On Fri, Sep 10, 2010 at 5:59 PM, Xiaofan Chen <[email protected]> wrote:
>> Not sure here, it could be here undefined references DLLs, or
>> unavailable API. You can check imports here by using objdump -x
>> <driver> to see more details.
>
> I will check that.
Even though the issue seems to be solved, I still want to provide the
information just in case there are other issues. The modifications
are kind of proof-of-concept and may need more clean-up.
mc...@win7homex64_pc /d/work/mingw-w64/libusb-win32-src-1.2.1.20
$ objdump -x libusb0.sys
libusb0.sys: file format pei-x86-64
libusb0.sys
architecture: i386:x86-64, flags 0x00000103:
HAS_RELOC, EXEC_P, D_PAGED
start address 0x0000000068642aa0
Characteristics 0x222e
executable
line numbers stripped
symbols stripped
large address aware
debugging information removed
DLL
Time/Date Fri Sep 10 22:07:21 2010
Magic 020b (PE32+)
MajorLinkerVersion 2
MinorLinkerVersion 20
SizeOfCode 00006600
SizeOfInitializedData 00002e00
SizeOfUninitializedData 00000200
AddressOfEntryPoint 0000000000002aa0
BaseOfCode 0000000000001000
ImageBase 0000000068640000
SectionAlignment 0000000000001000
FileAlignment 0000000000000200
MajorOSystemVersion 4
MinorOSystemVersion 0
MajorImageVersion 0
MinorImageVersion 0
MajorSubsystemVersion 5
MinorSubsystemVersion 2
Win32Version 00000000
SizeOfImage 00010000
SizeOfHeaders 00000400
CheckSum 0000f613
Subsystem 00000003 (Windows CUI)
DllCharacteristics 00000000
SizeOfStackReserve 0000000000200000
SizeOfStackCommit 0000000000001000
SizeOfHeapReserve 0000000000100000
SizeOfHeapCommit 0000000000001000
LoaderFlags 00000000
NumberOfRvaAndSizes 00000010
The Data Directory
Entry 0 000000000000c000 0000004a Export Directory [.edata (or where ever we fou
nd it)]
Entry 1 000000000000d000 000007a8 Import Directory [parts of .idata]
Entry 2 000000000000e000 000003b0 Resource Directory [.rsrc]
Entry 3 0000000000000000 00000000 Exception Directory [.pdata]
Entry 4 0000000000000000 00000000 Security Directory
Entry 5 000000000000f000 00000030 Base Relocation Directory [.reloc]
Entry 6 0000000000000000 00000000 Debug Directory
Entry 7 0000000000000000 00000000 Description Directory
Entry 8 0000000000000000 00000000 Special Directory
Entry 9 0000000000000000 00000000 Thread Storage Directory [.tls]
Entry a 0000000000000000 00000000 Load Configuration Directory
Entry b 0000000000000000 00000000 Bound Import Directory
Entry c 0000000000000000 00000000 Import Address Table Directory
Entry d 0000000000000000 00000000 Delay Import Directory
Entry e 0000000000000000 00000000 CLR Runtime Header
Entry f 0000000000000000 00000000 Reserved
There is an import table in .idata at 0x6864d000
The Import Tables (interpreted .idata section contents)
vma: Hint Time Forward DLL First
Table Stamp Chain Name Thunk
0000d000 0000d03c 00000000 00000000 0000d6d4 0000d1c4
DLL Name: USBD.SYS
vma: Hint/Ord Member-Name Bound-To
d34c 4 USBD_CreateConfigurationRequestEx
0000d014 0000d04c 00000000 00000000 0000d798 0000d1d4
DLL Name: ntoskrnl.exe
vma: Hint/Ord Member-Name Bound-To
d370 65 DbgPrint
d37c 115 ExAllocatePool
d38e 141 ExFreePool
d39c 424 IoAcquireCancelSpinLock
d3b6 433 IoAllocateIrp
d3c6 434 IoAllocateMdl
d3d6 443 IoAttachDeviceToDeviceStack
d3f4 446 IoBuildDeviceIoControlRequest
d414 447 IoBuildPartialMdl
d428 451 IoCancelIrp
d436 467 IoCreateDevice
d448 477 IoCreateSymbolicLink
d460 488 IoDeleteDevice
d472 490 IoDeleteSymbolicLink
d48a 491 IoDetachDevice
d49c 508 IoFreeIrp
d4a8 509 IoFreeMdl
d4b4 515 IoGetAttachedDeviceReference
d4d4 527 IoGetDeviceProperty
d4ea 564 IoOpenDeviceRegistryKey
d504 592 IoReleaseCancelSpinLock
d51e 680 IofCallDriver
d52e 681 IofCompleteRequest
d544 767 KeInitializeEvent
d558 878 KeSetEvent
d566 913 KeWaitForSingleObject
d57e 986 MmMapLockedPagesSpecifyCache
d59e 1170 ObfDereferenceObject
d5b6 1185 PoCallDriver
d5c6 1200 PoRequestPowerIrp
d5da 1206 PoSetPowerState
d5ec 1211 PoStartNextPowerIrp
d602 1438 RtlFreeAnsiString
d616 1477 RtlInitUnicodeString
d62e 1622 RtlUnicodeStringToAnsiString
d64e 1826 ZwClose
d658 1939 ZwQueryValueKey
d66a 2012 _snprintf
d676 2015 _snwprintf
d684 2020 _strlwr
d68e 2034 _vsnprintf
d69c 2066 memcpy
d6a6 2068 memmove
d6b0 2070 memset
d6ba 2084 strlen
d6c4 2093 strstr
0000d028 00000000 00000000 00000000 00000000 00000000
There is an export table in .edata at 0x6864c000
The Export Tables (interpreted .edata section contents)
Export Flags 0
Time/Date stamp 4c8a3b99
Major/Minor 0/0
Name 000000000000c032 libusb0.sys
Ordinal Base 1
Number in:
Export Address Table 00000001
[Name Pointer/Ordinal] Table 00000001
Table Addresses
Export Address Table 000000000000c028
Name Pointer Table 000000000000c02c
Ordinal Table 000000000000c030
Export Address Table -- Ordinal Base 1
[ 0] +base[ 1] 2aa0 Export RVA
[Ordinal/Name Pointer] Table
[ 0] DriverEntry
PE File Base Relocations (interpreted .reloc section contents)
Virtual Address: 00008000 Chunk size 48 (0x30) Number of fixups 20
reloc 0 offset 0 [8000] DIR64
reloc 1 offset 8 [8008] DIR64
reloc 2 offset 20 [8020] DIR64
reloc 3 offset 28 [8028] DIR64
reloc 4 offset 30 [8030] DIR64
reloc 5 offset 38 [8038] DIR64
reloc 6 offset 40 [8040] DIR64
reloc 7 offset 48 [8048] DIR64
reloc 8 offset 50 [8050] DIR64
reloc 9 offset 58 [8058] DIR64
reloc 10 offset 60 [8060] DIR64
reloc 11 offset 80 [8080] DIR64
reloc 12 offset 88 [8088] DIR64
reloc 13 offset 90 [8090] DIR64
reloc 14 offset 98 [8098] DIR64
reloc 15 offset a0 [80a0] DIR64
reloc 16 offset a8 [80a8] DIR64
reloc 17 offset b0 [80b0] DIR64
reloc 18 offset b8 [80b8] DIR64
reloc 19 offset 0 [8000] ABSOLUTE
Sections:
Idx Name Size VMA LMA File off Algn
0 .text 000064b0 0000000068641000 0000000068641000 00000400 2**4
CONTENTS, ALLOC, LOAD, READONLY, CODE
1 .data 000000e0 0000000068648000 0000000068648000 00006a00 2**5
CONTENTS, ALLOC, LOAD, DATA
2 .rdata 00001b20 0000000068649000 0000000068649000 00006c00 2**4
CONTENTS, ALLOC, LOAD, READONLY, DATA
3 .bss 00000030 000000006864b000 000000006864b000 00000000 2**4
ALLOC
4 .edata 0000004a 000000006864c000 000000006864c000 00008800 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
5 .idata 000007a8 000000006864d000 000000006864d000 00008a00 2**2
CONTENTS, ALLOC, LOAD, DATA
6 .rsrc 000003b0 000000006864e000 000000006864e000 00009200 2**2
CONTENTS, ALLOC, LOAD, DATA
7 .reloc 00000030 000000006864f000 000000006864f000 00009600 2**2
CONTENTS, ALLOC, LOAD, READONLY, DATA
SYMBOL TABLE:
no symbols
--
Xiaofan
------------------------------------------------------------------------------
Automate Storage Tiering Simply
Optimize IT performance and efficiency through flexible, powerful,
automated storage tiering capabilities. View this brief to learn how
you can reduce costs and improve performance.
http://p.sf.net/sfu/dell-sfdev2dev
_______________________________________________
Mingw-w64-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/mingw-w64-public
