📄 flexptmi.cpp
字号:
if (pRequest->Proc.dwStart > pRequest->Proc.dwEnd)
hr = E_INVALIDARG;
DWORD iProc = 0;
DWORD cProcessElements = 0;
for (i = 0;
SUCCEEDED (hr) && (i < MAX_PROCESSES) && (iProc <= pRequest->Proc.dwEnd);
i++)
{
if (pProcArray[i].dwVMBase)
{
if (!(pRequest->dwRequest & FLEXI_FILTER_PROCESS_HANDLE) ||
(reinterpret_cast<DWORD>(pProcArray[i].hProc) == pRequest->dwHProc))
{
if (iProc >= pRequest->Proc.dwStart)
{
hr = WriteProcessData (&pProcArray[i], riOut, cbOut, pbOut);
if (SUCCEEDED(hr))
cProcessElements++;
}
iProc++;
}
else
{
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalProcessData: Proc #%d does not match proc handle 0x%.08x\r\n",
i, pRequest->dwHProc));
}
}
}
if (pcElements)
*pcElements = (SUCCEEDED (hr))? cProcessElements : 0;
DEBUGGERMSG (OXZONE_FLEXI || FAILED (hr), (L"--MarshalProcessData: 0x%.08x, Cnt:%d, Offset:%d\r\n",
hr, cProcessElements, riOut));
return hr;
}
enum
{
THREAD_STATUS_MASK = ((1<<DYING_SHIFT)|(1<<DEAD_SHIFT)|(1<<BURIED_SHIFT)|(1<<SLEEPING_SHIFT)),
THREAD_INFO_MASK = ((1<<TIMEMODE_SHIFT)|(1<<STACKFAULT_SHIFT)|(1<<USERBLOCK_SHIFT)|(1<<PROFILE_SHIFT)),
};
static HRESULT WriteThreadData (const THREAD *pThread, DWORD &riOut, const DWORD cbOut, BYTE *pbOut)
{
FlexiThread thrd = {0};
HRESULT hr;
ACCESSKEY aKey;
DWORD dwQuantum;
BYTE bCPrio;
BYTE bBPrio;
DEBUGGERMSG (OXZONE_FLEXI, (L"++WriteThreadData: Thread=0x%.08x, Offset=%d\r\n", pThread, riOut));
if ((pThread == pCurThread) && (g_psvdThread) && (g_psvdThread->fSaved))
{ // WARNING - SPECIAL CASE: If thread is current thread we need to use saved value instead
aKey = g_psvdThread->aky;
bCPrio = g_psvdThread->bCPrio;
bBPrio = g_psvdThread->bBPrio;
dwQuantum = g_psvdThread->dwQuantum;
}
else
{
aKey = pThread->aky;
bCPrio = pThread->bCPrio;
bBPrio = pThread->bBPrio;
dwQuantum = pThread->dwQuantum;
}
thrd.dwAddr = reinterpret_cast <DWORD> (pThread);
thrd.wRunState = ((pThread->wInfo & THREAD_STATUS_MASK) << 2) | (1 << GET_RUNSTATE (pThread));
thrd.wInfo = static_cast <WORD> (pThread->wInfo & THREAD_INFO_MASK);
thrd.dwHandle = reinterpret_cast <DWORD> (pThread->hTh);
thrd.bWaitState = pThread->bWaitState;
thrd.dwAccessKey = aKey;
thrd.dwCurProcHandle = reinterpret_cast <DWORD> (pThread->pProc->hProc);
thrd.dwOwnProcHandle = reinterpret_cast <DWORD> (pThread->pOwnerProc->hProc);
thrd.bCurPrio = bCPrio;
thrd.bBasePrio = bBPrio;
thrd.dwKernelTime = pThread->dwKernTime;
thrd.dwUserTime = pThread->dwUserTime;
thrd.dwQuantum = dwQuantum;
thrd.dwQuantumLeft = pThread->dwQuantLeft;
thrd.dwSleepCount = pThread->dwWakeupTime;
thrd.bSuspendCount = pThread->bSuspendCnt;
thrd.dwTlsPtr = reinterpret_cast <DWORD> (pThread->tlsPtr);
thrd.dwLastError = pThread->dwLastError;
thrd.dwStackBase = pThread->tlsPtr [PRETLS_STACKBASE];
thrd.dwStackLowBound = pThread->tlsPtr [PRETLS_STACKBOUND];
thrd.dwCreationTimeHi = pThread->ftCreate.dwHighDateTime;
thrd.dwCreationTimeLo = pThread->ftCreate.dwLowDateTime;
thrd.dwCurrentPC = GetThreadProgramCounter (pThread);
#if defined(x86)
{
DWORD dwStackBase = pThread->tlsPtr[PRETLS_STACKBASE];
DWORD dwStackSize = 0;
if (pThread->tlsPtr != pThread->tlsNonSecure)
{
// Secure stack always created with fixed stack size
dwStackSize = CNP_STACK_SIZE;
}
else
{
// Normal stack can be created with specific stack size
dwStackSize = pThread->dwOrigStkSize;
}
thrd.dwNcrPtr = reinterpret_cast <DWORD> (NCRPTR (dwStackBase, dwStackSize));
}
#endif
thrd.dwStkRetAddr = reinterpret_cast <DWORD> (pThread->pcstkTop ? pThread->pcstkTop->retAddr : 0);
hr = Write (&thrd, sizeof (thrd), riOut, cbOut, pbOut);
DEBUGGERMSG (OXZONE_FLEXI || FAILED (hr), (L"--WriteThreadData: 0x%.08x\r\n", hr));
return hr;
}
static HRESULT MarshalOneThread (FLEXI_REQUEST *pRequest, DWORD &riOut, const DWORD cbOut, BYTE *pbOut)
{
HRESULT hr = S_OK;
DEBUGGERMSG (OXZONE_FLEXI, (L"++MarshalOneThread\r\n"));
if (pRequest->dwRequest & FLEXI_FILTER_THREAD_POINTER)
{
PTHREAD pThrd = reinterpret_cast <PTHREAD> (pRequest->dwHThread);
hr = WriteThreadData (pThrd, riOut, cbOut, pbOut);
}
else
hr = E_FAIL;
DEBUGGERMSG (OXZONE_FLEXI || FAILED (hr), (L"--MarshalOneThread: hr = 0x%08x\r\n", hr));
return hr;
}
/*++
Routine Name:
MarshalThreadData
Routine Description:
Dump all threads based on the ranges and handles provided by the request structure.
Arguments:
pRequest - Request structure
riOut - in/out Current offset within the response buffer.
cbOut - Size of the response buffer
pbOut - Pointer to the response buffer
pcElements - Returns the count of elements that have been output.
Return Value:
S_OK: Success,
E_FAIL: General failure,
E_OUTOFMEMORY: No more space in the buffer.
--*/
static HRESULT MarshalThreadData (FLEXI_REQUEST *pRequest, DWORD &riOut, const DWORD cbOut, BYTE *pbOut,
DWORD *pcElements)
{
HRESULT hr = S_OK;
DWORD cThreadElements = 0;
DEBUGGERMSG (OXZONE_FLEXI, (L"++MarshalThreadData: Offset:%d\r\n", riOut));
PROCESS *pProcArray = FetchProcArray();
if (!pProcArray)
hr = E_FAIL;
if ((pRequest->Proc.dwStart > pRequest->Proc.dwEnd) || (pRequest->Thread.dwStart > pRequest->Thread.dwEnd))
hr = E_INVALIDARG;
DWORD iProcSlot = 0;
DWORD iProc = 0;
DWORD iThread = 0;
for (iProcSlot = 0;
SUCCEEDED (hr) && iProcSlot < MAX_PROCESSES && iProc <= pRequest->Proc.dwEnd;
iProcSlot++)
{
if (pProcArray[iProcSlot].dwVMBase)
{
if (!(pRequest->dwRequest & FLEXI_FILTER_PROCESS_HANDLE) ||
(reinterpret_cast<DWORD>(pProcArray[iProcSlot].hProc) == pRequest->dwHProc))
{
if (iProc >= pRequest->Proc.dwStart)
{
DEBUGGERMSG (OXZONE_FLEXI, (L" MarshalThreadData: Getting threads for proc %d\r\n", iProcSlot));
PTHREAD pThread = pProcArray[iProcSlot].pTh;
while (SUCCEEDED (hr) && pThread && iThread <= pRequest->Thread.dwEnd)
{
if (!(pRequest->dwRequest & FLEXI_FILTER_THREAD_HANDLE) ||
(reinterpret_cast<DWORD>(pThread->hTh) == pRequest->dwHThread))
{
if (iThread >= pRequest->Thread.dwStart)
{
hr = WriteThreadData (pThread, riOut, cbOut, pbOut);
if (SUCCEEDED (hr))
cThreadElements++;
}
iThread++;
}
else
{
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalThreadData: Thread 0x%.08x does not match handle 0x%.08x\r\n",
pThread, pRequest->dwHThread));
}
pThread = pThread->pNextInProc;
}
}
iProc++;
}
else
{
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalThreadData: Proc #%d does not match proc handle 0x%.08x\r\n",
iProcSlot, pRequest->dwHProc));
}
}
}
if (pcElements)
*pcElements = (SUCCEEDED (hr))? cThreadElements : 0;
DEBUGGERMSG (OXZONE_FLEXI || FAILED (hr), (L"--MarshalThreadData: 0x%.08x, Cnt:%d, Offset:%d\r\n",
hr, cThreadElements, riOut));
return hr;
}
static HRESULT WriteProcessDataAsModule (PROCESS *pProcess, DWORD &riOut, const DWORD cbOut, BYTE *pbOut)
{
FlexiModule mod = {0};
DEBUGGERMSG(OXZONE_FLEXI, (L"++WriteProcessDataAsModule\r\n"));
__try
{
WideToAnsi (pProcess->lpszProcName, mod.szModuleName, CCH_MODULENAME);
}
__except (EXCEPTION_EXECUTE_HANDLER)
{
strcpy (mod.szModuleName, "Unknown");
}
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalOneProcessAsModule: Module Name = %a\r\n", mod.szModuleName));
mod.dwBasePointer = (reinterpret_cast <DWORD> (pProcess->BasePtr) == 0x10000) ?
(reinterpret_cast <DWORD> (pProcess->BasePtr) | pProcess->dwVMBase) :
reinterpret_cast <DWORD> (pProcess->BasePtr);
mod.dwModuleSize = pProcess->e32.e32_vsize;
if (!pProcess->procnum)
{
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalOneProcessAsModule: Handling NK RD/WR section\r\n"));
const ROMHDR *pTOC = FetchTOC ();
if (pTOC)
{
const COPYentry *pce = FetchCopyEntry (pTOC->ulCopyOffset);
if (pce)
{
mod.dwRdWrDataStart = pce->ulDest;
mod.dwRdWrDataEnd = pce->ulDest + pce->ulDestLen - 1;
}
}
}
mod.dwTimeStamp = pProcess->e32.e32_timestamp;
static ModuleSignature ms;
// Ignore failure from GetProcessDebugInfo, since some processes may have no debug info
if (SUCCEEDED (GetProcessDebugInfo (pProcess, &ms)))
{
mod.dwPdbFormat = ms.dwType;
mod.PdbGuid = ms.guid;
mod.dwPdbAge = ms.dwAge;
}
mod.dwInUse = 1 << pProcess->procnum;
mod.bTrustLevel = pProcess->bTrustLevel;
mod.rgwRefCount [pProcess->procnum] = 1;
mod.dwAddr = reinterpret_cast <DWORD> (pProcess);
HRESULT hr = Write (&mod, sizeof (mod), riOut, cbOut, pbOut);
DEBUGGERMSG(OXZONE_FLEXI, (L"--WriteProcessDataAsModule: hr=0x%08x\r\n", hr));
return hr;
}
static HRESULT MarshalProcessesAsModules (FLEXI_REQUEST *pRequest, DWORD &rdwIdx,
DWORD &riOut, const DWORD cbOut, BYTE *pbOut, DWORD *pcElements)
{
HRESULT hr = S_OK;
DWORD iProc;
PROCESS *pProcArray;
DWORD cModElements = 0;
DEBUGGERMSG (OXZONE_FLEXI, (L"++MarshalProcessesAsModules: Idx:%d, Offset:%d\r\n", rdwIdx, riOut));
if (pRequest->Mod.dwStart > pRequest->Mod.dwEnd)
hr = E_INVALIDARG;
if (SUCCEEDED (hr))
{
pProcArray = FetchProcArray ();
if (!pProcArray)
hr = E_FAIL;
}
if (!(pRequest->dwRequest & FLEXI_FILTER_MODULE_HANDLE))
{ // Processes don't have a module handle.
for (iProc = 0;
SUCCEEDED (hr) && iProc < MAX_PROCESSES && rdwIdx <= pRequest->Mod.dwEnd;
iProc++)
{
PROCESS *pProc = &pProcArray[iProc];
if (pProc->dwVMBase)
{
PMODULE pCoreDll = (PMODULE)hCoreDll;
DWORD dwInUse = (1 << pProc->procnum);
// Make sure process is not busy starting or dying (Check if using CoreDll.dll)
if (pCoreDll && (dwInUse & pCoreDll->inuse))
{
if (!(pRequest->dwRequest & FLEXI_FILTER_PROCESS_HANDLE) ||
(reinterpret_cast<DWORD>(pProc->hProc) == pRequest->dwHProc))
{ // Only output the process that matches this handle
if (rdwIdx >= pRequest->Mod.dwStart)
{
hr = WriteProcessDataAsModule (pProc, riOut, cbOut, pbOut);
if (SUCCEEDED(hr))
cModElements++;
}
rdwIdx++;
}
else
{
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalProcessesAsModules: Proc #%d does not match handle 0x%.08x\r\n",
iProc, pRequest->dwHProc));
}
}
else
{
// When process is starting or dying we do not want it in the module list
// Starting processes still have the load notification pending
// Dying processes have already given an unload notification
DEBUGGERMSG(OXZONE_ALERT, (L" MarshalProcessesAsModules: Process ID 0x%08X (%s) not using CoreDll.dll, may be in startup or shutdown.\r\n", pProc->hProc, pProc->lpszProcName));
}
}
}
}
else
{
DEBUGGERMSG(OXZONE_FLEXI, (L" MarshalProcessesAsModules: Skipping procs, module handle match.\r\n"));
}
if (pcElements)
*pcElements = (SUCCEEDED (hr))? cModElements : 0;
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -