IDA在排查由D_EXC生成的symbian死尸现场时非常有用,
不过在下觉得用IDA来直接进行汇编调试也是有用而有趣的,尤其是要面对phone release编译的情况。。
工具链生成的.map文件与IDA的地址不能直接对应,所以按函数下断点非常麻烦,要自己算地址!god。
区区本可以用emacs写个函数了事,考虑到在组内emacs普及度过低,所以编写了一个perl的bat脚本:
里面用的了perl正则里的求值替换,因为这个语言特性自己也不熟,把程序记下来备查:
@rem = '--*-Perl-*-- @echo off if "%OS%" == "Windows_NT" goto WinNT perl -x -S "%0" %1 %2 %3 %4 %5 %6 %7 %8 %9 goto endofperl :WinNT perl -x -S %0 %* if NOT "%COMSPEC%" == "<a href="https://www.jb51.cc/tag/s/" target="_blank" class="keywords">%s</a>y<a href="https://www.jb51.cc/tag/stem/" target="_blank" class="keywords">stem</a>Root%/sy<a href="https://www.jb51.cc/tag/stem/" target="_blank" class="keywords">stem</a>32/cmd.exe" goto endofperl if %errorlevel% == 9009 echo You do not have Perl in your PATH. if errorlevel 1 goto script_<a href="https://www.jb51.cc/tag/Failed/" target="_blank" class="keywords">Failed</a>_so_exit_with_non_zero_val 2>nul goto endofperl @rem '; #!perl #line 15 eval 'exec e:/green/sbperl/perl/bin/perl -S $0 ${1+"$@"}' if 0; my $base = hex($ARGV[0]); my $map_file = $ARGV[1]; my $map_new = do {my $cnt; open HOST,$map_file; read HOST,$cnt,-s HOST; close HOST; $cnt}; my $offset = hex($ARGV[2] || "0x8000"); $map_new =~ s/(/s)0x([0-9a-f]+)(/s)/sprintf("${1}0x%8x$3",hex($2) + $base - $offset);/sge; open HOST,">${map_file}2"; print HOST $map_new; $map_file = $map_file . ".names.py"; open NAME,">$map_file"; my @li<a href="https://www.jb51.cc/tag/nes/" target="_blank" class="keywords">nes</a> = split //n/,$map_new; print NAME "import idaapi/n"; for my $line (@li<a href="https://www.jb51.cc/tag/nes/" target="_blank" class="keywords">nes</a>) { if ($line =~ /([_0-9a-z~:*,&<>/[/]]+/([_0-9a-z~:/)/s*,&<>/[/]]+)/s+(0x[0-9a-f]+)/s/i) { my ($ea,$name) = ($2,$1); $name =~ s/[,<>~* ]/./g; print NAME "idaapi.set_name($ea,/"$name/",True)/n"; } if ($line =~ /(vtable/s+for/s+/w+)/s+(0x[0-9a-f]+)/s/i) { my ($ea,$1); $ea -= $offset % 4; # 32 bit align $name =~ s/[~* ]/./g; print NAME "idaapi.set_name($ea,True)/n"; } } __END__ :endofperl
