NULL);
/* Open the file */
- DPRINT1("Trying to open: %wZ\n", &FileName->Name);
Status = ZwOpenFile(&Handle,
GENERIC_READ | SYNCHRONIZE,
&ObjectAttributes,
&IoStatusBlock,
FILE_SHARE_DELETE | FILE_SHARE_READ | FILE_SHARE_WRITE,
FILE_SYNCHRONOUS_IO_NONALERT);
- DPRINT1("Status: %lx\n", Status);
/* Free the name and return the handle if we succeeded */
ExFreePool(FileName);
PAGED_CODE();
/* Make sure this isn't a deleted process */
- if (PsGetCurrentProcess()->ProcessDelete)
+ if (!PsGetCurrentProcess()->ProcessDelete)
{
/* Freeze all the threads */
KeFreezeAllThreads();
VOID
NTAPI
-DbgkCreateThread(PVOID StartAddress)
+DbgkCreateThread(IN PETHREAD Thread,
+ IN PVOID StartAddress)
{
- PETHREAD Thread = PsGetCurrentThread();
PEPROCESS Process = PsGetCurrentProcess();
ULONG ProcessFlags;
IMAGE_INFO ImageInfo;
PTEB Teb;
PAGED_CODE();
- /* Check if this process has already been notified */
- ProcessFlags = InterlockedAnd((PLONG)&Process->Flags,
- PSF_CREATE_REPORTED_BIT |
- PSF_IMAGE_NOTIFY_DONE_BIT);
+ /* Sanity check */
+ ASSERT(Thread == PsGetCurrentThread());
+
+ /* Try ORing in the create reported and image notify flags */
+ ProcessFlags = PspSetProcessFlag(Process,
+ PSF_CREATE_REPORTED_BIT |
+ PSF_IMAGE_NOTIFY_DONE_BIT);
+
+ /* Check if we were the first to set them or if another thread raced us */
if (!(ProcessFlags & PSF_IMAGE_NOTIFY_DONE_BIT) && (PsImageNotifyEnabled))
{
/* It hasn't.. set up the image info for the process */
if (!(ProcessFlags & PSF_CREATE_REPORTED_BIT))
{
/* Setup the information structure for the new thread */
- CreateThread->SubSystemKey = 0;
- CreateThread->StartAddress = NULL;
+ CreateProcess->InitialThread.SubSystemKey = 0;
+ CreateProcess->InitialThread.StartAddress = NULL;
/* And for the new process */
CreateProcess->SubSystemKey = 0;
if (NtHeader)
{
/* Fill out data from the header */
- CreateThread->StartAddress = (PVOID)((ULONG_PTR)NtHeader->
- OptionalHeader.ImageBase +
- NtHeader->OptionalHeader.
- AddressOfEntryPoint);
+ CreateProcess->InitialThread.StartAddress =
+ (PVOID)((ULONG_PTR)NtHeader->OptionalHeader.ImageBase +
+ NtHeader->OptionalHeader.AddressOfEntryPoint);
CreateProcess->DebugInfoFileOffset = NtHeader->FileHeader.
PointerToSymbolTable;
CreateProcess->DebugInfoSize = NtHeader->FileHeader.
/* Copy the system library name and link to it */
wcsncpy(Teb->StaticUnicodeBuffer,
L"ntdll.dll",
- sizeof(Teb->StaticUnicodeBuffer));
+ sizeof(Teb->StaticUnicodeBuffer) / sizeof(WCHAR));
Teb->Tib.ArbitraryUserPointer = Teb->StaticUnicodeBuffer;
/* Return it in the debug event as well */
- LoadDll->NamePointer = Teb->Tib.ArbitraryUserPointer;
+ LoadDll->NamePointer = &Teb->Tib.ArbitraryUserPointer;
}
/* Get a handle */
{
/* Otherwise, do it just for the thread */
CreateThread->SubSystemKey = 0;
- CreateThread->StartAddress = NULL;
+ CreateThread->StartAddress = StartAddress;
/* Setup the API Message */
ApiMessage.h.u1.Length = sizeof(DBGKM_MSG) << 16 |
VOID
NTAPI
-DbgkMapViewOfSection(IN HANDLE SectionHandle,
+DbgkMapViewOfSection(IN PVOID Section,
IN PVOID BaseAddress,
IN ULONG SectionOffset,
IN ULONG_PTR ViewSize)
PETHREAD Thread = PsGetCurrentThread();
PIMAGE_NT_HEADERS NtHeader;
PAGED_CODE();
+ DBGKTRACE(DBGK_PROCESS_DEBUG,
+ "Section: %p. Base: %p\n", Section, BaseAddress);
- /* Check if this thread is hidden, doesn't have a debug port, or died */
- if ((Thread->HideFromDebugger) ||
- !(Process->DebugPort) ||
- (Thread->DeadThread) ||
- (KeGetPreviousMode() == KernelMode))
+ /* Check if this thread is kernel, hidden or doesn't have a debug port */
+ if ((ExGetPreviousMode() == KernelMode) ||
+ (Thread->HideFromDebugger) ||
+ !(Process->DebugPort))
{
/* Don't notify the debugger */
return;
}
/* Setup the parameters */
- LoadDll->FileHandle = DbgkpSectionToFileHandle(SectionHandle);
+ LoadDll->FileHandle = DbgkpSectionToFileHandle(Section);
LoadDll->BaseOfDll = BaseAddress;
LoadDll->DebugInfoFileOffset = 0;
LoadDll->DebugInfoSize = 0;
PETHREAD Thread = PsGetCurrentThread();
PAGED_CODE();
- /* Check if this thread is hidden, doesn't have a debug port, or died */
- if ((Thread->HideFromDebugger) ||
- !(Process->DebugPort) ||
- (Thread->DeadThread) ||
- (KeGetPreviousMode() == KernelMode))
+ /* Check if this thread is kernel, hidden or doesn't have a debug port */
+ if ((ExGetPreviousMode() == KernelMode) ||
+ (Thread->HideFromDebugger) ||
+ !(Process->DebugPort))
{
/* Don't notify the debugger */
return;
/* Send the message */
DbgkpSendApiMessage(&ApiMessage, TRUE);
}
-
-/* EOF */