mirror of
https://github.com/Ed94/HandmadeHero.git
synced 2025-01-09 04:33:33 -08:00
923 lines
28 KiB
C
923 lines
28 KiB
C
/*
|
|
* Copyright (c) Microsoft Corporation. All rights reserved.
|
|
* Copyright (c) Arvid Gerstmann. All rights reserved.
|
|
*/
|
|
#ifndef _WINDOWS_
|
|
#ifndef WINDOWS_DBGHELP_H
|
|
#define WINDOWS_DBGHELP_H
|
|
|
|
/* Disable all warnings */
|
|
#if defined(_MSC_VER)
|
|
#pragma warning(push, 0)
|
|
#endif
|
|
|
|
#ifndef WINDOWS_BASE_H
|
|
#include "windows_base.h"
|
|
#endif
|
|
#if defined(__cplusplus)
|
|
extern "C" {
|
|
#endif
|
|
|
|
/* Exceptions: */
|
|
#define EXCEPTION_MAXIMUM_PARAMETERS 15
|
|
#define EXCEPTION_EXECUTE_HANDLER 0x1
|
|
#define EXCEPTION_CONTINUE_EXECUTION 0xFFFFFFFF
|
|
#define EXCEPTION_CONTINUE_SEARCH 0x0
|
|
|
|
#define EXCEPTION_ACCESS_VIOLATION ((DWORD)0xC0000005L)
|
|
#define EXCEPTION_DATATYPE_MISALIGNMENT ((DWORD)0x80000002L)
|
|
#define EXCEPTION_BREAKPOINT ((DWORD)0x80000003L)
|
|
#define EXCEPTION_SINGLE_STEP ((DWORD)0x80000004L)
|
|
#define EXCEPTION_ARRAY_BOUNDS_EXCEEDED ((DWORD)0xC000008CL)
|
|
#define EXCEPTION_FLT_DENORMAL_OPERAND ((DWORD)0xC000008DL)
|
|
#define EXCEPTION_FLT_DIVIDE_BY_ZERO ((DWORD)0xC000008EL)
|
|
#define EXCEPTION_FLT_INEXACT_RESULT ((DWORD)0xC000008FL)
|
|
#define EXCEPTION_FLT_INVALID_OPERATION ((DWORD)0xC0000090L)
|
|
#define EXCEPTION_FLT_OVERFLOW ((DWORD)0xC0000091L)
|
|
#define EXCEPTION_FLT_STACK_CHECK ((DWORD)0xC0000092L)
|
|
#define EXCEPTION_FLT_UNDERFLOW ((DWORD)0xC0000093L)
|
|
#define EXCEPTION_INT_DIVIDE_BY_ZERO ((DWORD)0xC0000094L)
|
|
#define EXCEPTION_INT_OVERFLOW ((DWORD)0xC0000095L)
|
|
#define EXCEPTION_PRIV_INSTRUCTION ((DWORD)0xC0000096L)
|
|
#define EXCEPTION_IN_PAGE_ERROR ((DWORD)0xC0000006L)
|
|
#define EXCEPTION_STACK_OVERFLOW ((DWORD)0xC00000FDL)
|
|
#define EXCEPTION_ILLEGAL_INSTRUCTION ((DWORD)0xC000001DL)
|
|
#define EXCEPTION_NONCONTINUABLE_EXCEPTION ((DWORD)0xC0000025L)
|
|
#define EXCEPTION_INVALID_DISPOSITION ((DWORD)0xC0000026L)
|
|
#define EXCEPTION_GUARD_PAGE ((DWORD)0x80000001L)
|
|
#define EXCEPTION_INVALID_HANDLE ((DWORD)0xC0000008L)
|
|
#define EXCEPTION_POSSIBLE_DEADLOCK ((DWORD)0xC0000194L)
|
|
#define CONTROL_C_EXIT ((DWORD)0xC000013AL)
|
|
|
|
/* User defined. */
|
|
#ifndef EXCEPTION_ASSERTION
|
|
#define EXCEPTION_ASSERTION ((DWORD)0xEF000001L)
|
|
#endif
|
|
|
|
/* Snapshotting: */
|
|
#define TH32CS_SNAPTHREAD 0x00000004
|
|
#define IMAGE_FILE_MACHINE_I386 0x014c
|
|
#define IMAGE_FILE_MACHINE_AMD64 0x8664
|
|
#define CONTEXT_AMD64 0x100000
|
|
#define CONTEXT_CONTROL (CONTEXT_AMD64 | 0x1L)
|
|
#define CONTEXT_INTEGER (CONTEXT_AMD64 | 0x2L)
|
|
#define CONTEXT_SEGMENTS (CONTEXT_AMD64 | 0x4L)
|
|
#define CONTEXT_FLOATING_POINT (CONTEXT_AMD64 | 0x8L)
|
|
#define CONTEXT_DEBUG_REGISTERS (CONTEXT_AMD64 | 0x10L)
|
|
|
|
|
|
#define CONTEXT_FULL \
|
|
(CONTEXT_CONTROL | CONTEXT_INTEGER | CONTEXT_FLOATING_POINT)
|
|
|
|
#define CONTEXT_ALL \
|
|
(CONTEXT_CONTROL |\
|
|
CONTEXT_INTEGER |\
|
|
CONTEXT_SEGMENTS |\
|
|
CONTEXT_FLOATING_POINT |\
|
|
CONTEXT_DEBUG_REGISTERS)
|
|
|
|
/* Symbol Options: */
|
|
#define SYMOPT_CASE_INSENSITIVE 0x00000001
|
|
#define SYMOPT_UNDNAME 0x00000002
|
|
#define SYMOPT_DEFERRED_LOADS 0x00000004
|
|
#define SYMOPT_NO_CPP 0x00000008
|
|
#define SYMOPT_LOAD_LINES 0x00000010
|
|
#define SYMOPT_OMAP_FIND_NEAREST 0x00000020
|
|
#define SYMOPT_LOAD_ANYTHING 0x00000040
|
|
#define SYMOPT_IGNORE_CVREC 0x00000080
|
|
#define SYMOPT_NO_UNQUALIFIED_LOADS 0x00000100
|
|
#define SYMOPT_FAIL_CRITICAL_ERRORS 0x00000200
|
|
#define SYMOPT_EXACT_SYMBOLS 0x00000400
|
|
#define SYMOPT_ALLOW_ABSOLUTE_SYMBOLS 0x00000800
|
|
#define SYMOPT_IGNORE_NT_SYMPATH 0x00001000
|
|
#define SYMOPT_INCLUDE_32BIT_MODULES 0x00002000
|
|
#define SYMOPT_PUBLICS_ONLY 0x00004000
|
|
#define SYMOPT_NO_PUBLICS 0x00008000
|
|
#define SYMOPT_AUTO_PUBLICS 0x00010000
|
|
#define SYMOPT_NO_IMAGE_SEARCH 0x00020000
|
|
#define SYMOPT_SECURE 0x00040000
|
|
#define SYMOPT_NO_PROMPTS 0x00080000
|
|
#define SYMOPT_OVERWRITE 0x00100000
|
|
#define SYMOPT_IGNORE_IMAGEDIR 0x00200000
|
|
#define SYMOPT_FLAT_DIRECTORY 0x00400000
|
|
#define SYMOPT_FAVOR_COMPRESSED 0x00800000
|
|
#define SYMOPT_ALLOW_ZERO_ADDRESS 0x01000000
|
|
#define SYMOPT_DISABLE_SYMSRV_AUTODETECT 0x02000000
|
|
|
|
#define SYMOPT_DEBUG 0x80000000
|
|
|
|
enum SymTagEnum {
|
|
SymTagNull,
|
|
SymTagExe,
|
|
SymTagCompiland,
|
|
SymTagCompilandDetails,
|
|
SymTagCompilandEnv,
|
|
SymTagFunction,
|
|
SymTagBlock,
|
|
SymTagData,
|
|
SymTagAnnotation,
|
|
SymTagLabel,
|
|
SymTagPublicSymbol,
|
|
SymTagUDT,
|
|
SymTagEnum,
|
|
SymTagFunctionType,
|
|
SymTagPointerType,
|
|
SymTagArrayType,
|
|
SymTagBaseType,
|
|
SymTagTypedef,
|
|
SymTagBaseClass,
|
|
SymTagFriend,
|
|
SymTagFunctionArgType,
|
|
SymTagFuncDebugStart,
|
|
SymTagFuncDebugEnd,
|
|
SymTagUsingNamespace,
|
|
SymTagVTableShape,
|
|
SymTagVTable,
|
|
SymTagCustom,
|
|
SymTagThunk,
|
|
SymTagCustomType,
|
|
SymTagManagedType,
|
|
SymTagDimension,
|
|
SymTagCallSite,
|
|
SymTagInlineSite,
|
|
SymTagBaseInterface,
|
|
SymTagVectorType,
|
|
SymTagMatrixType,
|
|
SymTagHLSLType
|
|
};
|
|
|
|
/* Thread-Information Block: */
|
|
typedef struct _NT_TIB { /* x86 / x64 */
|
|
void * ExceptionList; /* 0x0000 / 0x0000 */
|
|
void * StackBase; /* 0x0004 / 0x0008 */
|
|
void * StackLimit; /* 0x0008 / 0x0010 */
|
|
void * SubSystemTib; /* 0x000c / 0x0018 */
|
|
union {
|
|
void * FiberData; /* 0x0010 / 0x0020 */
|
|
DWORD Version; /* 0x0010 / 0x0020 */
|
|
};
|
|
void * ArbitraryUserPointer; /* 0x0014 / 0x0028 */
|
|
struct _NT_TIB *Self; /* 0x0018 / 0x0030 */
|
|
} NT_TIB, *LPNT_TIB, *PNT_TIB;
|
|
|
|
/* Exceptions: */
|
|
#if defined(_WIN64)
|
|
typedef struct DECLSPEC_ALIGN(16) _M128A {
|
|
ULONGLONG Low;
|
|
LONGLONG High;
|
|
} M128A, *PM128A;
|
|
typedef struct DECLSPEC_ALIGN(16) _XSAVE_FORMAT {
|
|
WORD ControlWord;
|
|
WORD StatusWord;
|
|
BYTE TagWord;
|
|
BYTE Reserved1;
|
|
WORD ErrorOpcode;
|
|
DWORD ErrorOffset;
|
|
WORD ErrorSelector;
|
|
WORD Reserved2;
|
|
DWORD DataOffset;
|
|
WORD DataSelector;
|
|
WORD Reserved3;
|
|
DWORD MxCsr;
|
|
DWORD MxCsr_Mask;
|
|
M128A FloatRegisters[8];
|
|
|
|
#if defined(_WIN64)
|
|
M128A XmmRegisters[16];
|
|
BYTE Reserved4[96];
|
|
#else
|
|
M128A XmmRegisters[8];
|
|
BYTE Reserved4[192];
|
|
|
|
DWORD StackControl[7];
|
|
DWORD Cr0NpxState;
|
|
#endif
|
|
} XSAVE_FORMAT, *PXSAVE_FORMAT;
|
|
typedef XSAVE_FORMAT XMM_SAVE_AREA32, *PXMM_SAVE_AREA32;
|
|
|
|
typedef struct DECLSPEC_ALIGN(16) _CONTEXT {
|
|
DWORD64 P1Home;
|
|
DWORD64 P2Home;
|
|
DWORD64 P3Home;
|
|
DWORD64 P4Home;
|
|
DWORD64 P5Home;
|
|
DWORD64 P6Home;
|
|
|
|
DWORD ContextFlags;
|
|
DWORD MxCsr;
|
|
|
|
WORD SegCs;
|
|
WORD SegDs;
|
|
WORD SegEs;
|
|
WORD SegFs;
|
|
WORD SegGs;
|
|
WORD SegSs;
|
|
DWORD EFlags;
|
|
|
|
DWORD64 Dr0;
|
|
DWORD64 Dr1;
|
|
DWORD64 Dr2;
|
|
DWORD64 Dr3;
|
|
DWORD64 Dr6;
|
|
DWORD64 Dr7;
|
|
|
|
DWORD64 Rax;
|
|
DWORD64 Rcx;
|
|
DWORD64 Rdx;
|
|
DWORD64 Rbx;
|
|
DWORD64 Rsp;
|
|
DWORD64 Rbp;
|
|
DWORD64 Rsi;
|
|
DWORD64 Rdi;
|
|
DWORD64 R8;
|
|
DWORD64 R9;
|
|
DWORD64 R10;
|
|
DWORD64 R11;
|
|
DWORD64 R12;
|
|
DWORD64 R13;
|
|
DWORD64 R14;
|
|
DWORD64 R15;
|
|
DWORD64 Rip;
|
|
|
|
union {
|
|
XMM_SAVE_AREA32 FltSave;
|
|
struct {
|
|
M128A Header[2];
|
|
M128A Legacy[8];
|
|
M128A Xmm0;
|
|
M128A Xmm1;
|
|
M128A Xmm2;
|
|
M128A Xmm3;
|
|
M128A Xmm4;
|
|
M128A Xmm5;
|
|
M128A Xmm6;
|
|
M128A Xmm7;
|
|
M128A Xmm8;
|
|
M128A Xmm9;
|
|
M128A Xmm10;
|
|
M128A Xmm11;
|
|
M128A Xmm12;
|
|
M128A Xmm13;
|
|
M128A Xmm14;
|
|
M128A Xmm15;
|
|
} DUMMYSTRUCTNAME;
|
|
} DUMMYUNIONNAME;
|
|
|
|
M128A VectorRegister[26];
|
|
DWORD64 VectorControl;
|
|
|
|
DWORD64 DebugControl;
|
|
DWORD64 LastBranchToRip;
|
|
DWORD64 LastBranchFromRip;
|
|
DWORD64 LastExceptionToRip;
|
|
DWORD64 LastExceptionFromRip;
|
|
} CONTEXT, *PCONTEXT;
|
|
typedef PCONTEXT LPCONTEXT;
|
|
#elif _WIN32
|
|
typedef struct _FLOATING_SAVE_AREA
|
|
{
|
|
ULONG ControlWord;
|
|
ULONG StatusWord;
|
|
ULONG TagWord;
|
|
ULONG ErrorOffset;
|
|
ULONG ErrorSelector;
|
|
ULONG DataOffset;
|
|
ULONG DataSelector;
|
|
UCHAR RegisterArea[80];
|
|
ULONG Cr0NpxState;
|
|
} FLOATING_SAVE_AREA, *PFLOATING_SAVE_AREA;
|
|
#define MAXIMUM_SUPPORTED_EXTENSION 512
|
|
typedef struct _CONTEXT {
|
|
DWORD ContextFlags;
|
|
DWORD Dr0;
|
|
DWORD Dr1;
|
|
DWORD Dr2;
|
|
DWORD Dr3;
|
|
DWORD Dr6;
|
|
DWORD Dr7;
|
|
|
|
FLOATING_SAVE_AREA FloatSave;
|
|
|
|
DWORD SegGs;
|
|
DWORD SegFs;
|
|
DWORD SegEs;
|
|
DWORD SegDs;
|
|
|
|
DWORD Edi;
|
|
DWORD Esi;
|
|
DWORD Ebx;
|
|
DWORD Edx;
|
|
DWORD Ecx;
|
|
DWORD Eax;
|
|
|
|
DWORD Ebp;
|
|
DWORD Eip;
|
|
DWORD SegCs;
|
|
DWORD EFlags;
|
|
DWORD Esp;
|
|
DWORD SegSs;
|
|
|
|
BYTE ExtendedRegisters[MAXIMUM_SUPPORTED_EXTENSION];
|
|
|
|
} CONTEXT, *PCONTEXT;
|
|
typedef PCONTEXT LPCONTEXT;
|
|
#endif
|
|
typedef struct _EXCEPTION_RECORD {
|
|
DWORD ExceptionCode;
|
|
DWORD ExceptionFlags;
|
|
struct _EXCEPTION_RECORD * ExceptionRecord;
|
|
PVOID ExceptionAddress;
|
|
DWORD NumberParameters;
|
|
ULONG_PTR ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS];
|
|
} EXCEPTION_RECORD, *PEXCEPTION_RECORD;
|
|
typedef struct _EXCEPTION_POINTERS {
|
|
PEXCEPTION_RECORD ExceptionRecord;
|
|
PCONTEXT ContextRecord;
|
|
} EXCEPTION_POINTERS, *PEXCEPTION_POINTERS;
|
|
typedef PEXCEPTION_POINTERS LPEXCEPTION_POINTERS;
|
|
typedef LONG (WINAPI *PTOP_LEVEL_EXCEPTION_FILTER)(
|
|
struct _EXCEPTION_POINTERS *ExceptionInfo);
|
|
typedef PTOP_LEVEL_EXCEPTION_FILTER LPTOP_LEVEL_EXCEPTION_FILTER;
|
|
typedef LONG (WINAPI *PVECTORED_EXCEPTION_HANDLER)(
|
|
struct _EXCEPTION_POINTERS *ExceptionInfo);
|
|
|
|
/* Symbols: */
|
|
typedef struct _SYMBOL_INFO {
|
|
ULONG SizeOfStruct;
|
|
ULONG TypeIndex;
|
|
ULONG64 Reserved[2];
|
|
ULONG Index;
|
|
ULONG Size;
|
|
ULONG64 ModBase;
|
|
ULONG Flags;
|
|
ULONG64 Value;
|
|
ULONG64 Address;
|
|
ULONG Register;
|
|
ULONG Scope;
|
|
ULONG Tag;
|
|
ULONG NameLen;
|
|
ULONG MaxNameLen;
|
|
CHAR Name[1];
|
|
} SYMBOL_INFO, *PSYMBOL_INFO;
|
|
|
|
typedef struct _SYMBOL_INFOW {
|
|
ULONG SizeOfStruct;
|
|
ULONG TypeIndex;
|
|
ULONG64 Reserved[2];
|
|
ULONG Index;
|
|
ULONG Size;
|
|
ULONG64 ModBase;
|
|
ULONG Flags;
|
|
ULONG64 Value;
|
|
ULONG64 Address;
|
|
ULONG Register;
|
|
ULONG Scope;
|
|
ULONG Tag;
|
|
ULONG NameLen;
|
|
ULONG MaxNameLen;
|
|
WCHAR Name[1];
|
|
} SYMBOL_INFOW, *PSYMBOL_INFOW;
|
|
|
|
typedef struct _IMAGEHLP_LINE64 {
|
|
DWORD SizeOfStruct;
|
|
PVOID Key;
|
|
DWORD LineNumber;
|
|
PCHAR FileName;
|
|
DWORD64 Address;
|
|
} IMAGEHLP_LINE64, *PIMAGEHLP_LINE64;
|
|
|
|
typedef struct _IMAGEHLP_LINEW64 {
|
|
DWORD SizeOfStruct;
|
|
PVOID Key;
|
|
DWORD LineNumber;
|
|
PWSTR FileName;
|
|
DWORD64 Address;
|
|
} IMAGEHLP_LINEW64, *PIMAGEHLP_LINEW64;
|
|
|
|
/* Thread Walking: */
|
|
typedef struct tagTHREADENTRY32 {
|
|
DWORD dwSize;
|
|
DWORD cntUsage;
|
|
DWORD th32ThreadID;
|
|
DWORD th32OwnerProcessID;
|
|
LONG tpBasePri;
|
|
LONG tpDeltaPri;
|
|
DWORD dwFlags;
|
|
} THREADENTRY32, *PTHREADENTRY32;
|
|
typedef PTHREADENTRY32 LPTHREADENTRY32;
|
|
|
|
/* Stack Walking: */
|
|
typedef enum {
|
|
AddrMode1616,
|
|
AddrMode1632,
|
|
AddrModeReal,
|
|
AddrModeFlat
|
|
} ADDRESS_MODE;
|
|
typedef struct _tagADDRESS64 {
|
|
DWORD64 Offset;
|
|
WORD Segment;
|
|
ADDRESS_MODE Mode;
|
|
} ADDRESS64, *LPADDRESS64;
|
|
typedef struct _KDHELP64 {
|
|
DWORD64 Thread;
|
|
DWORD ThCallbackStack;
|
|
DWORD ThCallbackBStore;
|
|
DWORD NextCallback;
|
|
DWORD FramePointer;
|
|
DWORD64 KiCallUserMode;
|
|
DWORD64 KeUserCallbackDispatcher;
|
|
DWORD64 SystemRangeStart;
|
|
DWORD64 KiUserExceptionDispatcher;
|
|
DWORD64 StackBase;
|
|
DWORD64 StackLimit;
|
|
DWORD64 Reserved[5];
|
|
} KDHELP64, *PKDHELP64;
|
|
typedef struct _tagSTACKFRAME64 {
|
|
ADDRESS64 AddrPC;
|
|
ADDRESS64 AddrReturn;
|
|
ADDRESS64 AddrFrame;
|
|
ADDRESS64 AddrStack;
|
|
ADDRESS64 AddrBStore;
|
|
PVOID FuncTableEntry;
|
|
DWORD64 Params[4];
|
|
BOOL Far;
|
|
BOOL Virtual;
|
|
DWORD64 Reserved[3];
|
|
KDHELP64 KdHelp;
|
|
} STACKFRAME64, *LPSTACKFRAME64;
|
|
|
|
/* Some weird stuff: */
|
|
typedef struct _LUID {
|
|
DWORD LowPart;
|
|
LONG HighPart;
|
|
} LUID, *PLUID;
|
|
#pragma pack(push,4)
|
|
typedef struct _LUID_AND_ATTRIBUTES {
|
|
LUID Luid;
|
|
DWORD Attributes;
|
|
} LUID_AND_ATTRIBUTES, *PLUID_AND_ATTRIBUTES;
|
|
#pragma pack(pop)
|
|
typedef struct _TOKEN_PRIVILEGES {
|
|
DWORD PrivilegeCount;
|
|
LUID_AND_ATTRIBUTES Privileges[1];
|
|
} TOKEN_PRIVILEGES, *PTOKEN_PRIVILEGES;
|
|
|
|
|
|
/* ========================================================================== */
|
|
/* Debugging: */
|
|
void WINAPI DebugBreak(void);
|
|
BOOL WINAPI IsDebuggerPresent(void);
|
|
BOOL WINAPI CheckRemoteDebuggerPresent(
|
|
HANDLE hProcess,
|
|
PBOOL hbDebuggerPresent);
|
|
void WINAPI OutputDebugStringA(
|
|
LPCSTR lpOutputString);
|
|
void WINAPI OutputDebugStringW(
|
|
LPCWSTR lpOutputString);
|
|
BOOL WINAPI GetThreadContext(
|
|
HANDLE hThread,
|
|
LPCONTEXT lpContext);
|
|
BOOL WINAPI DebugActiveProcess(
|
|
DWORD dwProcessId);
|
|
BOOL WINAPI DebugActiveProcessStop(
|
|
DWORD dwProcessId);
|
|
|
|
/* ========================================================================== */
|
|
/* Symbols: */
|
|
DWORD WINAPI SymSetOptions(
|
|
DWORD SymOptions);
|
|
BOOL WINAPI SymInitialize(
|
|
HANDLE hProcess,
|
|
LPCSTR UserSearchPath,
|
|
BOOL fInvadeProcess);
|
|
BOOL WINAPI SymInitializeW(
|
|
HANDLE hProcess,
|
|
LPCWSTR UserSearchPath,
|
|
BOOL fInvadeProcess);
|
|
BOOL WINAPI SymFromAddr(
|
|
HANDLE hProcess,
|
|
DWORD64 Address,
|
|
PDWORD64 Displacement,
|
|
PSYMBOL_INFO Symbol);
|
|
BOOL WINAPI SymFromAddrW(
|
|
HANDLE hProcess,
|
|
DWORD64 Address,
|
|
PDWORD64 Displacement,
|
|
PSYMBOL_INFOW Symbol);
|
|
PVOID WINAPI SymFunctionTableAccess64(
|
|
HANDLE hProcess,
|
|
DWORD64 AddrBase);
|
|
DWORD64 WINAPI SymGetModuleBase64(
|
|
HANDLE hProcess,
|
|
DWORD64 dwAddr);
|
|
typedef BOOL (*PSYM_ENUMERATESYMBOLS_CALLBACK)(
|
|
PSYMBOL_INFO pSymInfo,
|
|
ULONG SymbolSize,
|
|
PVOID UserContext
|
|
);
|
|
typedef BOOL (*PSYM_ENUMERATESYMBOLS_CALLBACKW)(
|
|
PSYMBOL_INFOW pSymInfo,
|
|
ULONG SymbolSize,
|
|
PVOID UserContext
|
|
);
|
|
BOOL WINAPI SymSearch(
|
|
HANDLE hProcess,
|
|
ULONG64 BaseOfDll,
|
|
DWORD Index,
|
|
DWORD SymTag,
|
|
LPCSTR Mask,
|
|
DWORD64 Address,
|
|
PSYM_ENUMERATESYMBOLS_CALLBACK EnumSymbolsCallback,
|
|
PVOID UserContext,
|
|
DWORD Options);
|
|
BOOL WINAPI SymSearchW(
|
|
HANDLE hProcess,
|
|
ULONG64 BaseOfDll,
|
|
DWORD Index,
|
|
DWORD SymTag,
|
|
LPCWSTR Mask,
|
|
DWORD64 Address,
|
|
PSYM_ENUMERATESYMBOLS_CALLBACKW EnumSymbolsCallback,
|
|
PVOID UserContext,
|
|
DWORD Options);
|
|
BOOL WINAPI SymRefreshModuleList(
|
|
HANDLE hProcess);
|
|
|
|
typedef BOOL (*PSYM_ENUMMODULES_CALLBACK64)(
|
|
LPCSTR ModuleName,
|
|
DWORD64 BaseOfDll,
|
|
PVOID UserContext
|
|
);
|
|
typedef BOOL (*PSYM_ENUMMODULES_CALLBACKW64)(
|
|
LPCWSTR ModuleName,
|
|
DWORD64 BaseOfDll,
|
|
PVOID UserContext
|
|
);
|
|
BOOL WINAPI SymEnumerateModules64(
|
|
HANDLE hProcess,
|
|
PSYM_ENUMMODULES_CALLBACK64 EnumModulesCallback,
|
|
PVOID UserContext
|
|
);
|
|
BOOL WINAPI SymEnumerateModulesW64(
|
|
HANDLE hProcess,
|
|
PSYM_ENUMMODULES_CALLBACKW64 EnumModulesCallback,
|
|
PVOID UserContext
|
|
);
|
|
|
|
BOOL WINAPI SymSetSearchPath(
|
|
HANDLE hProcess,
|
|
LPCSTR SearchPath);
|
|
BOOL WINAPI SymSetSearchPathW(
|
|
HANDLE hProcess,
|
|
LPCWSTR SearchPath);
|
|
|
|
BOOL WINAPI SymGetSearchPath(
|
|
HANDLE hProcess,
|
|
LPSTR SearchPath,
|
|
DWORD SearchPathLength);
|
|
BOOL WINAPI SymGetSearchPathW(
|
|
HANDLE hProcess,
|
|
LPWSTR SearchPath,
|
|
DWORD SearchPathLength);
|
|
|
|
BOOL WINAPI SymCleanup(
|
|
HANDLE hProcess);
|
|
|
|
BOOL WINAPI SymGetLineFromAddr64(
|
|
HANDLE hProcess,
|
|
DWORD64 dwAddr,
|
|
PDWORD pdwDisplacement,
|
|
PIMAGEHLP_LINE64 Line
|
|
);
|
|
|
|
BOOL WINAPI SymGetLineFromAddrW64(
|
|
HANDLE hProcess,
|
|
DWORD64 dwAddr,
|
|
PDWORD pdwDisplacement,
|
|
PIMAGEHLP_LINEW64 Line
|
|
);
|
|
|
|
/* ========================================================================== */
|
|
/* Exceptions: */
|
|
LPTOP_LEVEL_EXCEPTION_FILTER WINAPI SetUnhandledExceptionFilter(
|
|
LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter);
|
|
LONG WINAPI UnhandledExceptionFilter(
|
|
struct _EXCEPTION_POINTERS * ExceptionInfo);
|
|
|
|
PVOID WINAPI AddVectoredExceptionHandler(
|
|
ULONG FirstHandler,
|
|
PVECTORED_EXCEPTION_HANDLER VectoredHandler);
|
|
|
|
ULONG WINAPI RemoveVectoredExceptionHandler(
|
|
PVOID Handler);
|
|
|
|
#define CaptureStackBackTrace RtlCaptureStackBackTrace
|
|
USHORT WINAPI RtlCaptureStackBackTrace(
|
|
ULONG FramesToSkip,
|
|
ULONG FramesToCapture,
|
|
PVOID * BackTrace,
|
|
PULONG BackTraceHash);
|
|
void WINAPI RtlCaptureContext(
|
|
PCONTEXT ContextRecord);
|
|
void WINAPI RaiseException(
|
|
DWORD dwExceptionCode,
|
|
DWORD dwExceptionFlags,
|
|
DWORD nNumberOfArguments,
|
|
const ULONG_PTR * lpArguments);
|
|
|
|
/* ========================================================================== */
|
|
/* Thread Walking: */
|
|
HANDLE WINAPI CreateToolhelp32Snapshot(
|
|
DWORD dwFlags,
|
|
DWORD th32ProcessID);
|
|
BOOL WINAPI Thread32First(
|
|
HANDLE hSnapshot,
|
|
LPTHREADENTRY32 lpte);
|
|
BOOL WINAPI Thread32Next(
|
|
HANDLE hSnapshot,
|
|
LPTHREADENTRY32 lpte);
|
|
|
|
/* ========================================================================== */
|
|
/* Stack Walking: */
|
|
typedef BOOL (__stdcall *PREAD_PROCESS_MEMORY_ROUTINE64)(
|
|
HANDLE hProcess,
|
|
DWORD64 qwBaseAddress,
|
|
PVOID lpBuffer,
|
|
DWORD nSize,
|
|
LPDWORD lpNumberOfBytesRead);
|
|
|
|
typedef PVOID (__stdcall *PFUNCTION_TABLE_ACCESS_ROUTINE64)(
|
|
HANDLE ahProcess,
|
|
DWORD64 AddrBase);
|
|
|
|
typedef DWORD64 (__stdcall *PGET_MODULE_BASE_ROUTINE64)(
|
|
HANDLE hProcess,
|
|
DWORD64 Address);
|
|
|
|
typedef DWORD64 (__stdcall *PTRANSLATE_ADDRESS_ROUTINE64)(
|
|
HANDLE hProcess,
|
|
HANDLE hThread,
|
|
LPADDRESS64 lpaddr);
|
|
|
|
BOOL WINAPI StackWalk64(
|
|
DWORD MachineType,
|
|
HANDLE hProcess,
|
|
HANDLE hThread,
|
|
LPSTACKFRAME64 StackFrame,
|
|
PVOID ContextRecord,
|
|
PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine,
|
|
PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine,
|
|
PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine,
|
|
PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress
|
|
);
|
|
|
|
/* ========================================================================== */
|
|
/* Minidumps: */
|
|
/* == VS Version == */
|
|
typedef struct tagVS_FIXEDFILEINFO
|
|
{
|
|
DWORD dwSignature; /* e.g. 0xfeef04bd */
|
|
DWORD dwStrucVersion; /* e.g. 0x00000042 = "0.42" */
|
|
DWORD dwFileVersionMS; /* e.g. 0x00030075 = "3.75" */
|
|
DWORD dwFileVersionLS; /* e.g. 0x00000031 = "0.31" */
|
|
DWORD dwProductVersionMS; /* e.g. 0x00030010 = "3.10" */
|
|
DWORD dwProductVersionLS; /* e.g. 0x00000031 = "0.31" */
|
|
DWORD dwFileFlagsMask; /* = 0x3F for version "0.42" */
|
|
DWORD dwFileFlags; /* e.g. VFF_DEBUG | VFF_PRERELEASE */
|
|
DWORD dwFileOS; /* e.g. VOS_DOS_WINDOWS16 */
|
|
DWORD dwFileType; /* e.g. VFT_DRIVER */
|
|
DWORD dwFileSubtype; /* e.g. VFT2_DRV_KEYBOARD */
|
|
DWORD dwFileDateMS; /* e.g. 0 */
|
|
DWORD dwFileDateLS; /* e.g. 0 */
|
|
} VS_FIXEDFILEINFO;
|
|
|
|
/* == Type == */
|
|
typedef enum _MINIDUMP_TYPE {
|
|
MiniDumpNormal = 0x00000000,
|
|
MiniDumpWithDataSegs = 0x00000001,
|
|
MiniDumpWithFullMemory = 0x00000002,
|
|
MiniDumpWithHandleData = 0x00000004,
|
|
MiniDumpFilterMemory = 0x00000008,
|
|
MiniDumpScanMemory = 0x00000010,
|
|
MiniDumpWithUnloadedModules = 0x00000020,
|
|
MiniDumpWithIndirectlyReferencedMemory = 0x00000040,
|
|
MiniDumpFilterModulePaths = 0x00000080,
|
|
MiniDumpWithProcessThreadData = 0x00000100,
|
|
MiniDumpWithPrivateReadWriteMemory = 0x00000200,
|
|
MiniDumpWithoutOptionalData = 0x00000400,
|
|
MiniDumpWithFullMemoryInfo = 0x00000800,
|
|
MiniDumpWithThreadInfo = 0x00001000,
|
|
MiniDumpWithCodeSegs = 0x00002000,
|
|
MiniDumpWithoutAuxiliaryState = 0x00004000,
|
|
MiniDumpWithFullAuxiliaryState = 0x00008000,
|
|
MiniDumpWithPrivateWriteCopyMemory = 0x00010000,
|
|
MiniDumpIgnoreInaccessibleMemory = 0x00020000,
|
|
MiniDumpWithTokenInformation = 0x00040000,
|
|
MiniDumpValidTypeFlags = 0x0007ffff,
|
|
} MINIDUMP_TYPE;
|
|
|
|
/* == Exception Info == */
|
|
typedef struct _MINIDUMP_EXCEPTION_INFORMATION {
|
|
DWORD ThreadId;
|
|
PEXCEPTION_POINTERS ExceptionPointers;
|
|
BOOL ClientPointers;
|
|
} MINIDUMP_EXCEPTION_INFORMATION, *PMINIDUMP_EXCEPTION_INFORMATION;
|
|
typedef struct _MINIDUMP_EXCEPTION_INFORMATION64 {
|
|
DWORD ThreadId;
|
|
ULONG64 ExceptionRecord;
|
|
ULONG64 ContextRecord;
|
|
BOOL ClientPointers;
|
|
} MINIDUMP_EXCEPTION_INFORMATION64, *PMINIDUMP_EXCEPTION_INFORMATION64;
|
|
|
|
/* == Callback Input Hell == */
|
|
typedef struct _MINIDUMP_THREAD_CALLBACK {
|
|
ULONG ThreadId;
|
|
HANDLE ThreadHandle;
|
|
CONTEXT Context;
|
|
ULONG SizeOfContext;
|
|
ULONG64 StackBase;
|
|
ULONG64 StackEnd;
|
|
} MINIDUMP_THREAD_CALLBACK, *PMINIDUMP_THREAD_CALLBACK;
|
|
typedef struct _MINIDUMP_THREAD_EX_CALLBACK {
|
|
ULONG ThreadId;
|
|
HANDLE ThreadHandle;
|
|
CONTEXT Context;
|
|
ULONG SizeOfContext;
|
|
ULONG64 StackBase;
|
|
ULONG64 StackEnd;
|
|
ULONG64 BackingStoreBase;
|
|
ULONG64 BackingStoreEnd;
|
|
} MINIDUMP_THREAD_EX_CALLBACK, *PMINIDUMP_THREAD_EX_CALLBACK;
|
|
typedef struct _MINIDUMP_MODULE_CALLBACK {
|
|
PWCHAR FullPath;
|
|
ULONG64 BaseOfImage;
|
|
ULONG SizeOfImage;
|
|
ULONG CheckSum;
|
|
ULONG TimeDateStamp;
|
|
VS_FIXEDFILEINFO VersionInfo;
|
|
PVOID CvRecord;
|
|
ULONG SizeOfCvRecord;
|
|
PVOID MiscRecord;
|
|
ULONG SizeOfMiscRecord;
|
|
} MINIDUMP_MODULE_CALLBACK, *PMINIDUMP_MODULE_CALLBACK;
|
|
typedef struct _MINIDUMP_INCLUDE_THREAD_CALLBACK {
|
|
ULONG ThreadId;
|
|
} MINIDUMP_INCLUDE_THREAD_CALLBACK, *PMINIDUMP_INCLUDE_THREAD_CALLBACK;
|
|
typedef struct _MINIDUMP_INCLUDE_MODULE_CALLBACK {
|
|
ULONG64 BaseOfImage;
|
|
} MINIDUMP_INCLUDE_MODULE_CALLBACK, *PMINIDUMP_INCLUDE_MODULE_CALLBACK;
|
|
typedef struct _MINIDUMP_IO_CALLBACK {
|
|
HANDLE Handle;
|
|
ULONG64 Offset;
|
|
PVOID Buffer;
|
|
ULONG BufferBytes;
|
|
} MINIDUMP_IO_CALLBACK, *PMINIDUMP_IO_CALLBACK;
|
|
typedef struct _MINIDUMP_READ_MEMORY_FAILURE_CALLBACK
|
|
{
|
|
ULONG64 Offset;
|
|
ULONG Bytes;
|
|
HRESULT FailureStatus;
|
|
} MINIDUMP_READ_MEMORY_FAILURE_CALLBACK,
|
|
*PMINIDUMP_READ_MEMORY_FAILURE_CALLBACK;
|
|
typedef struct _MINIDUMP_CALLBACK_INPUT {
|
|
ULONG ProcessId;
|
|
HANDLE ProcessHandle;
|
|
ULONG CallbackType;
|
|
union {
|
|
HRESULT Status;
|
|
MINIDUMP_THREAD_CALLBACK Thread;
|
|
MINIDUMP_THREAD_EX_CALLBACK ThreadEx;
|
|
MINIDUMP_MODULE_CALLBACK Module;
|
|
MINIDUMP_INCLUDE_THREAD_CALLBACK IncludeThread;
|
|
MINIDUMP_INCLUDE_MODULE_CALLBACK IncludeModule;
|
|
MINIDUMP_IO_CALLBACK Io;
|
|
MINIDUMP_READ_MEMORY_FAILURE_CALLBACK ReadMemoryFailure;
|
|
ULONG SecondaryFlags;
|
|
};
|
|
} MINIDUMP_CALLBACK_INPUT, *PMINIDUMP_CALLBACK_INPUT;
|
|
|
|
/* == Callback Output Hell == */
|
|
typedef struct _MINIDUMP_MEMORY_INFO {
|
|
ULONG64 BaseAddress;
|
|
ULONG64 AllocationBase;
|
|
ULONG32 AllocationProtect;
|
|
ULONG32 __alignment1;
|
|
ULONG64 RegionSize;
|
|
ULONG32 State;
|
|
ULONG32 Protect;
|
|
ULONG32 Type;
|
|
ULONG32 __alignment2;
|
|
} MINIDUMP_MEMORY_INFO, *PMINIDUMP_MEMORY_INFO;
|
|
typedef struct _MINIDUMP_CALLBACK_OUTPUT {
|
|
union {
|
|
ULONG ModuleWriteFlags;
|
|
ULONG ThreadWriteFlags;
|
|
ULONG SecondaryFlags;
|
|
struct {
|
|
ULONG64 MemoryBase;
|
|
ULONG MemorySize;
|
|
};
|
|
struct {
|
|
BOOL CheckCancel;
|
|
BOOL Cancel;
|
|
};
|
|
HANDLE Handle;
|
|
struct {
|
|
MINIDUMP_MEMORY_INFO VmRegion;
|
|
BOOL Continue;
|
|
};
|
|
HRESULT Status;
|
|
};
|
|
} MINIDUMP_CALLBACK_OUTPUT, *PMINIDUMP_CALLBACK_OUTPUT;
|
|
|
|
/* == Callback Hell == */
|
|
typedef BOOL (WINAPI *MINIDUMP_CALLBACK_ROUTINE)(
|
|
PVOID CallbackParam,
|
|
PMINIDUMP_CALLBACK_INPUT CallbackInput,
|
|
PMINIDUMP_CALLBACK_OUTPUT CallbackOutput);
|
|
typedef struct _MINIDUMP_CALLBACK_INFORMATION {
|
|
MINIDUMP_CALLBACK_ROUTINE CallbackRoutine;
|
|
PVOID CallbackParam;
|
|
} MINIDUMP_CALLBACK_INFORMATION, *PMINIDUMP_CALLBACK_INFORMATION;
|
|
|
|
/* == User Stream Information == */
|
|
typedef struct _MINIDUMP_USER_STREAM {
|
|
ULONG32 Type;
|
|
ULONG BufferSize;
|
|
PVOID Buffer;
|
|
} MINIDUMP_USER_STREAM, *PMINIDUMP_USER_STREAM;
|
|
typedef struct _MINIDUMP_USER_STREAM_INFORMATION {
|
|
ULONG UserStreamCount;
|
|
PMINIDUMP_USER_STREAM UserStreamArray;
|
|
} MINIDUMP_USER_STREAM_INFORMATION, *PMINIDUMP_USER_STREAM_INFORMATION;
|
|
|
|
/* Function (all this shit above is required for this simple function). */
|
|
BOOL WINAPI MiniDumpWriteDump(
|
|
HANDLE hProcess,
|
|
DWORD ProcessId,
|
|
HANDLE hFile,
|
|
MINIDUMP_TYPE DumpType,
|
|
PMINIDUMP_EXCEPTION_INFORMATION ExceptionParam,
|
|
PMINIDUMP_USER_STREAM_INFORMATION UserStreamParam,
|
|
PMINIDUMP_CALLBACK_INFORMATION CallbackParam);
|
|
|
|
/* Priviliges: */
|
|
BOOL WINAPI OpenProcessToken (
|
|
HANDLE ProcessHandle,
|
|
DWORD DesiredAccess,
|
|
PHANDLE TokenHandle);
|
|
BOOL WINAPI LookupPrivilegeValueA(
|
|
LPCSTR lpSystemName,
|
|
LPCSTR lpName,
|
|
PLUID lpLuid);
|
|
BOOL WINAPI LookupPrivilegeValueW(
|
|
LPCWSTR lpSystemName,
|
|
LPCWSTR lpName,
|
|
PLUID lpLuid);
|
|
BOOL WINAPI AdjustTokenPrivileges(
|
|
HANDLE TokenHandle,
|
|
BOOL DisableAllPrivileges,
|
|
PTOKEN_PRIVILEGES NewState,
|
|
DWORD BufferLength,
|
|
PTOKEN_PRIVILEGES PreviousState,
|
|
PDWORD ReturnLength);
|
|
|
|
/* ========================================================================== */
|
|
/* Segment Registers: */
|
|
void __debugbreak(void);
|
|
#if _WIN64
|
|
unsigned char __readgsbyte(unsigned long Offset);
|
|
unsigned short __readgsword(unsigned long Offset);
|
|
unsigned long __readgsdword(unsigned long Offset);
|
|
unsigned __int64 __readgsqword(unsigned long Offset);
|
|
#else
|
|
unsigned char __readfsbyte(unsigned long Offset);
|
|
unsigned short __readfsword(unsigned long Offset);
|
|
unsigned long __readfsdword(unsigned long Offset);
|
|
unsigned __int64 __readfsqword(unsigned long Offset);
|
|
#endif
|
|
|
|
static NT_TIB *
|
|
GetTib(void)
|
|
{
|
|
#if _WIN64
|
|
return (NT_TIB *)__readgsqword(0x30);
|
|
#else
|
|
return (NT_TIB *)__readfsdword(0x18);
|
|
#endif
|
|
}
|
|
|
|
|
|
#if defined(__cplusplus)
|
|
}
|
|
#endif
|
|
|
|
/* Enable all warnings */
|
|
#if defined(_MSC_VER)
|
|
#pragma warning(pop)
|
|
#endif
|
|
|
|
#endif /* WINDOWS_DBGHELP_H */
|
|
#endif /* _WINDOWS_ */
|
|
|