able/windows-nt
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
windows-nt/Source/XPSP1/NT/base/ntos/kd64/i386/kdcpuapi.c

1122 lines
26 KiB
C
Raw Normal View History

Add source files
2020-09-26 03:20:57 -05:00
/*++
Copyright (c) 1990-2001 Microsoft Corporation
Module Name:
kdcpuapi.c
Abstract:
This module implements CPU specific remote debug APIs.
Author:
Mark Lucovsky (markl) 04-Sep-1990
Revision History:
24-sep-90 bryanwi
Port to the x86.
--*/
#include <stdio.h>
#include "kdp.h"
#define END_OF_CONTROL_SPACE
extern ULONG KdpCurrentSymbolStart, KdpCurrentSymbolEnd;
extern ULONG KdSpecialCalls[];
extern ULONG KdNumberOfSpecialCalls;
LONG
KdpLevelChange (
ULONG Pc,
PCONTEXT ContextRecord,
PBOOLEAN SpecialCall
);
LONG
regValue(
UCHAR reg,
PCONTEXT ContextRecord
);
BOOLEAN
KdpIsSpecialCall (
ULONG Pc,
PCONTEXT ContextRecord,
UCHAR opcode,
UCHAR ModRM
);
ULONG
KdpGetReturnAddress (
PCONTEXT ContextRecord
);
ULONG
KdpGetCallNextOffset (
ULONG Pc,
PCONTEXT ContextRecord
);
#ifdef ALLOC_PRAGMA
#pragma alloc_text(PAGEKD, KdpLevelChange)
#pragma alloc_text(PAGEKD, regValue)
#pragma alloc_text(PAGEKD, KdpIsSpecialCall)
#pragma alloc_text(PAGEKD, KdpGetReturnAddress)
#pragma alloc_text(PAGEKD, KdpSetContextState)
#pragma alloc_text(PAGEKD, KdpSetStateChange)
#pragma alloc_text(PAGEKD, KdpGetStateChange)
#pragma alloc_text(PAGEKD, KdpSysReadControlSpace)
#pragma alloc_text(PAGEKD, KdpSysWriteControlSpace)
#pragma alloc_text(PAGEKD, KdpSysReadIoSpace)
#pragma alloc_text(PAGEKD, KdpSysWriteIoSpace)
#pragma alloc_text(PAGEKD, KdpSysReadMsr)
#pragma alloc_text(PAGEKD, KdpSysWriteMsr)
#pragma alloc_text(PAGEKD, KdpGetCallNextOffset)
#endif
/**** KdpIsTryFinallyReturn - detect finally optimization
*
* Input:
* pc - program counter of instruction to check
* ContextRecord - machine specific context
*
* Output:
* returns TRUE if this is a try-finally returning to the same
* scope
***************************************************************************/
BOOLEAN
KdpIsTryFinallyReturn (
ULONG Pc,
PCONTEXT ContextRecord
)
{
ULONG retaddr;
ULONG calldisp;
UCHAR inst;
//
// The complier generates code for a try-finally that involves having
// a ret instruction that does not match with a call instruction.
// This ret never returns a value (ie, it's a c3 return and not a
// c2). It always returns into the current symbol scope. It is never
// preceeded by a leave, which (hopefully) should differentiate it
// from recursive returns. Check for this, and if we find it count
// it as *0* level change.
//
// As an optimization, the compiler will often change:
// CALL
// RET
// into:
// JMP
// In either case, we figure out the return address. It's the first 4 bytes
// on the stack.
//
if (!NT_SUCCESS(KdpCopyFromPtr(&retaddr, ContextRecord->Esp, 4, NULL))) {
return FALSE;
}
// DPRINT(( "Start %x return %x end %x\n", KdpCurrentSymbolStart, retaddr, KdpCurrentSymbolEnd ));
if ( (KdpCurrentSymbolStart < retaddr) && (retaddr < KdpCurrentSymbolEnd) ) {
//
// Well, things aren't this nice. We may have transferred but not yet
// updated the start/end. This case occurs in a call to a thunk. We
// look to see if the instruction before the return address is a call.
// Gross and not 100% reliable.
//
if (!NT_SUCCESS(KdpCopyFromPtr(&inst, (PCHAR)retaddr - 5, 1, NULL))) {
return FALSE;
}
if (!NT_SUCCESS(KdpCopyFromPtr(&calldisp, (PCHAR)retaddr - 4, 4, NULL))) {
return FALSE;
}
if (inst == 0xe8 && calldisp + retaddr == Pc) {
// DPRINT(( "call to thunk @ %x\n", Pc ));
return FALSE;
}
//
// returning to the current function. Either a finally
// or a recursive return. Check for a leave. This is not 100%
// reliable since we are betting on an instruction longer than a byte
// and not ending with 0xc9.
//
if (!NT_SUCCESS(KdpCopyFromPtr(&inst, (PCHAR)Pc - 1, 1, NULL))) {
return FALSE;
}
if ( inst != 0xc9 ) {
// not a leave. Assume a try-finally.
// DPRINT(( "transfer at %x is try-finally\n", Pc ));
return TRUE;
}
}
//
// This appears to be a true RET instruction
//
return FALSE;
}
/**** KdpLevelChange - say how the instruction affects the call level
*
* Input:
* pc - program counter of instruction to check
* ContextRecord - machine specific context
* SpecialCall - pointer to returned boolean indicating if the
* instruction is a transfer to a special routine
*
* Output:
* returns -1 for a level pop, 1 for a push and 0 if it is
* unchanged.
* NOTE: This function belongs in some other file. I should move it.
***************************************************************************/
LONG
KdpLevelChange (
ULONG Pc,
PCONTEXT ContextRecord,
PBOOLEAN SpecialCall
)
{
UCHAR membuf[2];
ULONG Addr;
membuf[0] = 0xcc;
membuf[1] = 0xcc;
KdpCopyFromPtr(membuf, Pc, 2, NULL);
switch (membuf[0]) {
case 0xe8: // CALL direct w/32 bit displacement
//
// For try/finally, the compiler may, in addition to the push/ret trick
// below, use a call to the finally thunk. Since we treat a RET to
// within the same symbol scope as not changing levels, we will also
// treat such a call as not changing levels either
//
if (!NT_SUCCESS(KdpCopyFromPtr(&Addr, (PCHAR)Pc + 1, 4, NULL))) {
Addr = 0;
} else {
Addr += Pc + 5;
}
if ((KdpCurrentSymbolStart <= Addr) && (Addr < KdpCurrentSymbolEnd)) {
*SpecialCall = FALSE;
return 0;
}
case 0x9a: // CALL segmented 16:32
*SpecialCall = KdpIsSpecialCall( Pc, ContextRecord, membuf[0], membuf[1] );
return 1;
case 0xff:
//
// This is a compound instruction. Dispatch on operation
//
switch (membuf[1] & 0x38) {
case 0x10: // CALL with mod r/m
*SpecialCall = KdpIsSpecialCall( Pc, ContextRecord, membuf[0], membuf[1] );
return 1;
case 0x20: // JMP with mod r/m
*SpecialCall = KdpIsSpecialCall( Pc, ContextRecord, membuf[0], membuf[1] );
//
// If this is a try/finally, we'd like to treat it as call since the
// return inside the destination will bring us back to this context.
// However, if it is a jmp to a special routine, we must treat it
// as a no-level change operation since we won't see the special
// routines's return.
//
// If it is not a try/finally, we'd like to treat it as a no-level
// change, unless again, it is a transfer to a special call which
// views this as a level up.
//
if (KdpIsTryFinallyReturn( Pc, ContextRecord )) {
if (*SpecialCall) {
//
// We won't see the return, so pretend it is just
// inline code
//
return 0;
} else {
//
// The destinations return will bring us back to this
// context
//
return 1;
}
} else if (*SpecialCall) {
//
// We won't see the return but we are, indeed, doing one.
//
return -1;
} else {
return 0;
}
default:
*SpecialCall = FALSE;
return 0;
}
case 0xc3: // RET
//
// If we are a try/finally ret, then we indicate that it is NOT a level
// change
//
if (KdpIsTryFinallyReturn( Pc, ContextRecord )) {
*SpecialCall = FALSE;
return 0;
}
case 0xc2: // RET w/16 bit esp change
case 0xca: // RETF w/16 bit esp change
case 0xcb: // RETF
*SpecialCall = FALSE;
return -1;
default:
*SpecialCall = FALSE;
return 0;
}
} // KdpLevelChange
LONG
regValue(
UCHAR reg,
PCONTEXT ContextRecord
)
{
switch (reg) {
case 0x0:
return(ContextRecord->Eax);
break;
case 0x1:
return(ContextRecord->Ecx);
break;
case 0x2:
return(ContextRecord->Edx);
break;
case 0x3:
return(ContextRecord->Ebx);
break;
case 0x4:
return(ContextRecord->Esp);
break;
case 0x5:
return(ContextRecord->Ebp);
break;
case 0x6:
return(ContextRecord->Esi);
break;
case 0x7:
return(ContextRecord->Edi);
break;
}
return 0;
}
BOOLEAN
KdpIsSpecialCall (
ULONG Pc,
PCONTEXT ContextRecord,
UCHAR opcode,
UCHAR modRM
)
/*++
Routine Description:
Check to see if the instruction at pc is a call to one of the
SpecialCall routines.
Argument:
Pc - program counter of instruction in question.
--*/
{
UCHAR sib;
USHORT twoBytes;
ULONG callAddr;
ULONG addrAddr;
LONG offset;
ULONG i;
char d8;
if ( opcode == 0xe8 ) {
//
// Signed offset from pc
//
if (!NT_SUCCESS(KdpCopyFromPtr(&offset, (PCHAR)Pc + 1, 4, NULL))) {
callAddr = 0;
} else {
callAddr = Pc + offset + 5; // +5 for instr len.
}
} else if ( opcode == 0xff ) {
if ( ((modRM & 0x38) != 0x10) && ((modRM & 0x38) != 0x20) ) {
// not call or jump
return FALSE;
}
if ( (modRM & 0x08) == 0x08 ) {
// m16:16 or m16:32 -- we don't handle this
return FALSE;
}
if ( (modRM & 0xc0) == 0xc0 ) {
/* Direct register addressing */
callAddr = regValue( (UCHAR)(modRM&0x7), ContextRecord );
} else if ( (modRM & 0xc7) == 0x05 ) {
//
// Calls across dll boundaries involve a call into a jump table,
// wherein the jump address is set to the real called routine at DLL
// load time. Check to see if we're calling such an instruction,
// and if so, compute its target address and set callAddr there.
//
// ff15 or ff25 -- call or jump indirect with disp32. Get
// address of address
//
if (!NT_SUCCESS(KdpCopyFromPtr(&addrAddr, (PCHAR)Pc + 2, 4, NULL))) {
callAddr = 0;
} else {
//
// Get real destination address
//
if (!NT_SUCCESS(KdpCopyFromPtr(&callAddr, addrAddr, 4, NULL))) {
callAddr = 0;
}
}
// DPRINT(( "Indirect call/jmp @ %x\n", Pc ));
} else if ( (modRM & 0x7) == 0x4 ) {
LONG indexValue;
/* sib byte present */
if (!NT_SUCCESS(KdpCopyFromPtr(&sib, (PCHAR)Pc + 2, 1, NULL))) {
sib = 0;
}
indexValue = regValue( (UCHAR)((sib & 0x31) >> 3), ContextRecord );
switch ( sib&0xc0 ) {
case 0x0: /* x1 */
break;
case 0x40:
indexValue *= 2;
break;
case 0x80:
indexValue *= 4;
break;
case 0xc0:
indexValue *= 8;
break;
} /* switch */
switch ( modRM & 0xc0 ) {
case 0x0: /* no displacement */
if ( (sib & 0x7) == 0x5 ) {
// DPRINT(("funny call #1 at %x\n", Pc));
return FALSE;
}
callAddr = indexValue + regValue((UCHAR)(sib&0x7), ContextRecord );
break;
case 0x40:
if ( (sib & 0x6) == 0x4 ) {
// DPRINT(("Funny call #2\n")); /* calling into the stack */
return FALSE;
}
if (!NT_SUCCESS(KdpCopyFromPtr( &d8, (PCHAR)Pc + 3, 1, NULL))) {
d8 = 0;
}
callAddr = indexValue + d8 +
regValue((UCHAR)(sib&0x7), ContextRecord );
break;
case 0x80:
if ( (sib & 0x6) == 0x4 ) {
// DPRINT(("Funny call #3\n")); /* calling into the stack */
return FALSE;
}
if (!NT_SUCCESS(KdpCopyFromPtr(&offset, (PCHAR)Pc + 3, 4, NULL))) {
offset = 0;
}
callAddr = indexValue + offset +
regValue((UCHAR)(sib&0x7), ContextRecord );
break;
case 0xc0:
ASSERT( FALSE );
break;
}
} else {
//KdPrint(( "undecoded call at %x\n",
// CONTEXT_TO_PROGRAM_COUNTER(ContextRecord) ));
return FALSE;
}
} else if ( opcode == 0x9a ) {
/* Absolute address call (best I can tell, cc doesn't generate this) */
if (!NT_SUCCESS(KdpCopyFromPtr( &callAddr, (PCHAR)Pc + 1, 4, NULL))) {
callAddr = 0;
}
} else {
return FALSE;
}
//
// Calls across dll boundaries involve a call into a jump table,
// wherein the jump address is set to the real called routine at DLL
// load time. Check to see if we're calling such an instruction,
// and if so, compute its target address and set callAddr there.
//
#if 0
if (!NT_SUCCESS(KdpCopyFromPtr( &twoBytes, (PCHAR)callAddr, 2, NULL))) {
twoBytes = 0;
}
if ( twoBytes == 0x25ff ) { /* i386 is little-Endian; really 0xff25 */
//
// This is a 'jmp dword ptr [mem]' instruction, which is the sort of
// jump used for a dll-boundary crossing call. Fixup callAddr.
//
if (!NT_SUCCESS(KdpCopyFromPtr( &addrAddr, (PCHAR)callAddr + 2, 4, NULL))) {
callAddr = 0;
} else if (!NT_SUCCESS(KdpCopyFromPtr( &callAddr, addrAddr, 4, NULL))) {
callAddr = 0;
}
}
#endif
for ( i = 0; i < KdNumberOfSpecialCalls; i++ ) {
if ( KdSpecialCalls[i] == callAddr ) {
return TRUE;
}
}
return FALSE;
}
/*
* Find the return address of the current function. Only works when
* locals haven't yet been pushed (ie, on the first instruction of the
* function).
*/
ULONG
KdpGetReturnAddress (
PCONTEXT ContextRecord
)
{
ULONG retaddr;
if (!NT_SUCCESS(KdpCopyFromPtr(&retaddr, ContextRecord->Esp, 4, NULL))) {
retaddr = 0;
}
return retaddr;
} // KdpGetReturnAddress
VOID
KdpSetContextState(
IN OUT PDBGKD_ANY_WAIT_STATE_CHANGE WaitStateChange,
IN PCONTEXT ContextRecord
)
{
PKPRCB Prcb;
//
// Special registers for the x86
//
Prcb = KeGetCurrentPrcb();
WaitStateChange->ControlReport.Dr6 =
Prcb->ProcessorState.SpecialRegisters.KernelDr6;
WaitStateChange->ControlReport.Dr7 =
Prcb->ProcessorState.SpecialRegisters.KernelDr7;
WaitStateChange->ControlReport.SegCs = (USHORT)(ContextRecord->SegCs);
WaitStateChange->ControlReport.SegDs = (USHORT)(ContextRecord->SegDs);
WaitStateChange->ControlReport.SegEs = (USHORT)(ContextRecord->SegEs);
WaitStateChange->ControlReport.SegFs = (USHORT)(ContextRecord->SegFs);
WaitStateChange->ControlReport.EFlags = ContextRecord->EFlags;
WaitStateChange->ControlReport.ReportFlags = X86_REPORT_INCLUDES_SEGS;
// If the current code segment is a known flat code
// segment let the debugger know so that it doesn't
// have to retrieve the descriptor.
if (ContextRecord->SegCs == KGDT_R0_CODE ||
ContextRecord->SegCs == KGDT_R3_CODE + 3) {
WaitStateChange->ControlReport.ReportFlags |= X86_REPORT_STANDARD_CS;
}
}
VOID
KdpSetStateChange(
IN OUT PDBGKD_ANY_WAIT_STATE_CHANGE WaitStateChange,
IN PEXCEPTION_RECORD ExceptionRecord,
IN PCONTEXT ContextRecord,
IN BOOLEAN SecondChance
)
/*++
Routine Description:
Fill in the Wait_State_Change message record.
Arguments:
WaitStateChange - Supplies pointer to record to fill in
ExceptionRecord - Supplies a pointer to an exception record.
ContextRecord - Supplies a pointer to a context record.
SecondChance - Supplies a boolean value that determines whether this is
the first or second chance for the exception.
Return Value:
None.
--*/
{
KdpSetContextState(WaitStateChange, ContextRecord);
}
VOID
KdpGetStateChange(
IN PDBGKD_MANIPULATE_STATE64 ManipulateState,
IN PCONTEXT ContextRecord
)
/*++
Routine Description:
Extract continuation control data from Manipulate_State message
Arguments:
ManipulateState - supplies pointer to Manipulate_State packet
ContextRecord - Supplies a pointer to a context record.
Return Value:
None.
--*/
{
PKPRCB Prcb;
ULONG Processor;
if (NT_SUCCESS(ManipulateState->u.Continue2.ContinueStatus) == TRUE) {
//
// If NT_SUCCESS returns TRUE, then the debugger is doing a
// continue, and it makes sense to apply control changes.
// Otherwise the debugger is saying that it doesn't know what
// to do with this exception, so control values are ignored.
//
if (ManipulateState->u.Continue2.ControlSet.TraceFlag == TRUE) {
ContextRecord->EFlags |= 0x100L;
} else {
ContextRecord->EFlags &= ~0x100L;
}
for (Processor = 0; Processor < (ULONG)KeNumberProcessors; Processor++) {
Prcb = KiProcessorBlock[Processor];
Prcb->ProcessorState.SpecialRegisters.KernelDr7 =
ManipulateState->u.Continue2.ControlSet.Dr7;
Prcb->ProcessorState.SpecialRegisters.KernelDr6 = 0L;
}
if (ManipulateState->u.Continue2.ControlSet.CurrentSymbolStart != 1) {
KdpCurrentSymbolStart = ManipulateState->u.Continue2.ControlSet.CurrentSymbolStart;
KdpCurrentSymbolEnd = ManipulateState->u.Continue2.ControlSet.CurrentSymbolEnd;
}
}
}
NTSTATUS
KdpSysReadControlSpace(
ULONG Processor,
ULONG64 Address,
PVOID Buffer,
ULONG Request,
PULONG Actual
)
/*++
Routine Description:
Reads implementation specific system data.
IMPLEMENTATION NOTE:
On the X86, control space is defined as follows:
0: Base of KPROCESSOR_STATE structure. (KPRCB.ProcessorState)
This includes CONTEXT record,
followed by a SPECIAL_REGISTERs record
Arguments:
Processor - Processor's information to access.
Address - Offset in control space.
Buffer - Data buffer.
Request - Amount of data to move.
Actual - Amount of data actually moved.
Return Value:
NTSTATUS.
--*/
{
ULONG Length, t;
PVOID StartAddr;
NTSTATUS Status;
Length = Request;
if ((Address < sizeof(KPROCESSOR_STATE)) &&
(Processor < (ULONG)KeNumberProcessors)) {
t = (ULONG)(sizeof(KPROCESSOR_STATE)) - (ULONG)Address;
if (t < Length) {
Length = t;
}
StartAddr = (PVOID)
((ULONG)Address +
(ULONG)&(KiProcessorBlock[Processor]->ProcessorState));
Status = KdpCopyToPtr(Buffer,
StartAddr,
Length,
Actual);
} else {
Status = STATUS_UNSUCCESSFUL;
*Actual = 0;
}
return Status;
}
NTSTATUS
KdpSysWriteControlSpace(
ULONG Processor,
ULONG64 Address,
PVOID Buffer,
ULONG Request,
PULONG Actual
)
/*++
Routine Description:
Writes implementation specific system data.
Control space for x86 is as defined above.
Arguments:
Processor - Processor's information to access.
Address - Offset in control space.
Buffer - Data buffer.
Request - Amount of data to move.
Actual - Amount of data actually moved.
Return Value:
NTSTATUS.
--*/
{
ULONG Length;
PVOID StartAddr;
NTSTATUS Status;
if (((Address + Request) <= sizeof(KPROCESSOR_STATE)) &&
(Processor < (ULONG)KeNumberProcessors)) {
StartAddr = (PVOID)
((ULONG)Address +
(ULONG)&(KiProcessorBlock[Processor]->ProcessorState));
Status = KdpCopyFromPtr(StartAddr,
Buffer,
Request,
Actual);
} else {
Status = STATUS_UNSUCCESSFUL;
*Actual = 0;
}
return Status;
}
NTSTATUS
KdpSysReadIoSpace(
INTERFACE_TYPE InterfaceType,
ULONG BusNumber,
ULONG AddressSpace,
ULONG64 Address,
PVOID Buffer,
ULONG Request,
PULONG Actual
)
/*++
Routine Description:
Reads system I/O locations.
Arguments:
InterfaceType - I/O interface type.
BusNumber - Bus number.
AddressSpace - Address space.
Address - I/O address.
Buffer - Data buffer.
Request - Amount of data to move.
Actual - Amount of data actually moved.
Return Value:
NTSTATUS.
--*/
{
NTSTATUS Status = STATUS_SUCCESS;
if (InterfaceType != Isa || BusNumber != 0 || AddressSpace != 1) {
*Actual = 0;
return STATUS_UNSUCCESSFUL;
}
//
// Check Size and Alignment
//
switch ( Request ) {
case 1:
*(PUCHAR)Buffer = READ_PORT_UCHAR((PUCHAR)(ULONG_PTR)Address);
*Actual = 1;
break;
case 2:
if ( Address & 1 ) {
Status = STATUS_DATATYPE_MISALIGNMENT;
} else {
*(PUSHORT)Buffer =
READ_PORT_USHORT((PUSHORT)(ULONG_PTR)Address);
*Actual = 2;
}
break;
case 4:
if ( Address & 3 ) {
Status = STATUS_DATATYPE_MISALIGNMENT;
} else {
*(PULONG)Buffer =
READ_PORT_ULONG((PULONG)(ULONG_PTR)Address);
*Actual = 4;
}
break;
default:
Status = STATUS_INVALID_PARAMETER;
*Actual = 0;
break;
}
return Status;
}
NTSTATUS
KdpSysWriteIoSpace(
INTERFACE_TYPE InterfaceType,
ULONG BusNumber,
ULONG AddressSpace,
ULONG64 Address,
PVOID Buffer,
ULONG Request,
PULONG Actual
)
/*++
Routine Description:
Writes system I/O locations.
Arguments:
InterfaceType - I/O interface type.
BusNumber - Bus number.
AddressSpace - Address space.
Address - I/O address.
Buffer - Data buffer.
Request - Amount of data to move.
Actual - Amount of data actually moved.
Return Value:
NTSTATUS.
--*/
{
NTSTATUS Status = STATUS_SUCCESS;
if (InterfaceType != Isa || BusNumber != 0 || AddressSpace != 1) {
*Actual = 0;
return STATUS_UNSUCCESSFUL;
}
//
// Check Size and Alignment
//
switch ( Request ) {
case 1:
WRITE_PORT_UCHAR((PUCHAR)(ULONG_PTR)Address,
*(PUCHAR)Buffer);
*Actual = 1;
break;
case 2:
if ( Address & 1 ) {
Status = STATUS_DATATYPE_MISALIGNMENT;
} else {
WRITE_PORT_USHORT((PUSHORT)(ULONG_PTR)Address,
*(PUSHORT)Buffer);
*Actual = 2;
}
break;
case 4:
if ( Address & 3 ) {
Status = STATUS_DATATYPE_MISALIGNMENT;
} else {
WRITE_PORT_ULONG((PULONG)(ULONG_PTR)Address,
*(PULONG)Buffer);
*Actual = 4;
}
break;
default:
Status = STATUS_INVALID_PARAMETER;
*Actual = 0;
break;
}
return Status;
}
NTSTATUS
KdpSysReadMsr(
ULONG Msr,
PULONG64 Data
)
/*++
Routine Description:
Reads an MSR.
Arguments:
Msr - MSR index.
Data - Data buffer.
Return Value:
NTSTATUS.
--*/
{
NTSTATUS Status = STATUS_SUCCESS;
try {
*Data = RDMSR(Msr);
} except (EXCEPTION_EXECUTE_HANDLER) {
*Data = 0;
Status = STATUS_NO_SUCH_DEVICE;
}
return Status;
}
NTSTATUS
KdpSysWriteMsr(
ULONG Msr,
PULONG64 Data
)
/*++
Routine Description:
Writes an MSR.
Arguments:
Msr - MSR index.
Data - Data buffer.
Return Value:
NTSTATUS.
--*/
{
NTSTATUS Status = STATUS_SUCCESS;
try {
WRMSR (Msr, *Data);
} except (EXCEPTION_EXECUTE_HANDLER) {
Status = STATUS_NO_SUCH_DEVICE;
}
return Status;
}
/*** KdpGetCallNextOffset - compute "next" instruction on a call-like instruction
*
* Purpose:
* Compute how many bytes are in a call-type instruction
* so that a breakpoint can be set upon this instruction's
* return. Treat indirect jmps as if they were call/ret/ret
*
* Returns:
* offset to "next" instruction, or 0 if it wasn't a call instruction.
*
*************************************************************************/
ULONG
KdpGetCallNextOffset (
ULONG Pc,
PCONTEXT ContextRecord
)
{
UCHAR membuf[2];
UCHAR opcode;
ULONG sib;
ULONG disp;
if (!NT_SUCCESS(KdpCopyFromPtr( membuf, Pc, 2, NULL ))) {
return 0;
}
opcode = membuf[0];
if ( opcode == 0xe8 ) { // CALL 32 bit disp
return Pc+5;
} else if ( opcode == 0x9a ) { // CALL 16:32
return Pc+7;
} else if ( opcode == 0xff ) {
if ( membuf[1] == 0x25) { // JMP indirect
return KdpGetReturnAddress( ContextRecord );
}
sib = ((membuf[1] & 0x07) == 0x04) ? 1 : 0;
disp = (membuf[1] & 0xc0) >> 6;
switch (disp) {
case 0:
if ( (membuf[1] & 0x07) == 0x05 ) {
disp = 4; // disp32 alone
} else {
// disp = 0; // no displacement with reg or sib
}
break;
case 1:
// disp = 1; // disp8 with reg or sib
break;
case 2:
disp = 4; // disp32 with reg or sib
break;
case 3:
disp = 0; // direct register addressing (e.g., call esi)
break;
}
return Pc + 2 + sib + disp;
}
return 0;
} // KdpGetCallNextOffset
Reference in a new issue Copy permalink