![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to regs.c CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [WindowsNT SDKs] / mstools / samples / sdktools / image / drwatson / i386|
Return to regs.c CVS log | Up to [WindowsNT SDKs] / mstools / samples / sdktools / image / drwatson / i386 |
1.1 root 1: /*++
2:
3: Copyright (c) 1993 Microsoft Corporation
4:
5: Module Name:
6:
7: regs.c
8:
9: Abstract:
10:
11: This file provides access to the machine's register set.
12:
13: Author:
14:
15: Wesley Witt (wesw) 1-May-1993 (ported from ntsd)
16:
17: Environment:
18:
19: User Mode
20:
21: --*/
22:
23: #include <windows.h>
24: #include <stdlib.h>
25: #include <stdio.h>
26: #include <string.h>
27:
28: #include "drwatson.h"
29: #include "proto.h"
30: #include "regs.h"
31:
32:
33:
34: PUCHAR RegNameFromIndex (ULONG index);
35: ULONG GetDregValue (PDEBUGPACKET dp, ULONG index);
36: void OutputOneReg (PDEBUGPACKET dp, ULONG regnum);
37: void OutputAllRegs(PDEBUGPACKET dp);
38: ULONG GetRegString (PUCHAR pszString);
39: ULONG GetRegFlagValue (PDEBUGPACKET dp, ULONG regnum);
40: ULONG GetRegValue (PDEBUGPACKET dp, ULONG regnum);
41:
42:
43:
44:
45:
46:
47: char szGsReg[] = "gs";
48: char szFsReg[] = "fs";
49: char szEsReg[] = "es";
50: char szDsReg[] = "ds";
51: char szEdiReg[] = "edi";
52: char szEsiReg[] = "esi";
53: char szEbxReg[] = "ebx";
54: char szEdxReg[] = "edx";
55: char szEcxReg[] = "ecx";
56: char szEaxReg[] = "eax";
57: char szEbpReg[] = "ebp";
58: char szEipReg[] = "eip";
59: char szCsReg[] = "cs";
60: char szEflReg[] = "efl";
61: char szEspReg[] = "esp";
62: char szSsReg[] = "ss";
63: char szDiReg[] = "di";
64: char szSiReg[] = "si";
65: char szBxReg[] = "bx";
66: char szDxReg[] = "dx";
67: char szCxReg[] = "cx";
68: char szAxReg[] = "ax";
69: char szBpReg[] = "bp";
70: char szIpReg[] = "ip";
71: char szFlReg[] = "fl";
72: char szSpReg[] = "sp";
73: char szBlReg[] = "bl";
74: char szDlReg[] = "dl";
75: char szClReg[] = "cl";
76: char szAlReg[] = "al";
77: char szBhReg[] = "bh";
78: char szDhReg[] = "dh";
79: char szChReg[] = "ch";
80: char szAhReg[] = "ah";
81: char szIoplFlag[] = "iopl";
82: char szFlagOf[] = "of";
83: char szFlagDf[] = "df";
84: char szFlagIf[] = "if";
85: char szFlagTf[] = "tf";
86: char szFlagSf[] = "sf";
87: char szFlagZf[] = "zf";
88: char szFlagAf[] = "af";
89: char szFlagPf[] = "pf";
90: char szFlagCf[] = "cf";
91: char szFlagVip[] = "vip";
92: char szFlagVif[] = "vif";
93:
94: struct Reg {
95: char *psz;
96: ULONG value;
97: };
98:
99: struct SubReg {
100: ULONG regindex;
101: ULONG shift;
102: ULONG mask;
103: };
104:
105: struct Reg regname[] = {
106: { szGsReg, REGGS },
107: { szFsReg, REGFS },
108: { szEsReg, REGES },
109: { szDsReg, REGDS },
110: { szEdiReg, REGEDI },
111: { szEsiReg, REGESI },
112: { szEbxReg, REGEBX },
113: { szEdxReg, REGEDX },
114: { szEcxReg, REGECX },
115: { szEaxReg, REGEAX },
116: { szEbpReg, REGEBP },
117: { szEipReg, REGEIP },
118: { szCsReg, REGCS },
119: { szEflReg, REGEFL },
120: { szEspReg, REGESP },
121: { szSsReg, REGSS },
122: { szDiReg, REGDI },
123: { szSiReg, REGSI },
124: { szBxReg, REGBX },
125: { szDxReg, REGDX },
126: { szCxReg, REGCX },
127: { szAxReg, REGAX },
128: { szBpReg, REGBP },
129: { szIpReg, REGIP },
130: { szFlReg, REGFL },
131: { szSpReg, REGSP },
132: { szBlReg, REGBL },
133: { szDlReg, REGDL },
134: { szClReg, REGCL },
135: { szAlReg, REGAL },
136: { szBhReg, REGBH },
137: { szDhReg, REGDH },
138: { szChReg, REGCH },
139: { szAhReg, REGAH },
140: { szIoplFlag, FLAGIOPL },
141: { szFlagOf, FLAGOF },
142: { szFlagDf, FLAGDF },
143: { szFlagIf, FLAGIF },
144: { szFlagTf, FLAGTF },
145: { szFlagSf, FLAGSF },
146: { szFlagZf, FLAGZF },
147: { szFlagAf, FLAGAF },
148: { szFlagPf, FLAGPF },
149: { szFlagCf, FLAGCF },
150: { szFlagVip, FLAGVIP },
151: { szFlagVif, FLAGVIF },
152: };
153:
154: #define REGNAMESIZE (sizeof(regname) / sizeof(struct Reg))
155:
156: struct SubReg subregname[] = {
157: { REGEDI, 0, 0xffff }, // DI register
158: { REGESI, 0, 0xffff }, // SI register
159: { REGEBX, 0, 0xffff }, // BX register
160: { REGEDX, 0, 0xffff }, // DX register
161: { REGECX, 0, 0xffff }, // CX register
162: { REGEAX, 0, 0xffff }, // AX register
163: { REGEBP, 0, 0xffff }, // BP register
164: { REGEIP, 0, 0xffff }, // IP register
165: { REGEFL, 0, 0xffff }, // FL register
166: { REGESP, 0, 0xffff }, // SP register
167: { REGEBX, 0, 0xff }, // BL register
168: { REGEDX, 0, 0xff }, // DL register
169: { REGECX, 0, 0xff }, // CL register
170: { REGEAX, 0, 0xff }, // AL register
171: { REGEBX, 8, 0xff }, // BH register
172: { REGEDX, 8, 0xff }, // DH register
173: { REGECX, 8, 0xff }, // CH register
174: { REGEAX, 8, 0xff }, // AH register
175: { REGEFL, 12, 3 }, // IOPL level value
176: { REGEFL, 11, 1 }, // OF (overflow flag)
177: { REGEFL, 10, 1 }, // DF (direction flag)
178: { REGEFL, 9, 1 }, // IF (interrupt enable flag)
179: { REGEFL, 8, 1 }, // TF (trace flag)
180: { REGEFL, 7, 1 }, // SF (sign flag)
181: { REGEFL, 6, 1 }, // ZF (zero flag)
182: { REGEFL, 4, 1 }, // AF (aux carry flag)
183: { REGEFL, 2, 1 }, // PF (parity flag)
184: { REGEFL, 0, 1 }, // CF (carry flag)
185: { REGEFL, 20, 1 }, // VIP (virtual interrupt pending)
186: { REGEFL, 19, 1 } // VIF (virtual interrupt flag)
187: };
188:
189: ULONG
190: GetRegFlagValue (PDEBUGPACKET dp, ULONG regnum)
191: {
192: ULONG value;
193:
194: if (regnum < FLAGBASE)
195: value = GetRegValue(dp, regnum);
196: else {
197: regnum -= FLAGBASE;
198: value = GetRegValue(dp, subregname[regnum].regindex);
199: value = (value >> subregname[regnum].shift) & subregname[regnum].mask;
200: }
201: return value;
202: }
203:
204: ULONG
205: GetRegValue (PDEBUGPACKET dp, ULONG regnum)
206: {
207: switch (regnum) {
208: case REGGS:
209: return dp->tctx->context.SegGs;
210: case REGFS:
211: return dp->tctx->context.SegFs;
212: case REGES:
213: return dp->tctx->context.SegEs;
214: case REGDS:
215: return dp->tctx->context.SegDs;
216: case REGEDI:
217: return dp->tctx->context.Edi;
218: case REGESI:
219: return dp->tctx->context.Esi;
220: case REGSI:
221: return(dp->tctx->context.Esi & 0xffff);
222: case REGDI:
223: return(dp->tctx->context.Edi & 0xffff);
224: case REGEBX:
225: return dp->tctx->context.Ebx;
226: case REGEDX:
227: return dp->tctx->context.Edx;
228: case REGECX:
229: return dp->tctx->context.Ecx;
230: case REGEAX:
231: return dp->tctx->context.Eax;
232: case REGEBP:
233: return dp->tctx->context.Ebp;
234: case REGEIP:
235: return dp->tctx->context.Eip;
236: case REGCS:
237: return dp->tctx->context.SegCs;
238: case REGEFL:
239: return dp->tctx->context.EFlags;
240: case REGESP:
241: return dp->tctx->context.Esp;
242: case REGSS:
243: return dp->tctx->context.SegSs;
244: case PREGEA:
245: return 0;
246: case PREGEXP:
247: return 0;
248: case PREGRA: {
249: struct {
250: ULONG oldBP;
251: ULONG retAddr;
252: } stackRead;
253: ReadProcessMemory( dp->hProcess,
254: (LPVOID)dp->tctx->context.Ebp,
255: (LPVOID)&stackRead,
256: sizeof(stackRead),
257: NULL
258: );
259: return stackRead.retAddr;
260: }
261: case PREGP:
262: return 0;
263: case REGDR0:
264: return dp->tctx->context.Dr0;
265: case REGDR1:
266: return dp->tctx->context.Dr1;
267: case REGDR2:
268: return dp->tctx->context.Dr2;
269: case REGDR3:
270: return dp->tctx->context.Dr3;
271: case REGDR6:
272: return dp->tctx->context.Dr6;
273: case REGDR7:
274: return dp->tctx->context.Dr7;
275: default:
276: return 0;
277: }
278: }
279:
280: ULONG
281: GetRegString (PUCHAR pszString)
282: {
283: ULONG count;
284:
285: for (count = 0; count < REGNAMESIZE; count++)
286: if (!strcmp(pszString, regname[count].psz))
287: return regname[count].value;
288: return (ULONG)-1;
289: }
290:
291: void
292: OutputAllRegs( PDEBUGPACKET dp )
293: {
294: lprintfs("eax=%08lx ebx=%08lx ecx=%08lx edx=%08lx esi=%08lx edi=%08lx\r\n",
295: GetRegValue(dp,REGEAX),
296: GetRegValue(dp,REGEBX),
297: GetRegValue(dp,REGECX),
298: GetRegValue(dp,REGEDX),
299: GetRegValue(dp,REGESI),
300: GetRegValue(dp,REGEDI));
301:
302: lprintfs("eip=%08lx esp=%08lx ebp=%08lx iopl=%1lx "
303: "%s %s %s %s %s %s %s %s %s %s\r\n",
304: GetRegValue(dp,REGEIP),
305: GetRegValue(dp,REGESP),
306: GetRegValue(dp,REGEBP),
307: GetRegFlagValue(dp,FLAGIOPL),
308: GetRegFlagValue(dp,FLAGVIP) ? "vip" : " ",
309: GetRegFlagValue(dp,FLAGVIF) ? "vif" : " ",
310: GetRegFlagValue(dp,FLAGOF) ? "ov" : "nv",
311: GetRegFlagValue(dp,FLAGDF) ? "dn" : "up",
312: GetRegFlagValue(dp,FLAGIF) ? "ei" : "di",
313: GetRegFlagValue(dp,FLAGSF) ? "ng" : "pl",
314: GetRegFlagValue(dp,FLAGZF) ? "zr" : "nz",
315: GetRegFlagValue(dp,FLAGAF) ? "ac" : "na",
316: GetRegFlagValue(dp,FLAGPF) ? "po" : "pe",
317: GetRegFlagValue(dp,FLAGCF) ? "cy" : "nc");
318: lprintfs("cs=%04lx ss=%04lx ds=%04lx es=%04lx fs=%04lx gs=%04lx"
319: " efl=%08lx\r\n",
320: GetRegValue(dp,REGCS),
321: GetRegValue(dp,REGSS),
322: GetRegValue(dp,REGDS),
323: GetRegValue(dp,REGES),
324: GetRegValue(dp,REGFS),
325: GetRegValue(dp,REGGS),
326: GetRegFlagValue(dp,REGEFL));
327: lprintfs("\r\n\r\n");
328: }
329:
330: void
331: OutputOneReg (PDEBUGPACKET dp, ULONG regnum)
332: {
333: ULONG value;
334:
335: value = GetRegFlagValue(dp,regnum);
336: if (regnum < FLAGBASE)
337: lprintfs("%08lx\r\n", value);
338: else
339: lprintfs("%lx\r\n", value);
340: }
341:
342: ULONG
343: GetDregValue (PDEBUGPACKET dp, ULONG index)
344: {
345: if (index < 4)
346: index += REGDR0;
347: else
348: index += REGDR6 - 6;
349: return GetRegValue(dp,index);
350: }
351:
352: PUCHAR
353: RegNameFromIndex (ULONG index)
354: {
355: ULONG count;
356:
357: for (count = 0; count < REGNAMESIZE; count++)
358: if (regname[count].value == index)
359: return regname[count].psz;
360: return NULL;
361: }
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.