Assembly: list all symbols of an application -


i programmed code:

// consoleapplication1.cpp // #include <iostream> #include "stdafx.h"  void abc() {     printf("abcdef"); }  int main() {     printf("hello");     printf("2ndstring here");     return 0; } 

and result of windbg:

0:000> x consoleapplication1!* 00007ff6`dc5335b0 consoleapplication1!__scrt_current_native_startup_state = initialized (0n2) 00007ff6`dc533008 consoleapplication1!__security_cookie_complement = 0xffff6a36`95faba8f 00007ff6`dc531e90 consoleapplication1!_guard_dispatch_icall_nop = 0xff '' 00007ff6`dc5321d0 consoleapplication1!__xp_a = <function> *[1] 00007ff6`dc532650 consoleapplication1!__rtc_taa = <function> *[1] 00007ff6`dc532190 consoleapplication1!__guard_dispatch_icall_fptr = 0x00007ff6`dc531e90 00007ff6`dc532640 consoleapplication1!__rtc_iaa = <function> *[1] 00007ff6`dc5335d8 consoleapplication1!module_local_at_quick_exit_table = struct _onexit_table_t 00007ff6`dc532198 consoleapplication1!__xc_a = <function> *[1] 00007ff6`dc532198 consoleapplication1!__xc_a = <function> *[] 00007ff6`dc533030 consoleapplication1!__scrt_ucrt_dll_is_in_use = 0n1 00007ff6`dc533030 consoleapplication1!__scrt_ucrt_dll_is_in_use = 0n1 00007ff6`dc5321b8 consoleapplication1!pre_c_initializer = 0x00007ff6`dc531154 00007ff6`dc533020 consoleapplication1!__memcpy_nt_iters = 0n-1 00007ff6`dc5321a0 consoleapplication1!pre_cpp_initializer = 0x00007ff6`dc531220 00007ff6`dc533630 consoleapplication1!__dyn_tls_init_callback = 0x00000000`00000000 00007ff6`dc5321c8 consoleapplication1!__xi_z = <function> *[1] 00007ff6`dc5321c8 consoleapplication1!__xi_z = <function> *[] 00007ff6`dc5335c0 consoleapplication1!module_local_atexit_table = struct _onexit_table_t 00007ff6`dc5330e0 consoleapplication1!gs_contextrecord = struct _context 00007ff6`dc5321e0 consoleapplication1!__xt_a = <function> *[1] 00007ff6`dc533618 consoleapplication1!__scrt_debugger_hook_flag = 0n0 00007ff6`dc5335f0 consoleapplication1!is_initialized_as_dll = false 00007ff6`dc53301c consoleapplication1!__isa_enabled = 0n46 00007ff6`dc5335b8 consoleapplication1!__scrt_native_startup_lock = 0x00000000`00000000 00007ff6`dc5321c0 consoleapplication1!post_pgo_initializer = 0x00007ff6`dc531210 00007ff6`dc532188 consoleapplication1!__guard_check_icall_fptr = 0x00007ff6`dc531d58 00007ff6`dc532188 consoleapplication1!__guard_check_icall_fptr = 0x00007ff6`dc531d58 00007ff6`dc532188 consoleapplication1!__guard_check_icall_fptr = 0x00007ff6`dc531d58 00007ff6`dc532680 consoleapplication1!$xdatasym = 0x01 '' 00007ff6`dc532740 consoleapplication1!$xdatasym = 0x01 '' 00007ff6`dc5321b0 consoleapplication1!__xi_a = <function> *[1] 00007ff6`dc5321b0 consoleapplication1!__xi_a = <function> *[] 00007ff6`dc5321f0 consoleapplication1!gs_exceptionpointers = struct _exception_pointers 00007ff6`dc532648 consoleapplication1!__rtc_izz = <function> *[1] 00007ff6`dc5321a8 consoleapplication1!__xc_z = <function> *[1] 00007ff6`dc5321a8 consoleapplication1!__xc_z = <function> *[] 00007ff6`dc533014 consoleapplication1!__scrt_default_matherr = 0n1 00007ff6`dc533014 consoleapplication1!__scrt_default_matherr = 0n1 00007ff6`dc5321d8 consoleapplication1!__xp_z = <function> *[1] 00007ff6`dc532658 consoleapplication1!__rtc_tzz = <function> *[1] 00007ff6`dc533040 consoleapplication1!gs_exceptionrecord = struct _exception_record 00007ff6`dc532290 consoleapplication1!_load_config_used = struct _image_load_config_directory64 00007ff6`dc533010 consoleapplication1!__scrt_native_dllmain_reason = 0xffffffff 00007ff6`dc533000 consoleapplication1!__security_cookie = 0x000095c9`6a054570 00007ff6`dc533018 consoleapplication1!__isa_available = 0n5 00007ff6`dc53361c consoleapplication1!__favor = 0n6 00007ff6`dc5321e8 consoleapplication1!__xt_z = <function> *[1] 00007ff6`dc533600 consoleapplication1!__type_info_root_node = struct __type_info_node 00007ff6`dc533628 consoleapplication1!__dyn_tls_dtor_callback = 0x00000000`00000000 00007ff6`dc5313c8 consoleapplication1!__raise_securityfailure (struct _exception_pointers *) 00007ff6`dc5318a0 consoleapplication1!_get_startup_commit_mode (void) 00007ff6`dc5318f8 consoleapplication1!__scrt_get_dyn_tls_dtor_callback (void) 00007ff6`dc531e90 consoleapplication1!_guard_dispatch_icall_nop (void) 00007ff6`dc531010 consoleapplication1!_vfprintf_l (struct _iobuf *, char *, struct __crt_locale_pointers *, char *) 00007ff6`dc531ae4 consoleapplication1!_rtc_initialize (void) 00007ff6`dc5318a0 consoleapplication1!_get_startup_thread_locale_mode (void) 00007ff6`dc531d4c consoleapplication1!__scrt_is_ucrt_dll_in_use (void) 00007ff6`dc5310e0 consoleapplication1!main (void) 00007ff6`dc531758 consoleapplication1!__scrt_uninitialize_crt (bool, bool) 00007ff6`dc531e1c consoleapplication1!__gshandlercheckcommon (void *, struct _dispatcher_context *, struct _gs_handler_data *) 00007ff6`dc531698 consoleapplication1!__scrt_is_nonwritable_in_current_image (void *) 00007ff6`dc531580 consoleapplication1!__scrt_initialize_crt (__scrt_module_type) 00007ff6`dc531a9c consoleapplication1!__scrt_set_unhandled_exception_filter (void) 00007ff6`dc531d58 consoleapplication1!_initialize_denormal_control (void) 00007ff6`dc5317d4 consoleapplication1!atexit (<function> *) 00007ff6`dc5318bc consoleapplication1!__scrt_stub_for_acrt_initialize (void) 00007ff6`dc531b30 consoleapplication1!_rtc_terminate (void) 00007ff6`dc531dfc consoleapplication1!__gshandlercheck (struct _exception_record *, void *, struct _context *, struct _dispatcher_context *) 00007ff6`dc5318a4 consoleapplication1!_get_startup_file_mode (void) 00007ff6`dc5313b4 consoleapplication1!maincrtstartup (void) 00007ff6`dc531060 consoleapplication1!printf (char *) 00007ff6`dc5318c8 consoleapplication1!__scrt_initialize_default_local_stdio_options (void) 00007ff6`dc5315cc consoleapplication1!__scrt_initialize_onexit_tables (__scrt_module_type) 00007ff6`dc531eb0 consoleapplication1!__scrt_is_nonwritable_in_current_image$filt$0 (void) 00007ff6`dc5318bc consoleapplication1!_should_initialize_environment (void) 00007ff6`dc531154 consoleapplication1!pre_c_initialization (void) 00007ff6`dc5318a0 consoleapplication1!_matherr (struct _exception *) 00007ff6`dc531544 consoleapplication1!__scrt_acquire_startup_lock (void) 00007ff6`dc5318a0 consoleapplication1!_get_startup_new_mode (void) 00007ff6`dc531a48 consoleapplication1!__scrt_is_managed_app (void) 00007ff6`dc531aac consoleapplication1!__scrt_unhandled_exception_filter (struct _exception_pointers *) 00007ff6`dc531d58 consoleapplication1!_initialize_invalid_parameter_handler (void) 00007ff6`dc531b84 consoleapplication1!__isa_available_init (void) 00007ff6`dc5318e4 consoleapplication1!__scrt_is_user_matherr_present (void) 00007ff6`dc531898 consoleapplication1!_get_startup_argv_mode (void) 00007ff6`dc531130 consoleapplication1!__security_check_cookie (void) 00007ff6`dc5314d0 consoleapplication1!capture_previous_context (struct _context *) 00007ff6`dc531220 consoleapplication1!pre_cpp_initialization (void) 00007ff6`dc5318f0 consoleapplication1!__scrt_get_dyn_tls_init_callback (void) 00007ff6`dc531d58 consoleapplication1!_guard_check_icall_nop (unsigned int64) 00007ff6`dc5318bc consoleapplication1!__scrt_stub_for_acrt_uninitialize (bool) 00007ff6`dc53123c consoleapplication1!__scrt_common_main_seh (void) 00007ff6`dc5318ac consoleapplication1!__scrt_initialize_type_info (void) 00007ff6`dc531734 consoleapplication1!__scrt_release_startup_lock (bool) 00007ff6`dc531110 consoleapplication1!__vcrt_va_start_verify_argument_type<char const * __ptr64 const> (void) 00007ff6`dc531900 consoleapplication1!__scrt_fastfail (unsigned int) 00007ff6`dc531e92 consoleapplication1!`__scrt_common_main_seh'::`1'::filt$0 (void) 00007ff6`dc5318c0 consoleapplication1!__local_stdio_scanf_options (void) 00007ff6`dc5317ec consoleapplication1!__security_init_cookie (void) 00007ff6`dc531b7c consoleapplication1!_guard_check_icall (unsigned int64) 00007ff6`dc5313fc consoleapplication1!__report_gsfailure (unsigned int64) 00007ff6`dc531000 consoleapplication1!__local_stdio_printf_options (void) 00007ff6`dc531784 consoleapplication1!_onexit (<function> *) 00007ff6`dc531210 consoleapplication1!post_pgo_initialization (void) 00007ff6`dc5318a0 consoleapplication1!__scrt_initialize_winrt (void) 00007ff6`dc532138 consoleapplication1!_imp__get_initial_narrow_environment = <no type information> 00007ff6`dc532038 consoleapplication1!_imp_getcurrentthreadid = <no type information> 00007ff6`dc531d7e consoleapplication1!configure_narrow_argv (<no parameter info>) 00007ff6`dc531dc0 consoleapplication1!c_exit (<no parameter info>) 00007ff6`dc531d9c consoleapplication1!exit (<no parameter info>) 00007ff6`dc5320e8 consoleapplication1!_imp__seh_filter_exe = <no type information> 00007ff6`dc5320f0 consoleapplication1!_imp__crt_atexit = <no type information> 00007ff6`dc5320d8 consoleapplication1!_imp_terminate = <no type information> 00007ff6`dc532128 consoleapplication1!_imp__initterm_e = <no type information> 00007ff6`dc532158 consoleapplication1!api-ms-win-crt-runtime-l1-1-0_null_thunk_data = <no type information> 00007ff6`dc5320d0 consoleapplication1!_imp__initialize_onexit_table = <no type information> 00007ff6`dc5320a0 consoleapplication1!api-ms-win-crt-heap-l1-1-0_null_thunk_data = <no type information> 00007ff6`dc531d78 consoleapplication1!_setusermatherr (<no parameter info>) 00007ff6`dc531df6 consoleapplication1!isprocessorfeaturepresent (<no parameter info>) 00007ff6`dc532180 consoleapplication1!api-ms-win-crt-stdio-l1-1-0_null_thunk_data = <no type information> 00007ff6`dc532080 consoleapplication1!_imp_memset = <no type information> 00007ff6`dc531d90 consoleapplication1!initterm (<no parameter info>) 00007ff6`dc531da2 consoleapplication1!exit (<no parameter info>) 00007ff6`dc532010 consoleapplication1!_imp_unhandledexceptionfilter = <no type information> 00007ff6`dc531d60 consoleapplication1!_c_specific_handler (<no parameter info>) 00007ff6`dc532178 consoleapplication1!_imp__set_fmode = <no type information> 00007ff6`dc532100 consoleapplication1!_imp___p___argv = <no type information> 00007ff6`dc531dba consoleapplication1!cexit (<no parameter info>) 00007ff6`dc531df0 consoleapplication1!terminate (<no parameter info>) 00007ff6`dc531dcc consoleapplication1!configthreadlocale (<no parameter info>) 00007ff6`dc532788 consoleapplication1!_import_descriptor_api-ms-win-crt-math-l1-1-0 = <no type information> 00007ff6`dc532120 consoleapplication1!_imp_exit = <no type information> 00007ff6`dc531dc6 consoleapplication1!register_thread_local_exe_atexit_callback (<no parameter info>) 00007ff6`dc532060 consoleapplication1!_imp_getcurrentprocess = <no type information> 00007ff6`dc532088 consoleapplication1!_imp___c_specific_handler = <no type information> 00007ff6`dc532070 consoleapplication1!_imp_rtlcapturecontext = <no type information> 00007ff6`dc532078 consoleapplication1!kernel32_null_thunk_data = <no type information> 00007ff6`dc531d84 consoleapplication1!initialize_narrow_environment (<no parameter info>) 00007ff6`dc5320b8 consoleapplication1!_imp___setusermatherr = <no type information> 00007ff6`dc532040 consoleapplication1!_imp_getcurrentprocessid = <no type information> 00007ff6`dc53279c consoleapplication1!_import_descriptor_api-ms-win-crt-locale-l1-1-0 = <no type information> 00007ff6`dc531dde consoleapplication1!initialize_onexit_table (<no parameter info>) 00007ff6`dc532108 consoleapplication1!_imp___p___argc = <no type information> 00007ff6`dc532050 consoleapplication1!_imp_isprocessorfeaturepresent = <no type information> 00007ff6`dc5320b0 consoleapplication1!api-ms-win-crt-locale-l1-1-0_null_thunk_data = <no type information> 00007ff6`dc532130 consoleapplication1!_imp__initterm = <no type information> 00007ff6`dc532760 consoleapplication1!_import_descriptor_api-ms-win-crt-stdio-l1-1-0 = <no type information> 00007ff6`dc5327b0 consoleapplication1!_import_descriptor_api-ms-win-crt-heap-l1-1-0 = <no type information> 00007ff6`dc532118 consoleapplication1!_imp__exit = <no type information> 00007ff6`dc532058 consoleapplication1!_imp_terminateprocess = <no type information> 00007ff6`dc531de4 consoleapplication1!register_onexit_function (<no parameter info>) 00007ff6`dc532020 consoleapplication1!_imp_isdebuggerpresent = <no type information> 00007ff6`dc531dae consoleapplication1!_p___argc (<no parameter info>) 00007ff6`dc532110 consoleapplication1!_imp__register_thread_local_exe_atexit_callback = <no type information> 00007ff6`dc532090 consoleapplication1!vcruntime140_null_thunk_data = <no type information> 00007ff6`dc532168 consoleapplication1!_imp___stdio_common_vfprintf = <no type information> 00007ff6`dc532170 consoleapplication1!_imp___acrt_iob_func = <no type information> 00007ff6`dc532030 consoleapplication1!_imp_getsystemtimeasfiletime = <no type information> 00007ff6`dc5320e0 consoleapplication1!_imp__set_app_type = <no type information> 00007ff6`dc531dd2 consoleapplication1!set_new_mode (<no parameter info>) 00007ff6`dc5320a8 consoleapplication1!_imp__configthreadlocale = <no type information> 00007ff6`dc532000 consoleapplication1!_imp_rtllookupfunctionentry = <no type information> 00007ff6`dc532048 consoleapplication1!_imp_queryperformancecounter = <no type information> 00007ff6`dc531dd8 consoleapplication1!_p__commode (<no parameter info>) 00007ff6`dc532140 consoleapplication1!_imp__initialize_narrow_environment = <no type information> 00007ff6`dc532028 consoleapplication1!_imp_initializeslisthead = <no type information> 00007ff6`dc532008 consoleapplication1!_imp_rtlvirtualunwind = <no type information> 00007ff6`dc533620 consoleapplication1!`__local_stdio_printf_options'::`2'::_optionsstorage = <no type information> 00007ff6`dc532018 consoleapplication1!_imp_getmodulehandlew = <no type information> 00007ff6`dc531d96 consoleapplication1!initterm_e (<no parameter info>) 00007ff6`dc5320c0 consoleapplication1!api-ms-win-crt-math-l1-1-0_null_thunk_data = <no type information> 00007ff6`dc531d6c consoleapplication1!seh_filter_exe (<no parameter info>) 00007ff6`dc532098 consoleapplication1!_imp__set_new_mode = <no type information> 00007ff6`dc532774 consoleapplication1!_import_descriptor_api-ms-win-crt-runtime-l1-1-0 = <no type information> 00007ff6`dc531db4 consoleapplication1!_p___argv (<no parameter info>) 00007ff6`dc531d8a consoleapplication1!get_initial_narrow_environment (<no parameter info>) 00007ff6`dc532068 consoleapplication1!_imp_setunhandledexceptionfilter = <no type information> 00007ff6`dc5327c4 consoleapplication1!_import_descriptor_kernel32 = <no type information> 00007ff6`dc532160 consoleapplication1!_imp___p__commode = <no type information> 00007ff6`dc5320f8 consoleapplication1!_imp__cexit = <no type information> 00007ff6`dc531da8 consoleapplication1!set_fmode (<no parameter info>) 00007ff6`dc532150 consoleapplication1!_imp__register_onexit_function = <no type information> 00007ff6`dc531dea consoleapplication1!crt_atexit (<no parameter info>) 00007ff6`dc53274c consoleapplication1!_import_descriptor_vcruntime140 = <no type information> 00007ff6`dc532148 consoleapplication1!_imp__configure_narrow_argv = <no type information> 00007ff6`dc5320c8 consoleapplication1!_imp__c_exit = <no type information> 00007ff6`dc531d72 consoleapplication1!set_app_type (<no parameter info>) 00007ff6`dc531d66 consoleapplication1!memset (<no parameter info>) 00007ff6`dc5327d8 consoleapplication1!_null_import_descriptor = <no type information> 00007ff6`dc533610 consoleapplication1!`__local_stdio_scanf_options'::`2'::_optionsstorage = <no type information> 00007ff6`dc531337 consoleapplication1!invoke_main =  (inline caller) consoleapplication1!__scrt_common_main_seh+fb 00007ff6`dc53119e consoleapplication1!__scrt_narrow_argv_policy::configure_argv =  (inline caller) consoleapplication1!pre_c_initialization+4a 00007ff6`dc5311e7 consoleapplication1!initialize_environment =  (inline caller) consoleapplication1!pre_c_initialization+93 00007ff6`dc5313b8 consoleapplication1!__scrt_common_main =  (inline caller) consoleapplication1!maincrtstartup+4 00007ff6`dc531551 consoleapplication1!ntcurrentteb =  (inline caller) consoleapplication1!__scrt_acquire_startup_lock+d 00007ff6`dc531618 consoleapplication1!__crt_fast_encode_pointer =  (inline caller) consoleapplication1!__scrt_initialize_onexit_tables+4c 00007ff6`dc53161f consoleapplication1!__crt_rotate_pointer_value =  (inline caller) consoleapplication1!__scrt_initialize_onexit_tables+53 00007ff6`dc53169f consoleapplication1!is_potentially_valid_image_base =  (inline caller) consoleapplication1!__scrt_is_nonwritable_in_current_image+7 00007ff6`dc5316d5 consoleapplication1!find_pe_section =  (inline caller) consoleapplication1!__scrt_is_nonwritable_in_current_image+3d 00007ff6`dc53178a consoleapplication1!__crt_fast_decode_pointer =  (inline caller) consoleapplication1!_onexit+6 00007ff6`dc5317a0 consoleapplication1!__crt_rotate_pointer_value =  (inline caller) consoleapplication1!_onexit+1c 00007ff6`dc531929 consoleapplication1!__crt_debugger_hook =  (inline caller) consoleapplication1!__scrt_fastfail+29 

what means symbol list? generates symbol? every method? class? why isn't there consoleapplication1!abc available?

there huge number of other symbols.. can seperated , classified (eg maincrtstartup , consoleapplication1!main belong executables)? there differences in kernel programming?

(code optimization deactivated.)

what means symbol list?

the symbols list list of "symbols" in file - of course.

"symbols" items in object files have address (or - - absolute value).

the main use of symbols tell linker item (function, variable, constant...) located in object file:

when machine code accesses variable or calls function code has "know" address of variable or function. when creating object file source code these addresses not known, yet; if function or variable defined in object file code accessing it.

therefore dummy address used when object file created; linker later has replace dummy address real one.

the information variable located @ address stored in "symbols" of object file.

the symbols of .exe files typically sum of symbols of object files used create file.

what generates symbol?

all code (functions) , data (variables, constants) defined in object file can accessed other object files generate symbols in object files.

however linkers remove or symbols resulting .exe file because no longer needed after having created .exe file.

most compilers generate symbols code , data can accessed within object file (such "static" variables).

many compilers generate symbols containing debugging information. such symbols ignored linker of course - , typically not shown in windbg.

items not have address in memory typically not have symbol: data types (this includes classes!) not have address every variable data type has own address. same true local variables (think function calling recursively understand why).

why isn't there consoleapplication1!abc available?

obviously use linker can optimization:

the linker "saw" there no "dummy address" (as mentioned above) has replaced address consoleapplication1!abc. therefore linker "knew" function abc() not used program did not include function program.

note not possible object file formats.


Comments

Popular posts from this blog

android - InAppBilling registering BroadcastReceiver in AndroidManifest -

python Tkinter Capturing keyboard events save as one single string -

sql server - Why does Linq-to-SQL add unnecessary COUNT()? -