418 lines
16 KiB
Plaintext
418 lines
16 KiB
Plaintext
This is the core of the Wine debugger. The reverse assember
|
||
was stolen from Mach more or less intact. It turns out that there are
|
||
two variables that are set differently if you are reverse assembling
|
||
16 bit code, and on the whole it seems to work.
|
||
|
||
NEWS:
|
||
|
||
The internal debugger has *tons* more capability than it did before.
|
||
I have enclosed some examples that show usage at the end of this file.
|
||
New features include:
|
||
|
||
1) Ability of debugger to read debug information from wine executable
|
||
*and* from Win32 executables. Local variable and line number information is
|
||
also read and processed.
|
||
|
||
2) The internal debugger is capable of 'stepping' to the next
|
||
line number, just like gdb. Examples of the commands are:
|
||
|
||
step
|
||
stepi
|
||
si
|
||
step 3
|
||
si 5
|
||
next
|
||
nexti
|
||
cont 4
|
||
finish
|
||
|
||
All of these should be exactly like how gdb does things.
|
||
|
||
3) The internal debugger now has a sense of what source file and line
|
||
number a given PC is at. New commands to support this are just like gdb,
|
||
and include:
|
||
|
||
list
|
||
dir
|
||
show dir
|
||
|
||
there are a variety of formats of arguments for the list command. All
|
||
permutations supported by gdb should also be supported.
|
||
|
||
4) The internal debugger knows about datatypes of various objects,
|
||
for both Win32 *and* the debugging information in the wine executable itself.
|
||
I have enclosed an example of how this works at the end.
|
||
|
||
5) There are more ways the 'b' command can be used to set breakpoints.
|
||
Examples are:
|
||
|
||
b *0x8190000
|
||
b 1100
|
||
b Usage
|
||
b
|
||
|
||
I don't think this covers all of the permutations that gdb accepts (this should
|
||
be cleaned up someday so that all possibilities are acceptable).
|
||
|
||
6) The 'print' and 'x' commands should behave more or less exactly
|
||
as they do under gdb. The difference is that the way the data is presented
|
||
will be slightly different, but the content should be fundamentally the same.
|
||
|
||
7) The internal debugger now supports conditional breakpoints, and
|
||
automatic display expressions. An example is at the end of this file. The
|
||
syntax and usage should be identical to that of gdb.
|
||
|
||
8) Type casts can be made from within the debugger, but they currently
|
||
don't work with typedef'ed types. They only work with builtin types and
|
||
named structures unions, etc. The problem is that internally we don't always
|
||
record the typedefed names of structures, so we have no guarantee that we
|
||
would know what each type is. This can be fixed, of course - it just takes
|
||
more memory. Note that in some cases, typedefed structures could be cast
|
||
using '(struct typedfname)' instead of '(typedfname)'. Technically this
|
||
isn't quite correct, but if and when the rest of this stuff gets fixed,
|
||
this would need to get corrected too.
|
||
|
||
NOTES:
|
||
|
||
If it weren't for the fact that gdb doesn't grok the Win32 debug
|
||
information, you could just use gdb. The internal debugger should be able
|
||
to read and use debugging information for both Win32 and also for the
|
||
Wine executable, making it possible to debug the combination of the two
|
||
together as if it were one large (very large) entity.
|
||
|
||
LIMITATIONS AND DIFFERENCES FROM GDB:
|
||
|
||
You cannot set a breakpoint by file and line number as you can
|
||
with gdb. Adding support for this wouldn't be all that tough, I guess, but
|
||
it would be a nuisance. You can set a breakpoint given a function and
|
||
line number, however. An example would be 'b main:2993'. It turns out
|
||
that the way the internal data structures are arranged it is a whole lot
|
||
easier to do things in this way than it would be to try and get the
|
||
source:line type of breakpoint working, but it would probably be worth it
|
||
to try.
|
||
|
||
Getting stack traces through Wine itself can be a bit tricky.
|
||
This is because by default the thing is built with optimization
|
||
enabled, and as a result sometimes functions don't get frames, and
|
||
lots of variables are optimized into registers. You can turn off
|
||
optimization for a few key source files if it will help you.
|
||
|
||
Memory consumption is getting to be a real problem. I think 32Mb is
|
||
no longer sufficient to debug wine - 48 or 64 is probably a whole lot better.
|
||
Unfortunately I cannot shut down X to save memory :-).
|
||
|
||
*************************************************************************
|
||
EXAMPLES:
|
||
|
||
Here is an example of how I tracked down a bug in Wine. The program
|
||
is something that just maps and dumps the contents of a Win32 executable.
|
||
It was dying for some reason.
|
||
|
||
Start the first time through.
|
||
|
||
bash$ ls -l dumpexe.exe
|
||
-rw-rw-r-- 1 eric devel 168448 Jan 4 13:51 dumpexe.exe
|
||
bash$ ./wine -debug './dumpexe.exe -symbol ./dumpexe.exe'
|
||
Warning: invalid dir 'e:\test' in path, deleting it.
|
||
Win32 task 'W32SXXXX': Breakpoint 1 at 0x081a3450
|
||
Loading symbols from ELF file ./wine...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libXpm.so.4.6...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libSM.so.6.0...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libICE.so.6.0...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libXext.so.6.0...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libX11.so.6.0...
|
||
Loading symbols from ELF file /lib/libm.so.5.0.5...
|
||
Loading symbols from ELF file /lib/libc.so.5.2.18...
|
||
Loading symbols from ELF file /lib/ld-linux.so.1...
|
||
Loading symbols from Win32 file ./dumpexe.exe...
|
||
Stopped on breakpoint 1 at 0x081a3450 (_mainCRTStartup)
|
||
In 32 bit mode.
|
||
*** Invalid address 0x414c5ff8 (KERNEL32_NULL_THUNK_DATA+0x3930ee6c)
|
||
0x081a3450 (_mainCRTStartup): movl %fs:0,%eax
|
||
Wine-dbg>b DumpFile
|
||
Breakpoint 2 at 0x081a0078 (DumpFile+0x9 [dumpexe.c:2723])
|
||
Wine-dbg>c
|
||
Dump File: ./dumpexe.exe
|
||
Stopped on breakpoint 2 at 0x081a0078 (DumpFile+0x9 [dumpexe.c:2723])
|
||
Enter path to file dumpexe.c: ../de
|
||
2723 HANDLE hFile = NULL;
|
||
0x081a0078 (DumpFile+0x9 [dumpexe.c:2723]): movl $0x0,0xfffffff4(%ebp)
|
||
Wine-dbg>list
|
||
2723 HANDLE hFile = NULL;
|
||
2724 HANDLE hMap = NULL;
|
||
2725 PSTR lpMap = NULL;
|
||
2726 DWORD dwFileSize = 0;
|
||
2727 DWORD dwFileSizeHigh = 0;
|
||
2728
|
||
2729 PIMAGE_DOS_HEADER lpImageDOS = NULL;
|
||
2730 PIMAGE_FILE_HEADER lpImageFile = NULL;
|
||
2731 PIMAGE_NT_HEADERS lpImageNT = NULL;
|
||
2732
|
||
2733 /*
|
||
Wine-dbg>n 10
|
||
2747 dwFileSize = GetFileSize(hFile, &dwFileSizeHigh);
|
||
0x081a00ea (DumpFile+0x7b [dumpexe.c:2747]): leal 0xfffffff0(%ebp),%eax
|
||
Wine-dbg>n
|
||
2749 && (GetLastError() != NO_ERROR) )
|
||
0x081a00fb (DumpFile+0x8c [dumpexe.c:2749]): cmpl $-1,0xffffffe8(%ebp)
|
||
Wine-dbg>x/d dwFileSize
|
||
x/d dwFileSize
|
||
168448
|
||
Wine-dbg>n
|
||
2758 PAGE_READONLY, 0, 0, (LPSTR) NULL);
|
||
0x081a0124 (DumpFile+0xb5 [dumpexe.c:2758]): pushl $0x0
|
||
Wine-dbg>list 2750
|
||
list 2750
|
||
2750 {
|
||
2751 Fatal("Cannot get size of file %s", lpFileName);
|
||
2752 }
|
||
2753
|
||
2754 /*
|
||
2755 * map the file
|
||
2756 */
|
||
2757 hMap = CreateFileMapping(hFile, (LPSECURITY_ATTRIBUTES) NULL,
|
||
2758 PAGE_READONLY, 0, 0, (LPSTR) NULL);
|
||
2759 if( hMap == NULL )
|
||
2760 {
|
||
Wine-dbg>n
|
||
2759 if( hMap == NULL )
|
||
0x081a013b (DumpFile+0xcc [dumpexe.c:2759]): cmpl $0,0xfffffffc(%ebp)
|
||
Wine-dbg>x hMap
|
||
08e48c30
|
||
Wine-dbg>n
|
||
2767 lpMap = (LPSTR) MapViewOfFile(hMap, FILE_MAP_READ, 0, 0, 0);
|
||
0x081a0156 (DumpFile+0xe7 [dumpexe.c:2767]): pushl $0x0
|
||
Wine-dbg>n
|
||
2768 if( lpMap == NULL )
|
||
0x081a016b (DumpFile+0xfc [dumpexe.c:2768]): cmpl $0,0xffffffe0(%ebp)
|
||
Wine-dbg>print lpMap
|
||
0x414c5f40
|
||
Wine-dbg>x lpMap
|
||
40007000
|
||
Wine-dbg> x/10x 0x40007000
|
||
x/10x 0x40007000
|
||
0x40007000 (KERNEL32_NULL_THUNK_DATA+0x37e4fe74): *** Invalid address 0x40007000 (KERNEL32_NULL_THUNK_DATA+0x37e4fe74)
|
||
Wine-dbg>quit
|
||
$
|
||
|
||
*******************************************************************
|
||
The first time through, we find that MapViewOfFile isn't mapping the file
|
||
correctly into the virtual address space. Try running again, and step into
|
||
MapViewOfFile to figure out what went wrong.
|
||
*******************************************************************
|
||
|
||
|
||
bash$ ./wine -debug './dumpexe.exe -symbol ./dumpexe.exe'
|
||
Warning: invalid dir 'e:\test' in path, deleting it.
|
||
Win32 task 'W32SXXXX': Breakpoint 1 at 0x081a3450
|
||
Loading symbols from ELF file ./wine...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libXpm.so.4.6...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libSM.so.6.0...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libICE.so.6.0...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libXext.so.6.0...
|
||
Loading symbols from ELF file /usr/X11R6/lib/libX11.so.6.0...
|
||
Loading symbols from ELF file /lib/libm.so.5.0.5...
|
||
Loading symbols from ELF file /lib/libc.so.5.2.18...
|
||
Loading symbols from ELF file /lib/ld-linux.so.1...
|
||
Loading symbols from Win32 file ./dumpexe.exe...
|
||
Stopped on breakpoint 1 at 0x081a3450 (_mainCRTStartup)
|
||
In 32 bit mode.
|
||
*** Invalid address 0x414c5ff8 (KERNEL32_NULL_THUNK_DATA+0x3930ee6c)
|
||
0x081a3450 (_mainCRTStartup): movl %fs:0,%eax
|
||
Wine-dbg>b DumpFile:2767
|
||
Breakpoint 2 at 0x081a0156 (DumpFile+0xe7 [dumpexe.c:2767])
|
||
Wine-dbg>c
|
||
Dump File: ./dumpexe.exe
|
||
Stopped on breakpoint 2 at 0x081a0156 (DumpFile+0xe7 [dumpexe.c:2767])
|
||
Enter path to file dumpexe.c: ../de
|
||
2767 lpMap = (LPSTR) MapViewOfFile(hMap, FILE_MAP_READ, 0, 0, 0);
|
||
0x081a0156 (DumpFile+0xe7 [dumpexe.c:2767]): pushl $0x0
|
||
Wine-dbg>step
|
||
390 0385 stdcall MapViewOfFile(long long long long long) MapViewOfFile
|
||
0x080d793c (KERNEL32_385 [kernel32.spec:390]): pushl %ebp
|
||
Wine-dbg>step
|
||
223 if (!debugging_relay) return;
|
||
0x080c83dc (RELAY_DebugCallFrom32+0xc [relay.c:223]): cmpw $0,0x644a
|
||
Wine-dbg>
|
||
244 }
|
||
0x080c848e (RELAY_DebugCallFrom32+0xbe [relay.c:244]): leal 0xfffffff4(%ebp),%esp
|
||
Wine-dbg>
|
||
103 return MapViewOfFileEx(handle,access,offhi,offlo,size,0);
|
||
0x080911a4 (MapViewOfFile+0x14 [file.c:103]): pushl $0x0
|
||
Wine-dbg>
|
||
113 FILEMAP_OBJECT *fmap = (FILEMAP_OBJECT*)handle;
|
||
0x080911cf (MapViewOfFileEx+0xf [file.c:113]): movl 0x8(%ebp),%esi
|
||
Wine-dbg>n
|
||
115 if (!size) size = fmap->size;
|
||
0x080911d2 (MapViewOfFileEx+0x12 [file.c:115]): testl %ebx,%ebx
|
||
Wine-dbg>list
|
||
list
|
||
115 if (!size) size = fmap->size;
|
||
116 if (!size) size = 1;
|
||
117 return mmap ((caddr_t)st, size, fmap->prot,
|
||
118 MAP_ANON|MAP_PRIVATE,
|
||
119 FILE_GetUnixHandle(fmap->hfile),
|
||
120 offlo);
|
||
121 }
|
||
122
|
||
123 /***********************************************************************
|
||
124 * UnmapViewOfFile (KERNEL32.385)
|
||
125 */
|
||
Wine-dbg>x size
|
||
00000000
|
||
Wine-dbg>n
|
||
116 if (!size) size = 1;
|
||
0x080911d9 (MapViewOfFileEx+0x19 [file.c:116]): testl %ebx,%ebx
|
||
Wine-dbg>x size
|
||
00000000
|
||
Wine-dbg>n
|
||
117 return mmap ((caddr_t)st, size, fmap->prot,
|
||
0x080911e2 (MapViewOfFileEx+0x22 [file.c:117]): pushl %eax
|
||
Wine-dbg>x size
|
||
00000000
|
||
Wine-dbg>info local
|
||
MapViewOfFileEx:handle == 0x08e48c90
|
||
MapViewOfFileEx:access == 0x00000004
|
||
MapViewOfFileEx:offhi == 0x00000000
|
||
MapViewOfFileEx:offlo == 0x00000000
|
||
MapViewOfFileEx:size == 0x00000000
|
||
MapViewOfFileEx:st == 0x00000000
|
||
MapViewOfFileEx:offlo optimized into register $eax
|
||
MapViewOfFileEx:size optimized into register $ebx
|
||
MapViewOfFileEx:st optimized into register $edi
|
||
MapViewOfFileEx:fmap optimized into register $esi
|
||
Wine-dbg>print $ebx
|
||
0x0001
|
||
Wine-dbg>bt
|
||
bt
|
||
Backtrace:
|
||
=>0 0x080911e2 (MapViewOfFileEx+0x22 [file.c:117])
|
||
1 0x080911b0 (MapViewOfFile+0x20(handle=0x8e48c90, access=0x4, offhi=0x0, offlo=0x0, size=0x0) [file.c:104])
|
||
2 0x08104ab5 (CallFrom32_stdcall_5+0x25 [callfrom32.s])
|
||
3 0x081a0168 (DumpFile+0xf9(lpFileName=0x414c61ed) [dumpexe.c:2767])
|
||
4 0x081a0c35 (main+0x410(argc=0x3, argv=0x414c61cc) [dumpexe.c:3078])
|
||
5 0x081a3514 (_mainCRTStartup+0xc4)
|
||
6 0x0810549f (Code_Start+0x13 [callto32.s])
|
||
7 0x0802fdac (TASK_CallToStart+0x8c [task.c:373])
|
||
|
||
Wine-dbg>
|
||
|
||
*******************************************************************
|
||
Notice that you can step through the thunks into our own transfer
|
||
routines. You will notice that the source line displays as something
|
||
like:
|
||
|
||
390 0385 stdcall MapViewOfFile(long long long long long) MapViewOfFile
|
||
|
||
This is just the source line from the spec file that caused the transfer
|
||
routine to be generated. From this you can step again, and you step
|
||
into the relay logging code - keep stepping and you eventually step into
|
||
the actual function that does the dirty work.
|
||
|
||
At this point an examination of the source to the Win32 program
|
||
and an examination of the source to win32/file.s showed where the problem
|
||
was. When you specify 0 for the size of the object in CreateFileMapping,
|
||
it is supposed to use the entire size of the file as the size of the
|
||
object. Instead we were just blindly copying the number over.
|
||
|
||
*******************************************************************
|
||
|
||
Wine-dbg>b main
|
||
Breakpoint 1 at 0x080108c0 (main [dbgmain.c:213])
|
||
Wine-dbg>print breakpoints[1]
|
||
{addr={type=0x08043000, seg=0, off=134285504}, addrlen=' ', opcode='U', enabled=1, skipcount=0, in_use=1}
|
||
|
||
Wine-dbg> print breakpoints[1].enabled
|
||
1
|
||
Wine-dbg>set breakpoints[0].enabled = 0
|
||
Wine-dbg>print breakpoints[0].enabled
|
||
0
|
||
|
||
Wine-dbg>print type_hash_table[1]->type
|
||
STRUCT
|
||
|
||
Wine-dbg>print type_hash_table[1]
|
||
0x08072020
|
||
Wine-dbg>print *type_hash_table[1]
|
||
print *type_hash_table[1]
|
||
{type=STRUCT, next=0x00000000, name="LOGPALETTE", un={basic={basic_type=8, output_format="<22>V<08>M", basic_size=-128, b_signed=0}, bitfield={bitoff=8, nbits=0, basetype=0x081d56c0}, pointer={pointsto=0x00000008}, funct={rettype=0x00000008}, array={start=8, end=136140480, basictype=0x08043e80}, structure={size=8, members=0x081d56c0}, enumeration={members=0x00000008}}}
|
||
Wine-dbg>
|
||
|
||
*******************************************************************
|
||
|
||
This example shows how you can print out various data structures.
|
||
Note that enumerated types are displayed in the symbolic form, and strings
|
||
are displayed in the expected manner.
|
||
|
||
You can use the set command to set more or less anything. Note
|
||
however that you cannot use enumerated types on the RHS of the expression.
|
||
|
||
*******************************************************************
|
||
|
||
|
||
Wine-dbg>list
|
||
2986 if( argc <= 1 )
|
||
2987 {
|
||
2988 Usage(argv[0]);
|
||
2989 }
|
||
2990
|
||
2991 for( i = 1; i < argc; i++ )
|
||
2992 {
|
||
2993 if( strncmp(argv[i], "-dos", sizeof("-dos") - 1) == 0 )
|
||
2994 {
|
||
2995 DmpCtrl.bDumpDOSHeader = TRUE;
|
||
2996 }
|
||
Wine-dbg>b 2993
|
||
Breakpoint 3 at 0x081a8861 (main+0x3c [dumpexe.c:2993])
|
||
Wine-dbg>condition 3 i == 2
|
||
Wine-dbg>c
|
||
Stopped on breakpoint 3 at 0x081a8861 (main+0x3c [dumpexe.c:2993])
|
||
2993 if( strncmp(argv[i], "-dos", sizeof("-dos") - 1) == 0 )
|
||
0x081a8861 (main+0x3c [dumpexe.c:2993]): pushl $0x4
|
||
Wine-dbg>print i
|
||
2
|
||
Wine-dbg>print argv[i]
|
||
"./dumpexe.exe"
|
||
|
||
*******************************************************************
|
||
|
||
This example shows how to use conditional breakpoints.
|
||
Here is another one that demonstrates another cool feature
|
||
conditional breakpoints that involve a function call:
|
||
|
||
condition 3 strcmp(argv[i], "./dumpexe.exe") == 0
|
||
|
||
*******************************************************************
|
||
|
||
|
||
Wine-dbg>list
|
||
2986 if( argc <= 1 )
|
||
2987 {
|
||
2988 Usage(argv[0]);
|
||
2989 }
|
||
2990
|
||
2991 for( i = 1; i < argc; i++ )
|
||
2992 {
|
||
2993 if( strncmp(argv[i], "-dos", sizeof("-dos") - 1) == 0 )
|
||
2994 {
|
||
2995 DmpCtrl.bDumpDOSHeader = TRUE;
|
||
2996 }
|
||
Wine-dbg>b 2993
|
||
Breakpoint 3 at 0x081a8861 (main+0x3c [dumpexe.c:2993])
|
||
Wine-dbg>condition 3 strcmp(argv[i], "./dumpexe.exe") == 0
|
||
Wine-dbg>info break
|
||
Breakpoints:
|
||
1: y 0x081ab450 (_mainCRTStartup)
|
||
2: y 0x081a882e (main+0x9 [dumpexe.c:2986])
|
||
3: y 0x081a8861 (main+0x3c [dumpexe.c:2993])
|
||
stop when ( strcmp(( argv[i] ), "./dumpexe.exe") == 0 )
|
||
Wine-dbg>c
|
||
Stopped on breakpoint 3 at 0x081a8861 (main+0x3c [dumpexe.c:2993])
|
||
2993 if( strncmp(argv[i], "-dos", sizeof("-dos") - 1) == 0 )
|
||
0x081a8861 (main+0x3c [dumpexe.c:2993]): pushl $0x4
|
||
Wine-dbg>print i
|
||
2
|
||
Wine-dbg>print argv[i]
|
||
"./dumpexe.exe"
|
||
Wine-dbg>
|