3 crackhdr, machbytype, machbyname, newmap, setmap, findseg, unusemap,
4 loadmap, attachproc, get1, get2, get4, get8, geta, put1, put2, put4, put8, puta
5 beswab, beswal, beswav, leswab, leswal, leswav \- machine-independent access to executable files
17 int crackhdr(int fd, Fhdr *fp)
20 void machbytype(int type)
23 int machbyname(char *name)
26 Map *newmap(Map *map, int n)
29 int setmap(Map *map, int fd, uvlong base, uvlong end,
32 vlong foffset, char *name)
35 int findseg(Map *map, char *name)
38 void unusemap(Map *map, int seg)
41 Map *loadmap(Map *map, int fd, Fhdr *fp)
44 Map *attachproc(int pid, int kflag, int corefd, Fhdr *fp)
47 int get1(Map *map, uvlong addr, uchar *buf, int n)
50 int get2(Map *map, uvlong addr, ushort *val)
53 int get4(Map *map, uvlong addr, ulong *val)
56 int get8(Map *map, uvlong addr, uvlong *val)
59 int geta(Map *map, uvlong addr, uvlong *val)
62 int put1(Map *map, uvlong addr, uchar *buf, int n)
65 int put2(Map *map, uvlong addr, ushort val)
68 int put4(Map *map, uvlong addr, ulong val)
71 int put8(Map *map, uvlong addr, uvlong val)
74 int puta(Map *map, uvlong addr, uvlong val)
77 ushort beswab(ushort val)
80 long beswal(ulong val)
83 long beswav(uvlong val)
86 ushort leswab(ushort val)
89 long leswal(ulong val)
92 long leswav(uvlong val)
98 extern Machdata machdata;
100 These functions provide
101 a processor-independent interface for accessing
102 the executable files or executing images of all
104 Related library functions described in
108 provide similar access to symbol tables and object files.
112 is a file containing an executable program or the
116 file system associated with an executing process as
119 After opening an executable, an application
120 invokes a library function which parses the
122 determines the target architecture and
123 initializes data structures with parameters
124 and pointers to functions appropriate for
125 that architecture. Next, the application
126 invokes functions to construct one or more
128 data structures that translate references
129 in the address space of the executable
130 to offsets in the file. Each
132 comprises one or more
134 each associating a non-overlapping range of
135 memory addresses with a logical section of
137 Other library functions then use a map
138 and the architecture-specific data structures
139 to provide a generic interface to the
140 processor-dependent data.
143 interprets the header of the executable
145 the open file descriptor
147 It loads the data structure
149 with a machine-independent description
150 of the header information and
151 points global variable
155 data structure containing processor-dependent parameters
156 of the target architecture.
159 selects architecture-specific data structures and parameter
161 the code stored in the
168 performs the same selection based
169 on the name of a processor class; see
171 for a list of valid names.
172 Both functions point global variables
180 data structures appropriate for the
181 target architecture and load global variable
183 with the proper disassembler type code.
186 creates an empty map with
191 is zero, the new map is dynamically
192 allocated, otherwise it is assumed to
193 point to an existing dynamically allocated map whose
194 size is adjusted, as necessary.
195 A zero return value indicates an allocation error.
198 loads the first unused segment in
201 segment mapping parameters.
203 is an open file descriptor associated with
208 contain the lowest and highest virtual addresses
209 mapped by the segment.
211 is the offset to the start of the segment in the file.
213 is a name to be attached to the segment.
216 returns the index of the the
221 A return of -1 indicates that no
231 segments in the map remain unaffected.
234 initializes a default map containing
235 segments named `text' and `data' that
236 map the instruction and data segments
237 of the executable described in the
239 structure pointed to by
241 Usually that structure was loaded by
243 and can be passed to this function without
247 is non-zero, that map, which must have been
248 dynamically allocated, is resized to contain two segments;
249 otherwise a new map is allocated.
250 This function returns zero if allocation fails.
252 is usually used to build a map for accessing
253 a static executable, for example, an executable
257 constructs a map for accessing a
259 returns the address of a
261 containing segments mapping the
262 address space of the running process
267 is non-zero, the process is assumed to be
270 is an file descriptor opened to
271 .BR /proc/\fIpid\fP/mem .
275 structure describing the header
276 of the executable. For most architectures
279 contains four segments named `text', `data',
280 `regs' and `fpregs'. The latter two provide access to
281 the general and floating point registers, respectively.
282 If the executable is a kernel process (indicated by a
285 argument), the data segment extends to the maximum
286 supported address, currently 0xffffffff, and the
287 register sets are read-only. In user-level programs,
288 the data segment extends to the
289 top of the stack or 0x7fffffff if the stack top
290 cannot be found, and the register sets are readable
293 returns zero if it is unable to build the map
294 for the specified process.
301 retrieve the data stored at address
303 in the executable associated
309 bytes of data beginning at
317 retrieve 16-bit, 32-bit and 64-bit values respectively,
318 into the location pointed to by
320 The value is byte-swapped if the source
321 byte order differs from that of the current architecture.
322 This implies that the value returned by
327 may not be the same as the byte sequences
332 is two, four or eight; the former may be byte-swapped, the
333 latter reflects the byte order of the target architecture.
334 If the file descriptor associated with the applicable segment in
336 is negative, the address itself is placed in the
337 return location. These functions return the number
338 of bytes read or a \-1 when there is an error.
346 the executable associated with
348 The address is translated using the
349 map parameters and multi-byte quantities are
350 byte-swapped, if necessary, before they are written.
360 write the 16-bit, 32-bit or 64-bit quantity contained in
362 respectively. The number of bytes transferred is returned.
363 A \-1 return value indicates an error.
374 big-endian representation of
381 return the little-endian representation of the