archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/base/mvdm/vdmexts/misc.c

721 lines
16 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1990 Microsoft Corporation
  5. Module Name:
  7. ntsdexts.c
  9. Abstract:
  11. This function contains miscellaneous VDMEXTS functions
  13. Author:
  15. Bob Day (bobday) 29-Feb-1992 Grabbed standard header
  17. Revision History:
  19. Neil Sandlin (NeilSa) 15-Jan-1996 Merged with vdmexts
  21. --*/
  23. #include <precomp.h>
  24. #pragma hdrstop
  25. #include <ctype.h>
  27. extern DWORD gOffset; // in disasm.c
  29. VOID
  30. DumpMemory(
  31. UINT UnitSize,
  32. BOOL bAscii
  33. )
  34. {
  35. VDMCONTEXT ThreadContext;
  36. int mode;
  37. int j, lines = 8, linelength;
  38. WORD selector;
  39. ULONG offset, endoffset, units;
  40. ULONG base;
  41. char ch;
  43. if (!UnitSize) {
  44. return;
  45. }
  47. mode = GetContext( &ThreadContext );
  49. if (!GetNextToken()) {
  50. PRINTF("Please specify an address\n");
  51. return;
  52. }
  54. if (!ParseIntelAddress(&mode, &selector, &offset)) {
  55. return;
  56. }
  58. if (GetNextToken()) {
  59. if ((*lpArgumentString == 'l') || (*lpArgumentString == 'L')) {
  60. lpArgumentString++;
  61. }
  62. units = EvaluateToken();
  63. lines = (units*UnitSize+15)/16;
  64. } else {
  65. units = (lines*16)/UnitSize;
  66. }
  68. endoffset = offset+units*UnitSize;
  70. base = GetInfoFromSelector(selector, mode, NULL) + GetIntelBase();
  72. while (lines--) {
  73. if (offset & 0xFFFF0000) {
  74. PRINTF("%04x:%08lx ", selector, offset);
  75. } else {
  76. PRINTF("%04x:%04x ", selector, LOWORD(offset));
  77. }
  79. linelength = endoffset - offset;
  80. if (linelength > 16) {
  81. linelength = 16;
  82. }
  84. switch(UnitSize) {
  86. case 1:
  87. for (j=0; j<linelength; j++) {
  88. if (j==8) {
  89. PRINTF("-");
  90. } else {
  91. PRINTF(" ");
  92. }
  93. PRINTF("%02x", ReadByteSafe(base+offset+j));
  94. }
  96. break;
  97. case 2:
  98. for (j=0; j<linelength; j+=2) {
  99. PRINTF(" %04x", ReadWordSafe(base+offset+j));
  100. }
  101. break;
  102. case 4:
  103. for (j=0; j<linelength; j+=4) {
  104. PRINTF(" %08lx", ReadDwordSafe(base+offset+j));
  105. }
  106. break;
  107. }
  109. if (bAscii) {
  111. j = (16-linelength)*2 + (16-linelength)/UnitSize;
  112. while (j--) {
  113. PRINTF(" ");
  114. }
  116. PRINTF(" ");
  118. for (j=0; j<linelength; j++) {
  119. ch = ReadByteSafe(base+offset+j);
  120. if (isprint(ch)) {
  121. PRINTF("%c", ch);
  122. } else {
  123. PRINTF(".");
  124. }
  125. }
  126. }
  127. PRINTF("\n");
  128. offset += 16;
  130. }
  132. }
  134. VOID
  135. db(
  136. CMD_ARGLIST
  137. )
  138. {
  139. CMD_INIT();
  140. DumpMemory(1, TRUE);
  142. }
  144. VOID
  145. dw(
  146. CMD_ARGLIST
  147. )
  148. {
  149. CMD_INIT();
  150. DumpMemory(2, FALSE);
  152. }
  154. VOID
  155. dd(
  156. CMD_ARGLIST
  157. )
  158. {
  159. CMD_INIT();
  160. DumpMemory(4, FALSE);
  162. }
  164. VOID
  165. EditMemory(
  166. UINT UnitSize
  167. )
  168. {
  169. ULONG value, base, offset;
  170. WORD selector;
  171. int mode;
  173. if (!GetNextToken()) {
  174. PRINTF("Please specify an address\n");
  175. return;
  176. }
  178. if (!ParseIntelAddress(&mode, &selector, &offset)) {
  179. return;
  180. }
  182. base = GetInfoFromSelector(selector, mode, NULL) + GetIntelBase();
  184. while(GetNextToken()) {
  185. value = EvaluateToken();
  187. PRINTF("%04x base=%08x offset=%08x value=%08x\n", selector, base, offset, value);
  188. // this is endian dependant code
  189. WRITEMEM((LPVOID)(base+offset), &value, UnitSize);
  190. offset += UnitSize;
  192. }
  194. }
  196. VOID
  197. eb(
  198. CMD_ARGLIST
  199. )
  200. {
  201. CMD_INIT();
  202. EditMemory(1);
  203. }
  205. VOID
  206. ew(
  207. CMD_ARGLIST
  208. )
  209. {
  210. CMD_INIT();
  211. EditMemory(2);
  212. }
  214. VOID
  215. ed(
  216. CMD_ARGLIST
  217. )
  218. {
  219. CMD_INIT();
  220. EditMemory(4);
  221. }
  227. VOID
  228. r(
  229. CMD_ARGLIST
  230. ) {
  231. VDMCONTEXT ThreadContext;
  232. int mode;
  233. char sym_text[255];
  234. char rgchOutput[128];
  235. char rgchExtra[128];
  236. BYTE rgbInstruction[64];
  237. WORD selector;
  238. ULONG offset;
  239. ULONG dist;
  240. int cb, j;
  241. ULONG Base;
  242. SELECTORINFO si;
  244. CMD_INIT();
  246. mode = GetContext( &ThreadContext );
  248. PRINTF("eax=%08lx ebx=%08lx ecx=%08lx edx=%08lx esi=%08lx edi=%08lx\n",
  249. ThreadContext.Eax,
  250. ThreadContext.Ebx,
  251. ThreadContext.Ecx,
  252. ThreadContext.Edx,
  253. ThreadContext.Esi,
  254. ThreadContext.Edi );
  255. PRINTF("eip=%08lx esp=%08lx ebp=%08lx ",
  256. ThreadContext.Eip,
  257. ThreadContext.Esp,
  258. ThreadContext.Ebp );
  260. if (ThreadContext.EFlags != 0xffffffff) {
  261. if ( ThreadContext.EFlags & FLAG_OVERFLOW ) {
  262. PRINTF("ov ");
  263. } else {
  264. PRINTF("nv ");
  265. }
  266. if ( ThreadContext.EFlags & FLAG_DIRECTION ) {
  267. PRINTF("dn ");
  268. } else {
  269. PRINTF("up ");
  270. }
  271. if ( ThreadContext.EFlags & FLAG_INTERRUPT ) {
  272. PRINTF("ei ");
  273. } else {
  274. PRINTF("di ");
  275. }
  276. if ( ThreadContext.EFlags & FLAG_SIGN ) {
  277. PRINTF("ng ");
  278. } else {
  279. PRINTF("pl ");
  280. }
  281. if ( ThreadContext.EFlags & FLAG_ZERO ) {
  282. PRINTF("zr ");
  283. } else {
  284. PRINTF("nz ");
  285. }
  286. if ( ThreadContext.EFlags & FLAG_AUXILLIARY ) {
  287. PRINTF("ac ");
  288. } else {
  289. PRINTF("na ");
  290. }
  291. if ( ThreadContext.EFlags & FLAG_PARITY ) {
  292. PRINTF("po ");
  293. } else {
  294. PRINTF("pe ");
  295. }
  296. if ( ThreadContext.EFlags & FLAG_CARRY ) {
  297. PRINTF("cy ");
  298. } else {
  299. PRINTF("nc ");
  300. }
  301. }
  303. PRINTF("\n");
  304. PRINTF("cs=%04x ss=%04x ds=%04x es=%04x fs=%04x gs=%04x ",
  305. ThreadContext.SegCs,
  306. ThreadContext.SegSs,
  307. ThreadContext.SegDs,
  308. ThreadContext.SegEs,
  309. ThreadContext.SegFs,
  310. ThreadContext.SegGs);
  312. if (ThreadContext.EFlags == 0xffffffff) {
  313. //
  314. // The contents of eflags are unreliable. This happens when you can't
  315. // do a "getEFLAGS()" to obtain the value.
  316. //
  317. PRINTF("efl=????????\n");
  319. } else {
  320. PRINTF("efl=%08lx\n",ThreadContext.EFlags );
  321. }
  323. //
  324. // Do disassembly of current instruction
  325. //
  327. selector = (WORD) ThreadContext.SegCs;
  328. offset = ThreadContext.Eip;
  330. Base = GetInfoFromSelector( selector, mode, &si ) + GetIntelBase();
  332. if (FindSymbol(selector, offset, sym_text, &dist, BEFORE, mode )) {
  333. if ( dist == 0 ) {
  334. PRINTF("%s:\n", sym_text );
  335. } else {
  336. PRINTF("%s+0x%lx:\n", sym_text, dist );
  337. }
  338. }
  340. cb = sizeof(rgbInstruction);
  341. if ((DWORD)(offset+cb) >= si.Limit)
  342. cb -= offset+cb-si.Limit;
  343. if (!READMEM((LPVOID)(Base+offset), rgbInstruction, cb)) {
  344. PRINTF("%04x:%08x: <Error Reading Memory>\n", selector, offset);
  345. return;
  346. }
  348. cb = unassemble_one(rgbInstruction,
  349. si.bBig,
  350. selector, offset,
  351. rgchOutput,
  352. rgchExtra,
  353. &ThreadContext,
  354. mode);
  356. if (offset > 0xffff) {
  357. PRINTF("%04x:%08x ", selector, offset);
  358. } else {
  359. PRINTF("%04x:%04x ", selector, offset);
  360. }
  362. for (j=0; j<cb; ++j)
  363. PRINTF("%02x", rgbInstruction[j]);
  364. for (; j<8; ++j)
  365. PRINTF(" ");
  366. PRINTF("%s\t%s\n", rgchOutput, rgchExtra);
  367. }
  369. VOID
  370. SearchModuleList(
  371. VOID
  372. )
  373. {
  374. VDMCONTEXT ThreadContext;
  375. int mode;
  376. HEAPENTRY he = {0};
  377. SELECTORINFO si;
  378. WORD selector = 0;
  379. SEGENTRY *se;
  380. char filename[9];
  381. char szModuleArg[255];
  382. BOOL bModuleNameGiven=FALSE;
  383. LPSTR pTemp;
  386. mode = GetContext( &ThreadContext );
  388. if (GetNextToken()) {
  390. if (IsTokenHex()) {
  391. selector = (WORD) EvaluateToken();
  392. } else {
  393. bModuleNameGiven = TRUE;
  394. pTemp = lpArgumentString;
  395. SkipToNextWhiteSpace();
  396. *lpArgumentString = 0;
  397. strcpy(szModuleArg, pTemp);
  398. if (strlen(szModuleArg) > 8) {
  399. szModuleArg[8] = 0;
  400. }
  401. }
  402. }
  405. PRINTF("Sel Base Limit Type Module Seg\n");
  406. PRINTF("==== ======== ======== ==== ======== ===\n");
  408. se = GetSegtablePointer();
  409. while ( se ) {
  410. if ( selector == 0 ||
  411. se->selector == selector ||
  412. bModuleNameGiven) {
  414. switch (se->type) {
  416. case SEGTYPE_PROT:
  417. {
  418. HEAPENTRY he = {0};
  419. he.Selector = se->selector;
  420. if (FindHeapEntry(&he, FHE_FIND_SEL_ONLY, FHE_FIND_QUIET)) {
  421. break;
  422. }
  423. }
  424. GetInfoFromSelector(se->selector, PROT_MODE, &si);
  425. ParseModuleName(filename, se->szExePath);
  427. if (!bModuleNameGiven || !_stricmp(filename, szModuleArg)) {
  429. PRINTF("%04X %08lX %08lX",
  430. se->selector,
  431. si.Base,
  432. si.Limit);
  433. PRINTF(" %s", si.bCode ? "code" : "data");
  434. PRINTF(" %-8.8s %d\n",
  435. filename,
  436. se->segment+1 );
  438. }
  439. break;
  441. case SEGTYPE_V86:
  442. ParseModuleName(filename, se->szExePath);
  444. if (!bModuleNameGiven || !_stricmp(filename, szModuleArg)) {
  446. PRINTF("%04X %08lX %08lX %s %-8.8s %d\n",
  447. se->selector,
  448. se->selector << 4,
  449. se->length,
  450. "v86 ",
  451. filename,
  452. se->segment+1);
  453. }
  454. break;
  455. }
  457. }
  458. se = se->Next;
  459. }
  461. he.CurrentEntry = 0; // reset scan
  462. if (bModuleNameGiven) {
  463. strcpy(he.ModuleArg, szModuleArg);
  464. } else {
  465. he.Selector = selector;
  466. }
  468. while (FindHeapEntry(&he, bModuleNameGiven ? FHE_FIND_MOD_ONLY :
  469. FHE_FIND_SEL_ONLY,
  470. FHE_FIND_QUIET)) {
  472. if (he.SegmentNumber != -1) {
  473. GetInfoFromSelector((WORD)(he.gnode.pga_handle | 1), PROT_MODE, &si);
  474. PRINTF("%04X %08lX %08lX",
  475. he.gnode.pga_handle | 1,
  476. he.gnode.pga_address,
  477. he.gnode.pga_size - 1);
  479. PRINTF(" %s", si.bCode ? "Code" : "Data");
  481. PRINTF(" %-8.8s %d\n",
  482. he.OwnerName,
  483. he.SegmentNumber+1);
  484. }
  486. }
  488. }
  491. VOID
  492. lm(
  493. CMD_ARGLIST
  494. )
  495. {
  496. CMD_INIT();
  498. if (GetNextToken()) {
  500. SearchModuleList();
  502. } else {
  504. WORD sel;
  505. BOOL b;
  506. NEHEADER owner;
  507. ULONG base;
  508. CHAR ModuleName[9];
  509. UCHAR len;
  511. if (!ReadMemExpression("ntvdmd!DbgWowhExeHead", &sel, sizeof(sel))) {
  512. return;
  513. }
  515. PRINTF("NEHeader Module Name\n");
  516. while(sel) {
  518. base = GetInfoFromSelector(sel, PROT_MODE, NULL) + GetIntelBase();
  520. b = READMEM((LPVOID)base, &owner, sizeof(owner));
  522. if (!b || (owner.ne_magic != 0x454e)) {
  523. PRINTF("Invalid module list! (started with hExeHead)\n");
  524. return;
  525. }
  527. len = ReadByteSafe(base+owner.ne_restab);
  528. if (len>8) {
  529. len=8;
  530. }
  531. READMEM((LPVOID)(base+owner.ne_restab+1), ModuleName, 8);
  533. ModuleName[len] = 0;
  535. PRINTF(" %.04X %s\n", sel, ModuleName);
  536. // This is mapped to ne_pnextexe in kernel
  537. sel = owner.ne_cbenttab;
  538. }
  539. }
  540. }
  542. VOID
  543. dg(
  544. CMD_ARGLIST
  545. ) {
  546. ULONG selector;
  547. ULONG Base;
  548. SELECTORINFO si;
  549. int count = 16;
  551. CMD_INIT();
  553. if (!GetNextToken()) {
  554. PRINTF("Please enter a selector\n");
  555. return;
  556. }
  558. selector = EvaluateToken();
  560. if (GetNextToken()) {
  561. if (tolower(*lpArgumentString) == 'l') {
  562. lpArgumentString++;
  563. }
  564. count = (WORD) EvaluateToken();
  565. }
  567. while (count--) {
  569. Base = GetInfoFromSelector( (WORD) selector, PROT_MODE, &si );
  571. PRINTF("%04X => Base: %08lX", selector, Base);
  573. #ifndef i386
  574. PRINTF(" (%08X)", Base+GetIntelBase());
  575. #endif
  577. PRINTF(" Limit: %08lX %s %s %s %s %s %s\n",
  578. si.Limit,
  579. si.bPresent ? " P" : "NP",
  580. si.bSystem ? "System" : si.bCode ? "Code " : "Data ",
  581. si.bSystem ? "" : si.bWrite ? "W" : "R",
  582. si.bSystem ? "" : si.bAccessed ? "A" : " ",
  583. si.bBig ? "Big" : "",
  584. si.bExpandDown ? "ED" : ""
  585. );
  587. selector+=8;
  588. if (selector>0xffff) {
  589. break;
  590. }
  591. }
  593. }
  595. VOID
  596. ntsd(
  597. CMD_ARGLIST
  598. )
  599. {
  600. #if 0
  601. PVOID Address;
  602. static BOOL bTrue = TRUE;
  603. #endif
  605. CMD_INIT();
  607. PRINTF("vdmexts: obselete command 'ntsd', use '.<cmd>' from VDM> prompt\n");
  608. #if 0
  609. if (!InVdmPrompt()) {
  610. PRINTF("This command only works at the VDM> prompt\n");
  611. }
  613. Address = (PVOID)(*GetExpression)("ntvdmd!bWantsNtsdPrompt");
  615. if (Address) {
  616. WRITEMEM((PVOID)Address, &bTrue, sizeof(BOOL));
  617. PRINTF("Enter 'g' to return from the ntsd prompt\n");
  618. } else {
  619. PRINTF("Can't find symbol 'ntvdmd!bWantsNtsdPrompt'\n");
  620. }
  621. #endif
  622. }
  625. VOID
  626. q(
  627. CMD_ARGLIST
  628. )
  629. {
  630. CMD_INIT();
  632. PRINTF("!vdmexts.q quitting debugger...");
  633. ExitProcess(0);
  634. }
  637. //
  638. // fs find string
  639. // case-insensitive
  640. // searches LDT selectors one by one, first 64k only.
  641. //
  643. VOID
  644. fs(
  645. CMD_ARGLIST
  646. ) {
  647. ULONG selector;
  648. ULONG Base;
  649. ULONG cbCopied;
  650. SELECTORINFO si;
  651. BYTE Buffer[65*1024];
  652. LPSTR pszSearch;
  653. LPSTR pch;
  655. CMD_INIT();
  657. RtlZeroMemory(Buffer, sizeof(Buffer));
  659. if (!GetNextToken()) {
  660. PRINTF("Please enter a string to find in 16:16 memory\n");
  661. return;
  662. }
  664. pszSearch = lpArgumentString;
  666. PRINTF("Searching 16:16 memory for '%s'\n", pszSearch);
  668. for (selector = 7;
  669. selector < 0x10000;
  670. selector += 8) {
  672. Base = GetInfoFromSelector( (WORD) selector, PROT_MODE, &si );
  674. //
  675. // If the selector is valid and present read up to 64k
  676. // into Buffer.
  677. //
  679. if (Base != (ULONG)-1 && si.bPresent) {
  681. cbCopied = si.Limit + 1;
  683. if (cbCopied > 0x10000) {
  684. cbCopied = 0x10000;
  685. }
  687. if (!READMEM((LPVOID)(Base + GetIntelBase()), Buffer, cbCopied)) {
  688. PRINTF("Unable to read selector %04x contents at %x for %x bytes\n",
  689. selector, Base + GetIntelBase(), cbCopied);
  690. } else {
  692. //
  693. // search the block for the string, buffer is 1k too big and
  694. // zero-inited so that strcmp is safe.
  695. //
  697. for (pch = Buffer;
  698. pch < (Buffer + cbCopied);
  699. pch++) {
  701. if (!_memicmp(pch, pszSearch, strlen(pszSearch))) {
  703. //
  704. // Match!
  705. //
  707. PRINTF("%04x:%04x (%08x) '%s'\n",
  708. selector,
  709. pch - Buffer,
  710. #ifndef i386
  711. GetIntelBase() +
  712. #endif
  713. Base + (pch - Buffer),
  714. pch);
  715. }
  716. }
  717. }
  718. }
  719. }
  721. }