|
|
/*++ BUILD Version: 0001 // Increment this if a change has global effects
Copyright (c) 1985-1993, Microsoft Corporation
Module Name:
vdmdbg.h
Abstract:
Prodecure declarations, constant definitions, type definition and macros for the VDMDBG.DLL VDM Debugger interface.
--*/
#ifndef _VDMDBG_
#define _VDMDBG_
#ifdef __cplusplus
extern "C" {#endif
#pragma pack(4)
#define STATUS_VDM_EVENT STATUS_SEGMENT_NOTIFICATION
#ifndef DBG_SEGLOAD
#define DBG_SEGLOAD 0
#define DBG_SEGMOVE 1
#define DBG_SEGFREE 2
#define DBG_MODLOAD 3
#define DBG_MODFREE 4
#define DBG_SINGLESTEP 5
#define DBG_BREAK 6
#define DBG_GPFAULT 7
#define DBG_DIVOVERFLOW 8
#define DBG_INSTRFAULT 9
#define DBG_TASKSTART 10
#define DBG_TASKSTOP 11
#define DBG_DLLSTART 12
#define DBG_DLLSTOP 13
#define DBG_ATTACH 14
#endif
//
// The following flags control the contents of the CONTEXT structure.
//
#define VDMCONTEXT_i386 0x00010000 // this assumes that i386 and
#define VDMCONTEXT_i486 0x00010000 // i486 have identical context records
#define VDMCONTEXT_CONTROL (VDMCONTEXT_i386 | 0x00000001L) // SS:SP, CS:IP, FLAGS, BP
#define VDMCONTEXT_INTEGER (VDMCONTEXT_i386 | 0x00000002L) // AX, BX, CX, DX, SI, DI
#define VDMCONTEXT_SEGMENTS (VDMCONTEXT_i386 | 0x00000004L) // DS, ES, FS, GS
#define VDMCONTEXT_FLOATING_POINT (VDMCONTEXT_i386 | 0x00000008L) // 387 state
#define VDMCONTEXT_DEBUG_REGISTERS (VDMCONTEXT_i386 | 0x00000010L) // DB 0-3,6,7
#define VDMCONTEXT_FULL (VDMCONTEXT_CONTROL | VDMCONTEXT_INTEGER |\
VDMCONTEXT_SEGMENTS)
#ifdef _X86_
// On x86 machines, just copy the definition of the CONTEXT and LDT_ENTRY
// structures.
typedef struct _CONTEXT VDMCONTEXT;typedef struct _LDT_ENTRY VDMLDT_ENTRY;
#else // _X86_
//
// Define the size of the 80387 save area, which is in the context frame.
//
#define SIZE_OF_80387_REGISTERS 80
typedef struct _FLOATING_SAVE_AREA { ULONG ControlWord; ULONG StatusWord; ULONG TagWord; ULONG ErrorOffset; ULONG ErrorSelector; ULONG DataOffset; ULONG DataSelector; UCHAR RegisterArea[SIZE_OF_80387_REGISTERS]; ULONG Cr0NpxState;} FLOATING_SAVE_AREA;
//
// Simulated context structure for the 16-bit environment
//
typedef struct _VDMCONTEXT {
//
// The flags values within this flag control the contents of
// a CONTEXT record.
//
// If the context record is used as an input parameter, then
// for each portion of the context record controlled by a flag
// whose value is set, it is assumed that that portion of the
// context record contains valid context. If the context record
// is being used to modify a threads context, then only that
// portion of the threads context will be modified.
//
// If the context record is used as an IN OUT parameter to capture
// the context of a thread, then only those portions of the thread's
// context corresponding to set flags will be returned.
//
// The context record is never used as an OUT only parameter.
//
// CONTEXT_FULL on some systems (MIPS namely) does not contain the
// CONTEXT_SEGMENTS definition. VDMDBG assumes that CONTEXT_INTEGER also
// includes CONTEXT_SEGMENTS to account for this.
//
ULONG ContextFlags;
//
// This section is specified/returned if CONTEXT_DEBUG_REGISTERS is
// set in ContextFlags. Note that CONTEXT_DEBUG_REGISTERS is NOT
// included in CONTEXT_FULL.
//
ULONG Dr0; ULONG Dr1; ULONG Dr2; ULONG Dr3; ULONG Dr6; ULONG Dr7;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_FLOATING_POINT.
//
FLOATING_SAVE_AREA FloatSave;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_SEGMENTS.
//
ULONG SegGs; ULONG SegFs; ULONG SegEs; ULONG SegDs;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_INTEGER.
//
ULONG Edi; ULONG Esi; ULONG Ebx; ULONG Edx; ULONG Ecx; ULONG Eax;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_CONTROL.
//
ULONG Ebp; ULONG Eip; ULONG SegCs; // MUST BE SANITIZED
ULONG EFlags; // MUST BE SANITIZED
ULONG Esp; ULONG SegSs;
} VDMCONTEXT;
//
// LDT descriptor entry
//
typedef struct _VDMLDT_ENTRY { USHORT LimitLow; USHORT BaseLow; union { struct { UCHAR BaseMid; UCHAR Flags1; // Declare as bytes to avoid alignment
UCHAR Flags2; // Problems.
UCHAR BaseHi; } Bytes; struct { ULONG BaseMid : 8; ULONG Type : 5; ULONG Dpl : 2; ULONG Pres : 1; ULONG LimitHi : 4; ULONG Sys : 1; ULONG Reserved_0 : 1; ULONG Default_Big : 1; ULONG Granularity : 1; ULONG BaseHi : 8; } Bits; } HighWord;} VDMLDT_ENTRY;
#endif // _X86_
typedef VDMCONTEXT *LPVDMCONTEXT;typedef VDMLDT_ENTRY *LPVDMLDT_ENTRY;
#define VDMCONTEXT_TO_PROGRAM_COUNTER(Context) (PVOID)((Context)->Eip)
#define VDMCONTEXT_LENGTH (sizeof(VDMCONTEXT))
#define VDMCONTEXT_ALIGN (sizeof(ULONG))
#define VDMCONTEXT_ROUND (VDMCONTEXT_ALIGN - 1)
#define V86FLAGS_CARRY 0x00001
#define V86FLAGS_PARITY 0x00004
#define V86FLAGS_AUXCARRY 0x00010
#define V86FLAGS_ZERO 0x00040
#define V86FLAGS_SIGN 0x00080
#define V86FLAGS_TRACE 0x00100
#define V86FLAGS_INTERRUPT 0x00200
#define V86FLAGS_DIRECTION 0x00400
#define V86FLAGS_OVERFLOW 0x00800
#define V86FLAGS_IOPL 0x03000
#define V86FLAGS_IOPL_BITS 0x12
#define V86FLAGS_RESUME 0x10000
#define V86FLAGS_V86 0x20000 // Used to detect RealMode v. ProtMode
#define V86FLAGS_ALIGNMENT 0x40000
#define MAX_MODULE_NAME 8 + 1
#define MAX_PATH16 255
typedef struct _SEGMENT_NOTE { WORD Selector1; // Selector of operation
WORD Selector2; // Dest. Sel. for moving segments
WORD Segment; // Segment within Module
CHAR Module[MAX_MODULE_NAME+1]; // Module name
CHAR FileName[MAX_PATH16+1]; // PathName to executable image
WORD Type; // Code / Data, etc.
DWORD Length; // Length of image
} SEGMENT_NOTE;
typedef struct _IMAGE_NOTE { CHAR Module[MAX_MODULE_NAME+1]; // Module
CHAR FileName[MAX_PATH16+1]; // Path to executable image
WORD hModule; // 16-bit hModule
WORD hTask; // 16-bit hTask
} IMAGE_NOTE;
typedef struct { DWORD dwSize; char szModule[MAX_MODULE_NAME+1]; HANDLE hModule; WORD wcUsage; char szExePath[MAX_PATH16+1]; WORD wNext;} MODULEENTRY, *LPMODULEENTRY;
/* GlobalFirst()/GlobalNext() flags */#define GLOBAL_ALL 0
#define GLOBAL_LRU 1
#define GLOBAL_FREE 2
/* GLOBALENTRY.wType entries */#define GT_UNKNOWN 0
#define GT_DGROUP 1
#define GT_DATA 2
#define GT_CODE 3
#define GT_TASK 4
#define GT_RESOURCE 5
#define GT_MODULE 6
#define GT_FREE 7
#define GT_INTERNAL 8
#define GT_SENTINEL 9
#define GT_BURGERMASTER 10
/* If GLOBALENTRY.wType==GT_RESOURCE, the following is GLOBALENTRY.wData: */#define GD_USERDEFINED 0
#define GD_CURSORCOMPONENT 1
#define GD_BITMAP 2
#define GD_ICONCOMPONENT 3
#define GD_MENU 4
#define GD_DIALOG 5
#define GD_STRING 6
#define GD_FONTDIR 7
#define GD_FONT 8
#define GD_ACCELERATORS 9
#define GD_RCDATA 10
#define GD_ERRTABLE 11
#define GD_CURSOR 12
#define GD_ICON 14
#define GD_NAMETABLE 15
#define GD_MAX_RESOURCE 15
typedef struct { DWORD dwSize; DWORD dwAddress; DWORD dwBlockSize; HANDLE hBlock; WORD wcLock; WORD wcPageLock; WORD wFlags; BOOL wHeapPresent; HANDLE hOwner; WORD wType; WORD wData; DWORD dwNext; DWORD dwNextAlt;} GLOBALENTRY, *LPGLOBALENTRY;
typedef DWORD (CALLBACK* DEBUGEVENTPROC)( LPDEBUG_EVENT, LPVOID );
// Macros to access VDM_EVENT parameters
#define W1(x) ((USHORT)(x.ExceptionInformation[0]))
#define W2(x) ((USHORT)(x.ExceptionInformation[0] >> 16))
#define W3(x) ((USHORT)(x.ExceptionInformation[1]))
#define W4(x) ((USHORT)(x.ExceptionInformation[1] >> 16))
#define DW3(x) (x.ExceptionInformation[2])
#define DW4(x) (x.ExceptionInformation[3])
#pragma pack()
BOOLWINAPIVDMProcessException( LPDEBUG_EVENT lpDebugEvent );
BOOLWINAPIVDMGetThreadSelectorEntry( HANDLE hProcess, HANDLE hThread, WORD wSelector, LPVDMLDT_ENTRY lpSelectorEntry );
ULONGWINAPIVDMGetPointer( HANDLE hProcess, HANDLE hThread, WORD wSelector, DWORD dwOffset, BOOL fProtMode );
BOOLWINAPIVDMGetThreadContext( LPDEBUG_EVENT lpDebugEvent, LPVDMCONTEXT lpVDMContext);
BOOLWINAPIVDMSetThreadContext( LPDEBUG_EVENT lpDebugEvent, LPVDMCONTEXT lpVDMContext);
BOOLWINAPIVDMGetSelectorModule( HANDLE hProcess, HANDLE hThread, WORD wSelector, PUINT lpSegmentNumber, LPSTR lpModuleName, UINT nNameSize, LPSTR lpModulePath, UINT nPathSize);
BOOLWINAPIVDMGetModuleSelector( HANDLE hProcess, HANDLE hThread, UINT wSegmentNumber, LPSTR lpModuleName, LPWORD lpSelector);
BOOLWINAPIVDMModuleFirst( HANDLE hProcess, HANDLE hThread, LPMODULEENTRY lpModuleEntry, DEBUGEVENTPROC lpEventProc, LPVOID lpData);
BOOLWINAPIVDMModuleNext( HANDLE hProcess, HANDLE hThread, LPMODULEENTRY lpModuleEntry, DEBUGEVENTPROC lpEventProc, LPVOID lpData);
BOOLWINAPIVDMGlobalFirst( HANDLE hProcess, HANDLE hThread, LPGLOBALENTRY lpGlobalEntry, WORD wFlags, DEBUGEVENTPROC lpEventProc, LPVOID lpData);
BOOLWINAPIVDMGlobalNext( HANDLE hProcess, HANDLE hThread, LPGLOBALENTRY lpGlobalEntry, WORD wFlags, DEBUGEVENTPROC lpEventProc, LPVOID lpData);
typedef BOOL (WINAPI *PROCESSENUMPROC)( DWORD dwProcessId, DWORD dwAttributes, LPARAM lpUserDefined );typedef BOOL (WINAPI *TASKENUMPROC)( DWORD dwThreadId, WORD hMod16, WORD hTask16, LPARAM lpUserDefined );
#define WOW_SYSTEM (DWORD)0x0001
INTWINAPIVDMEnumProcessWOW( PROCESSENUMPROC fp, LPARAM lparam);
INTWINAPIVDMEnumTaskWOW( DWORD dwProcessId, TASKENUMPROC fp, LPARAM lparam);
BOOLWINAPIVDMKillWOW( VOID);
BOOLWINAPIVDMDetectWOW( VOID);
BOOLWINAPIVDMBreakThread( HANDLE hProcess, HANDLE hThread);
#ifdef __cplusplus
}#endif
#endif // _VDMDBG_
|
