Jump to content

DBG_C_XchngOpcode

From EDM2
Revision as of 14:04, 10 March 2020 by Ak120 (talk | contribs)

Debug Command 29 - Exchange Opcode and Go Command

Parameters
  • Pid= Process ID of debuggee
  • Tid= Thread ID of thread
  • Cmd= DBG_C_XchngOpcode
  • Value= Opcode 1 for Single Step
  • Addr= Opcode 2 for Go
Returns

The sequence of operations for this Debug command is:

  1. Replace the code at the EIP (instruction pointer) with opcode 1.
  2. Single-step the thread specified by the Tid field. Do not execute other threads. If the single-step operation goes into ring 0 code, consider the single-step operation complete at the first ring 0 instruction.
  3. Replace the code at the original EIP with opcode 2.
  4. Issue a Debug Go command on all non-frozen threads.

If an exception that DosDebug is to be notified about occurs during the single-step operation of this Debug command, opcode 2 is placed at the original EIP, and DosDebug is notified of the exception. When the debugger issues the Debug Continue command, the child process continues execution.

Note
If an exception that DosDebug is not to be notified about occurs, then the DBG_C_XchngOpcode command executes as if no exception took place.

If opcode 1 and opcode 2 are identical, this Debug command executes only operations 3 and 4 above. There is no need to single-step the thread specified by the Tid field. This would be a "replace opcode and go" sequence using only one DosDebug function instead of two.

Retrieved from "https://www.edm2.com/index.php?title=DBG_C_XchngOpcode&oldid=72684"