Alexandre Julliard : ntdll: Support debugger attach from a 64-bit process to a 32-bit process.

Alexandre Julliard julliard at winehq.org
Mon Jan 3 15:55:03 CST 2022 

Module: wine
Branch: master
Commit: e16ccaf05d845ea490d845d896cb284b5b00aa87
URL:    https://source.winehq.org/git/wine.git/?a=commit;h=e16ccaf05d845ea490d845d896cb284b5b00aa87

Author: Alexandre Julliard <julliard at winehq.org>
Date:   Mon Jan  3 17:32:39 2022 +0100

ntdll: Support debugger attach from a 64-bit process to a 32-bit process.

This is needed until 64-bit ntdll can be mapped in all
processes. Partial revert of 8dc6987ba5c3fdaa5baea8b00a860f62a3716c08.

Wine-Bug: https://bugs.winehq.org/show_bug.cgi?id=52157
Signed-off-by: Alexandre Julliard <julliard at winehq.org>

---

 dlls/ntdll/process.c           | 10 ++++++++++
 dlls/ntdll/tests/wow64.c       |  2 --
 dlls/ntdll/unix/loader.c       |  2 ++
 dlls/ntdll/unix/server.c       |  4 ++++
 dlls/ntdll/unix/unix_private.h |  1 +
 5 files changed, 17 insertions(+), 2 deletions(-)

diff --git a/dlls/ntdll/process.c b/dlls/ntdll/process.c
index 82b8daa47af..7b36c988e81 100644
--- a/dlls/ntdll/process.c
+++ b/dlls/ntdll/process.c
@@ -558,6 +558,16 @@ NTSTATUS WINAPI DbgUiIssueRemoteBreakin( HANDLE process )
 
     status = NtCreateThreadEx( &handle, THREAD_ALL_ACCESS, &attr, process,
                                DbgUiRemoteBreakin, NULL, 0, 0, 0, 0, NULL );
+#ifdef _WIN64
+    /* FIXME: hack for debugging 32-bit wow64 process without a 64-bit ntdll */
+    if (status == STATUS_INVALID_PARAMETER)
+    {
+        ULONG_PTR wow;
+        if (!NtQueryInformationProcess( process, ProcessWow64Information, &wow, sizeof(wow), NULL ) && wow)
+            status = NtCreateThreadEx( &handle, THREAD_ALL_ACCESS, &attr, process,
+                                       (void *)0x7ffe1000, NULL, 0, 0, 0, 0, NULL );
+    }
+#endif
     if (!status) NtClose( handle );
     return status;
 }
diff --git a/dlls/ntdll/tests/wow64.c b/dlls/ntdll/tests/wow64.c
index efe51dd507b..f5d7b08cac3 100644
--- a/dlls/ntdll/tests/wow64.c
+++ b/dlls/ntdll/tests/wow64.c
@@ -39,7 +39,6 @@ static NTSTATUS (WINAPI *pNtWow64ReadVirtualMemory64)(HANDLE,ULONG64,void*,ULONG
 static NTSTATUS (WINAPI *pNtWow64WriteVirtualMemory64)(HANDLE,ULONG64,const void *,ULONG64,ULONG64*);
 #endif
 
-static BOOL is_win64 = (sizeof(void *) > sizeof(int));
 static BOOL is_wow64;
 static void *code_mem;
 
@@ -329,7 +328,6 @@ static void test_peb_teb(void)
         }
 
         ret = DebugActiveProcess( pi.dwProcessId );
-        todo_wine_if( is_win64 )
         ok( ret, "debugging failed\n" );
         if (!ReadProcessMemory( pi.hProcess, proc_info.PebBaseAddress, &peb, sizeof(peb), &res )) res = 0;
         ok( res == sizeof(peb), "wrong len %lx\n", res );
diff --git a/dlls/ntdll/unix/loader.c b/dlls/ntdll/unix/loader.c
index 10884a7a673..96301b1654e 100644
--- a/dlls/ntdll/unix/loader.c
+++ b/dlls/ntdll/unix/loader.c
@@ -106,6 +106,7 @@ static const char so_dir[] = "/aarch64-unix";
 static const char so_dir[] = "";
 #endif
 
+void     (WINAPI *pDbgUiRemoteBreakin)( void *arg ) = NULL;
 NTSTATUS (WINAPI *pKiRaiseUserExceptionDispatcher)(void) = NULL;
 NTSTATUS (WINAPI *pKiUserExceptionDispatcher)(EXCEPTION_RECORD*,CONTEXT*) = NULL;
 void     (WINAPI *pKiUserApcDispatcher)(CONTEXT*,ULONG_PTR,ULONG_PTR,ULONG_PTR,PNTAPCFUNC) = NULL;
@@ -1046,6 +1047,7 @@ static void load_ntdll_functions( HMODULE module )
     if (!(p##name = (void *)find_named_export( module, ntdll_exports, #name ))) \
         ERR( "%s not found\n", #name )
 
+    GET_FUNC( DbgUiRemoteBreakin );
     GET_FUNC( KiRaiseUserExceptionDispatcher );
     GET_FUNC( KiUserExceptionDispatcher );
     GET_FUNC( KiUserApcDispatcher );
diff --git a/dlls/ntdll/unix/server.c b/dlls/ntdll/unix/server.c
index 6a3224d8385..9d0594d3374 100644
--- a/dlls/ntdll/unix/server.c
+++ b/dlls/ntdll/unix/server.c
@@ -534,6 +534,10 @@ static void invoke_system_apc( const apc_call_t *call, apc_result_t *result, BOO
         if (reserve == call->create_thread.reserve && commit == call->create_thread.commit &&
             (ULONG_PTR)func == call->create_thread.func && (ULONG_PTR)arg == call->create_thread.arg)
         {
+#ifndef _WIN64
+            /* FIXME: hack for debugging 32-bit process without a 64-bit ntdll */
+            if (is_wow64 && func == (void *)0x7ffe1000) func = pDbgUiRemoteBreakin;
+#endif
             attr->TotalLength = sizeof(buffer);
             attr->Attributes[0].Attribute    = PS_ATTRIBUTE_CLIENT_ID;
             attr->Attributes[0].Size         = sizeof(id);
diff --git a/dlls/ntdll/unix/unix_private.h b/dlls/ntdll/unix/unix_private.h
index 42b03cab8f6..a79edabc37c 100644
--- a/dlls/ntdll/unix/unix_private.h
+++ b/dlls/ntdll/unix/unix_private.h
@@ -92,6 +92,7 @@ static const LONG teb_offset = 0x2000;
 #define FILE_USE_FILE_POINTER_POSITION ((LONGLONG)-2)
 
 /* callbacks to PE ntdll from the Unix side */
+extern void     (WINAPI *pDbgUiRemoteBreakin)( void *arg ) DECLSPEC_HIDDEN;
 extern NTSTATUS (WINAPI *pKiRaiseUserExceptionDispatcher)(void) DECLSPEC_HIDDEN;
 extern NTSTATUS (WINAPI *pKiUserExceptionDispatcher)(EXCEPTION_RECORD*,CONTEXT*) DECLSPEC_HIDDEN;
 extern void     (WINAPI *pKiUserApcDispatcher)(CONTEXT*,ULONG_PTR,ULONG_PTR,ULONG_PTR,PNTAPCFUNC) DECLSPEC_HIDDEN;

More information about the wine-cvs mailing list