From bf05bd32769d10450473e769c470d384f0ae6485 Mon Sep 17 00:00:00 2001 From: midipix Date: Mon, 27 May 2019 23:10:05 +0000 Subject: debug helpers: __ntapi_tt_debug_execution_flow(): initial implementation. --- include/ntapi/nt_debug.h | 25 +++++++++++++++++++++++++ include/ntapi/ntapi.h | 1 + 2 files changed, 26 insertions(+) (limited to 'include') diff --git a/include/ntapi/nt_debug.h b/include/ntapi/nt_debug.h index 5e40cba..3e11193 100644 --- a/include/ntapi/nt_debug.h +++ b/include/ntapi/nt_debug.h @@ -208,6 +208,24 @@ typedef enum _nt_dbg_fltr_type { } nt_dbg_fltr_type; +/* execution flow masks */ +#define NT_DBG_FLOW_MASK_IDLE (1 << NT_DBG_STATE_IDLE) +#define NT_DBG_FLOW_MASK_REPLY_PENDING (1 << NT_DBG_STATE_REPLY_PENDING) + +#define NT_DBG_FLOW_MASK_CREATE_THREAD (1 << NT_DBG_STATE_CREATE_THREAD) +#define NT_DBG_FLOW_MASK_CREATE_PROCESS (1 << NT_DBG_STATE_CREATE_PROCESS) + +#define NT_DBG_FLOW_MASK_EXIT_THREAD (1 << NT_DBG_STATE_EXIT_THREAD) +#define NT_DBG_FLOW_MASK_EXIT_PROCESS (1 << NT_DBG_STATE_EXIT_PROCESS) + +#define NT_DBG_FLOW_MASK_EXCEPTION (1 << NT_DBG_STATE_EXCEPTION) +#define NT_DBG_FLOW_MASK_BREAKPOINT (1 << NT_DBG_STATE_BREAKPOINT) +#define NT_DBG_FLOW_MASK_SINGLE_STEP (1 << NT_DBG_STATE_SINGLE_STEP) + +#define NT_DBG_FLOW_MASK_DLL_LOAD (1 << NT_DBG_STATE_DLL_LOAD) +#define NT_DBG_FLOW_MASK_DLL_UNLOAD (1 << NT_DBG_STATE_DLL_UNLOAD) + + /* debug events */ typedef struct _nt_dbg_km_thread_exit { int32_t exit_status; @@ -321,4 +339,11 @@ typedef int32_t __stdcall ntapi_tt_create_attach_debug_object( __in void * hprocess, __in uint32_t flags); +typedef int32_t __stdcall ntapi_tt_debug_execution_flow( + __in void * hdbgobj, + __in void * hserver, + __in void * hlogfile, + __in uint32_t evtmask, + __in uint64_t * nevents); + #endif diff --git a/include/ntapi/ntapi.h b/include/ntapi/ntapi.h index dc2c22e..493edb2 100644 --- a/include/ntapi/ntapi.h +++ b/include/ntapi/ntapi.h @@ -669,6 +669,7 @@ typedef struct _ntapi_vtbl { /* nt_debug.h */ ntapi_tt_create_debug_object * tt_create_debug_object; ntapi_tt_create_attach_debug_object * tt_create_attach_debug_object; + ntapi_tt_debug_execution_flow * tt_debug_execution_flow; } ntapi_vtbl; -- cgit v1.2.3