSymbolBaseType.ULong: return("u64");
}
return("");
}
else if (tag == PdbSymbolTag.ArrayType)
{
}
else if (tag == PdbSymbolTag.FunctionType)
{
}
else if (tag == PdbSymbolTag.CustomType)
{
}
return("");
}
private void OnUpdateTasks()
{
// Get tasks
List <Task> tasks = new List <Task>();
Task firstTask = FirstTask.Object;
while (firstTask != null)
{
tasks.Add(firstTask);
firstTask = firstTask.Next;
}
// Refresh tasks panel
Task selectedTask = TaskList.SelectedItems.Count == 0 ? null : TaskList.SelectedItems[0].Tag as Task;
ListViewItem selectedItem = null;
TaskList.SuspendLayout();
TaskList.Items.Clear();
foreach (Task task in tasks)
{
uint eip = task.Eip;
uint esp = task.Esp;
uint taskId = task.Id;
ListViewItem taskItem = new ListViewItem(taskId.ToString());
taskItem.Tag = task;
taskItem.SubItems.Add("0x" + eip.ToString("X8"));
taskItem.SubItems.Add("0x" + esp.ToString("X8"));
if (selectedTask != null && selectedTask.Id == taskId)
{
selectedItem = taskItem;
}
PdbSymbol function = PdbSession.GetSymbolAtVirtualAddress(PdbSymbolTag.Function, eip);
if (function != null)
{
taskItem.SubItems.Add(function.Name);
}
TaskList.Items.Add(taskItem);
}
if (selectedItem != null)
{
TaskList.SelectedIndices.Add(TaskList.Items.IndexOf(selectedItem));
}
TaskList.ResumeLayout(true);
}
public Type GetTypeFromSymbol(PdbSymbol type)
{
PdbSymbolTag tag = type.SymTag;
if (tag == PdbSymbolTag.PointerType)
{
return(typeof(IntPtr));
}
else if (tag == PdbSymbolTag.BaseType)
{
ulong size = type.Length;
PdbSymbolBaseType baseType = type.BaseType;
switch (baseType)
{
case PdbSymbolBaseType.Char: return(typeof(char));
case PdbSymbolBaseType.WChar: return(typeof(char));
case PdbSymbolBaseType.Int: return(size == 2 ? typeof(short) : size == 4 ? typeof(int) : size == 8 ? typeof(long) : null);
case PdbSymbolBaseType.UInt: return(size == 2 ? typeof(ushort) : size == 4 ? typeof(uint) : size == 8 ? typeof(ulong) : null);
case PdbSymbolBaseType.Float: return(typeof(float));
case PdbSymbolBaseType.Bool: return(typeof(bool));
case PdbSymbolBaseType.Long: return(typeof(long));
case PdbSymbolBaseType.ULong: return(typeof(ulong));
}
return(null);
}
else if (tag == PdbSymbolTag.ArrayType)
{
}
else if (tag == PdbSymbolTag.FunctionType)
{
}
else if (tag == PdbSymbolTag.CustomType)
{
}
return(null);
}
private void LoadWrappers()
{
// Debugger symbols
debuggerAttachedField = PdbSession.Global.FindChildren(PdbSymbolTag.Null, "Debugger::attached").Single();
debuggerInitializeFunction = PdbSession.Global.FindChildren(PdbSymbolTag.Function, "Debugger::Initialize").Single();
debuggerBreakFunction = PdbSession.Global.FindChildren(PdbSymbolTag.Function, "System::Runtime::Debugger::Break").Single();
// Pofiler symbols
//profilerTraceFunction = PdbSession.Global.FindChildren(PdbSymbolTag.Function, "System::Runtime::Profiler::Trace").Single();
// Threading symbols
taskFirstField = PdbSession.Global.FindChildren(PdbSymbolTag.Null, "Task::First").Single();
taskKernelField = PdbSession.Global.FindChildren(PdbSymbolTag.Null, "Task::Kernel").Single();
taskCurrentField = PdbSession.Global.FindChildren(PdbSymbolTag.Null, "Task::Current").Single();
//processesField = PdbSession.Global.FindChildren(PdbSymbolTag.Null, "System::Runtime::Process::processes").Single();
// Build threading wrappers
FirstTask = new Pointer <Task>(Gdb.Memory, taskFirstField.VirtualAddress);
KernelTask = new Pointer <Task>(Gdb.Memory, taskKernelField.VirtualAddress);
CurrentTask = new Pointer <Task>(Gdb.Memory, taskCurrentField.VirtualAddress);
//Processes = new Collection<Pointer<Process>>(Gdb.Memory, processesField.VirtualAddress);
}
private void OnUpdateCallstack()
{
string selectedFrame = FrameList.SelectedItems.Count == 0 ? null : FrameList.SelectedItems[0].Text;
ListViewItem selectedItem = null;
FrameList.Items.Clear();
// Get selected task
Task selectedTask = TaskList.SelectedItems.Count == 0 ? null : TaskList.SelectedItems[0].Tag as Task;
CallstackLabel.Text = "Callstack" + (selectedTask == null ? "" : (" - Task #" + selectedTask.Id));
uint eip = selectedTask == null ? Gdb.Registers.Eip : selectedTask.Eip;
uint ebp = selectedTask == null ? Gdb.Registers.Ebp : selectedTask.Ebp;
// Add current method
{
PdbSymbol function = PdbSession.GetSymbolAtVirtualAddress(PdbSymbolTag.Function, eip);
if (function == null)
{
return;
}
Frame frame = new Frame(eip, ebp, function);
ulong pointer = function.VirtualAddress;
ListViewItem frameItem = new ListViewItem("0x" + pointer.ToString("X8"));
frameItem.Tag = frame;
frameItem.SubItems.Add(function.Name);
frameItem.SubItems.Add("0x" + (eip - pointer).ToString("X"));
FrameList.Items.Add(frameItem);
if (selectedFrame != null && selectedFrame == frameItem.Text)
{
selectedItem = frameItem;
}
}
uint stackPointer = ebp;
/*// Search first frame
* while (stackPointer < esp + 0x100)
* {
* // We found a stack pointer
* uint stackValue = Gdb.Memory.ReadUInt32(stackPointer);
* if ((stackValue & 0xFFFF0000) == (stackPointer & 0xFFFF0000))
* {
* // And this stack pointer leads to another one
* uint stackValueValue = Gdb.Memory.ReadUInt32(stackValue);
* if ((stackValueValue & 0xFFFF0000) == (stackPointer & 0xFFFF0000))
* {
* // Then stop, this should be the one :)
* break;
* }
* }
*
* stackPointer += 4;
* }*/
// Decode frames
while (true)
{
uint ebp2 = Gdb.Memory.ReadUInt32(stackPointer);
uint ret = Gdb.Memory.ReadUInt32(stackPointer + 4);
if (ret == 0)
{
break;
}
PdbSymbol function = PdbSession.GetSymbolAtVirtualAddress(PdbSymbolTag.Function, ret);
if (function == null)
{
break;
}
Frame frame = new Frame(ret, ebp2, function);
ulong pointer = function.VirtualAddress;
ListViewItem frameItem = new ListViewItem("0x" + pointer.ToString("X8"));
frameItem.Tag = frame;
frameItem.SubItems.Add(function.Name);
frameItem.SubItems.Add("0x" + (ret - pointer).ToString("X"));
FrameList.Items.Add(frameItem);
if (selectedFrame != null && selectedFrame == frameItem.Text)
{
selectedItem = frameItem;
}
stackPointer = ebp2;
}
if (selectedItem != null)
{
FrameList.SelectedIndices.Add(FrameList.Items.IndexOf(selectedItem));
}
}
public Frame(uint eip, uint ebp, PdbSymbol function)
{
Eip = eip;
Ebp = ebp;
Function = function;
}
private void OnUpdateVariables()
{
VariableList.Items.Clear();
Task selectedTask = TaskList.SelectedItems.Count == 0 ? null : TaskList.SelectedItems[0].Tag as Task;
Frame selectedFrame = FrameList.SelectedItems.Count == 0 ? null : FrameList.SelectedItems[0].Tag as Frame;
VariablesLabel.Text = "Variables";
if (selectedTask != null)
{
VariablesLabel.Text += " - Task #" + selectedTask.Id;
}
if (selectedFrame != null)
{
VariablesLabel.Text += " - " + selectedFrame.Function.Name;
}
uint eip = selectedFrame != null ? selectedFrame.Eip : selectedTask != null ? selectedTask.Eip : Gdb.Registers.Eip;
uint ebp = selectedFrame != null ? selectedFrame.Ebp : selectedTask != null ? selectedTask.Ebp : Gdb.Registers.Ebp;
PdbSymbol function = PdbSession.GetSymbolAtVirtualAddress(PdbSymbolTag.Function, eip);
if (function == null)
{
return;
}
foreach (PdbSymbol variable in function.FindChildren(PdbSymbolTag.Data))
{
ListViewItem variableItem = new ListViewItem(variable.Name);
PdbSymbol variableType = variable.Type;
if (variableType == null)
{
continue;
}
int offset = variable.Offset;
ulong size = variableType.Length;
byte[] buffer = new byte[size];
Gdb.Memory.Read((ulong)(ebp + offset), buffer, 0, (int)size);
Type type = GetTypeFromSymbol(variableType);
string typeName = GetTypeNameFromSymbol(variableType);
string value = "";
if (type == null)
{
value = "";
}
else if (type == typeof(string))
{
value = "{ String }";
}
else if (type == typeof(bool))
{
value = buffer[0] != 0 ? "true" : "false";
}
else if (type == typeof(sbyte))
{
value = ((sbyte)buffer[0]).ToString();
}
else if (type == typeof(byte))
{
value = buffer[0].ToString();
}
else if (type == typeof(short))
{
value = BitConverter.ToInt16(buffer, 0).ToString();
}
else if (type == typeof(ushort))
{
value = BitConverter.ToUInt16(buffer, 0).ToString();
}
else if (type == typeof(int))
{
value = BitConverter.ToInt32(buffer, 0).ToString();
}
else if (type == typeof(uint))
{
value = BitConverter.ToUInt32(buffer, 0).ToString();
}
else if (type == typeof(long))
{
value = BitConverter.ToInt64(buffer, 0).ToString();
}
else if (type == typeof(ulong))
{
value = BitConverter.ToUInt64(buffer, 0).ToString();
}
else if (typeName == "char*")
{
value = "\"" + ReadCString(BitConverter.ToUInt32(buffer, 0)) + "\"";
}
else if (typeName == "String*")
{
value = "\"" + ReadString(BitConverter.ToUInt32(buffer, 0)) + "\"";
}
else if (type == typeof(IntPtr))
{
value = "0x" + BitConverter.ToUInt32(buffer, 0).ToString("x8");
}
variableItem.SubItems.Add(value);
variableItem.SubItems.Add(typeName);
variableItem.SubItems.Add(string.Join(" ", buffer.Select(b => b.ToString("X2"))));
VariableList.Items.Add(variableItem);
}
}
public Frame(uint eip, uint ebp, PdbSymbol function)
{
Eip = eip;
Ebp = ebp;
Function = function;
}
public Type GetTypeFromSymbol(PdbSymbol type)
{
PdbSymbolTag tag = type.SymTag;
if (tag == PdbSymbolTag.PointerType)
return typeof(IntPtr);
else if (tag == PdbSymbolTag.BaseType)
{
ulong size = type.Length;
PdbSymbolBaseType baseType = type.BaseType;
switch (baseType)
{
case PdbSymbolBaseType.Char: return typeof(char);
case PdbSymbolBaseType.WChar: return typeof(char);
case PdbSymbolBaseType.Int: return size == 2 ? typeof(short) : size == 4 ? typeof(int) : size == 8 ? typeof(long) : null;
case PdbSymbolBaseType.UInt: return size == 2 ? typeof(ushort) : size == 4 ? typeof(uint) : size == 8 ? typeof(ulong) : null;
case PdbSymbolBaseType.Float: return typeof(float);
case PdbSymbolBaseType.Bool: return typeof(bool);
case PdbSymbolBaseType.Long: return typeof(long);
case PdbSymbolBaseType.ULong: return typeof(ulong);
}
return null;
}
else if (tag == PdbSymbolTag.ArrayType)
{
}
else if (tag == PdbSymbolTag.FunctionType)
{
}
else if (tag == PdbSymbolTag.CustomType)
{
}
return null;
}
private void LoadWrappers()
{
// Debugger symbols
debuggerAttachedField = PdbSession.Global.FindChildren(PdbSymbolTag.Null, "Debugger::attached").Single();
debuggerBreakFunction = PdbSession.Global.FindChildren(PdbSymbolTag.Function, "Debugger::Break").Single();
}
public string GetTypeNameFromSymbol(PdbSymbol type)
{
if (type == null)
return "";
PdbSymbolTag tag = type.SymTag;
string name = type.Name;
if (name != null)
return name;
if (tag == PdbSymbolTag.PointerType)
return GetTypeNameFromSymbol(type.Type) + "*";
else if (tag == PdbSymbolTag.BaseType)
{
ulong size = type.Length;
PdbSymbolBaseType baseType = type.BaseType;
switch (baseType)
{
case PdbSymbolBaseType.Char: return "char";
case PdbSymbolBaseType.WChar: return "char";
case PdbSymbolBaseType.Int: return size == 2 ? "s16" : size == 4 ? "s32" : size == 8 ? "s64" : "";
case PdbSymbolBaseType.UInt: return size == 2 ? "u16" : size == 4 ? "u32" : size == 8 ? "u64" : "";
case PdbSymbolBaseType.Float: return "float";
case PdbSymbolBaseType.Bool: return "bool";
case PdbSymbolBaseType.Long: return "s64";
case PdbSymbolBaseType.ULong: return "u64";
}
return "";
}
else if (tag == PdbSymbolTag.ArrayType)
{
}
else if (tag == PdbSymbolTag.FunctionType)
{
}
else if (tag == PdbSymbolTag.CustomType)
{
}
return "";
}
