int IDebugEventCallbacksWide.CreateThread(ulong Handle, ulong DataOffset, ulong StartOffset)
{
uint id, tid, pindex, pid;
SystemObjects.GetCurrentProcessId(out pindex);
SystemObjects.GetCurrentThreadId(out id);
SystemObjects.GetCurrentProcessSystemId(out pid);
SystemObjects.GetCurrentThreadSystemId(out tid);
Debug.Assert(tid > 0 && pid > 0);
var process = _processes.First(p => p.PID == pid);
var thread = new TargetThread(process)
{
Index = id,
TID = tid,
StartAddress = StartOffset,
Teb = DataOffset,
Handle = Handle,
ProcessIndex = pindex
};
process.AddThread(thread);
OnThreadCreated(new ThreadCreatedEventArgs(thread, process));
return((int)DEBUG_STATUS.NO_CHANGE);
}
public TargetThread GetThread()
{
return(_client.RunAsync(() => {
uint id;
if (_bp.GetMatchThreadId(out id) < 0 || id == uint.MaxValue)
{
return null;
}
return (_thread = _client.Processes.SelectMany(p => p.Threads).First(t => t.Index == id));
}).Result);
}
int IDebugEventCallbacksWide.CreateProcess(ulong ImageFileHandle, ulong Handle, ulong BaseOffset, uint ModuleSize, string ModuleName, string ImageName,
uint CheckSum, uint TimeDateStamp, ulong InitialThreadHandle, ulong ThreadDataOffset, ulong StartOffset)
{
Debug.WriteLine("IDebugEventCallbacksWide.CreateProcess");
uint id;
SystemObjects.GetCurrentProcessId(out id);
ulong peb;
SystemObjects.GetCurrentProcessPeb(out peb);
uint pid;
SystemObjects.GetCurrentProcessSystemId(out pid);
var process = new TargetProcess {
PID = pid,
hProcess = Handle,
hFile = ImageFileHandle,
BaseOffset = BaseOffset,
ModuleSize = ModuleSize,
ImageName = ImageName,
TimeStamp = DateTime.FromFileTime(TimeDateStamp),
ModuleName = ModuleName,
Index = (int)id,
Peb = peb
};
_processes.Add(process);
OnProcessCreated(process);
uint tindex, tid;
SystemObjects.GetCurrentThreadId(out tindex);
SystemObjects.GetCurrentThreadSystemId(out tid);
var thread = new TargetThread(process)
{
Index = tindex,
TID = tid,
StartAddress = StartOffset,
Teb = ThreadDataOffset,
Handle = InitialThreadHandle,
ProcessIndex = id
};
process.AddThread(thread);
OnThreadCreated(new ThreadCreatedEventArgs(thread, process));
return((int)DEBUG_STATUS.NO_CHANGE);
}
public void SetThread(TargetThread thread)
{
_client.RunAsync(() => {
uint id = uint.MaxValue;
if (thread != null)
{
_client.SystemObjects.GetThreadIdBySystemId(thread.TID, out id).ThrowIfFailed();
thread.Index = id;
}
uint oldid = uint.MaxValue;
_bp.GetMatchThreadId(out oldid);
if (oldid != id)
{
_bp.SetMatchThreadId(id);
_thread = thread;
}
}).Wait();
}
public Task <TargetThread> SetThreadExtraInfo(TargetThread thread)
{
return(RunAsync(() => {
// get extra information from the TEB
if (thread.Teb == 0)
{
return thread;
}
uint tebTypeId;
ulong ntdllModulebase;
if (SUCCEEDED(GetSymbolTypeIdWide("ntdll!_teb", out tebTypeId, out ntdllModulebase)))
{
ulong pid;
GetFieldValueInternal(ntdllModulebase, tebTypeId, "ClientId.UniqueProcess", thread.Teb, out pid);
}
return thread;
}));
}
internal ThreadExitedEventArgs(TargetThread thread, TargetProcess process)
{
Process = process;
Thread = thread;
}
internal ThreadCreatedEventArgs(TargetThread thread, TargetProcess process)
{
Thread = thread;
Process = process;
}
internal void AddThread(TargetThread thread)
{
_threads.Add(thread);
}
internal bool RemoveThread(TargetThread thread)
{
return(_threads.Remove(thread));
}
