Source Code for Module vtrace.envitools

  1   
  2  """ 
  3  Some tools that require the envi framework to be installed 
  4  """ 
  5   
  6  import sys 
  7  import traceback 
  8   
  9  import envi 
 10  import envi.archs.i386 as e_i386 # FIXME This should NOT have to be here 
 11   
 12 -class RegisterException(Exception): 
 13      pass 
 14   
 15 -def cmpRegs(emu, trace): 
 16      for idx,name in reg_map: 
 17          er = emu.getRegister(idx) 
 18          tr = trace.getRegisterByName(name) 
 19          if er != tr: 
 20              raise RegisterException("REGISTER MISMATCH: %s 0x%.8x 0x%.8x" % (name, tr, er)) 
 21      return True 
 22   
 23  reg_map = [ 
 24      (e_i386.REG_EAX, "eax"), 
 25      (e_i386.REG_ECX, "ecx"), 
 26      (e_i386.REG_EDX, "edx"), 
 27      (e_i386.REG_EBX, "ebx"), 
 28      (e_i386.REG_ESP, "esp"), 
 29      (e_i386.REG_EBP, "ebp"), 
 30      (e_i386.REG_ESI, "esi"), 
 31      (e_i386.REG_EDI, "edi"), 
 32      (e_i386.REG_EIP, "eip"), 
 33      (e_i386.REG_EFLAGS, "eflags") 
 34      ] 
 35   
 36  #FIXME intel specific 
 37 -def setRegs(emu, trace): 
 38      for idx,name in reg_map: 
 39          tr = trace.getRegisterByName(name) 
 40          emu.setRegister(idx, tr) 
 41   
 42 -def emulatorFromTrace(trace): 
 43      """ 
 44      Produce an envi emulator for this tracer object.  Use the trace's arch 
 45      info to get the emulator so this can be done on the client side of a remote 
 46      vtrace session. 
 47      """ 
 48      arch = trace.getMeta("Architecture") 
 49      amod = envi.getArchModule(arch) 
 50      emu = amod.getEmulator() 
 51   
 52      if trace.getMeta("Platform") == "Windows": 
 53          emu.setSegmentInfo(e_i386.SEG_FS, trace.getThreads()[trace.getMeta("ThreadId")], 0xffffffff) 
 54   
 55      emu.setMemoryObject(trace) 
 56      setRegs(emu, trace) 
 57      return emu 
 58   
 59 -def lockStepEmulator(emu, trace): 
 60      while True: 
 61          print "Lockstep: 0x%.8x" % emu.getProgramCounter() 
 62          try: 
 63              pc = emu.getProgramCounter() 
 64              op = emu.makeOpcode(pc) 
 65              trace.stepi() 
 66              emu.stepi() 
 67              cmpRegs(emu, trace) 
 68          except RegisterException, msg: 
 69              print "Lockstep Error: %s: %s" % (repr(op),msg) 
 70              setRegs(emu, trace) 
 71              sys.stdin.readline() 
 72          except Exception, msg: 
 73              traceback.print_exc() 
 74              print "Lockstep Error: %s" % msg 
 75              return 
 76   
 77  import vtrace 
 78  import vtrace.platforms.base as v_base 
 79   
 80 -class TraceEmulator(vtrace.Trace, v_base.TracerBase): 
 81      """ 
 82      Wrap an arbitrary emulator in a Tracer compatible API. 
 83      """ 
 84 -    def __init__(self, emu): 
 85          self.emu = emu 
 86          vtrace.Trace.__init__(self) 
 87          v_base.TracerBase.__init__(self) 
 88   
 89          # Fake out being attached 
 90          self.attached = True 
 91          self.pid = 0x56 
 92   
 93          self.setRegisterInfo(emu.getRegisterInfo()) 
 94   
 95 -    def getPointerSize(self): 
 96          return self.emu.getPointerSize() 
 97   
 98 -    def platformStepi(self): 
 99          self.emu.stepi() 
100   
101 -    def platformWait(self): 
102          # We only support single step events now 
103          return True 
104   
105 -    def archGetRegCtx(self): 
106          return self.emu 
107   
108 -    def platformGetRegCtx(self, threadid): 
109          return self.emu 
110   
111 -    def platformSetRegCtx(self, threadid, ctx): 
112          self.setRegisterSnap(ctx.getRegisterSnap()) 
113   
114 -    def platformProcessEvent(self, event): 
115          self.fireNotifiers(vtrace.NOTIFY_STEP) 
116   
117 -    def platformReadMemory(self, va, size): 
118          return self.emu.readMemory(va, size) 
119   
120 -    def platformWriteMemory(self, va, bytes): 
121          return self.emu.writeMemory(va, bytes) 
122   
123 -    def platformGetMaps(self): 
124          return self.emu.getMemoryMaps() 
125   
126 -    def platformGetThreads(self): 
127          return {1:0xffff0000,} 
128   
129 -    def platformGetFds(self): 
130          return [] #FIXME perhaps tie this into magic? 
131   
132 -    def getStackTrace(self): 
133          # FIXME i386... 
134          return [(self.emu.getProgramCounter(), 0), (0,0)] 
135   
136 -    def platformDetach(self): 
137          pass 
138   
139 -def main(): 
140      import vtrace 
141      sym = sys.argv[1] 
142      pid = int(sys.argv[2]) 
143      t = vtrace.getTrace() 
144      t.attach(pid) 
145      symaddr = t.parseExpression(sym) 
146      t.addBreakpoint(vtrace.Breakpoint(symaddr)) 
147      while t.getProgramCounter() != symaddr: 
148          t.run() 
149      snap = t.takeSnapshot() 
150      #snap.saveToFile("woot.snap") # You may open in vdb to follow along 
151      emu = emulatorFromTrace(snap) 
152      lockStepEmulator(emu, t) 
153   
154  if __name__ == "__main__": 
155      # Copy this file out to the vtrace dir for testing and run as main 
156      main() 
157