feat: Enhance OVSM compiler ELF generation and stream filtering

**OVSM Compiler Improvements:**
- Fix ELF virtual addresses (0x1000 → 0x120) to match Solana's working binaries
- Adjust .text and .rodata section alignment for SBPFv1 compatibility
- Remove redundant DT_TEXTREL from dynamic section (use DT_FLAGS instead)
- Add comprehensive debugging examples for ELF parsing and instruction decode

**Stream Service Enhancements:**
- Add program alias resolution (pumpfun, raydium, jupiter, etc.)
- Add token symbol resolution (USDC, BONK, SOL, etc.)
- Add --list-programs and --list-tokens flags for discovery
- Support liquidity pool filtering (--pools)
- Enhanced event filtering with human-readable aliases

**New Command Infrastructure:**
- Add invoke command scaffolding for direct program invocation
- Add program_aliases utility module for ergonomic program/token references

**TUI & Research Agent:**
- Refine real-time network stats streaming
- Improve transaction feed rendering
- Optimize research agent token usage

This makes blockchain investigation more accessible with aliases
instead of requiring full 44-character base58 addresses.

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <[email protected]>

Author: 0xrinegade

Cargo.lock

@@ -32,6 +32,7 @@ solana-sdk = "3.0.0"
 tokio = { version = "1.47.1", features = ["rt-multi-thread", "macros", "sync", "time", "net", "io-util", "fs", "process", "signal"] }
 tokio-stream = { version = "0.1", features = ["sync"] }
 tokio-vsock = "0.4"
+futures-util = "0.3"
 axum = { version = "0.7", features = ["ws"] }
 tower-http = { version = "0.6", features = ["cors"] }
 vsock = "0.3"

Cargo.toml

@@ -0,0 +1,127 @@
+// Compare how RBPF parses our ELF vs Solana's working ELF
+use solana_rbpf::{
+    elf::Executable,
+    program::BuiltinProgram,
+    vm::TestContextObject,
+};
+use std::sync::Arc;
+
+fn parse_and_report(name: &str, path: &str) {
+    println!("\n{}", "=".repeat(60));
+    println!("Parsing {}: {}", name, path);
+    println!("{}\n", "=".repeat(60));
+
+    let elf_bytes = std::fs::read(path).expect("Failed to read ELF");
+    println!("📦 File size: {} bytes", elf_bytes.len());
+
+    // Check header
+    println!("\n📋 ELF Header:");
+    let e_machine = u16::from_le_bytes(elf_bytes[18..20].try_into().unwrap());
+    let e_flags = u32::from_le_bytes(elf_bytes[48..52].try_into().unwrap());
+    let e_shnum = u16::from_le_bytes(elf_bytes[60..62].try_into().unwrap());
+    let e_shstrndx = u16::from_le_bytes(elf_bytes[62..64].try_into().unwrap());
+
+    println!("  Machine: 0x{:x}", e_machine);
+    println!("  Flags: 0x{:x}", e_flags);
+    println!("  Section count: {}", e_shnum);
+    println!("  shstrtab index: {}", e_shstrndx);
+
+    // Try to parse with RBPF
+    println!("\n🔍 RBPF Parsing:");
+    let loader = Arc::new(BuiltinProgram::new_mock());
+
+    match Executable::<TestContextObject>::load(&elf_bytes, loader.clone()) {
+        Ok(executable) => {
+            println!("  ✅ Parsed successfully!");
+
+            // Get some info about the executable
+            println!("\n📊 Executable Info:");
+            println!("  SBPF Version: {:?}", executable.get_sbpf_version());
+            let (_text_offset, text_bytes) = executable.get_text_bytes();
+            println!("  Text section: 0x{:x} bytes", text_bytes.len());
+            println!("  RO section: {} bytes", executable.get_ro_section().len());
+
+            // Check function registry
+            let function_registry = executable.get_function_registry();
+            println!("\n📞 Function registry:");
+            for (hash, value) in function_registry.iter().take(5) {
+                println!("    Hash: 0x{:08x}, Value: (pc bytes, flags)", hash);
+            }
+        }
+        Err(e) => {
+            println!("  ❌ Failed to parse!");
+            println!("  Error: {:?}", e);
+
+            // Try to get more details about the error
+            let error_str = format!("{:?}", e);
+
+            if error_str.contains("StringTooLong") {
+                println!("\n🔍 String length issue detected!");
+
+                // Check shstrtab
+                let e_shoff = u64::from_le_bytes(elf_bytes[40..48].try_into().unwrap());
+                let shstrtab_offset = e_shoff + (e_shstrndx as u64 * 64);
+
+                if shstrtab_offset + 64 <= elf_bytes.len() as u64 {
+                    let sh_name = u32::from_le_bytes(
+                        elf_bytes[shstrtab_offset as usize..shstrtab_offset as usize + 4]
+                            .try_into().unwrap()
+                    );
+                    let sh_offset = u64::from_le_bytes(
+                        elf_bytes[shstrtab_offset as usize + 24..shstrtab_offset as usize + 32]
+                            .try_into().unwrap()
+                    );
+                    let sh_size = u64::from_le_bytes(
+                        elf_bytes[shstrtab_offset as usize + 32..shstrtab_offset as usize + 40]
+                            .try_into().unwrap()
+                    );
+
+                    println!("  shstrtab section header:");
+                    println!("    sh_name: 0x{:x}", sh_name);
+                    println!("    sh_offset: 0x{:x}", sh_offset);
+                    println!("    sh_size: 0x{:x}", sh_size);
+
+                    // Check if we can read the name
+                    let name_start = sh_offset as usize + sh_name as usize;
+                    if name_start < elf_bytes.len() {
+                        let available = elf_bytes.len() - name_start;
+                        println!("    Bytes available from name start: {}", available);
+
+                        // Try to find the null terminator
+                        let mut null_found = false;
+                        for i in 0..available.min(20) {
+                            if elf_bytes[name_start + i] == 0 {
+                                println!("    Null terminator found at offset {}", i);
+                                null_found = true;
+                                break;
+                            }
+                        }
+                        if !null_found {
+                            println!("    ⚠️  No null terminator found in first 20 bytes!");
+                        }
+                    }
+                }
+            }
+        }
+    }
+}
+
+fn main() {
+    // Parse Solana's working ELF
+    parse_and_report(
+        "Solana's syscall_reloc_64_32.so",
+        "/home/larp/.cargo/registry/src/index.crates.io-1949cf8c6b5b557f/solana_rbpf-0.8.5/tests/elfs/syscall_reloc_64_32.so"
+    );
+
+    // Parse our original ELF that fails
+    parse_and_report(
+        "Our minimal_sbpf.so (V2 attempt)",
+        "/tmp/minimal_sbpf.so"
+    );
+
+    // Parse our new working V1 ELF
+    parse_and_report(
+        "Our solana_v1.so (WORKING!)",
+        "/tmp/solana_v1.so"
+    );
+}

crates/ovsm/examples/compare_elf_parsing.rs

@@ -0,0 +1,116 @@
+// Debug RBPF instruction decoding to find the exact issue
+use std::fs;
+
+fn main() {
+    let elf_bytes = fs::read("/tmp/minimal_syscall.so").expect("Failed to read ELF");
+
+    println!("🔍 Debugging RBPF instruction decode at .text (0x120)\n");
+
+    // The .text section starts at 0x120 according to our ELF
+    let text_start = 0x120;
+    let text_size = 48;
+
+    println!("📝 Instructions in .text:");
+
+    let mut pc = 0;
+    while pc < text_size {
+        let offset = text_start + pc;
+
+        if offset >= elf_bytes.len() {
+            println!("  ❌ Offset 0x{:x} out of bounds!", offset);
+            break;
+        }
+
+        let opcode = elf_bytes[offset];
+        let regs = if offset + 1 < elf_bytes.len() { elf_bytes[offset + 1] } else { 0 };
+        let dst = regs & 0xf;
+        let src = (regs >> 4) & 0xf;
+
+        // Read immediate values based on instruction class
+        let imm = if offset + 4 < elf_bytes.len() {
+            i32::from_le_bytes([
+                elf_bytes[offset + 4],
+                elf_bytes[offset + 5],
+                elf_bytes[offset + 6],
+                elf_bytes[offset + 7],
+            ])
+        } else {
+            0
+        };
+
+        // Decode instruction
+        print!("  [{:2}] 0x{:04x}: 0x{:02x} ", pc / 8, offset, opcode);
+
+        match opcode {
+            0x18 => {
+                // LDDW - 16 byte instruction
+                let imm64 = if offset + 12 < elf_bytes.len() {
+                    let low = imm as u64;
+                    let high = i32::from_le_bytes([
+                        elf_bytes[offset + 12],
+                        elf_bytes[offset + 13],
+                        elf_bytes[offset + 14],
+                        elf_bytes[offset + 15],
+                    ]) as u64;
+                    (high << 32) | (low as u32 as u64)
+                } else {
+                    imm as u64
+                };
+                println!("LDDW r{}, 0x{:x}", dst, imm64);
+                pc += 16; // LDDW is 16 bytes
+            }
+            0x85 => {
+                println!("CALL {}", imm);
+                // Check if this is a relative jump
+                if imm != 0 {
+                    let target = (pc as i32 + imm * 8) as usize;
+                    println!("       → Jump target would be: 0x{:x} (relative offset {})", target, imm);
+                    if target >= text_size {
+                        println!("       ❌ JUMP OUT OF BOUNDS! Text size is only 0x{:x}", text_size);
+                    }
+                }
+                pc += 8;
+            }
+            0x95 => {
+                println!("EXIT");
+                pc += 8;
+            }
+            0xb7 => {
+                println!("MOV r{}, {}", dst, imm);
+                pc += 8;
+            }
+            0x05 => {
+                let offset = imm as i16;
+                println!("JA {}", offset);
+                let target = (pc as i32 + (offset as i32) * 8) as usize;
+                println!("       → Jump target: 0x{:x}", target);
+                if target >= text_size {
+                    println!("       ❌ JUMP OUT OF BOUNDS!");
+                }
+                pc += 8;
+            }
+            _ => {
+                println!("UNKNOWN (0x{:02x})", opcode);
+                pc += 8;
+            }
+        }
+    }
+
+    // Now analyze the actual bytes at position 5
+    println!("\n🔍 Instruction at position 5 (byte offset 40 = 0x28 in .text):");
+    let instr_offset = text_start + 40;
+    if instr_offset + 8 <= elf_bytes.len() {
+        let bytes = &elf_bytes[instr_offset..instr_offset + 8];
+        println!("  Bytes: {:02x?}", bytes);
+        println!("  Opcode: 0x{:02x}", bytes[0]);
+
+        // Check if it's interpreted as a jump
+        if bytes[0] & 0x07 == 0x05 {
+            let imm = i32::from_le_bytes([bytes[4], bytes[5], bytes[6], bytes[7]]);
+            println!("  ❌ This is being interpreted as a JUMP with offset {}", imm);
+        }
+    }
+
+    // Also check what RBPF might be seeing differently
+    println!("\n🎯 Theory: RBPF might be starting from a different offset or seeing corrupted data");
+}

crates/ovsm/examples/debug_instruction_decode.rs

@@ -0,0 +1,126 @@
+// Debug why PT_DYNAMIC parsing might fail
+use std::fs;
+use std::mem;
+
+fn main() {
+    let elf_bytes = fs::read("/tmp/hello_final.so").expect("Failed to read ELF");
+
+    println!("🔍 Debugging PT_DYNAMIC parsing\n");
+
+    // Find PT_DYNAMIC
+    let e_phoff = u64::from_le_bytes(elf_bytes[32..40].try_into().unwrap());
+    let e_phnum = u16::from_le_bytes(elf_bytes[56..58].try_into().unwrap());
+
+    for i in 0..e_phnum {
+        let phdr_offset = e_phoff as usize + (i as usize * 56);
+        let p_type = u32::from_le_bytes(elf_bytes[phdr_offset..phdr_offset+4].try_into().unwrap());
+
+        if p_type == 2 { // PT_DYNAMIC
+            println!("📊 Found PT_DYNAMIC at program header {}", i);
+
+            let p_offset = u64::from_le_bytes(elf_bytes[phdr_offset+8..phdr_offset+16].try_into().unwrap());
+            let p_filesz = u64::from_le_bytes(elf_bytes[phdr_offset+32..phdr_offset+40].try_into().unwrap());
+
+            println!("  p_offset: 0x{:x} ({})", p_offset, p_offset);
+            println!("  p_filesz: 0x{:x} ({})", p_filesz, p_filesz);
+
+            // Check what slice_from_program_header would do
+            println!("\n🔍 slice_from_program_header checks:");
+
+            let start = p_offset as usize;
+            let end = start + p_filesz as usize;
+
+            println!("  Range: 0x{:x}..0x{:x}", start, end);
+            println!("  File size: 0x{:x} ({})", elf_bytes.len(), elf_bytes.len());
+
+            // Check 1: Range within bounds?
+            if end > elf_bytes.len() {
+                println!("  ❌ FAIL: Range exceeds file size!");
+                return;
+            }
+            println!("  ✅ Range is within bounds");
+
+            // Check 2: Size divisible by sizeof(Elf64Dyn) = 16?
+            let entry_size = 16;
+            if p_filesz % entry_size != 0 {
+                println!("  ❌ FAIL: Size not divisible by {}", entry_size);
+                return;
+            }
+            println!("  ✅ Size is divisible by {} (entries = {})", entry_size, p_filesz / entry_size);
+
+            // Check 3: Alignment
+            let slice = &elf_bytes[start..end];
+            let ptr = slice.as_ptr();
+            let alignment = mem::align_of::<u64>();
+
+            if (ptr as usize) % alignment != 0 {
+                println!("  ❌ FAIL: Pointer not aligned!");
+                println!("     ptr=0x{:x}, alignment={}", ptr as usize, alignment);
+                return;
+            }
+            println!("  ✅ Pointer is aligned (ptr=0x{:x})", ptr as usize);
+
+            // If we get here, slice_from_program_header should succeed
+            println!("\n✅ PT_DYNAMIC slice_from_program_header should succeed!");
+
+            // Let's also check if the content is valid
+            println!("\n📊 PT_DYNAMIC content:");
+            for j in 0..(p_filesz / entry_size) {
+                let entry_offset = start + (j as usize * entry_size as usize);
+                let d_tag = u64::from_le_bytes(elf_bytes[entry_offset..entry_offset+8].try_into().unwrap());
+                let d_val = u64::from_le_bytes(elf_bytes[entry_offset+8..entry_offset+16].try_into().unwrap());
+
+                let tag_name = match d_tag {
+                    0 => "DT_NULL",
+                    5 => "DT_STRTAB",
+                    6 => "DT_SYMTAB",
+                    10 => "DT_STRSZ",
+                    11 => "DT_SYMENT",
+                    17 => "DT_REL",
+                    18 => "DT_RELSZ",
+                    19 => "DT_RELENT",
+                    30 => "DT_FLAGS",
+                    0x6ffffffa => "DT_RELCOUNT",
+                    _ => "Unknown"
+                };
+
+                println!("  Entry {}: {} (0x{:x}) = 0x{:x}", j, tag_name, d_tag, d_val);
+
+                if d_tag == 0 { break; } // DT_NULL terminates
+            }
+
+            // Now check if this matches what's in SHT_DYNAMIC
+            println!("\n🔍 Comparing with SHT_DYNAMIC:");
+
+            let e_shoff = u64::from_le_bytes(elf_bytes[40..48].try_into().unwrap());
+            let e_shnum = u16::from_le_bytes(elf_bytes[60..62].try_into().unwrap());
+
+            for k in 0..e_shnum {
+                let shdr_offset = e_shoff as usize + (k as usize * 64);
+                let sh_type = u32::from_le_bytes(elf_bytes[shdr_offset+4..shdr_offset+8].try_into().unwrap());
+
+                if sh_type == 6 { // SHT_DYNAMIC
+                    let sh_offset = u64::from_le_bytes(elf_bytes[shdr_offset+24..shdr_offset+32].try_into().unwrap());
+                    let sh_size = u64::from_le_bytes(elf_bytes[shdr_offset+32..shdr_offset+40].try_into().unwrap());
+
+                    println!("  SHT_DYNAMIC section header:");
+                    println!("    sh_offset: 0x{:x}", sh_offset);
+                    println!("    sh_size:   0x{:x}", sh_size);
+
+                    if sh_offset == p_offset && sh_size == p_filesz {
+                        println!("  ✅ PT_DYNAMIC and SHT_DYNAMIC point to same data!");
+                    } else {
+                        println!("  ⚠️  PT_DYNAMIC and SHT_DYNAMIC differ!");
+                        println!("     PT_DYNAMIC: offset=0x{:x}, size=0x{:x}", p_offset, p_filesz);
+                        println!("     SHT_DYNAMIC: offset=0x{:x}, size=0x{:x}", sh_offset, sh_size);
+                    }
+                    break;
+                }
+            }
+
+            return;
+        }
+    }
+
+    println!("❌ No PT_DYNAMIC found!");
+}