![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to deb.rtf CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / deb|
Return to deb.rtf CVS log | Up to [WindowsNT SDKs] / mstools / samples / deb |
1.1.1.3 ! root 1: {\rtf1\ansi \deff0\deflang1024 1.1 root 2: 3: 4: {\fonttbl 1.1.1.3 ! root 5: {\f0\froman Times New Roman;} ! 6: {\f1\froman Symbol;} ! 7: {\f2\fswiss Arial;} ! 8: {\f3\froman Tms Rmn;} ! 9: {\f4\fswiss Helv;} ! 10: {\f5\fdecor ZapfDingbats;} ! 11: {\f6\fmodern Courier;}} 1.1 root 12: 13: 14: {\colortbl; 15: \red0\green0\blue0; 16: \red0\green0\blue255; 17: \red0\green255\blue255; 18: \red0\green255\blue0; 19: \red255\green0\blue255; 20: \red255\green0\blue0; 21: \red255\green255\blue0; 22: \red255\green255\blue255; 23: \red0\green0\blue127; 24: \red0\green127\blue127; 25: \red0\green127\blue0; 26: \red127\green0\blue127; 27: \red127\green0\blue0; 28: \red127\green127\blue0; 29: \red127\green127\blue127; 30: \red192\green192\blue192;} 31: 32: 33: {\stylesheet 1.1.1.3 ! root 34: {\s244 \fs16\up6\lang1033 \sbasedon0\snext0 footnote reference;} ! 35: {\s245 \fs20\lang1033 \sbasedon0\snext245 footnote text;} ! 36: {\fs20\lang1033 \snext0 Normal;} ! 37: {\s2\keepn \b\f2\fs28\lang1033 \sbasedon0\snext2 Title;} ! 38: {\s3\li720 \lang1033 \sbasedon0\snext3 Body;} ! 39: {\s4\fi-1526\li2246\sb120\tx2070\tx2250 \lang1033 \sbasedon0\snext4 List;} ! 40: {\s5 \fs20\lang1033 \sbasedon3\snext5 JumpBody;} ! 41: {\s6\brdrb\brdrs\brdrw30\brsp20\brdrcf2 \b\f2\lang1033 \sbasedon0\snext6 PopUpTitle;} ! 42: {\s7\li180 \fs20\lang1033 \sbasedon5\snext7 PopUpBody;} ! 43: {\s8\fi-1526\li2246\tx2070\tx2250 \lang1033 \sbasedon4\snext8 GlossaryEntry;} ! 44: {\s9 \lang1033 \sbasedon0\snext3 Unindented;} ! 45: {\s10\keep \f6\fs20\lang1033 \sbasedon0\snext3 Source Code;}} ! 46: ! 47: ! 48: {\info ! 49: {\author Paul Tissue} ! 50: {\creatim\yr1993\mo6\dy1\hr1\min1} ! 51: {\version1}} ! 52: 1.1 root 53: 54: #{\footnote {#} Contents} 55: ${\footnote {$} Debug Event Browser Contents} 56: K{\footnote {K} Contents} 1.1.1.3 ! root 57: \s2\keepn \b\f2\fs28\lang1033 ! 58: \{bmc deb.bmp\} Debug Event Browser ! 59: \par\pard\plain ! 60: \s9 \lang1033 1.1 root 61: {\b Overviews}\line 62: {\uldb General Overview}{\v GenOverview}\line 63: {\uldb Programming Overview}{\v ProgOverview}\line 1.1.1.3 ! root 64: \line ! 65: {\b How To...}\line 1.1 root 66: {\uldb Using the Toolbar}{\v Toolbar}\line 1.1.1.3 ! root 67: \line 1.1 root 68: {\b Commands}\line 69: {\uldb File Menu}{\v File}\line 70: {\uldb Edit Menu}{\v Edit}\line 71: {\uldb Options Menu}{\v Options}\line 72: {\uldb Help Menu}{\v Help}\line 1.1.1.3 ! root 73: {\uldb Keyboard}{\v Keyboard}\line ! 74: \par\pard\plain 1.1 root 75: \page 76: 77: 78: #{\footnote {#} GenOverview} 79: ${\footnote {$} General Overview} 80: K{\footnote {K} Overview - General} 81: K{\footnote {K} Overviews} 1.1.1.3 ! root 82: \s2\keepn \b\f2\fs28\lang1033 ! 83: General Overview ! 84: \par\pard\plain ! 85: \s9 \lang1033 ! 86: {\b Debug Event Browser} ({\b DEB}) is a Win32 application demonstrating the ! 87: Win32 debug API. This preliminary version of {\b DEB} only performs the ! 88: most rudimentary debugging operations. {\b DEB} is not a debugger in the ! 89: traditional sense but a browser which merely displays the debug events ! 90: occurring in a debuggee. The handling of debug events is restricted only ! 91: to those actions which are necessary to display event information and ! 92: continue the debuggee.\line ! 93: \line ! 94: {\b This Sample is brought to you by:}\line ! 95: {\b Microsoft Developer Support}\line ! 96: {\b Developed by Paul Tissue}\line ! 97: \par\pard\plain 1.1 root 98: \page 99: 100: 101: #{\footnote {#} ProgOverview} 102: ${\footnote {$} Programming Overview} 103: K{\footnote {K} Programming} 104: K{\footnote {K} Overview - Programming} 105: K{\footnote {K} Overviews} 1.1.1.3 ! root 106: \s2\keepn \b\f2\fs28\lang1033 ! 107: Programming Overview ! 108: \par\pard\plain ! 109: \s9 \lang1033 ! 110: The {\b Debug Event Browser} ({\b DEB}) sample demonstrates the following ! 111: Win32 debug API features:\line ! 112: \line 1.1 root 113: {\uldb Debug Event Handler}{\v Handler}\line 114: {\uldb Modifying a Thread's Context}{\v Context}\line 1.1.1.3 ! root 115: {\uldb Reading the Executable's Header}{\v Header}\line ! 116: \par\pard\plain 1.1 root 117: \page 118: 119: 1.1.1.3 ! root 120: 1.1 root 121: #{\footnote {#} Handler} 122: ${\footnote {$} Debug Event Handler} 123: K{\footnote {K} Debug Event Handler} 124: K{\footnote {K} Debug API} 125: K{\footnote {K} WaitForDebugEvent} 126: K{\footnote {K} ContinueDebugEvent} 1.1.1.3 ! root 127: \s2\keepn \b\f2\fs28\lang1033 ! 128: Debug Event Handler ! 129: \par\pard\plain ! 130: \s9 \lang1033 ! 131: The debug event handler is responsible for the processing of the debug ! 132: events.\line ! 133: \par\pard\plain ! 134: \s10\keep \f6\fs20\lang1033 1.1 root 135: // ************************************************************************\line 136: // FUNCTION : DebugEventThread( DWORD )\line 137: // PURPOSE : Main debug event processing loop\line 1.1.1.3 ! root 138: // COMMENTS : The same debugger thread which creates a debuggee process or\line ! 139: // attaches to a currently running process must also handle all\line ! 140: // the debug events for that process.\line 1.1 root 141: // ************************************************************************\line 1.1.1.3 ! root 142: DWORD WINAPI\line 1.1 root 143: DebugEventThread( DWORD UserDefinedValue )\line 144: \{\line 1.1.1.3 ! root 145: DEBUG_EVENT DebugEvent;\line 1.1 root 146: \line 147: for(;;) \{\line 1.1.1.3 ! root 148: if( !WaitForDebugEvent( &DebugEvent, INFINITE ) ) \line 1.1 root 149: continue;\line 150: switch( DebugEvent.dwDebugEventCode ) \{\line 151: case EXCEPTION_DEBUG_EVENT:\line 152: // ...\line 153: switch( DebugEvent.u.Exception.ExceptionRecord.ExceptionCode \line 154: case EXCEPTION_ACCESS_VIOLATION:\line 1.1.1.3 ! root 155: // ...handle exception\line 1.1 root 156: break;\line 157: case EXCEPTION_BREAKPOINT:\line 1.1.1.3 ! root 158: // ...handle exception\line 1.1 root 159: break;\line 160: //...\line 161: default: // An unknown exception occurred\line 1.1.1.3 ! root 162: // ...handle exception\line 1.1 root 163: break;\line 164: \}\line 165: case CREATE_THREAD_DEBUG_EVENT:\line 1.1.1.3 ! root 166: // ...handle debug event\line 1.1 root 167: break;\line 168: case CREATE_PROCESS_DEBUG_EVENT:\line 1.1.1.3 ! root 169: // ...handle debug event\line 1.1 root 170: break;\line 171: // ...\line 172: default:\line 1.1.1.3 ! root 173: // ...handle debug event\line ! 174: break;\line 1.1 root 175: \}\line 176: //-- default action - just continue\line 177: ContinueDebugEvent( DebugEvent.dwProcessId, DebugEvent.dwThreadId,\line 178: DBG_CONTINUE );\line 179: \}\line 180: \line 181: return( NULL );\line 1.1.1.3 ! root 182: \}\line ! 183: \par\pard\plain 1.1 root 184: \page 185: 186: 187: #{\footnote {#} Header} 188: ${\footnote {$} Reading the Executable's Header} 189: K{\footnote {K} Executable Header} 190: K{\footnote {K} Image Header} 191: K{\footnote {K} Debug API} 192: K{\footnote {K} ReadProcessMemory} 1.1.1.3 ! root 193: \s2\keepn \b\f2\fs28\lang1033 ! 194: Reading the Executable's Header ! 195: \par\pard\plain ! 196: \s9 \lang1033 ! 197: Reading the information stored in the executable's headers is important for ! 198: obtaining such things as symbolic information and details about the ! 199: object.\line ! 200: \line ! 201: \par\pard\plain ! 202: \s10\keep \f6\fs20\lang1033 1.1 root 203: // ************************************************************************\line 1.1.1.3 ! root 204: // FUNCTION : GetModuleFileNameFromHeader( HANDLE, HANDLE, DWORD, LPTSTR, DWORD )\line ! 205: // PURPOSE : Retrieves the DLL module name for a given file handle of a\line 1.1 root 206: // the module. Reads the module name from the EXE header.\line 1.1.1.3 ! root 207: // COMMENTS :\line ! 208: // Retrieves only the module name and not the pathname. Returns the\line ! 209: // number of characters copies to the buffer, else returns 0.\line 1.1 root 210: // ************************************************************************\line 1.1.1.3 ! root 211: DWORD\line ! 212: GetModuleFileNameFromHeader( HANDLE hProcess, HANDLE hFile, DWORD BaseOfDll,\line ! 213: LPTSTR lpszPath, DWORD cchPath )\line 1.1 root 214: \{\line 1.1.1.3 ! root 215: #define IMAGE_SECOND_HEADER_OFFSET (15 * sizeof(ULONG)) // relative to file beginning\line ! 216: #define IMAGE_BASE_OFFSET (13 * sizeof(DWORD)) // relative to PE header base\line ! 217: #define IMAGE_EXPORT_TABLE_RVA_OFFSET (30 * sizeof(DWORD)) // relative to PE header base\line ! 218: #define IMAGE_NAME_RVA_OFFSET offsetof(IMAGE_EXPORT_DIRECTORY, Name)\line 1.1 root 219: \line 220: WORD DosSignature;\line 221: DWORD NtSignature;\line 1.1.1.3 ! root 222: DWORD dwNumberOfBytesRead = 0;\line 1.1 root 223: DWORD PeHeader, ImageBase, ExportTableRVA, NameRVA;\line 224: \line 1.1.1.3 ! root 225: //-- verify that the handle is not NULL\line ! 226: if( !hFile ) \{\line ! 227: lstrcpy( lpszPath, "Invalid File Handle" );\line ! 228: return( 0 );\line ! 229: \}\line ! 230: \line ! 231: //-- verify that the handle is for a disk file\line ! 232: if( GetFileType(hFile) != FILE_TYPE_DISK ) \{\line ! 233: lstrcpy( lpszPath, "Invalid File Type" );\line ! 234: return( 0 );\line ! 235: \}\line ! 236: \line 1.1 root 237: //-- Extract the filename from the EXE header\line 1.1.1.3 ! root 238: SetFilePointer( hFile, 0L, NULL, FILE_BEGIN );\line ! 239: ReadFile( hFile, &DosSignature, sizeof(DosSignature), &dwNumberOfBytesRead,\line 1.1 root 240: (LPOVERLAPPED) NULL);\line 241: \line 1.1.1.3 ! root 242: //-- verify DOS signature found\line ! 243: if( DosSignature != IMAGE_DOS_SIGNATURE ) \{\line ! 244: wsprintf( lpszPath, TEXT( "Bad MZ Signature: 0x%x" ), DosSignature );\line ! 245: return( 0 );\line ! 246: \}\line 1.1 root 247: \line 1.1.1.3 ! root 248: SetFilePointer( hFile, IMAGE_SECOND_HEADER_OFFSET, (LPLONG) NULL,\line ! 249: FILE_BEGIN );\line ! 250: ReadFile( hFile, &PeHeader, sizeof(PeHeader), &dwNumberOfBytesRead,\line ! 251: (LPOVERLAPPED) NULL );\line ! 252: SetFilePointer( hFile, PeHeader, (LPLONG) NULL, FILE_BEGIN );\line ! 253: ReadFile( hFile, &NtSignature, sizeof(NtSignature), &dwNumberOfBytesRead,\line ! 254: (LPOVERLAPPED) NULL);\line 1.1 root 255: \line 1.1.1.3 ! root 256: //-- verify Windows NT (PE) signature found\line ! 257: if( NtSignature != IMAGE_NT_SIGNATURE ) \{\line ! 258: wsprintf( lpszPath, TEXT( "Bad PE Signature: 0x%x" ), DosSignature );\line ! 259: return( 0 );\line 1.1 root 260: \}\line 1.1.1.3 ! root 261: \line ! 262: SetFilePointer( hFile, PeHeader + IMAGE_BASE_OFFSET, (LPLONG) NULL,\line ! 263: FILE_BEGIN );\line ! 264: ReadFile( hFile, &ImageBase, sizeof(ImageBase), &dwNumberOfBytesRead,\line ! 265: (LPOVERLAPPED) NULL);\line ! 266: SetFilePointer( hFile, PeHeader + IMAGE_EXPORT_TABLE_RVA_OFFSET,\line ! 267: (LPLONG) NULL, FILE_BEGIN );\line ! 268: ReadFile( hFile, &ExportTableRVA, sizeof(ExportTableRVA),\line ! 269: &dwNumberOfBytesRead, (LPOVERLAPPED) NULL);\line ! 270: \line ! 271: //-- now read from the virtual address space in the process\line ! 272: ReadProcessMemory( hProcess,\line ! 273: (LPVOID) (BaseOfDll + ExportTableRVA + IMAGE_NAME_RVA_OFFSET),\line ! 274: &NameRVA, sizeof(NameRVA), &dwNumberOfBytesRead );\line ! 275: lstrcpy( lpszPath, "Empty!" );\line ! 276: if( !ReadProcessMemory( hProcess,\line ! 277: (LPVOID) (BaseOfDll + NameRVA),\line ! 278: lpszPath, cchPath, &dwNumberOfBytesRead ) )\line ! 279: lstrcpy( lpszPath, "Access Denied!" );\line ! 280: \line ! 281: return( dwNumberOfBytesRead );\line ! 282: \}\line ! 283: \par\pard\plain 1.1 root 284: \page 285: 286: 287: #{\footnote {#} Context} 288: ${\footnote {$} Modifying a Thread's Context} 289: K{\footnote {K} Thread Context} 290: K{\footnote {K} Context} 291: K{\footnote {K} Debug API} 292: K{\footnote {K} GetThreadContext} 293: K{\footnote {K} SetThreadContext} 1.1.1.3 ! root 294: \s2\keepn \b\f2\fs28\lang1033 ! 295: Modifying a Thread's Context ! 296: \par\pard\plain ! 297: \s9 \lang1033 ! 298: The ability to query and modify a thread's context is one of the more ! 299: powerful features of the Win32 debug API set.\line ! 300: \par\pard\plain ! 301: \s10\keep \f6\fs20\lang1033 1.1 root 302: // ************************************************************************\line 1.1.1.3 ! root 303: // FUNCTION : SkipThreadBreakPoint( HANDLE );\line ! 304: // PURPOSE : Skip over the break point instruction belonging to\line ! 305: // hThread.\line ! 306: // COMMENTS :\line ! 307: // Only the MIPS R4x00 and Alpha AXP require this.\line 1.1 root 308: // ************************************************************************\line 309: BOOL\line 1.1.1.3 ! root 310: SkipBreakPoint( HANDLE hThread )\line 1.1 root 311: \{\line 1.1.1.3 ! root 312: static CONTEXT Context;\line 1.1 root 313: \line 314: Context.ContextFlags = CONTEXT_CONTROL;\line 315: if( !GetThreadContext( hThread, &Context ) )\line 316: return( FALSE );\line 317: Context.Fir += 4L; // Fir is the PC (program counter)\line 1.1.1.3 ! root 318: // BREAK (breakpoint instruction) occupies 4 bytes\line ! 319: SetThreadContext( hThread, &Context );\line 1.1 root 320: \line 321: return( TRUE );\line 1.1.1.3 ! root 322: \}\line ! 323: \par\pard\plain ! 324: \page ! 325: ! 326: ! 327: #{\footnote {#} Toolbar} ! 328: ${\footnote {$} Toolbar} ! 329: K{\footnote {K} Toolbar} ! 330: \s2\keepn \b\f2\fs28\lang1033 ! 331: How To Use The Toolbar ! 332: \par\pard\plain ! 333: \s9 \lang1033 ! 334: The Toolbar allows quick and convenient access to several ! 335: {\b Debug Event Browser} options simply with the click of the mouse.\line ! 336: \line ! 337: \par\pard\plain ! 338: \qc \{bmc toolbar.bmp\}\par ! 339: \par\pard\plain 1.1 root 340: \page 341: 342: 343: #{\footnote {#} File} 344: ${\footnote {$} File Menu} 345: K{\footnote {K} File Menu} 346: K{\footnote {K} Menu Commands} 1.1.1.3 ! root 347: \s2\keepn \b\f2\fs28\lang1033 ! 348: File Menu Commands ! 349: \par\pard\plain ! 350: \s9 \lang1033 ! 351: Allows the user to select the debuggee for this application.\line ! 352: \line ! 353: {\b Open...}\line ! 354: Displays a dialog box that will allow you to open and run an executable ! 355: file using a common dialog box. This executable file will become the ! 356: debuggee.\line ! 357: \line ! 358: {\b Attach...}\line ! 359: Displays a dialog box that will allow you to select a currently running ! 360: process to attach to. This process will become the debuggee.\line ! 361: \line 1.1 root 362: {\b Exit}\line 1.1.1.3 ! root 363: Exits the {\b Debug Event Browser} application.\line ! 364: \par\pard\plain 1.1 root 365: \page 366: 367: 368: #{\footnote {#} Edit} 369: ${\footnote {$} Edit Menu} 370: K{\footnote {K} Edit Menu} 371: K{\footnote {K} Menu Commands} 1.1.1.3 ! root 372: \s2\keepn \b\f2\fs28\lang1033 ! 373: Edit Menu Commands ! 374: \par\pard\plain ! 375: \s9 \lang1033 ! 376: Allows the user to copy text to the clipboard.\line ! 377: \line 1.1 root 378: {\b Cut}\line 1.1.1.3 ! root 379: Copies the text in the Debug Event window and then delete it from the ! 380: window.\line ! 381: \line 1.1 root 382: {\b Copy}\line 1.1.1.3 ! root 383: Copies the text in the Debug Event window.\line ! 384: \line 1.1 root 385: {\b Delete}\line 1.1.1.3 ! root 386: Deletes the text in the Debug Event window.\line ! 387: \par\pard\plain 1.1 root 388: \page 389: 390: 391: #{\footnote {#} Options} 392: ${\footnote {$} Options Menu} 393: K{\footnote {K} Options Menu} 394: K{\footnote {K} Menu Commands} 1.1.1.3 ! root 395: \s2\keepn \b\f2\fs28\lang1033 ! 396: Options Menu Commands ! 397: \par\pard\plain ! 398: \s9 \lang1033 ! 399: Allows the user to set various options and preferences for this ! 400: application.\line ! 401: \line ! 402: {\b Fonts...}\line ! 403: Displays a dialog box that will allow you to set the font for the Debug ! 404: Event window.\line ! 405: \line ! 406: {\b Background Color...}\line ! 407: Displays a dialog box that will allow you to set the background color for ! 408: the Debug Event window.\line ! 409: \line ! 410: {\b Preferences...}\line ! 411: Displays a dialog box that will allow you to set the options and preferences ! 412: for this application.\line ! 413: \line 1.1 root 414: {\b Toolbar}\line 1.1.1.3 ! root 415: Displays the Tool Bar when checked.\line ! 416: \line 1.1 root 417: {\b Use Saved Directory}\line 1.1.1.3 ! root 418: This menu option will set the default directory to the one that was ! 419: previously saved. This only occurs when checked.\line ! 420: \line 1.1 root 421: {\b Save Settings On Exit}\line 1.1.1.3 ! root 422: This menu option will save all the current session settings upon exiting. ! 423: This only occurs when checked.\line ! 424: \line ! 425: {\b Save Settings Now}\line ! 426: This menu option will save all the current session settings now. ! 427: \par\pard\plain 1.1 root 428: \page 429: 430: 431: #{\footnote {#} Help} 432: ${\footnote {$} Help Menu} 433: K{\footnote {K} Help Menu} 434: K{\footnote {K} Menu Commands} 1.1.1.3 ! root 435: \s2\keepn \b\f2\fs28\lang1033 ! 436: Help Menu Commands ! 437: \par\pard\plain ! 438: \s9 \lang1033 ! 439: Displays various types of information regarding to the ! 440: {\b Debug Event Browser} application.\line ! 441: \line 1.1 root 442: {\b Contents}\line 1.1.1.3 ! root 443: Displays the contents of the Online Help.\line ! 444: \line 1.1 root 445: {\b Search for Help on...}\line 1.1.1.3 ! root 446: Displays a list of keywords to search for Online Help topics.\line ! 447: \line 1.1 root 448: {\b How to use Help}\line 1.1.1.3 ! root 449: Displays the instructions for using the Online Help facilities.\line ! 450: \line ! 451: {\b About Debug Event Browser...}\line ! 452: Displays product information about the {\b Debug Event Browser}.\line ! 453: \par\pard\plain 1.1 root 454: \page 455: 456: 457: #{\footnote {#} Keyboard} 458: ${\footnote {$} Keyboard Commands} 459: K{\footnote {K} Keyboard Commands} 1.1.1.3 ! root 460: \s2\keepn \b\f2\fs28\lang1033 ! 461: Keyboard Commands ! 462: \par\pard\plain ! 463: \s9 \lang1033 ! 464: The keyboard commands allows quick and convenient access to several ! 465: {\b Debug Event Browser} options using simple key combinations.\line ! 466: \line ! 467: {\ul Control Keys}\line ! 468: \line ! 469: {\b Ctrl+A}\line ! 470: Attaches to a currently running process and begins debugging it.\line ! 471: \line 1.1 root 472: {\b Ctrl+C}\line 1.1.1.3 ! root 473: Copies the text in the Debug Event window.\line ! 474: \line ! 475: {\b Ctrl+O}\line ! 476: Opens an executable and debugs it.\line ! 477: \line ! 478: {\b Ctrl+X}\line ! 479: Copies the text in the Debug Event window and then delete it from the ! 480: window.\line ! 481: \line ! 482: {\ul Alternate Keys}\line ! 483: \line ! 484: {\b Alt+F4}\line ! 485: Exits the {\b Debug Event Browser}.\line ! 486: \line ! 487: {\ul Single Keys}\line ! 488: \line ! 489: {\b F1}\line ! 490: Invokes the help file for the {\b Debug Event Browser}.\line ! 491: \line 1.1 root 492: {\b Del}\line 1.1.1.3 ! root 493: Deletes the text in the Debug Event window.\line ! 494: \par\pard\plain 1.1 root 495: \page 496: 497: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.