From fa8eafcb38aea1305ef9d1b891cddc8c25e50fc1 Mon Sep 17 00:00:00 2001
From: Eugene Ingerman <geneing@myrealbox.com>
Date: Fri, 4 Jan 2002 23:37:29 +0000
Subject: [PATCH] Porting pice. Added coff symbol parsing to pice, and some
 other small things.

svn path=/trunk/; revision=2486
---
 reactos/apps/utils/pice/loader/main.c    |  72 ++-
 reactos/apps/utils/pice/loader/makefile  |  42 +-
 reactos/apps/utils/pice/loader/stdinc.h  |   6 +-
 reactos/apps/utils/pice/module/init.c    | 159 +++---
 reactos/apps/utils/pice/module/patch.c   |  32 +-
 reactos/apps/utils/pice/module/symbols.c | 623 ++++++++++++-----------
 reactos/apps/utils/pice/module/symbols.h |  27 +-
 reactos/apps/utils/pice/module/utils.c   |  19 +
 reactos/apps/utils/pice/module/vga.c     |  70 +--
 reactos/apps/utils/pice/shared/shared.h  |   4 +-
 10 files changed, 591 insertions(+), 463 deletions(-)

diff --git a/reactos/apps/utils/pice/loader/main.c b/reactos/apps/utils/pice/loader/main.c
index 54d852abafa..2e5ddbc3396 100644
--- a/reactos/apps/utils/pice/loader/main.c
+++ b/reactos/apps/utils/pice/loader/main.c
@@ -32,6 +32,7 @@ Copyright notice:
 ///////////////////////////////////////////////////////////////////////////////////
 // includes
 #include "stdinc.h"
+#include <wchar.h>
 
 ///////////////////////////////////////////////////////////////////////////////////
 // constant defines
@@ -53,7 +54,7 @@ ULONG ulGlobalVerbose = 0;
 ///////////////////////////////////////////////////////////////////////////////////
 void process_stabs(
 	char* pExeName,	// name of exe
-	int fileout,	// symbol file handle
+	HANDLE fileout,	// symbol file handle
 	PIMAGE_SECTION_HEADER section, //Elf32_Shdr* pSHdr,
 	int sectionHeadersSize, //int	nSHdrSize,
 	void* p,		// ptr to memory where whole exe was read
@@ -74,6 +75,8 @@ void process_stabs(
 	LPSTR pSlash,pDot;
 	char temp[2048];
 	char* pCopyExeName = temp;
+	WCHAR tempstr[64];
+	DWORD wrote;
 
     //printf("LOADER: enter process_stabs()\n");
 
@@ -91,7 +94,10 @@ void process_stabs(
 	{
 		pCopyExeName = pSlash+1;
 	}
-	strcpy(SymbolFileHeader.name,pCopyExeName);
+	strLen = MultiByteToWideChar(CP_ACP, NULL, pCopyExeName, -1, tempstr, 64 );
+	if( !strLen )
+		printf("Cannot convert string to multibyte: %s\n", pCopyExeName );
+	wcscpy(SymbolFileHeader.name,tempstr);
 
     for(i=0;i<(nStabLen/sizeof(STAB_ENTRY));i++)
     {
@@ -219,22 +225,25 @@ void process_stabs(
     SymbolFileHeader.ulOffsetToSrcFiles = sizeof(PICE_SYMBOLFILE_HEADER)+sectionHeadersSize+nGlobalLen+nGlobalStrLen+nStabLen+nStrLen;
     SymbolFileHeader.ulNumberOfSrcFiles = ulCurrentSrcFile;
 
-	write(fileout,&SymbolFileHeader,sizeof(SymbolFileHeader));
-	write(fileout,section,sectionHeadersSize);
-	write(fileout,pGlobals,nGlobalLen);
-	write(fileout,pGlobalsStr,nGlobalStrLen);
-	write(fileout,pStab,nStabLen);
-	write(fileout,pStr,nStrLen);
+	printf("sectionHeaderSize: %ld, nGlobalLen: %ld, nGlobalStrLen: %ld, nStabLen: %ld,
+			nStrLen: %ld, ulCurrentSrcFile: %ld, ulOffsetToStabs: %ld \n", sectionHeadersSize, nGlobalLen, nGlobalStrLen,
+			nStabLen, nStrLen, ulCurrentSrcFile, SymbolFileHeader.ulOffsetToStabs);
+	WriteFile(fileout,&SymbolFileHeader,sizeof(PICE_SYMBOLFILE_HEADER),&wrote, NULL);
+	WriteFile(fileout,section,sectionHeadersSize,&wrote, NULL);
+	WriteFile(fileout,pGlobals,nGlobalLen,&wrote, NULL);
+	WriteFile(fileout,pGlobalsStr,nGlobalStrLen,&wrote, NULL);
+	WriteFile(fileout,pStab,nStabLen,&wrote, NULL);
+	WriteFile(fileout,pStr,nStrLen,&wrote, NULL);
 
     for(i=0;i<ulCurrentSrcFile;i++)
     {
-        int file;
+        HANDLE file;
         int len;
         PVOID pFile;
         PICE_SYMBOLFILE_SOURCE pss;
 
-        file = _open(SrcFileNames[i],O_RDONLY);
-		if( file <= 0 ){
+        file = CreateFile(SrcFileNames[i],O_RDONLY, 0, NULL, OPEN_EXISTING, 0, 0);
+		if( file == INVALID_HANDLE_VALUE ){
 			//let's try win format drive:/file
 			char srctmp[2048];
 			strcpy(srctmp, SrcFileNames[i] );
@@ -242,19 +251,19 @@ void process_stabs(
 				*(srctmp) = *(srctmp+2);
 				*(srctmp+1) = ':';
 				*(srctmp+2) = '/';
-				file = _open(srctmp,O_RDONLY);
-				if( file <= 0 )
+				file = CreateFile(srctmp,O_RDONLY, 0, NULL, OPEN_EXISTING, 0, 0);
+				if( file == INVALID_HANDLE_VALUE )
 					printf("Can't open file: %s\n", srctmp );
 			}
 		}
-        if(file>0)
+        if(file != INVALID_HANDLE_VALUE)
         {
             //printf("LOADER: [%u] opened %s as FD %x\n",i,SrcFileNames[i],file);
 
-            len = _lseek(file,0,SEEK_END);
+            len = SetFilePointer(file,0,NULL,FILE_END);
             //printf("LOADER: length = %x\n",(int)len);
 
-            _lseek(file,0,SEEK_SET);
+            SetFilePointer(file,0,NULL,FILE_BEGIN);
 
             strcpy(pss.filename,SrcFileNames[i]);
             pss.ulOffsetToNext = len+sizeof(PICE_SYMBOLFILE_SOURCE);
@@ -264,15 +273,15 @@ void process_stabs(
             if(pFile)
             {
                 //printf("LOADER: reading file...\n");
-                _read(file,pFile,len);
+                ReadFile(file,pFile,len,&wrote,NULL);
 
-                _write(fileout,&pss,sizeof(PICE_SYMBOLFILE_SOURCE));
+                WriteFile(fileout,&pss,sizeof(PICE_SYMBOLFILE_SOURCE),&wrote, NULL);
                 //printf("LOADER: writing file...\n");
-                _write(fileout,pFile,len);
+                WriteFile(fileout,pFile,len,&wrote, NULL);
                 free(pFile);
             }
 
-            _close(file);
+            CloseHandle(file);
         }
 
     }
@@ -329,7 +338,7 @@ int process_pe(char* filename,int file,void* p,int len)
 	char* pSymTab;
 
 	char szSymName[2048];
-	int fileout;
+	HANDLE fileout;
 	int nSymStrLen,nStabStrLen;
     int iRetVal = 0;
 
@@ -346,9 +355,8 @@ int process_pe(char* filename,int file,void* p,int len)
 			nSym = pNTHeaders->FileHeader.NumberOfSymbols;
 			//string table follows immediately after symbol table. first 4 bytes give the length of the table
 			//references to string table include the first 4 bytes.
-			pStrTab = (PIMAGE_SYMBOL)pSymTab + nSym;
+			pStrTab = (char*)((PIMAGE_SYMBOL)pSymTab + nSym);
 			nSymStrLen = *((DWORD*)pStrTab);
-
 			find_stab_sections(p,IMAGE_FIRST_SECTION(pNTHeaders),pNTHeaders->FileHeader.NumberOfSections,
 					&pStab,&nStabLen,&pStr,&nStabStrLen);
 
@@ -370,24 +378,32 @@ int process_pe(char* filename,int file,void* p,int len)
 				//printf("LOADER: symbol file name = %s\n",szSymName);
 	            printf("LOADER: creating symbol file %s for %s\n",szSymName,filename);
 
-	            fileout = _creat(szSymName, _S_IREAD | _S_IWRITE );     // make r/w
-	            if(fileout != -1)
+				fileout = CreateFile(szSymName,
+								     GENERIC_READ | GENERIC_WRITE,
+								     0,
+								     NULL,
+								     CREATE_ALWAYS,
+								     0,
+								     0);
+
+	            if(fileout != INVALID_HANDLE_VALUE)
 				{
+					printf("NumberOfSections: %d, size: %d\n", pNTHeaders->FileHeader.NumberOfSections,sizeof(IMAGE_SECTION_HEADER));
 					process_stabs(szSymName,
 								  fileout,
 								  IMAGE_FIRST_SECTION(pNTHeaders),
-								  pNTHeaders->FileHeader.NumberOfSections*sizeof(PIMAGE_SECTION_HEADER),
+								  pNTHeaders->FileHeader.NumberOfSections*sizeof(IMAGE_SECTION_HEADER),
 								  p,
 								  pStab,
 								  nStabLen,
 								  pStr,
 								  nStabStrLen,
 								  (char*)pSymTab,
-								  nSym,
+								  nSym*sizeof(IMAGE_SYMBOL),
 								  pStrTab,
 								  nSymStrLen);
 
-					close(fileout);
+					CloseHandle(fileout);
 				}
 	            else
 	            {
diff --git a/reactos/apps/utils/pice/loader/makefile b/reactos/apps/utils/pice/loader/makefile
index 11e9ced7ae7..ab27ea9ace0 100644
--- a/reactos/apps/utils/pice/loader/makefile
+++ b/reactos/apps/utils/pice/loader/makefile
@@ -1,15 +1,37 @@
-CC = gcc
-CFLAGS := -Wall -fomit-frame-pointer -O2  -DLINUX
-LDFLAGS := -dynamic
+#CC = gcc
+#CFLAGS := -g -Wall -fomit-frame-pointer -O2
+#LDFLAGS := -dynamic
 #-lncurses
 
-OBJS = main.o terminal.o
+#OBJS = main.o terminal.o
+#
+
+#loader: 	$(OBJS)
+#		$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^
+
+#clean:
+#		@echo deleting all intermediate files
+#		@rm $(OBJS) loader -f
+#		make
 
 
-loader: 	$(OBJS)
-		$(CC) $(LDFLAGS) $(CFLAGS) -o $@ $^
+PATH_TO_TOP = ../../..
+
+TARGET_NORC = yes
+
+TARGET_TYPE = program
+
+TARGET_APPTYPE = console
+
+TARGET_NAME = loader
+
+TARGET_CFLAGS = -g -fomit-frame-pointer
+
+TARGET_SDKLIBS =
+
+TARGET_OBJECTS = main.o terminal.o
+
+include $(PATH_TO_TOP)/rules.mak
+
+include $(TOOLS_PATH)/helper.mk
 
-clean:
-		@echo deleting all intermediate files
-		@rm $(OBJS) loader -f
-		make
diff --git a/reactos/apps/utils/pice/loader/stdinc.h b/reactos/apps/utils/pice/loader/stdinc.h
index 8e5eb4c9392..6a7b82431dc 100644
--- a/reactos/apps/utils/pice/loader/stdinc.h
+++ b/reactos/apps/utils/pice/loader/stdinc.h
@@ -2,9 +2,11 @@
 #include <string.h>
 #include <malloc.h>
 #include <io.h>
+
 //#include <ddk/winnt.h>
 #include <windows.h>
-#include <winnt.h>
+
+//#include <winnt.h>
 #include <sys/types.h>
 //#include <sys/wait.h>
 //#include <sys/ioctl.h>
@@ -15,7 +17,7 @@
 //#include <unistd.h>
 //#include <linux/unistd.h>
 
-//#include "../../../include/pe.h"
+#include "../../../include/pe.h"
 #include "stab_gnu.h"
 //#include "retypes.h"
 //#include "terminal.h"
diff --git a/reactos/apps/utils/pice/module/init.c b/reactos/apps/utils/pice/module/init.c
index 8a94134dd49..2e8d0302300 100644
--- a/reactos/apps/utils/pice/module/init.c
+++ b/reactos/apps/utils/pice/module/init.c
@@ -1,28 +1,28 @@
 /*++
 
 Copyright (c) 1998-2001 Klaus P. Gerlicher
- 
+
 Module Name:
-  
+
     init.c
-   
+
 Abstract:
 
     initialisation and cleanup of debugger kernel module
-    
+
 Environment:
-     
+
     Kernel mode only
-      
-Author: 
-       
+
+Author:
+
     Klaus P. Gerlicher
-        
+
 Revision History:
-         
+
     25-Jan-1999:	created
     15-Nov-2000:    general cleanup of source files
-          
+
 Copyright notice:
 
   This file may be distributed under the terms of the GNU Public License.
@@ -46,12 +46,16 @@ ULONG ulDoInitialBreak=1;
 char szBootParams[1024]="";
 char tempInit[256];
 
-//************************************************************************* 
-// InitPICE() 
-// 
-//************************************************************************* 
-BOOLEAN InitPICE(void) 
-{ 
+PDIRECTORY_OBJECT *pNameSpaceRoot = NULL;
+PDEBUG_MODULE pdebug_module_tail = NULL;
+PDEBUG_MODULE pdebug_module_head = NULL;
+
+//*************************************************************************
+// InitPICE()
+//
+//*************************************************************************
+BOOLEAN InitPICE(void)
+{
     ULONG ulHandleScancode=0,ulHandleKbdEvent=0;
 	ARGS Args;
 
@@ -67,25 +71,25 @@ BOOLEAN InitPICE(void)
     {
         DPRINT((0,"InitPICE: LoadSymbolsFromConfig() failed\n"));
         LEAVE_FUNC();
-        return FALSE; 
+        return FALSE;
     }
 
     DPRINT((0,"InitPICE(): trace step 3\n"));
-    // init the output console 
+    // init the output console
 	// this might be one of the following depending setup
 	// a) monochrome card
 	// b) serial terminal (TODO)
-    if(!ConsoleInit()) 
-    { 
+    if(!ConsoleInit())
+    {
         DPRINT((0,"InitPICE: ConsoleInit() failed\n"));
         UnloadSymbols();
         LEAVE_FUNC();
-        return FALSE; 
-    } 
+        return FALSE;
+    }
 
     DPRINT((0,"InitPICE(): trace step 4\n"));
     // print the initial screen template
-    PrintTemplate(); 
+    PrintTemplate();
 
     DPRINT((0,"InitPICE(): trace step 5\n"));
 	// ask the user if he wants to abort the debugger load
@@ -143,11 +147,12 @@ BOOLEAN InitPICE(void)
 	}
 
     DPRINT((0,"InitPICE(): trace step 9\n"));
-    // the loaded module list
-    ScanExports("module_list",(PULONG)&pmodule_list);
-    if(!pmodule_list)
+
+	// the loaded module list
+	ScanExports("_NameSpaceRoot", (PULONG)pNameSpaceRoot);
+    if(!pNameSpaceRoot)
 	{
-		Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't retreive kernel module list)\n");
+		Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't retreive name space root)\n");
 		Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
         while(!GetKeyPolled());
 		UnloadExports();
@@ -158,11 +163,12 @@ BOOLEAN InitPICE(void)
 	}
 
     DPRINT((0,"InitPICE(): trace step 10\n"));
-    // setup a fake module struct for use by symbol routines
-    if(!InitFakeKernelModule())
+    // setup a linked list for use in module parsing routines.
+	if(!InitModuleList(&pdebug_module_head, 100))
 	{
-		Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't initialize kernel module)\n");
+		Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't initialize kernel module list)\n");
 		Print(OUTPUT_WINDOW,"pICE: press any key to continue...\n");
+		FreeModuleList( pdebug_module_head );
         while(!GetKeyPolled());
 		UnloadExports();
         UnloadSymbols();
@@ -170,6 +176,7 @@ BOOLEAN InitPICE(void)
         LEAVE_FUNC();
 		return FALSE;
 	}
+	pdebug_module_tail = pdebug_module_head;
 
     DPRINT((0,"InitPICE(): trace step 11\n"));
     // do a sanity check on exports
@@ -186,11 +193,11 @@ BOOLEAN InitPICE(void)
     }
 
     DPRINT((0,"InitPICE(): trace step 12\n"));
-    
+
 
     DPRINT((0,"InitPICE(): trace step 13\n"));
     // patch the keyboard driver
-    
+
 	if(PatchKeyboardDriver())
 	{
 		Print(OUTPUT_WINDOW,"pICE: ABORT (couldn't patch keyboard driver)\n");
@@ -205,30 +212,30 @@ BOOLEAN InitPICE(void)
 
     DPRINT((0,"InitPICE(): trace step 14\n"));
     // partial init of shadow registers
-    CurrentCS = GLOBAL_CODE_SEGMENT; 
-    CurrentEIP = (ULONG)RealIsr; 
-    
-    CurrentDS = CurrentSS = GLOBAL_DATA_SEGMENT; 
+    CurrentCS = GLOBAL_CODE_SEGMENT;
+    CurrentEIP = (ULONG)RealIsr;
+
+    CurrentDS = CurrentSS = GLOBAL_DATA_SEGMENT;
     __asm__("
             mov %%esp,%%eax
             mov %%eax,CurrentESP
             ":::"eax");
-        
-   
+
+
     // display version and symbol information
     Ver(NULL);
-    
+
     // disable HW breakpoints
-	__asm__(" 
+	__asm__("
 		xorl %%eax,%%eax
-		mov %%eax,%%dr6 
+		mov %%eax,%%dr6
 		mov %%eax,%%dr7
         mov %%dr0,%%eax
         mov %%dr1,%%eax
         mov %%dr2,%%eax
         mov %%dr3,%%eax"
 		:::"eax"
-		); 
+		);
 
     DPRINT((0,"InitPICE(): trace step 15\n"));
     TakeIdtSnapshot();
@@ -238,7 +245,7 @@ BOOLEAN InitPICE(void)
     InstallTraceHook();
     InstallGlobalKeyboardHook();
     InstallSyscallHook();
-    InstallInt3Hook();    
+    InstallInt3Hook();
     InstallPrintkHook();
     InstallDblFltHook();
     InstallGPFaultHook();
@@ -247,48 +254,48 @@ BOOLEAN InitPICE(void)
     DPRINT((0,"InitPICE(): trace step 16\n"));
     if(ulDoInitialBreak)
     {
-        DPRINT((0,"about to do initial break...\n")); 
-        
-        // simulate an initial break 
-        __asm__(" 
-            pushfl 
-            pushl %cs 
-            pushl $initialreturnpoint 
+        DPRINT((0,"about to do initial break...\n"));
+
+        // simulate an initial break
+        __asm__("
+            pushfl
+            pushl %cs
+            pushl $initialreturnpoint
             pushl $" STR(REASON_CTRLF) "
-            jmp NewInt31Handler 
+            jmp NewInt31Handler
 initialreturnpoint:");
     }
     else
     {
-        // display register contents 
-        DisplayRegs(); 
-    
-        // display data window 
-        Args.Value[0]=CurrentDS; 
-        Args.Value[1]=CurrentEIP; 
-        Args.Count=2; 
-        DisplayMemory(&Args); 
-    
-        // disassembly from current address 
-        Args.Value[0]=CurrentCS; 
-        Args.Value[1]=CurrentEIP; 
-        Args.Count=2; 
-        Unassemble(&Args); 
+        // display register contents
+        DisplayRegs();
+
+        // display data window
+        Args.Value[0]=CurrentDS;
+        Args.Value[1]=CurrentEIP;
+        Args.Count=2;
+        DisplayMemory(&Args);
+
+        // disassembly from current address
+        Args.Value[0]=CurrentCS;
+        Args.Value[1]=CurrentEIP;
+        Args.Count=2;
+        Unassemble(&Args);
     }
 
     DPRINT((0,"InitPICE(): trace step 17\n"));
 	InitPiceRunningTimer();
 
     LEAVE_FUNC();
-    return TRUE; 
-} 
+    return TRUE;
+}
 
-//************************************************************************* 
-// CleanUpPICE() 
-// 
-//************************************************************************* 
-void CleanUpPICE(void) 
-{ 
+//*************************************************************************
+// CleanUpPICE()
+//
+//*************************************************************************
+void CleanUpPICE(void)
+{
     DPRINT((0,"CleanUpPICE(): trace step 1\n"));
 	RemovePiceRunningTimer();
 
@@ -308,7 +315,7 @@ void CleanUpPICE(void)
 
     DPRINT((0,"CleanUpPICE(): trace step 4\n"));
     UnloadExports(); // don't use ScanExports() after this
-    UnloadSymbols(); 
+    UnloadSymbols();
 
     DPRINT((0,"CleanUpPICE(): trace step 5\n"));
     // restore patch of keyboard driver
@@ -319,5 +326,5 @@ void CleanUpPICE(void)
 
     DPRINT((0,"CleanUpPICE(): trace step 7\n"));
     // cleanup the console
-	ConsoleShutdown(); 
+	ConsoleShutdown();
 }
diff --git a/reactos/apps/utils/pice/module/patch.c b/reactos/apps/utils/pice/module/patch.c
index 3a6d0295322..e4b1c77fa36 100644
--- a/reactos/apps/utils/pice/module/patch.c
+++ b/reactos/apps/utils/pice/module/patch.c
@@ -37,7 +37,7 @@ Copyright notice:
 #include "remods.h"
 #include "precomp.h"
 
-#include <asm/system.h>
+//#include <asm/system.h>
 
 #include <ddk/ntddkbd.h>
 #include <ddk/ntdd8042.h>
@@ -59,7 +59,7 @@ UCHAR ucBreakKey = 'D'; // key that will break into debugger in combination with
 ////
 
 //***********************************************************************************
-//	PiceKbdIsr - keyboard isr hook routine. 
+//	PiceKbdIsr - keyboard isr hook routine.
 //	IsrContext - context that we passed to keyboard driver in  internal iocontrol
 //	pCurrentInput, pCurrentOutput - not implemented yet
 //	StatusByte -  keyboard status register
@@ -85,7 +85,7 @@ BOOLEAN PiceKbdIsr (
 	// BUG!! should protect with spinlock since bControl is static.
     DPRINT((0,"PiceKbdIsr(%x,%u)\n",pByte,isDown));
     DPRINT((0,"PiceKbdIsr(1): bControl = %u bForward = %u bEnterNow = %u\n",bControl,bForward,bEnterNow));
-	
+
 	if(isDown)
 	{
         // CTRL pressed
@@ -121,7 +121,7 @@ BOOLEAN PiceKbdIsr (
 	*ContinueProcessing = bForward;
     LEAVE_FUNC();
 	return TRUE;
-}	
+}
 
 //***********************************************************************************
 //	PiceSendIoctl - send internal_io_control to the driver
@@ -145,9 +145,9 @@ NTSTATUS PiceSendIoctl(PDEVICE_OBJECT Target, ULONG Ioctl,
 
     if (NULL == (irp = IoBuildDeviceIoControlRequest(Ioctl,
                                                      Target,
-                                                     InputBuffer,       
+                                                     InputBuffer,
                                                      InputBufferLength,
-                                                     0, 
+                                                     0,
                                                      0,
                                                      TRUE,
                                                      &event,
@@ -158,12 +158,12 @@ NTSTATUS PiceSendIoctl(PDEVICE_OBJECT Target, ULONG Ioctl,
     status = IoCallDriver(Target, irp);
 
     if (STATUS_PENDING == status) {
-        
+
 		status = KeWaitForSingleObject(&event,
                                        Executive,
                                        KernelMode,
-                                       FALSE, 
-                                       NULL); 
+                                       FALSE,
+                                       NULL);
 
         assert(STATUS_SUCCESS == status);
         status = iosb.Status;
@@ -174,7 +174,7 @@ NTSTATUS PiceSendIoctl(PDEVICE_OBJECT Target, ULONG Ioctl,
 
 //**************************************************
 // PatchKeyboardDriver - set keyboard driver hook.
-// We use interface supported by standard keyboard drivers. 
+// We use interface supported by standard keyboard drivers.
 //**************************************************
 BOOLEAN PatchKeyboardDriver(void)
 {
@@ -191,21 +191,21 @@ BOOLEAN PatchKeyboardDriver(void)
 	//Get pointer to keyboard device
     if( !NT_SUCCESS( IoGetDeviceObjectPointer( &DevName, FILE_READ_ACCESS, &FO, &kbdDevice ) ) )
 		return FALSE;
-			
+
 	phkData = ExAllocatePool( PagedPool, sizeof( INTERNAL_I8042_HOOK_KEYBOARD ) );
 	RtlZeroMemory( phkData, sizeof( INTERNAL_I8042_HOOK_KEYBOARD ) );
-	
+
 	phkData->IsrRoutine = (PI8042_KEYBOARD_ISR) PiceKbdIsr;
 	phkData->Context = (PVOID) NULL; //DeviceObject;
 
 	//call keyboard device internal io control to hook keyboard input stream
-	status = PiceSendIoctl( kbdDevice, IOCTL_INTERNAL_I8042_HOOK_KEYBOARD, 
+	status = PiceSendIoctl( kbdDevice, IOCTL_INTERNAL_I8042_HOOK_KEYBOARD,
 			phkData, sizeof( INTERNAL_I8042_HOOK_KEYBOARD ) );
 
-		
+
 	ObDereferenceObject(FO);
 	ExFreePool(phkData);
-    
+
 	LEAVE_FUNC();
 
     return NT_SUCCESS(status);
@@ -216,4 +216,4 @@ void RestoreKeyboardDriver(void)
     ENTER_FUNC();
     DbgPrint("RestoreKeyboardDriver: Not Implemented yet!!!\n");
 	LEAVE_FUNC();
-} 
+}
diff --git a/reactos/apps/utils/pice/module/symbols.c b/reactos/apps/utils/pice/module/symbols.c
index 18cc66b2aa9..31d06289d2b 100644
--- a/reactos/apps/utils/pice/module/symbols.c
+++ b/reactos/apps/utils/pice/module/symbols.c
@@ -43,6 +43,16 @@ Copyright notice:
 #include <asm/delay.h>
 #include <linux/ctype.h>
 
+#include <ntdll/ldr.h>
+#include <ntdll/rtl.h>
+#include <internal/ps.h>
+#include <internal/ob.h>
+#include <internal/module.h>
+
+#define NDEBUG
+#include <debug.h>
+
+
 PVOID pExports=0;
 ULONG ulExportLen=0;
 
@@ -83,43 +93,194 @@ ULONG ulNumStructMembers;
 
 BOOLEAN Expression(PVRET pvr);
 
-//*************************************************************************
-// InitFakeKernelModule()
-//
-//*************************************************************************
-BOOLEAN InitFakeKernelModule(void)
+extern PDIRECTORY_OBJECT *pNameSpaceRoot;
+extern PDEBUG_MODULE pdebug_module_tail;
+extern PDEBUG_MODULE pdebug_module_head;
+
+
+PVOID HEADER_TO_BODY(POBJECT_HEADER obj)
 {
-    struct module* pMod;
-
-    ENTER_FUNC();
-
-    if(pmodule_list)
-    {
-
-	    DPRINT((0,"InitFakeKernelModule(): *pmodule_list = %x\n",(ULONG)*pmodule_list));
-		if(IsAddressValid((ULONG)*pmodule_list) )
-		{
-			pMod = *pmodule_list;
-			DPRINT((0,"InitFakeKernelModule(): start pMod = %x\n",(ULONG)pMod));
-			do
-			{
-				if(!pMod->size)
-				{
-					DPRINT((0,"InitFakeKernelModule(): pMod = %x\n",(ULONG)pMod));
-					fake_kernel_module = * pMod;
-					PICE_strcpy((LPSTR)(fake_kernel_module.name),"vmlinux");
-					fake_kernel_module.size = kernel_end - KERNEL_START;
-				    DPRINT((0,"InitFakeKernelModule(): SUCCESS\n"));
-                    LEAVE_FUNC();
-					return TRUE;
-				}
-			}while((pMod = pMod->next));
-		}
-    }
-    LEAVE_FUNC();
-	return FALSE;
+   return(((void *)obj)+sizeof(OBJECT_HEADER)-sizeof(COMMON_BODY_HEADER));
 }
 
+POBJECT_HEADER BODY_TO_HEADER(PVOID body)
+{
+   PCOMMON_BODY_HEADER chdr = (PCOMMON_BODY_HEADER)body;
+   return(CONTAINING_RECORD((&(chdr->Type)),OBJECT_HEADER,Type));
+}
+
+/*-----------------12/26/2001 7:59PM----------------
+ * FreeModuleList - free list allocated with InitModuleList. Must
+ * be called at passive irql.
+ * --------------------------------------------------*/
+VOID FreeModuleList( PDEBUG_MODULE pm )
+{
+	PDEBUG_MODULE pNext = pm;
+
+	ENTER_FUNC();
+
+	while( pNext ){
+		pNext = pm->next;
+		RtlFreeUnicodeString( &(pm->name) );
+		ExFreePool( pm );
+	}
+	LEAVE_FUNC();
+}
+
+/*-----------------12/26/2001 7:58PM----------------
+ * InitModuleList - creates linked list of length len for debugger. Can't be
+ * called at elevated IRQL
+ * --------------------------------------------------*/
+BOOLEAN InitModuleList( PDEBUG_MODULE *ppmodule, ULONG len )
+{
+	ULONG i;
+	PDEBUG_MODULE pNext = NULL, pm = *ppmodule;
+
+	ENTER_FUNC();
+
+	assert(pm==NULL);
+
+	for(i=1;i<=len;i++){
+		pm = (PDEBUG_MODULE)ExAllocatePool( NonPagedPool, sizeof( DEBUG_MODULE ) );
+		if( !pm ){
+			FreeModuleList(pNext);
+			return FALSE;
+		}
+		pm->next = pNext;
+		pm->size = 0;
+		pm->BaseAddress = NULL;
+		RtlCreateUnicodeString(&(pm->name), L"                   \0");
+		//DbgPrint("len1: %d\n", pm->name.Length);
+		pNext = pm;
+	}
+	*ppmodule = pm;
+
+	LEAVE_FUNC();
+
+	return TRUE;
+}
+
+BOOLEAN ListUserModules( PPEB peb )
+{
+	PLIST_ENTRY ModuleListHead;
+	PLIST_ENTRY Entry;
+	PLDR_MODULE Module;
+
+	ENTER_FUNC();
+
+	ModuleListHead = &peb->Ldr->InLoadOrderModuleList;
+	Entry = ModuleListHead->Flink;
+	while (Entry != ModuleListHead)
+	{
+		Module = CONTAINING_RECORD(Entry, LDR_MODULE, InLoadOrderModuleList);
+		//DbgPrint("Module: %x, BaseAddress: %x\n", Module, Module->BaseAddress);
+
+		DPRINT("FullName: %S, BaseName: %S, Length: %ld, EntryPoint: %x, BaseAddress: %x\n", Module->FullDllName.Buffer,
+				Module->BaseDllName.Buffer, Module->SizeOfImage, Module->EntryPoint, Module->BaseAddress );
+
+		pdebug_module_tail->size = Module->SizeOfImage;
+		pdebug_module_tail->BaseAddress = Module->BaseAddress;
+		pdebug_module_tail->EntryPoint = Module->EntryPoint;
+		RtlCopyUnicodeString( &(pdebug_module_tail->name), &(Module->BaseDllName));
+		pdebug_module_tail = pdebug_module_tail->next;
+
+		Entry = Entry->Flink;
+	}
+
+	LEAVE_FUNC();
+	return TRUE;
+}
+
+POBJECT FindDriverObjectDirectory( void )
+{
+    PLIST_ENTRY current;
+    POBJECT_HEADER current_obj;
+	PDIRECTORY_OBJECT pd;
+
+	ENTER_FUNC();
+
+	if( pNameSpaceRoot && *pNameSpaceRoot ){
+		current = (*pNameSpaceRoot)->head.Flink;
+		while (current!=(&((*pNameSpaceRoot)->head)))
+		{
+			current_obj = CONTAINING_RECORD(current,OBJECT_HEADER,Entry);
+	   	 	DPRINT("Scanning %S\n",current_obj->Name.Buffer);
+			if (_wcsicmp(current_obj->Name.Buffer, L"Modules")==0)
+			{
+				DPRINT("Found it %x\n",HEADER_TO_BODY(current_obj));
+				pd=HEADER_TO_BODY(current_obj);
+				return pd;
+			}
+		  	current = current->Flink;
+		}
+	}
+	LEAVE_FUNC();
+	return NULL;
+}
+
+BOOLEAN ListDriverModules( void )
+{
+    PLIST_ENTRY current;
+    POBJECT_HEADER current_obj;
+	PDIRECTORY_OBJECT pd;
+	PMODULE pm;
+
+	ENTER_FUNC();
+
+	if( pd = (PDIRECTORY_OBJECT) FindDriverObjectDirectory() ){
+		current = pd->head.Flink;
+		while (current!=(&(pd->head)))
+		{
+			current_obj = CONTAINING_RECORD(current,OBJECT_HEADER,Entry);
+	   	 	DPRINT("Modules %S\n",current_obj->Name.Buffer);
+			pm = HEADER_TO_BODY(current_obj);
+			DPRINT("FullName: %S, BaseName: %S, Length: %ld, EntryPoint: %x\n", pm->FullName.Buffer,
+					pm->BaseName.Buffer, pm->Length, pm->EntryPoint );
+
+			pdebug_module_tail->size = pm->Length;
+			pdebug_module_tail->BaseAddress = pm->Base;
+			pdebug_module_tail->EntryPoint = pm->EntryPoint;
+			RtlCopyUnicodeString( &(pdebug_module_tail->name), &(pm->BaseName));
+			pdebug_module_tail = pdebug_module_tail->next;
+
+			/*
+			if (_wcsicmp(current_obj->Name.Buffer, "Modules")==0)
+			{
+			 DbgPrint("Found it %x\n",HEADER_TO_BODY(current_obj));
+			 pd=HEADER_TO_BODY(current_obj);
+		   }
+			 */
+		  	current = current->Flink;
+		}
+	}
+
+	LEAVE_FUNC();
+	return TRUE;
+}
+
+BOOLEAN BuildModuleList( void )
+{
+ 	PPEB peb;
+	ENTER_FUNC();
+
+	pdebug_module_tail = pdebug_module_head;
+
+	peb = IoGetCurrentProcess()->Peb;
+	if( peb ){
+		if( !ListUserModules( peb ) ){
+			LEAVE_FUNC();
+			return FALSE;
+		}
+	}
+	if( !ListDriverModules() ){
+		LEAVE_FUNC();
+		return FALSE;
+	}
+	LEAVE_FUNC();
+	return TRUE;
+}
+
+
 //*************************************************************************
 // ScanExports()
 //
@@ -260,27 +421,27 @@ BOOLEAN ValidityCheckSymbols(PICE_SYMBOLFILE_HEADER* pSymbols)
 //*************************************************************************
 PICE_SYMBOLFILE_HEADER* FindModuleSymbols(ULONG addr)
 {
-    struct module* pMod;
     ULONG start,end,i;
+	PDEBUG_MODULE pd = pdebug_module_head;
 
     DPRINT((0,"FindModuleSymbols(%x)\n",addr));
-    if(pmodule_list)
+    if(BuildModuleList())
     {
         i=0;
-        pMod = *pmodule_list;
+        pd = pdebug_module_head;
         do
         {
-            if(pMod->size)
+            if(pd->size)
 			{
-                start = (ULONG)pMod+sizeof(struct module);
-                end = start + pMod->size-sizeof(struct module);
-                DPRINT((0,"FindModuleSymbols(): %s %x-%x\n",pMod->name,start,end));
+                start = (ULONG)pd->BaseAddress;
+                end = start + pd->size;
+                DPRINT((0,"FindModuleSymbols(): %S %x-%x\n",pd->name,start,end));
                 if(addr>=start && addr<end)
                 {
-                    DPRINT((0,"FindModuleSymbols(): address matches %s %x-%x\n",pMod->name,start,end));
+                    DPRINT((0,"FindModuleSymbols(): address matches %S %x-%x\n",pd->name,start,end));
                     for(i=0;i<ulNumSymbolsLoaded;i++)
                     {
-                        if(PICE_strcmpi((LPSTR)pMod->name,apSymbols[i]->name) == 0)
+                        if(PICE_wcsicmp(pd->name.Buffer,apSymbols[i]->name) == 0)
 						{
 							if(ValidityCheckSymbols(apSymbols[i]))
 	                            return apSymbols[i];
@@ -290,27 +451,7 @@ PICE_SYMBOLFILE_HEADER* FindModuleSymbols(ULONG addr)
                     }
                 }
             }
-            else
-            {
-                start = (ULONG)KERNEL_START + sizeof(struct module);
-                end = start + fake_kernel_module.size-sizeof(struct module);
-                DPRINT((0,"FindModuleSymbols(): %s %x-%x\n",fake_kernel_module.name,start,end));
-                if(addr>=start && addr<end)
-                {
-                    DPRINT((0,"FindModuleSymbols(): address matches %s %x-%x\n",fake_kernel_module.name,start,end));
-                    for(i=0;i<ulNumSymbolsLoaded;i++)
-                    {
-                        if(PICE_strcmpi((LPSTR)fake_kernel_module.name,apSymbols[i]->name) == 0)
-						{
-							if(ValidityCheckSymbols(apSymbols[i]))
-	                            return apSymbols[i];
-							else
-								return NULL;
-						}
-                    }
-                }
-            }
-        }while((pMod = pMod->next));
+        }while((pd = pd->next) != pdebug_module_tail);
     }
 
     return NULL;
@@ -320,41 +461,29 @@ PICE_SYMBOLFILE_HEADER* FindModuleSymbols(ULONG addr)
 // FindModuleFromAddress()
 //
 //*************************************************************************
-struct module* FindModuleFromAddress(ULONG addr)
+PDEBUG_MODULE FindModuleFromAddress(ULONG addr)
 {
-    struct module* pMod;
+    PDEBUG_MODULE pd;
     ULONG start,end;
 
     DPRINT((0,"FindModuleFromAddress()\n"));
-    if(pmodule_list)
+    if(BuildModuleList())
     {
-        pMod = *pmodule_list;
+        pd = pdebug_module_head;
         do
         {
-			if(pMod->size)
+			if(pd->size)
 			{
-                start = (ULONG)pMod+sizeof(struct module);
-                end = start + pMod->size-sizeof(struct module);
-                DPRINT((0,"FindModuleFromAddress(): %s %x-%x\n",pMod->name,start,end));
+                start = (ULONG)pd->BaseAddress;
+                end = start + pMod->size;
+                DPRINT((0,"FindModuleFromAddress(): %S %x-%x\n",pd->name,start,end));
                 if(addr>=start && addr<end)
                 {
-                    DPRINT((0,"FindModuleFromAddress(): found %s\n",pMod->name));
-                    return pMod;
+                    DPRINT((0,"FindModuleFromAddress(): found %S\n",pd->name));
+                    return pd;
                 }
             }
-            // must be the kernel
-            else
-            {
-                start = (ULONG)KERNEL_START + sizeof(struct module);
-                end = start + fake_kernel_module.size-sizeof(struct module);
-                DPRINT((0,"FindModuleFromAddress(): %s %x-%x\n",fake_kernel_module.name,start,end));
-                if(addr>=start && addr<end)
-                {
-                    DPRINT((0,"FindModuleFromAddress(): found %s\n",fake_kernel_module.name));
-                    return &fake_kernel_module;
-                }
-            }
-        }while((pMod = pMod->next));
+        }while((pd = pd->next)!=pdebug_module_tail);
     }
 
     return NULL;
@@ -364,33 +493,32 @@ struct module* FindModuleFromAddress(ULONG addr)
 // FindModuleByName()
 //
 //*************************************************************************
-struct module* FindModuleByName(LPSTR modname)
+PDEBUG_MODULE FindModuleByName(LPSTR modname)
 {
-    struct module* pMod;
+    PDEBUG_MODULE pd;
+	WCHAR tempstr[64];
 
     DPRINT((0,"FindModuleFromAddress()\n"));
-    if(pmodule_list)
+	if( !MultiByteToWideChar(CP_ACP, NULL, modname, -1, tempstr, 64 ) )
+	{
+		DPRINT((0,"Can't convert module name.\n"));
+		return NULL;
+	}
+
+    if(BuildModuleList())
     {
-        pMod = *pmodule_list;
+        pd = pdebug_module_head;
         do
         {
-			if(pMod->size)
+			if(pd->size)
 			{
-				if(PICE_strcmpi(modname,(LPSTR)pMod->name) == 0)
+				if(PICE_wcsicmp(tempstr,pMod->name) == 0)
                 {
-                    DPRINT((0,"FindModuleByName(): found %s\n",pMod->name));
-                    return pMod;
+                    DPRINT((0,"FindModuleByName(): found %S\n",pd->name));
+                    return pd;
                 }
             }
-			else
-			{
-				if(PICE_strcmpi(modname,(LPSTR)fake_kernel_module.name) == 0)
-                {
-                    DPRINT((0,"FindModuleByName(): found %s\n",fake_kernel_module.name));
-                    return &fake_kernel_module;
-                }
-            }
-        }while((pMod = pMod->next));
+        }while((pd = pd->next) != pdebug_module_tail);
     }
 
     return NULL;
@@ -403,11 +531,18 @@ struct module* FindModuleByName(LPSTR modname)
 PICE_SYMBOLFILE_HEADER* FindModuleSymbolsByModuleName(LPSTR modname)
 {
     ULONG i;
+	WCHAR tempstr[64];
 
     DPRINT((0,"FindModuleSymbols()\n"));
+	if( !MultiByteToWideChar(CP_ACP, NULL, modname, -1, tempstr, 64 ) )
+	{
+		DPRINT((0,"Can't convert module name in FindModuleSymbols.\n"));
+		return NULL;
+	}
+
     for(i=0;i<ulNumSymbolsLoaded;i++)
     {
-        if(PICE_strcmpi(modname,apSymbols[i]->name) == 0)
+        if(PICE_wcsicmp(tempstr,apSymbols[i]->name) == 0)
             return apSymbols[i];
     }
 
@@ -425,141 +560,118 @@ BOOLEAN ScanExportsByAddress(LPSTR *pFind,ULONG ulValue)
     LPSTR p,pStartOfLine,pSymbolName=NULL;
     ULONG ulCurrentValue=0,i;
     BOOLEAN bResult = FALSE;
-	struct module *pMod;
+	PDEBUG_MODULE pd;
     ULONG ulMinValue = -1;
-	Elf32_Sym* pElfSym;
-	LPSTR pElfStr;
-	Elf32_Shdr* pElfShdr;
+	PIMAGE_SYMBOL pSym,pSymEnd;			  		//running pointer to symbols and end of sym talbe
+	PIMAGE_SYMBOL pFoundSym = NULL;    	  		//current best symbol match
+	ULONG ulAddr = 0x0;		  					//address of the best match
+	LPSTR pStr;
+	PIMAGE_SECTION_HEADER pShdr;
     PICE_SYMBOLFILE_HEADER* pSymbols;
+	ULONG   ulSectionSize;
+	LPSTR pName;
 
 	ENTER_FUNC();
 
-    if(ulValue < TASK_SIZE)
-    {
-    	LEAVE_FUNC();
-        return FALSE;
-    }
-
     pSymbols = FindModuleSymbols(ulValue);
-	if(pSymbols && pmodule_list)
+	if(pSymbols && pdebug_module_head)
 	{
-        struct module* pModTemp;
+        PDEBUG_MODULE pdTemp;
 
 		DPRINT((0,"looking up symbols\n"));
-        pMod = *pmodule_list;
+        pd = pdebug_module_head;
         do
         {
-            if(!pMod->size)
-                pModTemp = &fake_kernel_module;
-            else
-                pModTemp = pMod;
+            assert(pd->size);
 
-			if(ulValue>=((ULONG)pModTemp+sizeof(struct module)) && ulValue<((ULONG)pModTemp+pModTemp->size-sizeof(struct module)))
+			pdTemp = pd;
+
+			if(ulValue>=((ULONG)pdTemp->BaseAddress) && ulValue<((ULONG)pdTemp+pdTemp->size))
 			{
-				if(PICE_strcmpi((LPSTR)pModTemp->name,pSymbols->name) == 0)
+				if(PICE_wcsicmp(pdTemp->name,pSymbols->name) == 0)
 				{
-					DPRINT((0,"ScanExportsByAddress(): found symbols for module %s @ \n",pModTemp->name,(ULONG)pSymbols));
+					DPRINT((0,"ScanExportsByAddress(): found symbols for module %S @ %x \n",pdTemp->name,(ULONG)pSymbols));
 
-					pElfSym = (Elf32_Sym*)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
-					pElfStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
-					pElfShdr = (Elf32_Shdr*)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
+					pSym = (PIMAGE_SYMBOL)((ULONG)pSymbols+pSymbols->ulOffsetToGlobals);
+					pSymEnd = (PIMAGE_SYMBOL)((ULONG)pSym+pSymbols->ulSizeOfGlobals);
+					pStr = (LPSTR)((ULONG)pSymbols+pSymbols->ulOffsetToGlobalsStrings);
+					pShdr = (PIMAGE_SECTION_HEADER)((ULONG)pSymbols+pSymbols->ulOffsetToHeaders);
 
-					DPRINT((0,"ScanExportsByAddress(): pElfSym = %x\n",pElfSym));
-					DPRINT((0,"ScanExportsByAddress(): pElfStr = %x\n",pElfStr));
-					DPRINT((0,"ScanExportsByAddress(): pElfShdr = %x\n",pElfShdr));
-
-					DPRINT((0,"ScanExportsByAddress(): %s has %u symbols\n",pSymbols->name,pSymbols->ulSizeOfGlobals/sizeof(Elf32_Sym)));
-
-					for(i=0;i<(pSymbols->ulSizeOfGlobals/sizeof(Elf32_Sym));i++)
+					if(!IsRangeValid((ULONG)pSym,sizeof(IMAGE_SYMBOL) ) ) //should we actually check all the symbols here?
 					{
-						if((ELF32_ST_BIND(pElfSym->st_info)==STB_GLOBAL || ELF32_ST_BIND(pElfSym->st_info)==STB_LOCAL || ELF32_ST_BIND(pElfSym->st_info)==STB_WEAK)  &&
-						   (ELF32_ST_TYPE(pElfSym->st_info)==STT_OBJECT || ELF32_ST_TYPE(pElfSym->st_info)==STT_FUNC) &&
-						   (pElfSym->st_shndx<SHN_LORESERVE || pElfSym->st_shndx==SHN_ABS || pElfSym->st_shndx==SHN_COMMON))
-						{
-							LPSTR pName = &pElfStr[pElfSym->st_name];
-							ULONG start,end;
-
-							DPRINT((0,"ScanExportsByAddress(): pName = %x\n",(ULONG)pName));
-
-							if(!IsAddressValid((ULONG)pName) )
-							{
-								DPRINT((0,"ScanExportsByAddress(): pName is not a valid pointer\n"));
-								return FALSE;
-							}
-
-							DPRINT((0,"ScanExportsByAddress(): pName = %s\n",pName));
-
-							if(!IsRangeValid((ULONG)pElfSym,sizeof(Elf32_Sym) ) )
-							{
-								DPRINT((0,"ScanExportsByAddress(): pElfSym = %x is not a valid pointer\n",(ULONG)pElfSym));
-								return FALSE;
-							}
-
-							DPRINT((0,"ScanExportsByAddress(): pModTemp = %x\n",(ULONG)pModTemp));
-                            if(pModTemp != &fake_kernel_module)
-                            {
-								Elf32_Shdr* pElfShdrThis = (Elf32_Shdr*)pElfShdr + pElfSym->st_shndx;
-
-								DPRINT((0,"ScanExportsByAddress(): module is not kernel\n"));
-
-								DPRINT((0,"ScanExportsByAddress(): pElfShdr[%x] = %x\n",pElfSym->st_shndx,(ULONG)pElfShdrThis));
-
-								if(!IsRangeValid((ULONG)pElfShdrThis,sizeof(Elf32_Shdr)) )
-								{
-									DPRINT((0,"ScanExportsByAddress(): pElfShdr[%x] = %x is not a valid pointer\n",pElfSym->st_shndx,pElfShdrThis));
-									return FALSE;
-								}
-
-							    start = ((ULONG)pModTemp+pElfShdrThis->sh_offset);
-								DPRINT((0,"ScanExportsByAddress(): start [1] = %x\n",start));
-
-							    start = (start+pElfShdrThis->sh_addralign)&~(pElfShdrThis->sh_addralign-1);
-								DPRINT((0,"ScanExportsByAddress(): start [2] = %x\n",start));
-
-							    start += pElfSym->st_value;
-								DPRINT((0,"ScanExportsByAddress(): start [3] = %x\n",start));
-                            }
-                            else
-                            {
-								DPRINT((0,"ScanExportsByAddress(): module is kernel\n"));
-                                start = pElfSym->st_value;
-								DPRINT((0,"ScanExportsByAddress(): start [1] = %x\n",start));
-                            }
-
-							end = start+pElfSym->st_size;
-							DPRINT((0,"ScanExportsByAddress(): end = %x\n",end));
-
-							if(ulValue>=start && ulValue<end)
-							{
-							    DPRINT((0,"[%u] %.8X %.8X %.8X %.8X %.8X %.8X %.8X\n",
-										pElfSym->st_shndx,
-										((ULONG)pModTemp+pElfShdr[pElfSym->st_shndx].sh_offset),
-										pElfShdr[pElfSym->st_shndx].sh_addr,
-										pElfShdr[pElfSym->st_shndx].sh_offset,
-										pElfShdr[pElfSym->st_shndx].sh_size,
-										pElfShdr[pElfSym->st_shndx].sh_type,
-										pElfShdr[pElfSym->st_shndx].sh_link,
-										pElfShdr[pElfSym->st_shndx].sh_addralign));
-								DPRINT((0,"in section [%u] %8x value = %x module struct %x (%x)\n",pElfSym->st_shndx,pElfShdr[pElfSym->st_shndx].sh_offset,ulValue,sizeof(struct module),((sizeof(struct module)+0x10)&~0x0F)));
-								DPRINT((0,"[%u] %32s %.8X %.8X %.8X %.8X %.8X %.8X\n",i,pName,pElfSym->st_name,pElfSym->st_value,pElfSym->st_info,pElfSym->st_other,pElfSym->st_size,pElfSym->st_shndx));
-								DPRINT((0,"start %x end %x\n",start,end));
-								*pFind = temp3;
-								if(ulValue-start)
-									PICE_sprintf(temp3,"%s!%s+%x",pModTemp->name,pName,ulValue-start);
-								else
-									PICE_sprintf(temp3,"%s!%s",pModTemp->name,pName);
-								return TRUE;
-							}
-
-						}
-						pElfSym++;
+						DPRINT((0,"ScanExportsByAddress(): pSym = %x is not a valid pointer\n",(ULONG)pSym));
+						return FALSE;
 					}
+
+					DPRINT((0,"ScanExportsByAddress(): pSym = %x\n",pSym));
+					DPRINT((0,"ScanExportsByAddress(): pStr = %x\n",pStr));
+					DPRINT((0,"ScanExportsByAddress(): pShdr = %x\n",pShdr));
+
+					DPRINT((0,"ScanExportsByAddress(): %s has %u symbols\n",pSymbols->name,pSymbols->ulSizeOfGlobals/sizeof(IMAGE_SYMBOL)));
+
+					/* go through all the global symbols and find the one with
+					   the largest address which is less than ulValue */
+					while(pSym < pSymEnd)
+					{   //it seems only 0x0 and 0x20 are used for type and External or Static storage classes
+						if(((pSym->Type == 0x0) || (pSym->Type == 0x20) )  &&
+						   ((pSym->StorageClass == IMAGE_SYM_CLASS_EXTERNAL) || (pSym->StorageClass==IMAGE_SYM_CLASS_STATIC)) &&
+						   (pSym->SectionNumber > 0 ))
+						{
+							ULONG ulCurrAddr;
+							PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + pSym->SectionNumber;
+
+
+							DPRINT((0,"ScanExportsByAddress(): pShdr[%x] = %x\n",pSym->SectionNumber,(ULONG)pShdrThis));
+
+							if(!IsRangeValid((ULONG)pShdrThis,sizeof(IMAGE_SECTION_HEADER)) )
+							{
+								DPRINT((0,"ScanExportsByAddress(): pElfShdr[%x] = %x is not a valid pointer\n",pSym->SectionNumber,(ULONG)pShdrThis));
+								return FALSE;
+							}
+							//to get address in the memory we base address of the module and
+							//add offset of the section and then add offset of the symbol from
+							//the begining of the section
+							ulCurrAddr = ((ULONG)pdTemp->BaseAddress+pShdrThis->VirtualAddress+pSym->Value);
+							DPRINT((0,"ScanExportsByAddress(): CurrAddr [1] = %x\n",ulCurrAddr));
+
+							if(ulCurrAddr<=ulValue && ulCurrAddr>ulAddr)
+							{
+								ulAddr = ulCurrAddr;
+								pFoundSym = pSym;
+							}
+						}
+						//skip the auxiliary symbols and get the next symbol
+						pSym += pSym->NumberOfAuxSymbols + 1;
+					}
+					*pFind = temp3;
+					{
+						PIMAGE_SECTION_HEADER pShdrThis = (PIMAGE_SECTION_HEADER)pShdr + pFoundSym->SectionNumber;
+						//check that ulValue is below the limit for the section where best match is found
+						assert(ulValue < ((ULONG)pdTemp->BaseAddress+pShdrThis->SizeOfRawData));
+					}
+					if( !(pFoundSym->Name.Short) ){
+						pName = pFoundSym->ShortName;  //name is in the header
+						PICE_sprintf(temp3,"%s!%.8s",pdTemp->name,pName); //if name is in the header it may be nonzero terminated
+					}
+					else{
+						assert(pFoundSym->Name.Long<=pSymbols->ulSizeOfGlobalsStrings); //sanity check
+						pName = pStr[pFoundSym->Name.Long];
+						if(!IsAddressValid((ULONG)pName))
+						{
+							DPRINT((0,"ScanExportsByAddress(): pName = %x is not a valid pointer\n",pName));
+							return FALSE;
+						}
+						PICE_sprintf(temp3,"%s!%s",pdTemp->name,pName);
+					}
+					DPRINT((0,"ScanExportsByAddress(): pName = %x\n",(ULONG)pName));
+					return TRUE;
 				}
 			}
         }while((pMod = pMod->next));
 	}
-
-    if(pExports && ulValue >= TASK_SIZE && ulValue < kernel_end)
+	// if haven't found in the symbols try ntoskrnl exports. (note: check that this is needed since we
+	// already checked ntoskrnl coff symbol table)
+    if(pExports && ulValue >= TASK_SIZE /*&& ulValue < kernel_end*/)
     {
         p = pExports;
         // while we bound in System.map
@@ -594,82 +706,13 @@ BOOLEAN ScanExportsByAddress(LPSTR *pFind,ULONG ulValue)
             temp[i] = 0;
             // decide if we need to append an offset
             if(ulMinValue)
-                PICE_sprintf(temp3,"vmlinux!%s+%.8X",temp,ulMinValue);
+                PICE_sprintf(temp3,"ntoskrnl!%s+%.8X",temp,ulMinValue);
             else
-                PICE_sprintf(temp3,"vmlinux!%s",temp);
+                PICE_sprintf(temp3,"ntoskrnl!%s",temp);
         }
     }
 
-    if(pmodule_list && ulMinValue!=0)
-    {
-        pMod = *pmodule_list;
-        do
-        {
-			if(ulValue>=((ULONG)pMod+sizeof(struct module)) && ulValue<((ULONG)pMod+pMod->size-sizeof(struct module)))
-            {
-			    if(pMod->syms)
-			    {
-				    for(i=0;i<pMod->nsyms;i++)
-				    {
-					    ulCurrentValue = pMod->syms[i].value;
-					    if(ulValue>=ulCurrentValue && (LONG)(ulValue-ulCurrentValue)<ulMinValue)
-					    {
-						    ulMinValue = ulValue-ulCurrentValue;
-
-						    if(ulValue-ulCurrentValue)
-							    PICE_sprintf(temp3,"%s!%s+%.8X",pMod->name,pMod->syms[i].name,ulValue-ulCurrentValue);
-						    else
-							    PICE_sprintf(temp3,"%s!%s",pMod->name,pMod->syms[i].name);
-						    bResult = TRUE;
-						    *pFind = temp3;
-						    if(ulMinValue == 0)
-							    break;
-					    }
-				    }
-			    }
-
-			    // this could be near entry and cleanup of a module
-			    ulCurrentValue = (ULONG)pMod->init;
-                if(ulCurrentValue)
-                {
-			        if(ulValue>=ulCurrentValue && (LONG)(ulValue-ulCurrentValue)<ulMinValue)
-			        {
-				        ulMinValue = ulValue-ulCurrentValue;
-
-				        if(ulValue-ulCurrentValue)
-					        PICE_sprintf(temp3,"%s!init_module+%.8X",pMod->name,ulValue-ulCurrentValue);
-				        else
-					        PICE_sprintf(temp3,"%s!init_module",pMod->name);
-				        bResult = TRUE;
-				        *pFind = temp3;
-				        if(ulMinValue == 0)
-					        break;
-			        }
-                }
-
-                ulCurrentValue = (ULONG)pMod->cleanup;
-                if(ulCurrentValue)
-                {
-			        if(ulValue>=ulCurrentValue && (LONG)(ulValue-ulCurrentValue)<ulMinValue)
-			        {
-				        ulMinValue = ulValue-ulCurrentValue;
-
-				        if(ulValue-ulCurrentValue)
-					        PICE_sprintf(temp3,"%s!cleanup_module+%.8X",pMod->name,ulValue-ulCurrentValue);
-				        else
-					        PICE_sprintf(temp3,"%s!cleanup_module",pMod->name);
-				        bResult = TRUE;
-				        *pFind = temp3;
-				        if(ulMinValue == 0)
-					        break;
-			        }
-                }
-            }
-        }while((pMod = pMod->next));
-    }
-
 	LEAVE_FUNC();
-
 	return bResult;
 }
 
@@ -1829,7 +1872,7 @@ BOOLEAN LoadExports(void)
 
     if(hf)
 	{
-		mm_segment_t oldfs;
+		//mm_segment_t oldfs;
 		size_t len;
 
 		len = PICE_len(hf);
diff --git a/reactos/apps/utils/pice/module/symbols.h b/reactos/apps/utils/pice/module/symbols.h
index 594c99c954c..d322d68eade 100644
--- a/reactos/apps/utils/pice/module/symbols.h
+++ b/reactos/apps/utils/pice/module/symbols.h
@@ -15,7 +15,7 @@ Environment:
     LINUX 2.2.X
     Kernel mode only
 
-Author: 
+Author:
 
     Klaus P. Gerlicher
 
@@ -30,6 +30,8 @@ Copyright notice:
 --*/
 
 // constant defines
+#define FIELD_OFFSET(Type,Field) (LONG)(&(((Type *)(0))->Field))
+#define CONTAINING_RECORD(Address,Type,Field) (Type *)(((LONG)Address) - FIELD_OFFSET(Type,Field))
 
 typedef struct _LOCAL_VARIABLE
 {
@@ -38,6 +40,22 @@ typedef struct _LOCAL_VARIABLE
 	ULONG value,offset,line;
     BOOLEAN bRegister;
 }LOCAL_VARIABLE,*PLOCAL_VARIABLE;
+
+struct _DEBUG_MODULE_SYMBOL_
+{
+	ULONG value;
+	char* name;
+};
+
+typedef struct _DEBUG_MODULE_
+{
+	struct _DEBUG_MODULE_ *next;
+	ULONG size;
+	PVOID BaseAddress;
+	PVOID EntryPoint;
+	UNICODE_STRING name;
+	struct _DEBUG_MODULE_SYMBOL_ syms;
+}DEBUG_MODULE, *PDEBUG_MODULE;
 
 BOOLEAN InitFakeKernelModule(void);
 BOOLEAN LoadExports(void);
@@ -64,8 +82,9 @@ void Evaluate(PICE_SYMBOLFILE_HEADER* pSymbols,LPSTR p);
 LONG ExtractNumber(LPSTR p);
 LPSTR ExtractTypeName(LPSTR p);
 
-extern ULONG kernel_end;
+//extern ULONG kernel_end;
 extern PICE_SYMBOLFILE_HEADER* apSymbols[32];
 
-extern struct module fake_kernel_module;
-#define KERNEL_START (0xc0100000)
+//extern struct module fake_kernel_module;
+#define KERNEL_START (0xc0000000)
+
diff --git a/reactos/apps/utils/pice/module/utils.c b/reactos/apps/utils/pice/module/utils.c
index 55017c0a889..a6c098c55cb 100644
--- a/reactos/apps/utils/pice/module/utils.c
+++ b/reactos/apps/utils/pice/module/utils.c
@@ -291,6 +291,25 @@ ULONG result=1;
     return result;
 }
 
+ULONG PICE_wcsicmp(WCHAR* s1, WCHAR* s2)
+{
+ULONG result=1;
+
+    while(IsAddressValid((ULONG)s1) && *s1 && // not end of string
+          IsAddressValid((ULONG)s2) && *s2 && // not end of string
+          towlower(*s1)==towlower(*s2) ) // char are the same except case
+    {
+        s1++;
+        s2++;
+    }
+	// strings same length
+    if(*s1==0 && *s2==0)
+        result=0;
+
+    return result;
+}
+
+}
 //*************************************************************************
 // PICE_strrev()
 //
diff --git a/reactos/apps/utils/pice/module/vga.c b/reactos/apps/utils/pice/module/vga.c
index 7c9298f46c1..1c92d345a99 100644
--- a/reactos/apps/utils/pice/module/vga.c
+++ b/reactos/apps/utils/pice/module/vga.c
@@ -7,7 +7,7 @@ Module Name:
     vga.c
 
 Abstract:
-	
+
     VGA HW dependent draw routines
 
 Environment:
@@ -22,7 +22,7 @@ Revision History:
 
     04-Aug-1998:	created
     15-Nov-2000:    general cleanup of source files
-    
+
 Copyright notice:
 
   This file may be distributed under the terms of the GNU Public License.
@@ -36,7 +36,7 @@ Copyright notice:
 #include "precomp.h"
 
 //#include <asm/io.h>
-#include <linux/ctype.h>
+//#include <linux/ctype.h>
 
 
 ////////////////////////////////////////////////////
@@ -64,7 +64,7 @@ WINDOW wWindowVga[4]=
 UCHAR MGATable25[]={97,80,82,15,25, 6,25,25, 2,13,11,12, 0, 0, 0, 0};
 
 PUCHAR pScreenBufferVga;
-PUCHAR pScreenBufferSaveVga = NULL; 
+PUCHAR pScreenBufferSaveVga = NULL;
 PUCHAR pScreenBufferTempVga;
 PUCHAR pScreenBufferHardwareVga;
 
@@ -78,7 +78,7 @@ struct _attr
     {
         struct
         {
-    
+
             UCHAR fgcol : 4;
             UCHAR bkcol : 3;
             UCHAR blink : 1;
@@ -124,9 +124,9 @@ void PrintGrafVga(ULONG x,ULONG y,UCHAR c)
 void ShowCursorVga(void)
 {
     ENTER_FUNC();
-	
+
     bCursorEnabled=TRUE;
-    
+
 #ifdef LOCAL_CONSOLE
 	outb_p(0x0a,0x3d4);
 	outb_p(inb_p(0x3d5)&~0x20,0x3d5);
@@ -147,7 +147,7 @@ void HideCursorVga(void)
 {
     ENTER_FUNC();
 	bCursorEnabled=FALSE;
-    
+
 #ifdef LOCAL_CONSOLE
 	outb_p(0x0a,0x3d4);
 	outb_p(inb_p(0x3d5)|0x20,0x3d5);
@@ -155,7 +155,7 @@ void HideCursorVga(void)
 	outb_p(0x0a,0x3b4);
 	outb_p(inb_p(0x3b5)|0x20,0x3b5);
 #endif
-    
+
     LEAVE_FUNC();
 }
 
@@ -263,24 +263,24 @@ void PrintCursorVga(BOOLEAN bForce)
 	if( count++>250 )
 	{
         count=0;
-        
+
         charoffset = (y* GLOBAL_SCREEN_WIDTH + x);
 
 #ifndef LOCAL_CONSOLE
 		outb_p(0x0e,0x3b4);
-		data=(UCHAR)((charoffset>>8)&0xFF); 
+		data=(UCHAR)((charoffset>>8)&0xFF);
 		outb_p(data,0x3b5);
 
 		outb_p(0x0d,0x3b4);
-		data=(UCHAR)(charoffset & 0xFF); 
+		data=(UCHAR)(charoffset & 0xFF);
 		outb_p(data,0x3b5);
 #else
 		outb_p(0x0e,0x3d4);
-		data=(UCHAR)((charoffset>>8)&0xFF); 
+		data=(UCHAR)((charoffset>>8)&0xFF);
 		outb_p(data,0x3d5);
 
         outb_p(0x0f,0x3d4);
-		data=(UCHAR)(charoffset & 0xFF); 
+		data=(UCHAR)(charoffset & 0xFF);
 		outb_p(data,0x3d5);
 #endif
     }
@@ -356,7 +356,7 @@ void RestoreGraphicsStateVga(void)
 //
 // init terminal screen
 //*************************************************************************
-BOOLEAN ConsoleInitVga(void) 
+BOOLEAN ConsoleInitVga(void)
 {
 	BOOLEAN bResult = FALSE;
 #ifndef LOCAL_CONSOLE
@@ -393,40 +393,40 @@ BOOLEAN ConsoleInitVga(void)
 
 #ifdef LOCAL_CONSOLE
     // the real framebuffer
-	pScreenBufferHardwareVga = MmMapIoSpace(0xB8000,FRAMEBUFFER_SIZE,MmWriteCombined); 
+	pScreenBufferHardwareVga = MmMapIoSpace(0xB8000,FRAMEBUFFER_SIZE,MmWriteCombined);
     // the console
-	pScreenBufferVga = PICE_malloc(FRAMEBUFFER_SIZE,NONPAGEDPOOL); 
+	pScreenBufferVga = PICE_malloc(FRAMEBUFFER_SIZE,NONPAGEDPOOL);
     // the save area
-	pScreenBufferTempVga = PICE_malloc(FRAMEBUFFER_SIZE,NONPAGEDPOOL); 
+	pScreenBufferTempVga = PICE_malloc(FRAMEBUFFER_SIZE,NONPAGEDPOOL);
 #else
 	outb_p(0,0x3b8);
 	outb_p(0,0x3bf);
-	for(i=0;i<sizeof(MGATable25);i++) 
-	{ 
-		reg=i; 
+	for(i=0;i<sizeof(MGATable25);i++)
+	{
+		reg=i;
 		outb_p(reg,0x3b4);
-		data=pMGATable[i]; 
+		data=pMGATable[i];
 		outb_p(data,0x3b5);
 	}
 	outb_p(0x08,0x3b8);
 
-	pScreenBufferVga=MmMapIoSpace(0xB0000,FRAMEBUFFER_SIZE,MmWriteCombined); 
-#endif 
+	pScreenBufferVga=MmMapIoSpace(0xB0000,FRAMEBUFFER_SIZE,MmWriteCombined);
+#endif
 	if(pScreenBufferVga)
 	{
-        DPRINT((0,"VGA memory phys. 0x000b0000 mapped to virt. 0x%x\n",pScreenBufferVga)); 
+        DPRINT((0,"VGA memory phys. 0x000b0000 mapped to virt. 0x%x\n",pScreenBufferVga));
 
         bResult = TRUE;
 
         p = (PUSHORT)pScreenBufferVga;
-        
+
 		PICE_memset(pScreenBufferVga,0x0,FRAMEBUFFER_SIZE);
 
-        DPRINT((0,"VGA memory cleared!\n")); 
+        DPRINT((0,"VGA memory cleared!\n"));
 
         EmptyRingBuffer();
-    
-        DPRINT((0,"ConsoleInitVga() SUCCESS!\n")); 
+
+        DPRINT((0,"ConsoleInitVga() SUCCESS!\n"));
 	}
 
     LEAVE_FUNC();
@@ -439,24 +439,24 @@ BOOLEAN ConsoleInitVga(void)
 //
 // exit terminal screen
 //*************************************************************************
-void ConsoleShutdownVga(void) 
-{ 
+void ConsoleShutdownVga(void)
+{
     ENTER_FUNC();
- 
+
 #ifdef LOCAL_CONSOLE
 	if(pScreenBufferVga)
     {
         PICE_free(pScreenBufferVga);
         PICE_free(pScreenBufferTempVga);
-		MmUnmapIoSpace(pScreenBufferHardwareVga,FRAMEBUFFER_SIZE); 
+		MmUnmapIoSpace(pScreenBufferHardwareVga,FRAMEBUFFER_SIZE);
     }
 #else
-	// HERC video off 
+	// HERC video off
 	outb_p(0,0x3b8);
 	outb_p(0,0x3bf);
 
 	if(pScreenBufferVga)
-		MmUnmapIoSpace(pScreenBufferVga,FRAMEBUFFER_SIZE); 
+		MmUnmapIoSpace(pScreenBufferVga,FRAMEBUFFER_SIZE);
 #endif
 
     LEAVE_FUNC();
diff --git a/reactos/apps/utils/pice/shared/shared.h b/reactos/apps/utils/pice/shared/shared.h
index 40b4a513f2b..85277a4b62c 100644
--- a/reactos/apps/utils/pice/shared/shared.h
+++ b/reactos/apps/utils/pice/shared/shared.h
@@ -36,7 +36,7 @@ Copyright notice:
 --*/
 
 //#include <ddk/ntddk.h>
-#include <winnt.h>
+//#include <winnt.h>
 
 
 //temporary
@@ -80,7 +80,7 @@ typedef struct _DEBUGGER_STATUS_BLOCK
 typedef struct _PICE_SYMBOLFILE_HEADER
 {
 	ULONG magic;
-	char name[32];
+	WCHAR name[64];
 	ULONG ulOffsetToHeaders,ulSizeOfHeader;
 	ULONG ulOffsetToGlobals,ulSizeOfGlobals;
 	ULONG ulOffsetToGlobalsStrings,ulSizeOfGlobalsStrings;