archive
/
windows-nt-4.0
mirror of https://github.com/lianthony/NT4.0
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Windows NT 4.0 source code leak
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
184 MiB
Tree: b4a8d373d8
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'b4a8d373d8'
${ noResults }
windows-nt-4.0/private/sdktools/instaler/debug.c

481 lines
17 KiB
Raw Normal View History

initial commit
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. debug.c
  9. Abstract:
  11. Main loop for INSTALER program
  13. Author:
  15. Steve Wood (stevewo) 09-Aug-1994
  17. Revision History:
  19. --*/
  21. #include "instaler.h"
  23. DWORD
  24. DebugEventHandler(
  25. LPDEBUG_EVENT DebugEvent
  26. );
  28. VOID
  29. InstallBreakpointsForDLL(
  30. PPROCESS_INFO Process,
  31. LPVOID BaseOfDll
  32. );
  34. VOID
  35. RemoveBreakpointsForDLL(
  36. PPROCESS_INFO Process,
  37. LPVOID BaseOfDll
  38. );
  40. char *DebugEventNames[] = {
  41. "Unknown debug event",
  42. "EXCEPTION_DEBUG_EVENT",
  43. "CREATE_THREAD_DEBUG_EVENT",
  44. "CREATE_PROCESS_DEBUG_EVENT",
  45. "EXIT_THREAD_DEBUG_EVENT",
  46. "EXIT_PROCESS_DEBUG_EVENT",
  47. "LOAD_DLL_DEBUG_EVENT",
  48. "UNLOAD_DLL_DEBUG_EVENT",
  49. "OUTPUT_DEBUG_STRING_EVENT",
  50. "RIP_EVENT",
  51. "Unknown debug event",
  52. "Unknown debug event",
  53. "Unknown debug event",
  54. "Unknown debug event",
  55. "Unknown debug event",
  56. "Unknown debug event",
  57. "Unknown debug event",
  58. "Unknown debug event",
  59. "Unknown debug event",
  60. "Unknown debug event",
  61. NULL
  62. };
  65. VOID
  66. DebugEventLoop( VOID )
  67. {
  68. DEBUG_EVENT DebugEvent;
  69. DWORD ContinueStatus;
  70. DWORD OldPriority;
  72. //
  73. // We want to process debug events quickly
  74. //
  76. OldPriority = GetPriorityClass( GetCurrentProcess() );
  77. SetPriorityClass( GetCurrentProcess(), HIGH_PRIORITY_CLASS );
  79. do {
  80. if (!WaitForDebugEvent( &DebugEvent, INFINITE )) {
  81. DeclareError( INSTALER_WAITDEBUGEVENT_FAILED, GetLastError() );
  82. ExitProcess( 1 );
  83. }
  85. if (DebugEvent.dwDebugEventCode == EXCEPTION_DEBUG_EVENT) {
  86. if (DebugEvent.u.Exception.ExceptionRecord.ExceptionCode != STATUS_BREAKPOINT &&
  87. DebugEvent.u.Exception.ExceptionRecord.ExceptionCode != STATUS_SINGLE_STEP
  88. ) {
  89. DbgEvent( DBGEVENT, ( "Debug exception event - Code: %x Address: %x Info: [%u] %x %x %x %x\n",
  90. DebugEvent.u.Exception.ExceptionRecord.ExceptionCode,
  91. DebugEvent.u.Exception.ExceptionRecord.ExceptionAddress,
  92. DebugEvent.u.Exception.ExceptionRecord.NumberParameters,
  93. DebugEvent.u.Exception.ExceptionRecord.ExceptionInformation[ 0 ],
  94. DebugEvent.u.Exception.ExceptionRecord.ExceptionInformation[ 1 ],
  95. DebugEvent.u.Exception.ExceptionRecord.ExceptionInformation[ 2 ],
  96. DebugEvent.u.Exception.ExceptionRecord.ExceptionInformation[ 3 ]
  97. )
  98. );
  99. }
  100. }
  101. else {
  102. DbgEvent( DBGEVENT, ( "Debug %s (%x) event\n",
  103. DebugEventNames[ DebugEvent.dwDebugEventCode ],
  104. DebugEvent.dwDebugEventCode
  105. )
  106. );
  107. }
  108. ContinueStatus = DebugEventHandler( &DebugEvent );
  109. if (!ContinueDebugEvent( DebugEvent.dwProcessId,
  110. DebugEvent.dwThreadId,
  111. ContinueStatus
  112. )
  113. ) {
  114. DeclareError( INSTALER_CONTDEBUGEVENT_FAILED, GetLastError() );
  115. ExitProcess( 1 );
  116. }
  117. }
  118. while (!IsListEmpty( &ProcessListHead ));
  121. //
  122. // Drop back to old priority to interact with user.
  123. //
  125. SetPriorityClass( GetCurrentProcess(), OldPriority );
  126. }
  129. DWORD
  130. DebugEventHandler(
  131. LPDEBUG_EVENT DebugEvent
  132. )
  133. {
  134. DWORD ContinueStatus;
  135. PPROCESS_INFO Process;
  136. PTHREAD_INFO Thread;
  137. PBREAKPOINT_INFO Breakpoint;
  139. ContinueStatus = (DWORD)DBG_CONTINUE;
  140. if (FindProcessAndThreadForEvent( DebugEvent, &Process, &Thread )) {
  141. switch (DebugEvent->dwDebugEventCode) {
  142. case CREATE_PROCESS_DEBUG_EVENT:
  143. //
  144. // Create process event includes first thread of process
  145. // as well. Remember process and thread in our process tree
  146. //
  148. if (AddProcess( DebugEvent, &Process )) {
  149. InheritHandles( Process );
  150. AddThread( DebugEvent, Process, &Thread );
  151. }
  152. break;
  154. case EXIT_PROCESS_DEBUG_EVENT:
  155. //
  156. // Exit process event includes last thread of process
  157. // as well. Remove process and thread from our process tree
  158. //
  160. if (DeleteThread( Process, Thread )) {
  161. DeleteProcess( Process );
  162. }
  163. break;
  165. case CREATE_THREAD_DEBUG_EVENT:
  166. //
  167. // Create thread. Remember thread in our process tree.
  168. //
  170. AddThread( DebugEvent, Process, &Thread );
  171. break;
  173. case EXIT_THREAD_DEBUG_EVENT:
  174. //
  175. // Exit thread. Remove thread from our process tree.
  176. //
  178. DeleteThread( Process, Thread );
  179. break;
  181. case LOAD_DLL_DEBUG_EVENT:
  182. //
  183. // DLL just mapped into process address space. See if it is one
  184. // of the ones we care about and if so, install the necessary
  185. // breakpoints.
  186. //
  188. InstallBreakpointsForDLL( Process, DebugEvent->u.LoadDll.lpBaseOfDll );
  189. break;
  191. case UNLOAD_DLL_DEBUG_EVENT:
  192. //
  193. // DLL just unmapped from process address space. See if it is one
  194. // of the ones we care about and if so, remove the breakpoints we
  195. // installed when it was mapped.
  196. //
  198. RemoveBreakpointsForDLL( Process, DebugEvent->u.UnloadDll.lpBaseOfDll );
  199. break;
  201. case OUTPUT_DEBUG_STRING_EVENT:
  202. case RIP_EVENT:
  203. //
  204. // Ignore these
  205. //
  206. break;
  208. case EXCEPTION_DEBUG_EVENT:
  209. //
  210. // Assume we wont handle this exception
  211. //
  213. ContinueStatus = (DWORD)DBG_EXCEPTION_NOT_HANDLED;
  214. switch (DebugEvent->u.Exception.ExceptionRecord.ExceptionCode) {
  215. //
  216. // Breakpoint exception.
  217. //
  219. case STATUS_BREAKPOINT:
  220. EnterCriticalSection( &BreakTable );
  221. if (Thread->BreakpointToStepOver != NULL) {
  222. //
  223. // If this breakpoint was in place to step over an API entry
  224. // point breakpoint, then deal with it by ending single
  225. // step mode, resuming all threads in the process and
  226. // reinstalling the API breakpoint we just stepped over.
  227. // Finally return handled for this exception so the
  228. // thread can proceed.
  229. //
  231. EndSingleStepBreakpoint( Process, Thread );
  232. HandleThreadsForSingleStep( Process, Thread, FALSE );
  233. InstallBreakpoint( Process, Thread->BreakpointToStepOver );
  234. Thread->BreakpointToStepOver = NULL;
  235. ContinueStatus = (DWORD)DBG_EXCEPTION_HANDLED;
  236. }
  237. else {
  238. //
  239. // Otherwise, see if this breakpoint is either an API entry
  240. // point breakpoint for the process or a return address
  241. // breakpoint for a thread in the process.
  242. //
  243. Breakpoint = FindBreakpoint( DebugEvent->u.Exception.ExceptionRecord.ExceptionAddress,
  244. Process,
  245. Thread
  246. );
  247. if (Breakpoint != NULL) {
  248. //
  249. // This is one of our breakpoints, call the breakpoint
  250. // handler.
  251. //
  252. if (HandleBreakpoint( Process, Thread, Breakpoint )) {
  253. //
  254. // Now single step over this breakpoint, by removing it and
  255. // setting a breakpoint at the next instruction (or using
  256. // single stepmode if the processor supports it). We also
  257. // suspend all the threads in the process except this one so
  258. // we know the next breakpoint/single step exception we see
  259. // for this process will be for this one.
  260. //
  262. Thread->BreakpointToStepOver = Breakpoint;
  263. RemoveBreakpoint( Process, Breakpoint );
  264. HandleThreadsForSingleStep( Process, Thread, TRUE );
  265. BeginSingleStepBreakpoint( Process, Thread );
  266. }
  267. else {
  268. Thread->BreakpointToStepOver = NULL;
  269. }
  271. ContinueStatus = (DWORD)DBG_EXCEPTION_HANDLED;
  272. }
  273. else {
  274. DbgEvent( DBGEVENT, ( "Skipping over hardcoded breakpoint at %x\n",
  275. DebugEvent->u.Exception.ExceptionRecord.ExceptionAddress
  276. )
  277. );
  279. //
  280. // If not one of our breakpoints, assume it is a hardcoded
  281. // breakpoint and skip over it. This will get by the one
  282. // breakpoint in LdrInit triggered by the process being
  283. // invoked with DEBUG_PROCESS.
  284. //
  286. if (SkipOverHardcodedBreakpoint( Process,
  287. Thread,
  288. DebugEvent->u.Exception.ExceptionRecord.ExceptionAddress
  289. )
  290. ) {
  291. //
  292. // If we successfully skipped over this hard-coded breakpoint
  293. // then return handled for this exception.
  294. //
  296. ContinueStatus = (DWORD)DBG_EXCEPTION_HANDLED;
  297. }
  298. }
  299. }
  300. LeaveCriticalSection( &BreakTable );
  301. break;
  303. case STATUS_SINGLE_STEP:
  304. //
  305. // We should only see this exception on processors that
  306. // support a single step mode.
  307. //
  309. EnterCriticalSection( &BreakTable );
  310. if (Thread->BreakpointToStepOver != NULL) {
  311. EndSingleStepBreakpoint( Process, Thread );
  312. HandleThreadsForSingleStep( Process, Thread, FALSE );
  313. InstallBreakpoint( Process, Thread->BreakpointToStepOver );
  314. Thread->BreakpointToStepOver = NULL;
  315. ContinueStatus = (DWORD)DBG_EXCEPTION_HANDLED;
  316. }
  317. LeaveCriticalSection( &BreakTable );
  318. break;
  320. case STATUS_VDM_EVENT:
  321. //
  322. // Returning NOT_HANDLED will cause the default behavior to
  323. // occur.
  324. //
  325. break;
  327. default:
  328. DbgEvent( DBGEVENT, ( "Unknown exception: %08x at %08x\n",
  329. DebugEvent->u.Exception.ExceptionRecord.ExceptionCode,
  330. DebugEvent->u.Exception.ExceptionRecord.ExceptionAddress
  331. )
  332. );
  333. break;
  334. }
  335. break;
  337. default:
  338. DbgEvent( DBGEVENT, ( "Unknown debug event\n" ) );
  339. break;
  340. }
  341. }
  342. return( ContinueStatus );
  343. }
  346. VOID
  347. InstallBreakpointsForDLL(
  348. PPROCESS_INFO Process,
  349. LPVOID BaseOfDll
  350. )
  351. {
  352. UCHAR ModuleIndex, ApiIndex;
  353. PBREAKPOINT_INFO Breakpoint;
  355. //
  356. // Loop over module table to see if the base address of this DLL matches
  357. // one of the module handles we want to set breakpoints in. If not, ignore
  358. // event.
  359. //
  361. for (ModuleIndex=0; ModuleIndex<MAXIMUM_MODULE_INDEX; ModuleIndex++) {
  362. if (ModuleInfo[ ModuleIndex ].ModuleHandle == BaseOfDll) {
  363. //
  364. // Loop over the list of API entry points for this module and set
  365. // a process specific breakpoint at the first instruction of each
  366. // entrypoint.
  367. //
  369. for (ApiIndex=0; ApiIndex<MAXIMUM_API_INDEX; ApiIndex++) {
  370. if (ModuleIndex == ApiInfo[ ApiIndex ].ModuleIndex) {
  371. if (CreateBreakpoint( ApiInfo[ ApiIndex ].EntryPointAddress,
  372. Process,
  373. NULL, // process specific
  374. ApiIndex,
  375. NULL,
  376. &Breakpoint
  377. )
  378. ) {
  379. Breakpoint->ModuleName = ModuleInfo[ ApiInfo[ ApiIndex ].ModuleIndex ].ModuleName;
  380. Breakpoint->ProcedureName = ApiInfo[ ApiIndex ].EntryPointName;
  381. DbgEvent( DBGEVENT, ( "Installed breakpoint for %ws!%s at %08x\n",
  382. Breakpoint->ModuleName,
  383. Breakpoint->ProcedureName,
  384. ApiInfo[ ApiIndex ].EntryPointAddress
  385. )
  386. );
  387. }
  388. }
  389. }
  390. break;
  391. }
  392. }
  393. }
  395. VOID
  396. RemoveBreakpointsForDLL(
  397. PPROCESS_INFO Process,
  398. LPVOID BaseOfDll
  399. )
  400. {
  401. UCHAR ModuleIndex, ApiIndex;
  403. //
  404. // Loop over module index to see if the base address of this DLL matches
  405. // one of the module handles we set breakpoints in above. If not, ignore
  406. // event.
  407. //
  409. for (ModuleIndex=0; ModuleIndex<MAXIMUM_MODULE_INDEX; ModuleIndex++) {
  410. if (ModuleInfo[ ModuleIndex ].ModuleHandle == BaseOfDll) {
  411. //
  412. // Loop over the list of API entry points for this module and remove
  413. // each process specific breakpoint set above for each entrypoint.
  414. //
  416. for (ApiIndex=0; ApiIndex<MAXIMUM_API_INDEX; ApiIndex++) {
  417. if (ModuleIndex == ApiInfo[ ApiIndex ].ModuleIndex) {
  418. DestroyBreakpoint( ApiInfo[ ApiIndex ].EntryPointAddress,
  419. Process,
  420. NULL // process specific
  421. );
  422. }
  423. }
  424. break;
  425. }
  426. }
  427. }
  430. BOOLEAN
  431. InstallBreakpoint(
  432. PPROCESS_INFO Process,
  433. PBREAKPOINT_INFO Breakpoint
  434. )
  435. {
  436. if (!Breakpoint->SavedInstructionValid &&
  437. !ReadMemory( Process,
  438. Breakpoint->Address,
  439. &Breakpoint->SavedInstruction,
  440. SizeofBreakpointInstruction,
  441. "save instruction"
  442. )
  443. ) {
  444. return FALSE;
  445. }
  446. else
  447. if (!WriteMemory( Process,
  448. Breakpoint->Address,
  449. BreakpointInstruction,
  450. SizeofBreakpointInstruction,
  451. "breakpoint instruction"
  452. )
  453. ) {
  454. return FALSE;
  455. }
  456. else {
  457. Breakpoint->SavedInstructionValid = TRUE;
  458. return TRUE;
  459. }
  460. }
  462. BOOLEAN
  463. RemoveBreakpoint(
  464. PPROCESS_INFO Process,
  465. PBREAKPOINT_INFO Breakpoint
  466. )
  467. {
  468. if (!Breakpoint->SavedInstructionValid ||
  469. !WriteMemory( Process,
  470. Breakpoint->Address,
  471. &Breakpoint->SavedInstruction,
  472. SizeofBreakpointInstruction,
  473. "restore saved instruction"
  474. )
  475. ) {
  476. return FALSE;
  477. }
  478. else {
  479. return TRUE;
  480. }
  481. }