This is the mail archive of the gdb-patches@sourceware.org mailing list for the GDB project.
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |
Other format: | [Raw text] |
Regarding my byteswap code: I spent nearly the whole day investigating that up and down. I can't use the gdb read_memory functions here that do endianness conversion. I stepped down many times the read_memory functions over all frames until the point where the memory is read from the inferior using windows native function ReadProcessMemory(). It appears that - in this case - the memory returned is rotated by 2 bytes.
Example: Function pointer in a dll is eg: 0x0000000015027bba In little endian it would be: 0xba7b021500000000 The ReadProcessMemory() call in windows-nat.c in function windows_xfer_memory() always returns this: 0x021500000000ba7b In all other cases the memory returned appears not to be rotated. I also tried reading byte/word/int-wise but the result did not change.
I also queried the internet a long time but could not find any clear explanation for this. So I left a comment in the patch at this point as the result delivered by the new function represents the right function pointer in any case I have checked.
* amd64-windows-tdep.c: #include "frame.h". (amd64_windows_skip_trampoline_code): New function. (amd64_windows_init_abi): Add trampoline registration.
Attachment:
amd64-windows-tdep.c.patch
Description: Text document
Index Nav: | [Date Index] [Subject Index] [Author Index] [Thread Index] | |
---|---|---|
Message Nav: | [Date Prev] [Date Next] | [Thread Prev] [Thread Next] |