From 6ab2ba2c40901f461829fe347439077ee36eaf37 Mon Sep 17 00:00:00 2001 From: Matthijs Lavrijsen Date: Thu, 4 Feb 2021 04:54:51 +0100 Subject: [PATCH 1/2] GUI: rename 'NtTerminateProcess' event to 'Exit Breakpoint' --- src/gui/Src/Gui/SettingsDialog.cpp | 12 ++++++------ src/gui/Src/Gui/SettingsDialog.h | 4 ++-- src/gui/Src/Gui/SettingsDialog.ui | 8 ++++---- 3 files changed, 12 insertions(+), 12 deletions(-) diff --git a/src/gui/Src/Gui/SettingsDialog.cpp b/src/gui/Src/Gui/SettingsDialog.cpp index 6c5bc26f..5f0eab97 100644 --- a/src/gui/Src/Gui/SettingsDialog.cpp +++ b/src/gui/Src/Gui/SettingsDialog.cpp @@ -56,7 +56,7 @@ void SettingsDialog::LoadSettings() settings.eventSystemBreakpoint = true; settings.eventTlsCallbacks = true; settings.eventEntryBreakpoint = true; - settings.eventNtTerminateProcess = false; + settings.eventExitBreakpoint = false; settings.engineType = DebugEngineTitanEngine; settings.engineCalcType = calc_unsigned; settings.engineBreakpointType = break_int3short; @@ -90,7 +90,7 @@ void SettingsDialog::LoadSettings() //Events tab GetSettingBool("Events", "SystemBreakpoint", &settings.eventSystemBreakpoint); - GetSettingBool("Events", "NtTerminateProcess", &settings.eventNtTerminateProcess); + GetSettingBool("Events", "NtTerminateProcess", &settings.eventExitBreakpoint); GetSettingBool("Events", "TlsCallbacks", &settings.eventTlsCallbacks); GetSettingBool("Events", "TlsCallbacksSystem", &settings.eventTlsCallbacksSystem); GetSettingBool("Events", "EntryBreakpoint", &settings.eventEntryBreakpoint); @@ -105,7 +105,7 @@ void SettingsDialog::LoadSettings() GetSettingBool("Events", "ThreadEnd", &settings.eventThreadEnd); GetSettingBool("Events", "DebugStrings", &settings.eventDebugStrings); ui->chkSystemBreakpoint->setCheckState(bool2check(settings.eventSystemBreakpoint)); - ui->chkNtTerminateProcess->setCheckState(bool2check(settings.eventNtTerminateProcess)); + ui->chkExitBreakpoint->setCheckState(bool2check(settings.eventExitBreakpoint)); ui->chkTlsCallbacks->setCheckState(bool2check(settings.eventTlsCallbacks)); ui->chkTlsCallbacksSystem->setCheckState(bool2check(settings.eventTlsCallbacksSystem)); ui->chkEntryBreakpoint->setCheckState(bool2check(settings.eventEntryBreakpoint)); @@ -389,7 +389,7 @@ void SettingsDialog::SaveSettings() { //Events tab BridgeSettingSetUint("Events", "SystemBreakpoint", settings.eventSystemBreakpoint); - BridgeSettingSetUint("Events", "NtTerminateProcess", settings.eventNtTerminateProcess); + BridgeSettingSetUint("Events", "NtTerminateProcess", settings.eventExitBreakpoint); BridgeSettingSetUint("Events", "TlsCallbacks", settings.eventTlsCallbacks); BridgeSettingSetUint("Events", "TlsCallbacksSystem", settings.eventTlsCallbacksSystem); BridgeSettingSetUint("Events", "EntryBreakpoint", settings.eventEntryBreakpoint); @@ -660,9 +660,9 @@ void SettingsDialog::on_chkSystemBreakpoint_stateChanged(int arg1) settings.eventSystemBreakpoint = arg1 != Qt::Unchecked; } -void SettingsDialog::on_chkNtTerminateProcess_stateChanged(int arg1) +void SettingsDialog::on_chkExitBreakpoint_stateChanged(int arg1) { - settings.eventNtTerminateProcess = arg1 != Qt::Unchecked; + settings.eventExitBreakpoint = arg1 != Qt::Unchecked; } void SettingsDialog::on_chkTlsCallbacks_stateChanged(int arg1) diff --git a/src/gui/Src/Gui/SettingsDialog.h b/src/gui/Src/Gui/SettingsDialog.h index 5e647cf7..fba7e40b 100644 --- a/src/gui/Src/Gui/SettingsDialog.h +++ b/src/gui/Src/Gui/SettingsDialog.h @@ -30,7 +30,7 @@ private slots: void on_btnSave_clicked(); //Event tab void on_chkSystemBreakpoint_stateChanged(int arg1); - void on_chkNtTerminateProcess_stateChanged(int arg1); + void on_chkExitBreakpoint_stateChanged(int arg1); void on_chkTlsCallbacks_stateChanged(int arg1); void on_chkTlsCallbacksSystem_stateChanged(int arg1); void on_chkEntryBreakpoint_stateChanged(int arg1); @@ -172,7 +172,7 @@ private: { //Event Tab bool eventSystemBreakpoint; - bool eventNtTerminateProcess; + bool eventExitBreakpoint; bool eventTlsCallbacks; bool eventTlsCallbacksSystem; bool eventEntryBreakpoint; diff --git a/src/gui/Src/Gui/SettingsDialog.ui b/src/gui/Src/Gui/SettingsDialog.ui index daa0626e..2e96af1c 100644 --- a/src/gui/Src/Gui/SettingsDialog.ui +++ b/src/gui/Src/Gui/SettingsDialog.ui @@ -40,7 +40,7 @@ Events - + Entry Breakpoint* @@ -91,10 +91,10 @@ - - + + - NtTerminateProcess* + Exit Breakpoint* From 0c81a126cacca633a3266a388ddaffabdf473fb4 Mon Sep 17 00:00:00 2001 From: Matthijs Lavrijsen Date: Thu, 4 Feb 2021 05:08:43 +0100 Subject: [PATCH 2/2] DBG: move NtTerminateProcess event from a bp to exit process callback --- src/dbg/debugger.cpp | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/src/dbg/debugger.cpp b/src/dbg/debugger.cpp index 84afb88f..749a2a81 100644 --- a/src/dbg/debugger.cpp +++ b/src/dbg/debugger.cpp @@ -1489,9 +1489,23 @@ static void cbCreateProcess(CREATE_PROCESS_DEBUG_INFO* CreateProcessInfo) static void cbExitProcess(EXIT_PROCESS_DEBUG_INFO* ExitProcess) { dprintf(QT_TRANSLATE_NOOP("DBG", "Process stopped with exit code 0x%X\n"), ExitProcess->dwExitCode); + const bool breakHere = settingboolget("Events", "NtTerminateProcess"); + if(breakHere) + { + // lock + DebugUpdateGuiSetStateAsync(GetContextDataEx(hActiveThread, UE_CIP), true); + lock(WAITID_RUN); + } + // plugin callback PLUG_CB_EXITPROCESS callbackInfo; callbackInfo.ExitProcess = ExitProcess; plugincbcall(CB_EXITPROCESS, &callbackInfo); + if(breakHere) + { + dbgsetforeground(); + dbgsetskipexceptions(false); + wait(WAITID_RUN); + } _dbg_animatestop(); // Stop animating //history dbgcleartracestate(); @@ -1756,8 +1770,6 @@ static void cbLoadDll(LOAD_DLL_DEBUG_INFO* LoadDll) cookie.HandleNtdllLoad(bIsAttached); if(settingboolget("Misc", "TransparentExceptionStepping")) exceptionDispatchAddr = DbgValFromString("ntdll:KiUserExceptionDispatcher"); - if(settingboolget("Events", "NtTerminateProcess")) // Break on NtTerminateProcess - cmddirectexec("bp ntdll.NtTerminateProcess, ss"); //set debug flags if(dwDebugFlags != 0) {