![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to deb.rtf CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / deb|
Return to deb.rtf CVS log | Up to [WindowsNT SDKs] / mstools / samples / deb |
1.1 ! root 1: {\rtf1\ansi \deff0\deflang1033 ! 2: ! 3: ! 4: {\fonttbl ! 5: \f0\froman Times New Roman; ! 6: \f1\fmodern Courier; ! 7: \f2\fswiss Arial;} ! 8: ! 9: ! 10: {\colortbl; ! 11: \red0\green0\blue0; ! 12: \red0\green0\blue255; ! 13: \red0\green255\blue255; ! 14: \red0\green255\blue0; ! 15: \red255\green0\blue255; ! 16: \red255\green0\blue0; ! 17: \red255\green255\blue0; ! 18: \red255\green255\blue255; ! 19: \red0\green0\blue127; ! 20: \red0\green127\blue127; ! 21: \red0\green127\blue0; ! 22: \red127\green0\blue127; ! 23: \red127\green0\blue0; ! 24: \red127\green127\blue0; ! 25: \red127\green127\blue127; ! 26: \red192\green192\blue192;} ! 27: ! 28: ! 29: {\stylesheet ! 30: \fs12 \snext0 Normal; ! 31: \s2\keepn \b\f2\fs28 \sbasedon0\snext2 Title; ! 32: \s3\li720 \sbasedon0\snext3 Body; ! 33: \s4\li270\sb60\tx1440\tx2340 \sbasedon0\snext4 List; ! 34: \s5\fs20 \sbasedon3\snext5 JumpBody; ! 35: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 \sbasedon0\snext6 PopUpTitle; ! 36: \s7\li180\fs20 \sbasedon5\snext7 PopUpBody; ! 37: \s8\fi-1886\li2160\tx1440\tx2340 \sbasedon4\snext8 GlossaryEntry; ! 38: \s9\li360\keep \f1\fs8\lang1024 \snext0 FixedText; ! 39: \s10\f1\fs20\up6\lang1024 \snext0 ControlCodes; ! 40: \s242\tqc\tx4320\tqr\tx8640 \fs20\lang1024 \sbasedon0\snext242 footer; ! 41: \s244\fs16\up6\lang1024 \sbasedon0\snext0 footnote reference; ! 42: \s245\fs20\lang1024 \sbasedon0\snext245 footnote text;} ! 43: ! 44: \s10\f1\fs20\up6\lang1024 ! 45: #{\footnote {#} Contents} ! 46: ${\footnote {$} Debug Event Browser Contents} ! 47: K{\footnote {K} Contents} ! 48: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 49: \{bmc deb.bmp\} Debug Event Browser Contents\par ! 50: \pard\plain ! 51: \s4\li270\sb60\tx1440\tx2340 ! 52: {\b Overviews}\line ! 53: {\uldb General Overview}{\v GenOverview}\line ! 54: {\uldb Programming Overview}{\v ProgOverview}\line ! 55: {\b How to...}\line ! 56: {\uldb Using the Toolbar}{\v Toolbar}\line ! 57: {\b Commands}\line ! 58: {\uldb File Menu}{\v File}\line ! 59: {\uldb Edit Menu}{\v Edit}\line ! 60: {\uldb Options Menu}{\v Options}\line ! 61: {\uldb Help Menu}{\v Help}\line ! 62: {\uldb Keyboard}{\v Keyboard}\par ! 63: \pard\plain ! 64: \page ! 65: ! 66: ! 67: \s10\f1\fs20\up6\lang1024 ! 68: #{\footnote {#} GenOverview} ! 69: ${\footnote {$} General Overview} ! 70: K{\footnote {K} Overview - General} ! 71: K{\footnote {K} Overviews} ! 72: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 73: Debug Event Browser General Overview\par ! 74: \pard\plain ! 75: \s4\li270\sb60\tx1440\tx2340 ! 76: {\b Debug Event Browser} ({\b DEB}) is a Win32 application demonstrating the Win32 debug API. ! 77: This preliminary version of {\b DEB} only performs the most rudimentary debugging operations. ! 78: {\b DEB} is not a debugger in the traditional sense but a browser which merely displays the debug events occurring in a debugee. ! 79: The handling of debug events is restricted only to those actions which are necessary to display event information and continue the debugee.\par ! 80: {\b This Sample is brought to you by the Microsoft Win32 / Windows NT Support Team. Developed by Paul Tissue.}\par ! 81: \pard\plain ! 82: \page ! 83: ! 84: ! 85: \s10\f1\fs20\up6\lang1024 ! 86: #{\footnote {#} ProgOverview} ! 87: ${\footnote {$} Programming Overview} ! 88: K{\footnote {K} Programming} ! 89: K{\footnote {K} Overview - Programming} ! 90: K{\footnote {K} Overviews} ! 91: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 92: Debug Event Browser Programming Overview\par ! 93: \pard\plain ! 94: \s4\li270\sb60\tx1440\tx2340 ! 95: The {\b Debug Event Browser} ({\b DEB}) sample demonstrates the following Win32 debug API features:\par ! 96: \s4\li270\sb60\tx1440\tx2340 ! 97: {\uldb Debug Event Handler}{\v Handler}\line ! 98: {\uldb Modifying a Thread's Context}{\v Context}\line ! 99: {\uldb Reading the Executable's Header}{\v Header}\par ! 100: \pard\plain ! 101: \page ! 102: ! 103: ! 104: \s10\f1\fs20\up6\lang1024 ! 105: #{\footnote {#} Handler} ! 106: ${\footnote {$} Debug Event Handler} ! 107: K{\footnote {K} Debug Event Handler} ! 108: K{\footnote {K} Debug API} ! 109: K{\footnote {K} WaitForDebugEvent} ! 110: K{\footnote {K} ContinueDebugEvent} ! 111: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 112: Debug Event Handler\par ! 113: \pard\plain ! 114: \s4\li270\sb60\tx1440\tx2340 ! 115: The debug event handler is responsible for the processing of the debug events.\par ! 116: \par ! 117: \pard\plain ! 118: \s9\li360\keep \f1\fs20\lang1024 ! 119: // ************************************************************************\line ! 120: // FUNCTION : DebugEventThread( DWORD )\line ! 121: // PURPOSE : Main debug event processing loop\line ! 122: // ************************************************************************\line ! 123: DWORD\line ! 124: DebugEventThread( DWORD UserDefinedValue )\line ! 125: \{\line ! 126: DEBUG_EVENT DebugEvent;\line ! 127: \line ! 128: for(;;) \{\line ! 129: if( !WaitForDebugEvent( &DebugEvent, (DWORD) -1 ) ) \line ! 130: continue;\line ! 131: \line ! 132: switch( DebugEvent.dwDebugEventCode ) \{\line ! 133: \line ! 134: case EXCEPTION_DEBUG_EVENT:\line ! 135: // ...\line ! 136: \line ! 137: switch( DebugEvent.u.Exception.ExceptionRecord.ExceptionCode \line ! 138: \line ! 139: case EXCEPTION_ACCESS_VIOLATION:\line ! 140: // ...\line ! 141: break;\line ! 142: \line ! 143: case EXCEPTION_BREAKPOINT:\line ! 144: // ...\line ! 145: break;\line ! 146: \line ! 147: //...\line ! 148: \line ! 149: default: // An unknown exception occurred\line ! 150: // ...\line ! 151: break;\line ! 152: \}\line ! 153: \line ! 154: case CREATE_THREAD_DEBUG_EVENT:\line ! 155: // ...\line ! 156: break;\line ! 157: \line ! 158: case CREATE_PROCESS_DEBUG_EVENT:\line ! 159: // ...\line ! 160: break;\line ! 161: \line ! 162: // ...\line ! 163: \line ! 164: default:\line ! 165: // ...\line ! 166: \}\line ! 167: \line ! 168: //-- default action - just continue\line ! 169: ContinueDebugEvent( DebugEvent.dwProcessId, DebugEvent.dwThreadId,\line ! 170: DBG_CONTINUE );\line ! 171: \}\line ! 172: \line ! 173: return( NULL );\line ! 174: \}\par ! 175: \pard\plain ! 176: \page ! 177: ! 178: ! 179: \s10\f1\fs20\up6\lang1024 ! 180: #{\footnote {#} Header} ! 181: ${\footnote {$} Reading the Executable's Header} ! 182: K{\footnote {K} Executable Header} ! 183: K{\footnote {K} Image Header} ! 184: K{\footnote {K} Debug API} ! 185: K{\footnote {K} ReadProcessMemory} ! 186: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 187: Reading the Executable's Header\par ! 188: \pard\plain ! 189: \s4\li270\sb60\tx1440\tx2340 ! 190: Reading the information stored in the executable's headers is important for obtaining such things as symbolic information and details about the object.\par ! 191: \par ! 192: \pard\plain ! 193: \s9\li360\keep \f1\fs20\lang1024 ! 194: // ************************************************************************\line ! 195: // FUNCTION : GetModuleFileNameFromHeader( HANDLE, HANDLE, LPTSTR, DWORD )\line ! 196: // PURPOSE : returns the DLL module name for a given file handle of a\line ! 197: // the module. Reads the module name from the EXE header.\line ! 198: // COMMENTS : returns only the module name and not the pathname\line ! 199: // ************************************************************************\line ! 200: DWORD APIENTRY\line ! 201: GetModuleFileNameFromHeader( HANDLE hProcess, HANDLE hFile, LPTSTR lpszPath, \line ! 202: DWORD bPath )\line ! 203: \{\line ! 204: #define IMAGE_DOS_SIGNATURE 0x5A4D // MZ\line ! 205: #define IMAGE_OS2_SIGNATURE 0x454E // NE\line ! 206: #define IMAGE_NT_SIGNATURE 0x00004550 // PE00\line ! 207: \line ! 208: #define IMAGE_SECOND_HEADER_OFFSET (15 * sizeof(ULONG)) \line ! 209: #define IMAGE_BASE_OFFSET (13 * sizeof(DWORD)) \line ! 210: #define IMAGE_EXPORT_TABLE_RVA_OFFSET (30 * sizeof(DWORD)) \line ! 211: #define IMAGE_NAME_RVA_OFFSET (3 * sizeof(DWORD)) \line ! 212: \line ! 213: WORD DosSignature;\line ! 214: DWORD NtSignature;\line ! 215: DWORD NumberOfBytesRead;\line ! 216: \line ! 217: DWORD PeHeader, ImageBase, ExportTableRVA, NameRVA;\line ! 218: \line ! 219: //-- Extract the filename from the EXE header\line ! 220: ReadFile( hFile, &DosSignature, sizeof(DosSignature), &NumberOfBytesRead,\line ! 221: (LPOVERLAPPED) NULL);\line ! 222: \line ! 223: if( DosSignature == IMAGE_DOS_SIGNATURE ) \{\line ! 224: \line ! 225: SetFilePointer( hFile, IMAGE_SECOND_HEADER_OFFSET, (LPLONG) NULL,\line ! 226: FILE_BEGIN );\line ! 227: ReadFile( hFile, &PeHeader, sizeof(PeHeader),\line ! 228: &NumberOfBytesRead, (LPOVERLAPPED) NULL );\line ! 229: \line ! 230: SetFilePointer( hFile, PeHeader, (LPLONG) NULL,\line ! 231: FILE_BEGIN );\line ! 232: ReadFile( hFile, &NtSignature, sizeof(NtSignature),\line ! 233: &NumberOfBytesRead, (LPOVERLAPPED) NULL);\line ! 234: \line ! 235: if( NtSignature == IMAGE_NT_SIGNATURE ) \{\line ! 236: \line ! 237: SetFilePointer( hFile, PeHeader+IMAGE_BASE_OFFSET,\line ! 238: (LPLONG) NULL, FILE_BEGIN );\line ! 239: ReadFile( hFile, &ImageBase, sizeof(ImageBase),\line ! 240: &NumberOfBytesRead, (LPOVERLAPPED) NULL);\line ! 241: \line ! 242: SetFilePointer( hFile, PeHeader + IMAGE_EXPORT_TABLE_RVA_OFFSET,\line ! 243: (LPLONG) NULL, FILE_BEGIN );\line ! 244: ReadFile( hFile, &ExportTableRVA, sizeof(ExportTableRVA),\line ! 245: &NumberOfBytesRead, (LPOVERLAPPED) NULL);\line ! 246: \line ! 247: //-- now read from the virtual address space in the process\line ! 248: ReadProcessMemory( hProcess,\line ! 249: (LPVOID) (ImageBase + ExportTableRVA + IMAGE_NAME_RVA_OFFSET),\line ! 250: &NameRVA, sizeof(NameRVA), &NumberOfBytesRead );\line ! 251: \line ! 252: ReadProcessMemory( hProcess,\line ! 253: (LPVOID) (ImageBase+NameRVA),\line ! 254: lpszPath, cbPath, &NumberOfBytesRead );\line ! 255: \line ! 256: return( NumberOfBytesRead );\line ! 257: \}\line ! 258: \}\line ! 259: return( 0 );\line ! 260: \}\par ! 261: \pard\plain ! 262: \page ! 263: ! 264: ! 265: \s10\f1\fs20\up6\lang1024 ! 266: #{\footnote {#} Context} ! 267: ${\footnote {$} Modifying a Thread's Context} ! 268: K{\footnote {K} Thread Context} ! 269: K{\footnote {K} Context} ! 270: K{\footnote {K} Debug API} ! 271: K{\footnote {K} GetThreadContext} ! 272: K{\footnote {K} SetThreadContext} ! 273: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 274: Modifying a Thread's Context\par ! 275: \pard\plain ! 276: \s4\li270\sb60\tx1440\tx2340 ! 277: The ability to query and modify a thread's context is one of the more powerful features of the Win32 debug API set.\par ! 278: \par ! 279: \pard\plain ! 280: \s9\li360\keep \f1\fs20\lang1024 ! 281: // ************************************************************************\line ! 282: // FUNCTION : SkipThreadBreakPoint( DWORD );\line ! 283: // PURPOSE : Skip over the break point instruction belonging to dwThreadId\line ! 284: // COMMENTS : Only the MIPS R4000 needs this\line ! 285: // ************************************************************************\line ! 286: BOOL\line ! 287: SkipBreakPoint( DWORD dwThreadId )\line ! 288: \{\line ! 289: CONTEXT Context;\line ! 290: \line ! 291: // insert code here to get hThread given dwThreadId\line ! 292: \line ! 293: Context.ContextFlags = CONTEXT_CONTROL;\line ! 294: if( !GetThreadContext( hThread, &Context ) )\line ! 295: return( FALSE );\line ! 296: \line ! 297: Context.Fir += 4L; // Fir is the PC (program counter)\line ! 298: // BREAK (breakpoint instruction) occupies 4 bytes\line ! 299: \line ! 300: SetThreadContext( (ThreadNode->NodeData).hThread, &Context );\line ! 301: \line ! 302: return( TRUE );\line ! 303: \}\par ! 304: \pard\plain ! 305: \page ! 306: ! 307: ! 308: \s10\f1\fs20\up6\lang1024 ! 309: #{\footnote {#} File} ! 310: ${\footnote {$} File Menu} ! 311: K{\footnote {K} File Menu} ! 312: K{\footnote {K} Menu Commands} ! 313: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 314: The File Menu\par ! 315: \pard\plain ! 316: \s4\li270\sb60\tx1440\tx2340 ! 317: Allows the user to select the debugee for this application.\line\line ! 318: {\b Open}\line ! 319: Displays a dialog box that will allow you to open and run an executable file using a common dialog box. This executable file will become the debugee.\line\line ! 320: {\b Attach}\line ! 321: Displays a dialog box that will allow you to select a currently running process to attach to. This process will become the debugee.\line\line ! 322: {\b Exit}\line ! 323: Exits the {\b Debug Event Browser} application.\par ! 324: \pard\plain ! 325: \page ! 326: ! 327: ! 328: \s10\f1\fs20\up6\lang1024 ! 329: #{\footnote {#} Edit} ! 330: ${\footnote {$} Edit Menu} ! 331: K{\footnote {K} Edit Menu} ! 332: K{\footnote {K} Menu Commands} ! 333: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 334: The Edit Menu\par ! 335: \pard\plain ! 336: \s4\li270\sb60\tx1440\tx2340 ! 337: Allows the user to copy text to the clipboard.\line\line ! 338: {\b Cut}\line ! 339: Copies the text in the Debug Event window and then delete it from the window.\line\line ! 340: {\b Copy}\line ! 341: Copies the text in the Debug Event window.\line\line ! 342: {\b Delete}\line ! 343: Deletes the text in the Debug Event window.\par ! 344: \pard\plain ! 345: \page ! 346: ! 347: ! 348: \s10\f1\fs20\up6\lang1024 ! 349: #{\footnote {#} Options} ! 350: ${\footnote {$} Options Menu} ! 351: K{\footnote {K} Options Menu} ! 352: K{\footnote {K} Menu Commands} ! 353: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 354: The Options Menu\par ! 355: \pard\plain ! 356: \s4\li270\sb60\tx1440\tx2340 ! 357: Allows the user to set various options and preferences for this application.\line\line ! 358: {\b Fonts}\line ! 359: Displays a dialog box that will allow you to set the font for the Debug Event window.\line\line ! 360: {\b Background Color}\line ! 361: Displays a dialog box that will allow you to set the background color for the Debug Event window.\line\line ! 362: {\b Preferences}\line ! 363: Displays a dialog box that will allow you to set the options and preferences for this application.\line\line ! 364: {\b Toolbar}\line ! 365: Displays a Tool Bar when checked.\line\line ! 366: {\b Use Saved Directory}\line ! 367: This menu option will set the default directory to the one that was previously saved. This only occurs when checked.\line\line ! 368: {\b Save Settings On Exit}\line ! 369: This menu option will save all the current session settings.\par ! 370: \pard\plain ! 371: \page ! 372: ! 373: ! 374: \s10\f1\fs20\up6\lang1024 ! 375: #{\footnote {#} Help} ! 376: ${\footnote {$} Help Menu} ! 377: K{\footnote {K} Help Menu} ! 378: K{\footnote {K} Menu Commands} ! 379: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 380: The Help Menu\par ! 381: \pard\plain ! 382: \s4\li270\sb60\tx1440\tx2340 ! 383: Displays various types of information regarding to the {\b Debug Event Browser} application.\line\line ! 384: {\b Contents}\line ! 385: Displays the contents of the Online Help.\line\line ! 386: {\b Search for Help on...}\line ! 387: Displays a list of keywords to search for Online Help topics.\line\line ! 388: {\b How to use Help}\line ! 389: Displays the instructions for using the Online Help facilities.\line\line ! 390: {\b About {\b DEB}...}\line ! 391: Displays information about the {\b Debug Event Browser}.\par ! 392: \pard\plain ! 393: \page ! 394: ! 395: ! 396: \s10\f1\fs20\up6\lang1024 ! 397: #{\footnote {#} Keyboard} ! 398: ${\footnote {$} Keyboard Commands} ! 399: K{\footnote {K} Keyboard Commands} ! 400: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 401: Keyboard Commands\par ! 402: \pard\plain ! 403: \s4\li270\sb60\tx1440\tx2340 ! 404: The keyboard commands allows quick and convenient access to several {\b Debug Event Browser} options simply with the pressing of one key.\line\line ! 405: {\b Ctrl+X}\line ! 406: Copies the text in the Debug Event window and then delete it from the window.\line\line ! 407: {\b Ctrl+C}\line ! 408: Copies the text in the Debug Event window.\line\line ! 409: {\b Del}\line ! 410: Deletes the text in the Debug Event window.\par ! 411: \pard\plain ! 412: \page ! 413: ! 414: ! 415: \s10\f1\fs20\up6\lang1024 ! 416: #{\footnote {#} Toolbar} ! 417: ${\footnote {$} Toolbar} ! 418: K{\footnote {K} Toolbar} ! 419: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 ! 420: Toolbar\par ! 421: \pard\plain ! 422: \s4\li270\sb60\tx1440\tx2340 ! 423: The Toolbar allows quick and convenient access to several {\b Debug Event Browser} options simply with the click of the mouse.\par\par ! 424: \pard\plain ! 425: \qc \{bmc toolbar.bmp\}\par ! 426: \pard\plain ! 427: \page ! 428: ! 429: ! 430: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.