![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to deb.rtf CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / deb|
Return to deb.rtf CVS log | Up to [WindowsNT SDKs] / mstools / samples / deb |
1.1 root 1: {\rtf1\ansi \deff0\deflang1033
2:
3:
4: {\fonttbl
5: \f0\froman Times New Roman;
6: \f1\fmodern Courier;
7: \f2\fswiss Arial;}
8:
9:
10: {\colortbl;
11: \red0\green0\blue0;
12: \red0\green0\blue255;
13: \red0\green255\blue255;
14: \red0\green255\blue0;
15: \red255\green0\blue255;
16: \red255\green0\blue0;
17: \red255\green255\blue0;
18: \red255\green255\blue255;
19: \red0\green0\blue127;
20: \red0\green127\blue127;
21: \red0\green127\blue0;
22: \red127\green0\blue127;
23: \red127\green0\blue0;
24: \red127\green127\blue0;
25: \red127\green127\blue127;
26: \red192\green192\blue192;}
27:
28:
29: {\stylesheet
30: \fs12 \snext0 Normal;
31: \s2\keepn \b\f2\fs28 \sbasedon0\snext2 Title;
32: \s3\li720 \sbasedon0\snext3 Body;
33: \s4\li270\sb60\tx1440\tx2340 \sbasedon0\snext4 List;
34: \s5\fs20 \sbasedon3\snext5 JumpBody;
35: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28 \sbasedon0\snext6 PopUpTitle;
36: \s7\li180\fs20 \sbasedon5\snext7 PopUpBody;
37: \s8\fi-1886\li2160\tx1440\tx2340 \sbasedon4\snext8 GlossaryEntry;
38: \s9\li360\keep \f1\fs8\lang1024 \snext0 FixedText;
39: \s10\f1\fs20\up6\lang1024 \snext0 ControlCodes;
40: \s242\tqc\tx4320\tqr\tx8640 \fs20\lang1024 \sbasedon0\snext242 footer;
41: \s244\fs16\up6\lang1024 \sbasedon0\snext0 footnote reference;
42: \s245\fs20\lang1024 \sbasedon0\snext245 footnote text;}
43:
44: \s10\f1\fs20\up6\lang1024
45: #{\footnote {#} Contents}
46: ${\footnote {$} Debug Event Browser Contents}
47: K{\footnote {K} Contents}
48: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
49: \{bmc deb.bmp\} Debug Event Browser Contents\par
50: \pard\plain
51: \s4\li270\sb60\tx1440\tx2340
52: {\b Overviews}\line
53: {\uldb General Overview}{\v GenOverview}\line
54: {\uldb Programming Overview}{\v ProgOverview}\line
55: {\b How to...}\line
56: {\uldb Using the Toolbar}{\v Toolbar}\line
57: {\b Commands}\line
58: {\uldb File Menu}{\v File}\line
59: {\uldb Edit Menu}{\v Edit}\line
60: {\uldb Options Menu}{\v Options}\line
61: {\uldb Help Menu}{\v Help}\line
62: {\uldb Keyboard}{\v Keyboard}\par
63: \pard\plain
64: \page
65:
66:
67: \s10\f1\fs20\up6\lang1024
68: #{\footnote {#} GenOverview}
69: ${\footnote {$} General Overview}
70: K{\footnote {K} Overview - General}
71: K{\footnote {K} Overviews}
72: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
73: Debug Event Browser General Overview\par
74: \pard\plain
75: \s4\li270\sb60\tx1440\tx2340
76: {\b Debug Event Browser} ({\b DEB}) is a Win32 application demonstrating the Win32 debug API.
77: This preliminary version of {\b DEB} only performs the most rudimentary debugging operations.
78: {\b DEB} is not a debugger in the traditional sense but a browser which merely displays the debug events occurring in a debugee.
79: The handling of debug events is restricted only to those actions which are necessary to display event information and continue the debugee.\par
80: {\b This Sample is brought to you by the Microsoft Win32 / Windows NT Support Team. Developed by Paul Tissue.}\par
81: \pard\plain
82: \page
83:
84:
85: \s10\f1\fs20\up6\lang1024
86: #{\footnote {#} ProgOverview}
87: ${\footnote {$} Programming Overview}
88: K{\footnote {K} Programming}
89: K{\footnote {K} Overview - Programming}
90: K{\footnote {K} Overviews}
91: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
92: Debug Event Browser Programming Overview\par
93: \pard\plain
94: \s4\li270\sb60\tx1440\tx2340
95: The {\b Debug Event Browser} ({\b DEB}) sample demonstrates the following Win32 debug API features:\par
96: \s4\li270\sb60\tx1440\tx2340
97: {\uldb Debug Event Handler}{\v Handler}\line
98: {\uldb Modifying a Thread's Context}{\v Context}\line
99: {\uldb Reading the Executable's Header}{\v Header}\par
100: \pard\plain
101: \page
102:
103:
104: \s10\f1\fs20\up6\lang1024
105: #{\footnote {#} Handler}
106: ${\footnote {$} Debug Event Handler}
107: K{\footnote {K} Debug Event Handler}
108: K{\footnote {K} Debug API}
109: K{\footnote {K} WaitForDebugEvent}
110: K{\footnote {K} ContinueDebugEvent}
111: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
112: Debug Event Handler\par
113: \pard\plain
114: \s4\li270\sb60\tx1440\tx2340
115: The debug event handler is responsible for the processing of the debug events.\par
116: \par
117: \pard\plain
118: \s9\li360\keep \f1\fs20\lang1024
119: // ************************************************************************\line
120: // FUNCTION : DebugEventThread( DWORD )\line
121: // PURPOSE : Main debug event processing loop\line
122: // ************************************************************************\line
123: DWORD\line
124: DebugEventThread( DWORD UserDefinedValue )\line
125: \{\line
126: DEBUG_EVENT DebugEvent;\line
127: \line
128: for(;;) \{\line
129: if( !WaitForDebugEvent( &DebugEvent, (DWORD) -1 ) ) \line
130: continue;\line
131: \line
132: switch( DebugEvent.dwDebugEventCode ) \{\line
133: \line
134: case EXCEPTION_DEBUG_EVENT:\line
135: // ...\line
136: \line
137: switch( DebugEvent.u.Exception.ExceptionRecord.ExceptionCode \line
138: \line
139: case EXCEPTION_ACCESS_VIOLATION:\line
140: // ...\line
141: break;\line
142: \line
143: case EXCEPTION_BREAKPOINT:\line
144: // ...\line
145: break;\line
146: \line
147: //...\line
148: \line
149: default: // An unknown exception occurred\line
150: // ...\line
151: break;\line
152: \}\line
153: \line
154: case CREATE_THREAD_DEBUG_EVENT:\line
155: // ...\line
156: break;\line
157: \line
158: case CREATE_PROCESS_DEBUG_EVENT:\line
159: // ...\line
160: break;\line
161: \line
162: // ...\line
163: \line
164: default:\line
165: // ...\line
166: \}\line
167: \line
168: //-- default action - just continue\line
169: ContinueDebugEvent( DebugEvent.dwProcessId, DebugEvent.dwThreadId,\line
170: DBG_CONTINUE );\line
171: \}\line
172: \line
173: return( NULL );\line
174: \}\par
175: \pard\plain
176: \page
177:
178:
179: \s10\f1\fs20\up6\lang1024
180: #{\footnote {#} Header}
181: ${\footnote {$} Reading the Executable's Header}
182: K{\footnote {K} Executable Header}
183: K{\footnote {K} Image Header}
184: K{\footnote {K} Debug API}
185: K{\footnote {K} ReadProcessMemory}
186: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
187: Reading the Executable's Header\par
188: \pard\plain
189: \s4\li270\sb60\tx1440\tx2340
190: Reading the information stored in the executable's headers is important for obtaining such things as symbolic information and details about the object.\par
191: \par
192: \pard\plain
193: \s9\li360\keep \f1\fs20\lang1024
194: // ************************************************************************\line
195: // FUNCTION : GetModuleFileNameFromHeader( HANDLE, HANDLE, LPTSTR, DWORD )\line
196: // PURPOSE : returns the DLL module name for a given file handle of a\line
197: // the module. Reads the module name from the EXE header.\line
198: // COMMENTS : returns only the module name and not the pathname\line
199: // ************************************************************************\line
200: DWORD APIENTRY\line
201: GetModuleFileNameFromHeader( HANDLE hProcess, HANDLE hFile, LPTSTR lpszPath, \line
202: DWORD bPath )\line
203: \{\line
204: #define IMAGE_DOS_SIGNATURE 0x5A4D // MZ\line
205: #define IMAGE_OS2_SIGNATURE 0x454E // NE\line
206: #define IMAGE_NT_SIGNATURE 0x00004550 // PE00\line
207: \line
208: #define IMAGE_SECOND_HEADER_OFFSET (15 * sizeof(ULONG)) \line
209: #define IMAGE_BASE_OFFSET (13 * sizeof(DWORD)) \line
210: #define IMAGE_EXPORT_TABLE_RVA_OFFSET (30 * sizeof(DWORD)) \line
211: #define IMAGE_NAME_RVA_OFFSET (3 * sizeof(DWORD)) \line
212: \line
213: WORD DosSignature;\line
214: DWORD NtSignature;\line
215: DWORD NumberOfBytesRead;\line
216: \line
217: DWORD PeHeader, ImageBase, ExportTableRVA, NameRVA;\line
218: \line
219: //-- Extract the filename from the EXE header\line
220: ReadFile( hFile, &DosSignature, sizeof(DosSignature), &NumberOfBytesRead,\line
221: (LPOVERLAPPED) NULL);\line
222: \line
223: if( DosSignature == IMAGE_DOS_SIGNATURE ) \{\line
224: \line
225: SetFilePointer( hFile, IMAGE_SECOND_HEADER_OFFSET, (LPLONG) NULL,\line
226: FILE_BEGIN );\line
227: ReadFile( hFile, &PeHeader, sizeof(PeHeader),\line
228: &NumberOfBytesRead, (LPOVERLAPPED) NULL );\line
229: \line
230: SetFilePointer( hFile, PeHeader, (LPLONG) NULL,\line
231: FILE_BEGIN );\line
232: ReadFile( hFile, &NtSignature, sizeof(NtSignature),\line
233: &NumberOfBytesRead, (LPOVERLAPPED) NULL);\line
234: \line
235: if( NtSignature == IMAGE_NT_SIGNATURE ) \{\line
236: \line
237: SetFilePointer( hFile, PeHeader+IMAGE_BASE_OFFSET,\line
238: (LPLONG) NULL, FILE_BEGIN );\line
239: ReadFile( hFile, &ImageBase, sizeof(ImageBase),\line
240: &NumberOfBytesRead, (LPOVERLAPPED) NULL);\line
241: \line
242: SetFilePointer( hFile, PeHeader + IMAGE_EXPORT_TABLE_RVA_OFFSET,\line
243: (LPLONG) NULL, FILE_BEGIN );\line
244: ReadFile( hFile, &ExportTableRVA, sizeof(ExportTableRVA),\line
245: &NumberOfBytesRead, (LPOVERLAPPED) NULL);\line
246: \line
247: //-- now read from the virtual address space in the process\line
248: ReadProcessMemory( hProcess,\line
249: (LPVOID) (ImageBase + ExportTableRVA + IMAGE_NAME_RVA_OFFSET),\line
250: &NameRVA, sizeof(NameRVA), &NumberOfBytesRead );\line
251: \line
252: ReadProcessMemory( hProcess,\line
253: (LPVOID) (ImageBase+NameRVA),\line
254: lpszPath, cbPath, &NumberOfBytesRead );\line
255: \line
256: return( NumberOfBytesRead );\line
257: \}\line
258: \}\line
259: return( 0 );\line
260: \}\par
261: \pard\plain
262: \page
263:
264:
265: \s10\f1\fs20\up6\lang1024
266: #{\footnote {#} Context}
267: ${\footnote {$} Modifying a Thread's Context}
268: K{\footnote {K} Thread Context}
269: K{\footnote {K} Context}
270: K{\footnote {K} Debug API}
271: K{\footnote {K} GetThreadContext}
272: K{\footnote {K} SetThreadContext}
273: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
274: Modifying a Thread's Context\par
275: \pard\plain
276: \s4\li270\sb60\tx1440\tx2340
277: The ability to query and modify a thread's context is one of the more powerful features of the Win32 debug API set.\par
278: \par
279: \pard\plain
280: \s9\li360\keep \f1\fs20\lang1024
281: // ************************************************************************\line
282: // FUNCTION : SkipThreadBreakPoint( DWORD );\line
283: // PURPOSE : Skip over the break point instruction belonging to dwThreadId\line
284: // COMMENTS : Only the MIPS R4000 needs this\line
285: // ************************************************************************\line
286: BOOL\line
287: SkipBreakPoint( DWORD dwThreadId )\line
288: \{\line
289: CONTEXT Context;\line
290: \line
291: // insert code here to get hThread given dwThreadId\line
292: \line
293: Context.ContextFlags = CONTEXT_CONTROL;\line
294: if( !GetThreadContext( hThread, &Context ) )\line
295: return( FALSE );\line
296: \line
297: Context.Fir += 4L; // Fir is the PC (program counter)\line
298: // BREAK (breakpoint instruction) occupies 4 bytes\line
299: \line
300: SetThreadContext( (ThreadNode->NodeData).hThread, &Context );\line
301: \line
302: return( TRUE );\line
303: \}\par
304: \pard\plain
305: \page
306:
307:
308: \s10\f1\fs20\up6\lang1024
309: #{\footnote {#} File}
310: ${\footnote {$} File Menu}
311: K{\footnote {K} File Menu}
312: K{\footnote {K} Menu Commands}
313: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
314: The File Menu\par
315: \pard\plain
316: \s4\li270\sb60\tx1440\tx2340
317: Allows the user to select the debugee for this application.\line\line
318: {\b Open}\line
319: Displays a dialog box that will allow you to open and run an executable file using a common dialog box. This executable file will become the debugee.\line\line
320: {\b Attach}\line
321: Displays a dialog box that will allow you to select a currently running process to attach to. This process will become the debugee.\line\line
322: {\b Exit}\line
323: Exits the {\b Debug Event Browser} application.\par
324: \pard\plain
325: \page
326:
327:
328: \s10\f1\fs20\up6\lang1024
329: #{\footnote {#} Edit}
330: ${\footnote {$} Edit Menu}
331: K{\footnote {K} Edit Menu}
332: K{\footnote {K} Menu Commands}
333: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
334: The Edit Menu\par
335: \pard\plain
336: \s4\li270\sb60\tx1440\tx2340
337: Allows the user to copy text to the clipboard.\line\line
338: {\b Cut}\line
339: Copies the text in the Debug Event window and then delete it from the window.\line\line
340: {\b Copy}\line
341: Copies the text in the Debug Event window.\line\line
342: {\b Delete}\line
343: Deletes the text in the Debug Event window.\par
344: \pard\plain
345: \page
346:
347:
348: \s10\f1\fs20\up6\lang1024
349: #{\footnote {#} Options}
350: ${\footnote {$} Options Menu}
351: K{\footnote {K} Options Menu}
352: K{\footnote {K} Menu Commands}
353: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
354: The Options Menu\par
355: \pard\plain
356: \s4\li270\sb60\tx1440\tx2340
357: Allows the user to set various options and preferences for this application.\line\line
358: {\b Fonts}\line
359: Displays a dialog box that will allow you to set the font for the Debug Event window.\line\line
360: {\b Background Color}\line
361: Displays a dialog box that will allow you to set the background color for the Debug Event window.\line\line
362: {\b Preferences}\line
363: Displays a dialog box that will allow you to set the options and preferences for this application.\line\line
364: {\b Toolbar}\line
365: Displays a Tool Bar when checked.\line\line
366: {\b Use Saved Directory}\line
367: This menu option will set the default directory to the one that was previously saved. This only occurs when checked.\line\line
368: {\b Save Settings On Exit}\line
369: This menu option will save all the current session settings.\par
370: \pard\plain
371: \page
372:
373:
374: \s10\f1\fs20\up6\lang1024
375: #{\footnote {#} Help}
376: ${\footnote {$} Help Menu}
377: K{\footnote {K} Help Menu}
378: K{\footnote {K} Menu Commands}
379: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
380: The Help Menu\par
381: \pard\plain
382: \s4\li270\sb60\tx1440\tx2340
383: Displays various types of information regarding to the {\b Debug Event Browser} application.\line\line
384: {\b Contents}\line
385: Displays the contents of the Online Help.\line\line
386: {\b Search for Help on...}\line
387: Displays a list of keywords to search for Online Help topics.\line\line
388: {\b How to use Help}\line
389: Displays the instructions for using the Online Help facilities.\line\line
390: {\b About {\b DEB}...}\line
391: Displays information about the {\b Debug Event Browser}.\par
392: \pard\plain
393: \page
394:
395:
396: \s10\f1\fs20\up6\lang1024
397: #{\footnote {#} Keyboard}
398: ${\footnote {$} Keyboard Commands}
399: K{\footnote {K} Keyboard Commands}
400: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
401: Keyboard Commands\par
402: \pard\plain
403: \s4\li270\sb60\tx1440\tx2340
404: The keyboard commands allows quick and convenient access to several {\b Debug Event Browser} options simply with the pressing of one key.\line\line
405: {\b Ctrl+X}\line
406: Copies the text in the Debug Event window and then delete it from the window.\line\line
407: {\b Ctrl+C}\line
408: Copies the text in the Debug Event window.\line\line
409: {\b Del}\line
410: Deletes the text in the Debug Event window.\par
411: \pard\plain
412: \page
413:
414:
415: \s10\f1\fs20\up6\lang1024
416: #{\footnote {#} Toolbar}
417: ${\footnote {$} Toolbar}
418: K{\footnote {K} Toolbar}
419: \s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\fs28
420: Toolbar\par
421: \pard\plain
422: \s4\li270\sb60\tx1440\tx2340
423: The Toolbar allows quick and convenient access to several {\b Debug Event Browser} options simply with the click of the mouse.\par\par
424: \pard\plain
425: \qc \{bmc toolbar.bmp\}\par
426: \pard\plain
427: \page
428:
429:
430: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.