Sweden-Number/dlls/ntdll/tests/wow64.c

1119 lines
52 KiB
C

/*
* Unit test suite Wow64 functions
*
* Copyright 2021 Alexandre Julliard
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
* License as published by the Free Software Foundation; either
* version 2.1 of the License, or (at your option) any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
* Lesser General Public License for more details.
*
* You should have received a copy of the GNU Lesser General Public
* License along with this library; if not, write to the Free Software
* Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
*
*/
#include "ntdll_test.h"
static NTSTATUS (WINAPI *pNtQuerySystemInformation)(SYSTEM_INFORMATION_CLASS,void*,ULONG,ULONG*);
static NTSTATUS (WINAPI *pNtQuerySystemInformationEx)(SYSTEM_INFORMATION_CLASS,void*,ULONG,void*,ULONG,ULONG*);
static NTSTATUS (WINAPI *pRtlGetNativeSystemInformation)(SYSTEM_INFORMATION_CLASS,void*,ULONG,ULONG*);
static USHORT (WINAPI *pRtlWow64GetCurrentMachine)(void);
static NTSTATUS (WINAPI *pRtlWow64GetProcessMachines)(HANDLE,WORD*,WORD*);
static NTSTATUS (WINAPI *pRtlWow64GetThreadContext)(HANDLE,WOW64_CONTEXT*);
static NTSTATUS (WINAPI *pRtlWow64IsWowGuestMachineSupported)(USHORT,BOOLEAN*);
#ifdef _WIN64
static NTSTATUS (WINAPI *pRtlWow64GetCpuAreaInfo)(WOW64_CPURESERVED*,ULONG,WOW64_CPU_AREA_INFO*);
static NTSTATUS (WINAPI *pRtlWow64GetThreadSelectorEntry)(HANDLE,THREAD_DESCRIPTOR_INFORMATION*,ULONG,ULONG*);
#else
static NTSTATUS (WINAPI *pNtWow64AllocateVirtualMemory64)(HANDLE,ULONG64*,ULONG64,ULONG64*,ULONG,ULONG);
static NTSTATUS (WINAPI *pNtWow64GetNativeSystemInformation)(SYSTEM_INFORMATION_CLASS,void*,ULONG,ULONG*);
static NTSTATUS (WINAPI *pNtWow64ReadVirtualMemory64)(HANDLE,ULONG64,void*,ULONG64,ULONG64*);
static NTSTATUS (WINAPI *pNtWow64WriteVirtualMemory64)(HANDLE,ULONG64,const void *,ULONG64,ULONG64*);
#endif
static BOOL is_wow64;
static void *code_mem;
static void init(void)
{
HMODULE ntdll = GetModuleHandleA( "ntdll.dll" );
if (!IsWow64Process( GetCurrentProcess(), &is_wow64 )) is_wow64 = FALSE;
#define GET_PROC(func) p##func = (void *)GetProcAddress( ntdll, #func )
GET_PROC( NtQuerySystemInformation );
GET_PROC( NtQuerySystemInformationEx );
GET_PROC( RtlGetNativeSystemInformation );
GET_PROC( RtlWow64GetCurrentMachine );
GET_PROC( RtlWow64GetProcessMachines );
GET_PROC( RtlWow64GetThreadContext );
GET_PROC( RtlWow64IsWowGuestMachineSupported );
#ifdef _WIN64
GET_PROC( RtlWow64GetCpuAreaInfo );
GET_PROC( RtlWow64GetThreadSelectorEntry );
#else
GET_PROC( NtWow64AllocateVirtualMemory64 );
GET_PROC( NtWow64GetNativeSystemInformation );
GET_PROC( NtWow64ReadVirtualMemory64 );
GET_PROC( NtWow64WriteVirtualMemory64 );
#endif
#undef GET_PROC
code_mem = VirtualAlloc( NULL, 65536, MEM_RESERVE | MEM_COMMIT, PAGE_EXECUTE_READWRITE );
}
static void test_process_architecture( HANDLE process, USHORT expect_machine, USHORT expect_native )
{
NTSTATUS status;
ULONG i, len, buffer[8];
len = 0xdead;
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, &process, sizeof(process),
&buffer, sizeof(buffer), &len );
ok( !status, "failed %x\n", status );
ok( !(len & 3), "wrong len %x\n", len );
len /= sizeof(DWORD);
for (i = 0; i < len - 1; i++)
{
USHORT flags = HIWORD(buffer[i]);
USHORT machine = LOWORD(buffer[i]);
if (flags & 8)
ok( machine == expect_machine, "wrong current machine %x\n", buffer[i]);
else
ok( machine != expect_machine, "wrong machine %x\n", buffer[i]);
/* FIXME: not quite sure what the other flags mean,
* observed on amd64 Windows: (flags & 7) == 7 for MACHINE_AMD64 and 2 for MACHINE_I386
*/
if (flags & 4)
ok( machine == expect_native, "wrong native machine %x\n", buffer[i]);
else
ok( machine != expect_native, "wrong machine %x\n", buffer[i]);
}
ok( !buffer[i], "missing terminating null\n" );
len = i * sizeof(DWORD);
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, &process, sizeof(process),
&buffer, len, &len );
ok( status == STATUS_BUFFER_TOO_SMALL, "failed %x\n", status );
ok( len == (i + 1) * sizeof(DWORD), "wrong len %u\n", len );
if (pRtlWow64GetProcessMachines)
{
USHORT current = 0xdead, native = 0xbeef;
status = pRtlWow64GetProcessMachines( process, &current, &native );
ok( !status, "failed %x\n", status );
if (expect_machine == expect_native)
ok( current == 0, "wrong current machine %x / %x\n", current, expect_machine );
else
ok( current == expect_machine, "wrong current machine %x / %x\n", current, expect_machine );
ok( native == expect_native, "wrong native machine %x / %x\n", native, expect_native );
}
}
static void test_query_architectures(void)
{
#ifdef __i386__
USHORT current_machine = IMAGE_FILE_MACHINE_I386;
USHORT native_machine = is_wow64 ? IMAGE_FILE_MACHINE_AMD64 : IMAGE_FILE_MACHINE_I386;
#elif defined __x86_64__
USHORT current_machine = IMAGE_FILE_MACHINE_AMD64;
USHORT native_machine = IMAGE_FILE_MACHINE_AMD64;
#elif defined __arm__
USHORT current_machine = IMAGE_FILE_MACHINE_ARMNT;
USHORT native_machine = is_wow64 ? IMAGE_FILE_MACHINE_ARM64 : IMAGE_FILE_MACHINE_ARMNT;
#elif defined __aarch64__
USHORT current_machine = IMAGE_FILE_MACHINE_ARM64;
USHORT native_machine = IMAGE_FILE_MACHINE_ARM64;
#else
USHORT current_machine = 0;
USHORT native_machine = 0;
#endif
PROCESS_INFORMATION pi;
STARTUPINFOA si = { sizeof(si) };
NTSTATUS status;
HANDLE process;
ULONG len, buffer[8];
if (!pNtQuerySystemInformationEx) return;
process = GetCurrentProcess();
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, &process, sizeof(process),
&buffer, sizeof(buffer), &len );
if (status == STATUS_INVALID_INFO_CLASS)
{
win_skip( "SystemSupportedProcessorArchitectures not supported\n" );
return;
}
ok( !status, "failed %x\n", status );
process = (HANDLE)0xdeadbeef;
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, &process, sizeof(process),
&buffer, sizeof(buffer), &len );
ok( status == STATUS_INVALID_HANDLE, "failed %x\n", status );
process = (HANDLE)0xdeadbeef;
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, &process, 3,
&buffer, sizeof(buffer), &len );
ok( status == STATUS_INVALID_PARAMETER || broken(status == STATUS_INVALID_HANDLE),
"failed %x\n", status );
process = GetCurrentProcess();
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, &process, 3,
&buffer, sizeof(buffer), &len );
ok( status == STATUS_INVALID_PARAMETER || broken( status == STATUS_SUCCESS),
"failed %x\n", status );
status = pNtQuerySystemInformationEx( SystemSupportedProcessorArchitectures, NULL, 0,
&buffer, sizeof(buffer), &len );
ok( status == STATUS_INVALID_PARAMETER, "failed %x\n", status );
test_process_architecture( GetCurrentProcess(), current_machine, native_machine );
test_process_architecture( 0, 0, native_machine );
if (CreateProcessA( "C:\\Program Files\\Internet Explorer\\iexplore.exe", NULL, NULL, NULL,
FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ))
{
test_process_architecture( pi.hProcess, native_machine, native_machine );
TerminateProcess( pi.hProcess, 0 );
CloseHandle( pi.hProcess );
CloseHandle( pi.hThread );
}
if (CreateProcessA( "C:\\Program Files (x86)\\Internet Explorer\\iexplore.exe", NULL, NULL, NULL,
FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ))
{
test_process_architecture( pi.hProcess, IMAGE_FILE_MACHINE_I386, native_machine );
TerminateProcess( pi.hProcess, 0 );
CloseHandle( pi.hProcess );
CloseHandle( pi.hThread );
}
if (pRtlWow64GetCurrentMachine)
{
USHORT machine = pRtlWow64GetCurrentMachine();
ok( machine == current_machine, "wrong machine %x / %x\n", machine, current_machine );
}
if (pRtlWow64IsWowGuestMachineSupported)
{
BOOLEAN ret = 0xcc;
status = pRtlWow64IsWowGuestMachineSupported( IMAGE_FILE_MACHINE_I386, &ret );
ok( !status, "failed %x\n", status );
ok( ret == (native_machine == IMAGE_FILE_MACHINE_AMD64 ||
native_machine == IMAGE_FILE_MACHINE_ARM64), "wrong result %u\n", ret );
ret = 0xcc;
status = pRtlWow64IsWowGuestMachineSupported( IMAGE_FILE_MACHINE_ARMNT, &ret );
ok( !status, "failed %x\n", status );
ok( ret == (native_machine == IMAGE_FILE_MACHINE_ARM64), "wrong result %u\n", ret );
ret = 0xcc;
status = pRtlWow64IsWowGuestMachineSupported( IMAGE_FILE_MACHINE_AMD64, &ret );
ok( !status, "failed %x\n", status );
ok( !ret, "wrong result %u\n", ret );
ret = 0xcc;
status = pRtlWow64IsWowGuestMachineSupported( IMAGE_FILE_MACHINE_ARM64, &ret );
ok( !status, "failed %x\n", status );
ok( !ret, "wrong result %u\n", ret );
ret = 0xcc;
status = pRtlWow64IsWowGuestMachineSupported( 0xdead, &ret );
ok( !status, "failed %x\n", status );
ok( !ret, "wrong result %u\n", ret );
}
}
static void test_peb_teb(void)
{
PROCESS_BASIC_INFORMATION proc_info;
THREAD_BASIC_INFORMATION info;
PROCESS_INFORMATION pi;
STARTUPINFOA si = {0};
NTSTATUS status;
void *redir;
SIZE_T res;
TEB teb;
PEB peb;
TEB32 teb32;
PEB32 peb32;
RTL_USER_PROCESS_PARAMETERS params;
RTL_USER_PROCESS_PARAMETERS32 params32;
Wow64DisableWow64FsRedirection( &redir );
if (CreateProcessA( "C:\\windows\\syswow64\\notepad.exe", NULL, NULL, NULL,
FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ))
{
memset( &info, 0xcc, sizeof(info) );
status = NtQueryInformationThread( pi.hThread, ThreadBasicInformation, &info, sizeof(info), NULL );
ok( !status, "ThreadBasicInformation failed %x\n", status );
if (!ReadProcessMemory( pi.hProcess, info.TebBaseAddress, &teb, sizeof(teb), &res )) res = 0;
ok( res == sizeof(teb), "wrong len %lx\n", res );
ok( teb.Tib.Self == info.TebBaseAddress, "wrong teb %p / %p\n", teb.Tib.Self, info.TebBaseAddress );
if (is_wow64)
{
ok( !!teb.GdiBatchCount, "GdiBatchCount not set\n" );
ok( (char *)info.TebBaseAddress + teb.WowTebOffset == ULongToPtr(teb.GdiBatchCount) ||
broken(!NtCurrentTeb()->WowTebOffset), /* pre-win10 */
"wrong teb offset %d\n", teb.WowTebOffset );
}
else
{
ok( !teb.GdiBatchCount, "GdiBatchCount set\n" );
ok( teb.WowTebOffset == 0x2000 ||
broken( !teb.WowTebOffset || teb.WowTebOffset == 1 ), /* pre-win10 */
"wrong teb offset %d\n", teb.WowTebOffset );
ok( (char *)teb.Tib.ExceptionList == (char *)info.TebBaseAddress + 0x2000,
"wrong Tib.ExceptionList %p / %p\n",
(char *)teb.Tib.ExceptionList, (char *)info.TebBaseAddress + 0x2000 );
if (!ReadProcessMemory( pi.hProcess, teb.Tib.ExceptionList, &teb32, sizeof(teb32), &res )) res = 0;
ok( res == sizeof(teb32), "wrong len %lx\n", res );
ok( (char *)ULongToPtr(teb32.Peb) == (char *)teb.Peb + 0x1000 ||
broken( ULongToPtr(teb32.Peb) != teb.Peb ), /* vista */
"wrong peb %p / %p\n", ULongToPtr(teb32.Peb), teb.Peb );
}
status = NtQueryInformationProcess( pi.hProcess, ProcessBasicInformation,
&proc_info, sizeof(proc_info), NULL );
ok( !status, "ProcessBasicInformation failed %x\n", status );
ok( proc_info.PebBaseAddress == teb.Peb, "wrong peb %p / %p\n", proc_info.PebBaseAddress, teb.Peb );
if (!ReadProcessMemory( pi.hProcess, proc_info.PebBaseAddress, &peb, sizeof(peb), &res )) res = 0;
ok( res == sizeof(peb), "wrong len %lx\n", res );
ok( !peb.BeingDebugged, "BeingDebugged is %u\n", peb.BeingDebugged );
if (!is_wow64)
{
if (!ReadProcessMemory( pi.hProcess, ULongToPtr(teb32.Peb), &peb32, sizeof(peb32), &res )) res = 0;
ok( res == sizeof(peb32), "wrong len %lx\n", res );
ok( !peb32.BeingDebugged, "BeingDebugged is %u\n", peb32.BeingDebugged );
}
if (!ReadProcessMemory( pi.hProcess, peb.ProcessParameters, &params, sizeof(params), &res )) res = 0;
ok( res == sizeof(params), "wrong len %lx\n", res );
#define CHECK_STR(name) \
ok( (char *)params.name.Buffer >= (char *)peb.ProcessParameters && \
(char *)params.name.Buffer < (char *)peb.ProcessParameters + params.Size, \
"wrong " #name " ptr %p / %p-%p\n", params.name.Buffer, peb.ProcessParameters, \
(char *)peb.ProcessParameters + params.Size )
CHECK_STR( ImagePathName );
CHECK_STR( CommandLine );
CHECK_STR( WindowTitle );
CHECK_STR( Desktop );
CHECK_STR( ShellInfo );
#undef CHECK_STR
if (!is_wow64)
{
ok( peb32.ProcessParameters && ULongToPtr(peb32.ProcessParameters) != peb.ProcessParameters,
"wrong ptr32 %p / %p\n", ULongToPtr(peb32.ProcessParameters), peb.ProcessParameters );
if (!ReadProcessMemory( pi.hProcess, ULongToPtr(peb32.ProcessParameters), &params32, sizeof(params32), &res )) res = 0;
ok( res == sizeof(params32), "wrong len %lx\n", res );
#define CHECK_STR(name) \
ok( ULongToPtr(params32.name.Buffer) >= ULongToPtr(peb32.ProcessParameters) && \
ULongToPtr(params32.name.Buffer) < ULongToPtr(peb32.ProcessParameters + params32.Size), \
"wrong " #name " ptr %x / %x-%x\n", params32.name.Buffer, peb32.ProcessParameters, \
peb32.ProcessParameters + params.Size ); \
ok( params32.name.Length == params.name.Length, "wrong " #name "len %u / %u\n", \
params32.name.Length, params.name.Length )
CHECK_STR( ImagePathName );
CHECK_STR( CommandLine );
CHECK_STR( WindowTitle );
CHECK_STR( Desktop );
CHECK_STR( ShellInfo );
#undef CHECK_STR
ok( params32.EnvironmentSize == params.EnvironmentSize, "wrong size %u / %lu\n",
params32.EnvironmentSize, params.EnvironmentSize );
}
ok( DebugActiveProcess( pi.dwProcessId ), "debugging failed\n" );
if (!ReadProcessMemory( pi.hProcess, proc_info.PebBaseAddress, &peb, sizeof(peb), &res )) res = 0;
ok( res == sizeof(peb), "wrong len %lx\n", res );
ok( peb.BeingDebugged == 1, "BeingDebugged is %u\n", peb.BeingDebugged );
if (!is_wow64)
{
if (!ReadProcessMemory( pi.hProcess, ULongToPtr(teb32.Peb), &peb32, sizeof(peb32), &res )) res = 0;
ok( res == sizeof(peb32), "wrong len %lx\n", res );
ok( peb32.BeingDebugged == 1, "BeingDebugged is %u\n", peb32.BeingDebugged );
}
TerminateProcess( pi.hProcess, 0 );
CloseHandle( pi.hProcess );
CloseHandle( pi.hThread );
}
if (CreateProcessA( "C:\\windows\\system32\\notepad.exe", NULL, NULL, NULL,
FALSE, CREATE_SUSPENDED, NULL, NULL, &si, &pi ))
{
memset( &info, 0xcc, sizeof(info) );
status = NtQueryInformationThread( pi.hThread, ThreadBasicInformation, &info, sizeof(info), NULL );
ok( !status, "ThreadBasicInformation failed %x\n", status );
if (!is_wow64)
{
if (!ReadProcessMemory( pi.hProcess, info.TebBaseAddress, &teb, sizeof(teb), &res )) res = 0;
ok( res == sizeof(teb), "wrong len %lx\n", res );
ok( teb.Tib.Self == info.TebBaseAddress, "wrong teb %p / %p\n",
teb.Tib.Self, info.TebBaseAddress );
ok( !teb.GdiBatchCount, "GdiBatchCount set\n" );
ok( !teb.WowTebOffset || broken( teb.WowTebOffset == 1 ), /* vista */
"wrong teb offset %d\n", teb.WowTebOffset );
}
else ok( !info.TebBaseAddress, "got teb %p\n", info.TebBaseAddress );
status = NtQueryInformationProcess( pi.hProcess, ProcessBasicInformation,
&proc_info, sizeof(proc_info), NULL );
ok( !status, "ProcessBasicInformation failed %x\n", status );
if (is_wow64)
ok( !proc_info.PebBaseAddress ||
broken( (char *)proc_info.PebBaseAddress >= (char *)0x7f000000 ), /* vista */
"wrong peb %p\n", proc_info.PebBaseAddress );
else
ok( proc_info.PebBaseAddress == teb.Peb, "wrong peb %p / %p\n",
proc_info.PebBaseAddress, teb.Peb );
TerminateProcess( pi.hProcess, 0 );
CloseHandle( pi.hProcess );
CloseHandle( pi.hThread );
}
Wow64RevertWow64FsRedirection( redir );
#ifndef _WIN64
if (is_wow64)
{
PEB64 *peb64;
TEB64 *teb64 = (TEB64 *)NtCurrentTeb()->GdiBatchCount;
ok( !!teb64, "GdiBatchCount not set\n" );
ok( (char *)NtCurrentTeb() + NtCurrentTeb()->WowTebOffset == (char *)teb64 ||
broken(!NtCurrentTeb()->WowTebOffset), /* pre-win10 */
"wrong WowTebOffset %x (%p/%p)\n", NtCurrentTeb()->WowTebOffset, teb64, NtCurrentTeb() );
ok( (char *)teb64 + 0x2000 == (char *)NtCurrentTeb(), "unexpected diff %p / %p\n",
teb64, NtCurrentTeb() );
ok( (char *)teb64 + teb64->WowTebOffset == (char *)NtCurrentTeb() ||
broken( !teb64->WowTebOffset || teb64->WowTebOffset == 1 ), /* pre-win10 */
"wrong WowTebOffset %x (%p/%p)\n", teb64->WowTebOffset, teb64, NtCurrentTeb() );
ok( !teb64->GdiBatchCount, "GdiBatchCount set %x\n", teb64->GdiBatchCount );
ok( teb64->Tib.ExceptionList == PtrToUlong( NtCurrentTeb() ), "wrong Tib.ExceptionList %s / %p\n",
wine_dbgstr_longlong(teb64->Tib.ExceptionList), NtCurrentTeb() );
ok( teb64->Tib.Self == PtrToUlong( teb64 ), "wrong Tib.Self %s / %p\n",
wine_dbgstr_longlong(teb64->Tib.Self), teb64 );
ok( teb64->StaticUnicodeString.Buffer == PtrToUlong( teb64->StaticUnicodeBuffer ),
"wrong StaticUnicodeString %s / %p\n",
wine_dbgstr_longlong(teb64->StaticUnicodeString.Buffer), teb64->StaticUnicodeBuffer );
ok( teb64->ClientId.UniqueProcess == GetCurrentProcessId(), "wrong pid %s / %x\n",
wine_dbgstr_longlong(teb64->ClientId.UniqueProcess), GetCurrentProcessId() );
ok( teb64->ClientId.UniqueThread == GetCurrentThreadId(), "wrong tid %s / %x\n",
wine_dbgstr_longlong(teb64->ClientId.UniqueThread), GetCurrentThreadId() );
peb64 = ULongToPtr( teb64->Peb );
ok( peb64->ImageBaseAddress == PtrToUlong( NtCurrentTeb()->Peb->ImageBaseAddress ),
"wrong ImageBaseAddress %s / %p\n",
wine_dbgstr_longlong(peb64->ImageBaseAddress), NtCurrentTeb()->Peb->ImageBaseAddress);
ok( peb64->OSBuildNumber == NtCurrentTeb()->Peb->OSBuildNumber, "wrong OSBuildNumber %x / %x\n",
peb64->OSBuildNumber, NtCurrentTeb()->Peb->OSBuildNumber );
ok( peb64->OSPlatformId == NtCurrentTeb()->Peb->OSPlatformId, "wrong OSPlatformId %x / %x\n",
peb64->OSPlatformId, NtCurrentTeb()->Peb->OSPlatformId );
return;
}
#endif
ok( !NtCurrentTeb()->GdiBatchCount, "GdiBatchCount set to %x\n", NtCurrentTeb()->GdiBatchCount );
ok( !NtCurrentTeb()->WowTebOffset || broken( NtCurrentTeb()->WowTebOffset == 1 ), /* vista */
"WowTebOffset set to %x\n", NtCurrentTeb()->WowTebOffset );
}
static void test_selectors(void)
{
THREAD_DESCRIPTOR_INFORMATION info;
NTSTATUS status;
ULONG base, limit, sel, retlen;
I386_CONTEXT context = { CONTEXT_I386_CONTROL | CONTEXT_I386_SEGMENTS };
#ifdef _WIN64
if (!pRtlWow64GetThreadSelectorEntry)
{
win_skip( "RtlWow64GetThreadSelectorEntry not supported\n" );
return;
}
if (!pRtlWow64GetThreadContext || pRtlWow64GetThreadContext( GetCurrentThread(), &context ))
{
/* hardcoded values */
context.SegCs = 0x23;
#ifdef __x86_64__
__asm__( "movw %%fs,%0" : "=m" (context.SegFs) );
__asm__( "movw %%ss,%0" : "=m" (context.SegSs) );
#else
context.SegSs = 0x2b;
context.SegFs = 0x53;
#endif
}
#define GET_ENTRY(info,size,ret) \
pRtlWow64GetThreadSelectorEntry( GetCurrentThread(), info, size, ret )
#else
GetThreadContext( GetCurrentThread(), &context );
#define GET_ENTRY(info,size,ret) \
NtQueryInformationThread( GetCurrentThread(), ThreadDescriptorTableEntry, info, size, ret )
#endif
trace( "cs %04x ss %04x fs %04x\n", context.SegCs, context.SegSs, context.SegFs );
retlen = 0xdeadbeef;
info.Selector = 0;
status = GET_ENTRY( &info, sizeof(info) - 1, &retlen );
ok( status == STATUS_INFO_LENGTH_MISMATCH, "wrong status %x\n", status );
ok( retlen == 0xdeadbeef, "len set %u\n", retlen );
retlen = 0xdeadbeef;
status = GET_ENTRY( &info, sizeof(info) + 1, &retlen );
ok( status == STATUS_INFO_LENGTH_MISMATCH, "wrong status %x\n", status );
ok( retlen == 0xdeadbeef, "len set %u\n", retlen );
retlen = 0xdeadbeef;
status = GET_ENTRY( NULL, 0, &retlen );
ok( status == STATUS_INFO_LENGTH_MISMATCH, "wrong status %x\n", status );
ok( retlen == 0xdeadbeef, "len set %u\n", retlen );
status = GET_ENTRY( &info, sizeof(info), NULL );
ok( !status, "wrong status %x\n", status );
for (info.Selector = 0; info.Selector < 0x100; info.Selector++)
{
retlen = 0xdeadbeef;
status = GET_ENTRY( &info, sizeof(info), &retlen );
base = (info.Entry.BaseLow |
(info.Entry.HighWord.Bytes.BaseMid << 16) |
(info.Entry.HighWord.Bytes.BaseHi << 24));
limit = (info.Entry.LimitLow | info.Entry.HighWord.Bits.LimitHi << 16);
sel = info.Selector | 3;
if (sel == 0x03) /* null selector */
{
ok( !status, "wrong status %x\n", status );
ok( retlen == sizeof(info.Entry), "len set %u\n", retlen );
ok( !base, "wrong base %x\n", base );
ok( !limit, "wrong limit %x\n", limit );
ok( !info.Entry.HighWord.Bytes.Flags1, "wrong flags1 %x\n", info.Entry.HighWord.Bytes.Flags1 );
ok( !info.Entry.HighWord.Bytes.Flags2, "wrong flags2 %x\n", info.Entry.HighWord.Bytes.Flags2 );
}
else if (sel == context.SegCs) /* 32-bit code selector */
{
ok( !status, "wrong status %x\n", status );
ok( retlen == sizeof(info.Entry), "len set %u\n", retlen );
ok( !base, "wrong base %x\n", base );
ok( limit == 0xfffff, "wrong limit %x\n", limit );
ok( info.Entry.HighWord.Bits.Type == 0x1b, "wrong type %x\n", info.Entry.HighWord.Bits.Type );
ok( info.Entry.HighWord.Bits.Dpl == 3, "wrong dpl %x\n", info.Entry.HighWord.Bits.Dpl );
ok( info.Entry.HighWord.Bits.Pres, "wrong pres\n" );
ok( !info.Entry.HighWord.Bits.Sys, "wrong sys\n" );
ok( info.Entry.HighWord.Bits.Default_Big, "wrong big\n" );
ok( info.Entry.HighWord.Bits.Granularity, "wrong granularity\n" );
}
else if (sel == context.SegSs) /* 32-bit data selector */
{
ok( !status, "wrong status %x\n", status );
ok( retlen == sizeof(info.Entry), "len set %u\n", retlen );
ok( !base, "wrong base %x\n", base );
ok( limit == 0xfffff, "wrong limit %x\n", limit );
ok( info.Entry.HighWord.Bits.Type == 0x13, "wrong type %x\n", info.Entry.HighWord.Bits.Type );
ok( info.Entry.HighWord.Bits.Dpl == 3, "wrong dpl %x\n", info.Entry.HighWord.Bits.Dpl );
ok( info.Entry.HighWord.Bits.Pres, "wrong pres\n" );
ok( !info.Entry.HighWord.Bits.Sys, "wrong sys\n" );
ok( info.Entry.HighWord.Bits.Default_Big, "wrong big\n" );
ok( info.Entry.HighWord.Bits.Granularity, "wrong granularity\n" );
}
else if (sel == context.SegFs) /* TEB selector */
{
ok( !status, "wrong status %x\n", status );
ok( retlen == sizeof(info.Entry), "len set %u\n", retlen );
#ifdef _WIN64
if (NtCurrentTeb()->WowTebOffset == 0x2000)
ok( base == (ULONG_PTR)NtCurrentTeb() + 0x2000, "wrong base %x / %p\n",
base, NtCurrentTeb() );
#else
ok( base == (ULONG_PTR)NtCurrentTeb(), "wrong base %x / %p\n", base, NtCurrentTeb() );
#endif
ok( limit == 0xfff || broken(limit == 0x4000), /* <= win8 */
"wrong limit %x\n", limit );
ok( info.Entry.HighWord.Bits.Type == 0x13, "wrong type %x\n", info.Entry.HighWord.Bits.Type );
ok( info.Entry.HighWord.Bits.Dpl == 3, "wrong dpl %x\n", info.Entry.HighWord.Bits.Dpl );
ok( info.Entry.HighWord.Bits.Pres, "wrong pres\n" );
ok( !info.Entry.HighWord.Bits.Sys, "wrong sys\n" );
ok( info.Entry.HighWord.Bits.Default_Big, "wrong big\n" );
ok( !info.Entry.HighWord.Bits.Granularity, "wrong granularity\n" );
}
else if (!status)
{
ok( retlen == sizeof(info.Entry), "len set %u\n", retlen );
trace( "succeeded for %x base %x limit %x type %x\n",
sel, base, limit, info.Entry.HighWord.Bits.Type );
}
else
{
ok( status == STATUS_UNSUCCESSFUL ||
((sel & 4) && (status == STATUS_NO_LDT)) ||
broken( status == STATUS_ACCESS_VIOLATION), /* <= win8 */
"%x: wrong status %x\n", info.Selector, status );
ok( retlen == 0xdeadbeef, "len set %u\n", retlen );
}
}
#undef GET_ENTRY
}
#ifdef _WIN64
static void test_cpu_area(void)
{
if (pRtlWow64GetCpuAreaInfo)
{
static const struct
{
USHORT machine;
NTSTATUS expect;
ULONG align, size, offset, flag;
} tests[] =
{
{ IMAGE_FILE_MACHINE_I386, 0, 4, 0x2cc, 0x00, 0x00010000 },
{ IMAGE_FILE_MACHINE_AMD64, 0, 16, 0x4d0, 0x30, 0x00100000 },
{ IMAGE_FILE_MACHINE_ARMNT, 0, 8, 0x1a0, 0x00, 0x00200000 },
{ IMAGE_FILE_MACHINE_ARM64, 0, 16, 0x390, 0x00, 0x00400000 },
{ IMAGE_FILE_MACHINE_ARM, STATUS_INVALID_PARAMETER },
{ IMAGE_FILE_MACHINE_THUMB, STATUS_INVALID_PARAMETER },
};
USHORT buffer[2048];
WOW64_CPURESERVED *cpu;
WOW64_CPU_AREA_INFO info;
ULONG i, j;
NTSTATUS status;
#define ALIGN(ptr,align) ((void *)(((ULONG_PTR)(ptr) + (align) - 1) & ~((align) - 1)))
for (i = 0; i < ARRAY_SIZE(tests); i++)
{
for (j = 0; j < 8; j++)
{
cpu = (WOW64_CPURESERVED *)(buffer + j);
cpu->Flags = 0;
cpu->Machine = tests[i].machine;
status = pRtlWow64GetCpuAreaInfo( cpu, 0, &info );
ok( status == tests[i].expect, "%u:%u: failed %x\n", i, j, status );
if (status) continue;
ok( info.Context == ALIGN( cpu + 1, tests[i].align ), "%u:%u: wrong offset %u\n",
i, j, (ULONG)((char *)info.Context - (char *)cpu) );
ok( info.ContextEx == ALIGN( (char *)info.Context + tests[i].size, sizeof(void*) ),
"%u:%u: wrong ex offset %u\n", i, j, (ULONG)((char *)info.ContextEx - (char *)cpu) );
ok( info.ContextFlagsLocation == (char *)info.Context + tests[i].offset,
"%u:%u: wrong flags offset %u\n",
i, j, (ULONG)((char *)info.ContextFlagsLocation - (char *)info.Context) );
ok( info.CpuReserved == cpu, "%u:%u: wrong cpu %p / %p\n", info.CpuReserved, cpu );
ok( info.ContextFlag == tests[i].flag, "%u:%u: wrong flag %08x\n", i, j, info.ContextFlag );
ok( info.Machine == tests[i].machine, "%u:%u: wrong machine %x\n", i, j, info.Machine );
}
}
#undef ALIGN
}
else win_skip( "RtlWow64GetCpuAreaInfo not supported\n" );
}
#else /* _WIN64 */
static const BYTE call_func64_code[] =
{
0x58, /* pop %eax */
0x0e, /* push %cs */
0x50, /* push %eax */
0x6a, 0x33, /* push $0x33 */
0xe8, 0x00, 0x00, 0x00, 0x00, /* call 1f */
0x83, 0x04, 0x24, 0x05, /* 1: addl $0x5,(%esp) */
0xcb, /* lret */
/* in 64-bit mode: */
0x4c, 0x87, 0xf4, /* xchg %r14,%rsp */
0x55, /* push %rbp */
0x48, 0x89, 0xe5, /* mov %rsp,%rbp */
0x56, /* push %rsi */
0x57, /* push %rdi */
0x41, 0x8b, 0x4e, 0x10, /* mov 0x10(%r14),%ecx */
0x41, 0x8b, 0x76, 0x14, /* mov 0x14(%r14),%esi */
0x67, 0x8d, 0x04, 0xcd, 0, 0, 0, 0, /* lea 0x0(,%ecx,8),%eax */
0x83, 0xf8, 0x20, /* cmp $0x20,%eax */
0x7d, 0x05, /* jge 1f */
0xb8, 0x20, 0x00, 0x00, 0x00, /* mov $0x20,%eax */
0x48, 0x29, 0xc4, /* 1: sub %rax,%rsp */
0x48, 0x83, 0xe4, 0xf0, /* and $~15,%rsp */
0x48, 0x89, 0xe7, /* mov %rsp,%rdi */
0xf3, 0x48, 0xa5, /* rep movsq */
0x48, 0x8b, 0x0c, 0x24, /* mov (%rsp),%rcx */
0x48, 0x8b, 0x54, 0x24, 0x08, /* mov 0x8(%rsp),%rdx */
0x4c, 0x8b, 0x44, 0x24, 0x10, /* mov 0x10(%rsp),%r8 */
0x4c, 0x8b, 0x4c, 0x24, 0x18, /* mov 0x18(%rsp),%r9 */
0x41, 0xff, 0x56, 0x08, /* callq *0x8(%r14) */
0x48, 0x8d, 0x65, 0xf0, /* lea -0x10(%rbp),%rsp */
0x5f, /* pop %rdi */
0x5e, /* pop %rsi */
0x5d, /* pop %rbp */
0x4c, 0x87, 0xf4, /* xchg %r14,%rsp */
0xcb, /* lret */
};
static NTSTATUS call_func64( ULONG64 func64, int nb_args, ULONG64 *args )
{
NTSTATUS (WINAPI *func)( ULONG64 func64, int nb_args, ULONG64 *args ) = code_mem;
memcpy( code_mem, call_func64_code, sizeof(call_func64_code) );
return func( func64, nb_args, args );
}
static ULONG64 main_module, ntdll_module, wow64_module, wow64cpu_module, wow64win_module;
static void enum_modules64( void (*func)(ULONG64,const WCHAR *) )
{
typedef struct
{
LIST_ENTRY64 InLoadOrderLinks;
LIST_ENTRY64 InMemoryOrderLinks;
LIST_ENTRY64 InInitializationOrderLinks;
ULONG64 DllBase;
ULONG64 EntryPoint;
ULONG SizeOfImage;
UNICODE_STRING64 FullDllName;
UNICODE_STRING64 BaseDllName;
/* etc. */
} LDR_DATA_TABLE_ENTRY64;
TEB64 *teb64 = (TEB64 *)NtCurrentTeb()->GdiBatchCount;
PEB64 peb64;
ULONG64 ptr;
PEB_LDR_DATA64 ldr;
LDR_DATA_TABLE_ENTRY64 entry;
NTSTATUS status;
HANDLE process;
process = OpenProcess( PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId() );
ok( process != 0, "failed to open current process %u\n", GetLastError() );
status = pNtWow64ReadVirtualMemory64( process, teb64->Peb, &peb64, sizeof(peb64), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
todo_wine
ok( peb64.LdrData, "LdrData not initialized\n" );
if (!peb64.LdrData) goto done;
status = pNtWow64ReadVirtualMemory64( process, peb64.LdrData, &ldr, sizeof(ldr), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
ptr = ldr.InLoadOrderModuleList.Flink;
for (;;)
{
WCHAR buffer[256];
status = pNtWow64ReadVirtualMemory64( process, ptr, &entry, sizeof(entry), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
status = pNtWow64ReadVirtualMemory64( process, entry.BaseDllName.Buffer, buffer, sizeof(buffer), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
if (status) break;
func( entry.DllBase, buffer );
ptr = entry.InLoadOrderLinks.Flink;
if (ptr == peb64.LdrData + offsetof( PEB_LDR_DATA64, InLoadOrderModuleList )) break;
}
done:
NtClose( process );
}
static ULONG64 get_proc_address64( ULONG64 module, const char *name )
{
IMAGE_DOS_HEADER dos;
IMAGE_NT_HEADERS64 nt;
IMAGE_EXPORT_DIRECTORY exports;
ULONG i, *names, *funcs;
USHORT *ordinals;
NTSTATUS status;
HANDLE process;
ULONG64 ret = 0;
char buffer[64];
if (!module) return 0;
process = OpenProcess( PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId() );
ok( process != 0, "failed to open current process %u\n", GetLastError() );
status = pNtWow64ReadVirtualMemory64( process, module, &dos, sizeof(dos), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
status = pNtWow64ReadVirtualMemory64( process, module + dos.e_lfanew, &nt, sizeof(nt), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
status = pNtWow64ReadVirtualMemory64( process, module + nt.OptionalHeader.DataDirectory[IMAGE_DIRECTORY_ENTRY_EXPORT].VirtualAddress,
&exports, sizeof(exports), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
names = calloc( exports.NumberOfNames, sizeof(*names) );
ordinals = calloc( exports.NumberOfNames, sizeof(*ordinals) );
funcs = calloc( exports.NumberOfFunctions, sizeof(*funcs) );
status = pNtWow64ReadVirtualMemory64( process, module + exports.AddressOfNames,
names, exports.NumberOfNames * sizeof(*names), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
status = pNtWow64ReadVirtualMemory64( process, module + exports.AddressOfNameOrdinals,
ordinals, exports.NumberOfNames * sizeof(*ordinals), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
status = pNtWow64ReadVirtualMemory64( process, module + exports.AddressOfFunctions,
funcs, exports.NumberOfFunctions * sizeof(*funcs), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
for (i = 0; i < exports.NumberOfNames && !ret; i++)
{
status = pNtWow64ReadVirtualMemory64( process, module + names[i], buffer, sizeof(buffer), NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
if (!strcmp( buffer, name )) ret = module + funcs[ordinals[i]];
}
free( funcs );
free( ordinals );
free( names );
NtClose( process );
return ret;
}
static void check_module( ULONG64 base, const WCHAR *name )
{
if (base == (ULONG_PTR)GetModuleHandleW(0))
{
WCHAR *p, module[MAX_PATH];
GetModuleFileNameW( 0, module, MAX_PATH );
if ((p = wcsrchr( module, '\\' ))) p++;
else p = module;
ok( !wcsicmp( name, p ), "wrong name %s / %s\n", debugstr_w(name), debugstr_w(module));
main_module = base;
return;
}
#define CHECK_MODULE(mod) if (!wcsicmp( name, L"" #mod ".dll" )) { mod ## _module = base; return; }
CHECK_MODULE(ntdll);
CHECK_MODULE(wow64);
CHECK_MODULE(wow64cpu);
CHECK_MODULE(wow64win);
#undef CHECK_MODULE
ok( 0, "unknown module %s %s found\n", wine_dbgstr_longlong(base), wine_dbgstr_w(name));
}
static void test_modules(void)
{
if (!is_wow64) return;
if (!pNtWow64ReadVirtualMemory64) return;
enum_modules64( check_module );
todo_wine
{
ok( main_module, "main module not found\n" );
ok( ntdll_module, "64-bit ntdll not found\n" );
ok( wow64_module, "wow64.dll not found\n" );
ok( wow64cpu_module, "wow64cpu.dll not found\n" );
ok( wow64win_module, "wow64win.dll not found\n" );
}
}
static void test_nt_wow64(void)
{
const char str[] = "hello wow64";
char buffer[100];
NTSTATUS status;
ULONG64 res;
HANDLE process = OpenProcess( PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId() );
ok( process != 0, "failed to open current process %u\n", GetLastError() );
if (pNtWow64ReadVirtualMemory64)
{
status = pNtWow64ReadVirtualMemory64( process, (ULONG_PTR)str, buffer, sizeof(str), &res );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
ok( res == sizeof(str), "wrong size %s\n", wine_dbgstr_longlong(res) );
ok( !strcmp( buffer, str ), "wrong data %s\n", debugstr_a(buffer) );
status = pNtWow64WriteVirtualMemory64( process, (ULONG_PTR)buffer, " bye ", 5, &res );
ok( !status, "NtWow64WriteVirtualMemory64 failed %x\n", status );
ok( res == 5, "wrong size %s\n", wine_dbgstr_longlong(res) );
ok( !strcmp( buffer, " bye wow64" ), "wrong data %s\n", debugstr_a(buffer) );
/* current process pseudo-handle is broken on some Windows versions */
status = pNtWow64ReadVirtualMemory64( GetCurrentProcess(), (ULONG_PTR)str, buffer, sizeof(str), &res );
ok( !status || broken( status == STATUS_INVALID_HANDLE ),
"NtWow64ReadVirtualMemory64 failed %x\n", status );
status = pNtWow64WriteVirtualMemory64( GetCurrentProcess(), (ULONG_PTR)buffer, " bye ", 5, &res );
ok( !status || broken( status == STATUS_INVALID_HANDLE ),
"NtWow64WriteVirtualMemory64 failed %x\n", status );
}
else win_skip( "NtWow64ReadVirtualMemory64 not supported\n" );
if (pNtWow64AllocateVirtualMemory64)
{
ULONG64 ptr = 0;
ULONG64 size = 0x2345;
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 0, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE );
ok( !status, "NtWow64AllocateVirtualMemory64 failed %x\n", status );
ok( ptr, "ptr not set\n" );
ok( size == 0x3000, "size not set %s\n", wine_dbgstr_longlong(size) );
ptr += 0x1000;
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 0, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READONLY );
ok( status == STATUS_CONFLICTING_ADDRESSES, "NtWow64AllocateVirtualMemory64 failed %x\n", status );
ptr = 0;
size = 0;
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 0, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE );
ok( status == STATUS_INVALID_PARAMETER || status == STATUS_INVALID_PARAMETER_4,
"NtWow64AllocateVirtualMemory64 failed %x\n", status );
size = 0x1000;
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 22, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE );
ok( status == STATUS_INVALID_PARAMETER || status == STATUS_INVALID_PARAMETER_3,
"NtWow64AllocateVirtualMemory64 failed %x\n", status );
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 33, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE );
ok( status == STATUS_INVALID_PARAMETER || status == STATUS_INVALID_PARAMETER_3,
"NtWow64AllocateVirtualMemory64 failed %x\n", status );
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 0x3fffffff, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READWRITE );
todo_wine_if( !is_wow64 )
ok( !status, "NtWow64AllocateVirtualMemory64 failed %x\n", status );
ok( ptr < 0x40000000, "got wrong ptr %s\n", wine_dbgstr_longlong(ptr) );
if (!status && pNtWow64WriteVirtualMemory64)
{
status = pNtWow64WriteVirtualMemory64( process, ptr, str, sizeof(str), &res );
ok( !status, "NtWow64WriteVirtualMemory64 failed %x\n", status );
ok( res == sizeof(str), "wrong size %s\n", wine_dbgstr_longlong(res) );
ok( !strcmp( (char *)(ULONG_PTR)ptr, str ), "wrong data %s\n",
debugstr_a((char *)(ULONG_PTR)ptr) );
ptr = 0;
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 0, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READONLY );
ok( !status, "NtWow64AllocateVirtualMemory64 failed %x\n", status );
status = pNtWow64WriteVirtualMemory64( process, ptr, str, sizeof(str), &res );
todo_wine
ok( status == STATUS_PARTIAL_COPY || broken( status == STATUS_ACCESS_VIOLATION ),
"NtWow64WriteVirtualMemory64 failed %x\n", status );
todo_wine
ok( !res, "wrong size %s\n", wine_dbgstr_longlong(res) );
}
ptr = 0x9876543210ull;
status = pNtWow64AllocateVirtualMemory64( process, &ptr, 0, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READONLY );
todo_wine
ok( !status || broken( status == STATUS_CONFLICTING_ADDRESSES ),
"NtWow64AllocateVirtualMemory64 failed %x\n", status );
if (!status) ok( ptr == 0x9876540000ull, "wrong ptr %s\n", wine_dbgstr_longlong(ptr) );
ptr = 0;
status = pNtWow64AllocateVirtualMemory64( GetCurrentProcess(), &ptr, 0, &size,
MEM_RESERVE | MEM_COMMIT, PAGE_READONLY );
ok( !status || broken( status == STATUS_INVALID_HANDLE ),
"NtWow64AllocateVirtualMemory64 failed %x\n", status );
}
else win_skip( "NtWow64AllocateVirtualMemory64 not supported\n" );
if (pNtWow64GetNativeSystemInformation)
{
ULONG i, len;
SYSTEM_BASIC_INFORMATION sbi, sbi2, sbi3;
memset( &sbi, 0xcc, sizeof(sbi) );
status = pNtQuerySystemInformation( SystemBasicInformation, &sbi, sizeof(sbi), &len );
ok( status == STATUS_SUCCESS, "failed %x\n", status );
ok( len == sizeof(sbi), "wrong length %d\n", len );
memset( &sbi2, 0xcc, sizeof(sbi2) );
status = pRtlGetNativeSystemInformation( SystemBasicInformation, &sbi2, sizeof(sbi2), &len );
ok( status == STATUS_SUCCESS, "failed %x\n", status );
ok( len == sizeof(sbi2), "wrong length %d\n", len );
ok( sbi.HighestUserAddress == (void *)0x7ffeffff, "wrong limit %p\n", sbi.HighestUserAddress);
todo_wine_if( is_wow64 )
ok( sbi2.HighestUserAddress == (is_wow64 ? (void *)0xfffeffff : (void *)0x7ffeffff),
"wrong limit %p\n", sbi.HighestUserAddress);
memset( &sbi3, 0xcc, sizeof(sbi3) );
status = pNtWow64GetNativeSystemInformation( SystemBasicInformation, &sbi3, sizeof(sbi3), &len );
ok( status == STATUS_SUCCESS, "failed %x\n", status );
ok( len == sizeof(sbi3), "wrong length %d\n", len );
ok( !memcmp( &sbi2, &sbi3, offsetof(SYSTEM_BASIC_INFORMATION,NumberOfProcessors)+1 ),
"info is different\n" );
memset( &sbi3, 0xcc, sizeof(sbi3) );
status = pNtWow64GetNativeSystemInformation( SystemEmulationBasicInformation, &sbi3, sizeof(sbi3), &len );
ok( status == STATUS_SUCCESS, "failed %x\n", status );
ok( len == sizeof(sbi3), "wrong length %d\n", len );
ok( !memcmp( &sbi, &sbi3, offsetof(SYSTEM_BASIC_INFORMATION,NumberOfProcessors)+1 ),
"info is different\n" );
for (i = 0; i < 256; i++)
{
NTSTATUS expect = pNtQuerySystemInformation( i, NULL, 0, &len );
status = pNtWow64GetNativeSystemInformation( i, NULL, 0, &len );
switch (i)
{
case SystemNativeBasicInformation:
ok( status == STATUS_INVALID_INFO_CLASS || status == STATUS_INFO_LENGTH_MISMATCH ||
broken(status == STATUS_NOT_IMPLEMENTED) /* vista */, "%u: %x / %x\n", i, status, expect );
break;
case SystemBasicInformation:
case SystemCpuInformation:
case SystemEmulationBasicInformation:
case SystemEmulationProcessorInformation:
ok( status == expect, "%u: %x / %x\n", i, status, expect );
break;
default:
if (is_wow64) /* only a few info classes are supported on Wow64 */
ok( status == STATUS_INVALID_INFO_CLASS ||
broken(status == STATUS_NOT_IMPLEMENTED), /* vista */
"%u: %x\n", i, status );
else
ok( status == expect, "%u: %x / %x\n", i, status, expect );
break;
}
}
}
else win_skip( "NtWow64GetNativeSystemInformation not supported\n" );
NtClose( process );
}
static void test_init_block(void)
{
HMODULE ntdll = GetModuleHandleA( "ntdll.dll" );
ULONG i, size = 0, *init_block;
ULONG64 ptr64, *block64;
void *ptr;
if (!is_wow64) return;
if ((ptr = GetProcAddress( ntdll, "LdrSystemDllInitBlock" )))
{
init_block = ptr;
trace( "got init block %08x\n", init_block[0] );
#define CHECK_FUNC(val,func) \
ok( (val) == (ULONG_PTR)GetProcAddress( ntdll, func ), \
"got %p for %s %p\n", (void *)(ULONG_PTR)(val), func, GetProcAddress( ntdll, func ))
switch (init_block[0])
{
case 0x44: /* vistau64 */
CHECK_FUNC( init_block[1], "LdrInitializeThunk" );
CHECK_FUNC( init_block[2], "KiUserExceptionDispatcher" );
CHECK_FUNC( init_block[3], "KiUserApcDispatcher" );
CHECK_FUNC( init_block[4], "KiUserCallbackDispatcher" );
CHECK_FUNC( init_block[5], "LdrHotPatchRoutine" );
CHECK_FUNC( init_block[6], "ExpInterlockedPopEntrySListFault" );
CHECK_FUNC( init_block[7], "ExpInterlockedPopEntrySListResume" );
CHECK_FUNC( init_block[8], "ExpInterlockedPopEntrySListEnd" );
CHECK_FUNC( init_block[9], "RtlUserThreadStart" );
CHECK_FUNC( init_block[10], "RtlpQueryProcessDebugInformationRemote" );
CHECK_FUNC( init_block[11], "EtwpNotificationThread" );
ok( init_block[12] == (ULONG_PTR)ntdll, "got %p for ntdll %p\n",
(void *)(ULONG_PTR)init_block[12], ntdll );
size = 13 * sizeof(*init_block);
break;
case 0x50: /* win7 */
CHECK_FUNC( init_block[4], "LdrInitializeThunk" );
CHECK_FUNC( init_block[5], "KiUserExceptionDispatcher" );
CHECK_FUNC( init_block[6], "KiUserApcDispatcher" );
CHECK_FUNC( init_block[7], "KiUserCallbackDispatcher" );
CHECK_FUNC( init_block[8], "LdrHotPatchRoutine" );
CHECK_FUNC( init_block[9], "ExpInterlockedPopEntrySListFault" );
CHECK_FUNC( init_block[10], "ExpInterlockedPopEntrySListResume" );
CHECK_FUNC( init_block[11], "ExpInterlockedPopEntrySListEnd" );
CHECK_FUNC( init_block[12], "RtlUserThreadStart" );
CHECK_FUNC( init_block[13], "RtlpQueryProcessDebugInformationRemote" );
CHECK_FUNC( init_block[14], "EtwpNotificationThread" );
ok( init_block[15] == (ULONG_PTR)ntdll, "got %p for ntdll %p\n",
(void *)(ULONG_PTR)init_block[15], ntdll );
CHECK_FUNC( init_block[16], "LdrSystemDllInitBlock" );
size = 17 * sizeof(*init_block);
break;
case 0x70: /* win8 */
CHECK_FUNC( init_block[4], "LdrInitializeThunk" );
CHECK_FUNC( init_block[5], "KiUserExceptionDispatcher" );
CHECK_FUNC( init_block[6], "KiUserApcDispatcher" );
CHECK_FUNC( init_block[7], "KiUserCallbackDispatcher" );
CHECK_FUNC( init_block[8], "ExpInterlockedPopEntrySListFault" );
CHECK_FUNC( init_block[9], "ExpInterlockedPopEntrySListResume" );
CHECK_FUNC( init_block[10], "ExpInterlockedPopEntrySListEnd" );
CHECK_FUNC( init_block[11], "RtlUserThreadStart" );
CHECK_FUNC( init_block[12], "RtlpQueryProcessDebugInformationRemote" );
ok( init_block[13] == (ULONG_PTR)ntdll, "got %p for ntdll %p\n",
(void *)(ULONG_PTR)init_block[13], ntdll );
CHECK_FUNC( init_block[14], "LdrSystemDllInitBlock" );
size = 15 * sizeof(*init_block);
break;
case 0x80: /* win10 1507 */
CHECK_FUNC( init_block[4], "LdrInitializeThunk" );
CHECK_FUNC( init_block[5], "KiUserExceptionDispatcher" );
CHECK_FUNC( init_block[6], "KiUserApcDispatcher" );
CHECK_FUNC( init_block[7], "KiUserCallbackDispatcher" );
CHECK_FUNC( init_block[8], "ExpInterlockedPopEntrySListFault" );
CHECK_FUNC( init_block[9], "ExpInterlockedPopEntrySListResume" );
CHECK_FUNC( init_block[10], "ExpInterlockedPopEntrySListEnd" );
CHECK_FUNC( init_block[11], "RtlUserThreadStart" );
CHECK_FUNC( init_block[12], "RtlpQueryProcessDebugInformationRemote" );
ok( init_block[13] == (ULONG_PTR)ntdll, "got %p for ntdll %p\n",
(void *)(ULONG_PTR)init_block[13], ntdll );
CHECK_FUNC( init_block[14], "LdrSystemDllInitBlock" );
size = 15 * sizeof(*init_block);
break;
case 0xe0: /* win10 1809 */
case 0xf0: /* win10 2004 */
block64 = ptr;
CHECK_FUNC( block64[3], "LdrInitializeThunk" );
CHECK_FUNC( block64[4], "KiUserExceptionDispatcher" );
CHECK_FUNC( block64[5], "KiUserApcDispatcher" );
todo_wine CHECK_FUNC( block64[6], "KiUserCallbackDispatcher" );
CHECK_FUNC( block64[7], "RtlUserThreadStart" );
CHECK_FUNC( block64[8], "RtlpQueryProcessDebugInformationRemote" );
todo_wine ok( block64[9] == (ULONG_PTR)ntdll, "got %p for ntdll %p\n",
(void *)(ULONG_PTR)block64[9], ntdll );
CHECK_FUNC( block64[10], "LdrSystemDllInitBlock" );
CHECK_FUNC( block64[11], "RtlpFreezeTimeBias" );
size = 12 * sizeof(*block64);
break;
default:
ok( 0, "unknown init block %08x\n", init_block[0] );
for (i = 0; i < 32; i++) trace("%04x: %08x\n", i, init_block[i]);
break;
}
#undef CHECK_FUNC
if (size && (ptr64 = get_proc_address64( ntdll_module, "LdrSystemDllInitBlock" )))
{
DWORD buffer[64];
HANDLE process = OpenProcess( PROCESS_ALL_ACCESS, FALSE, GetCurrentProcessId() );
NTSTATUS status = pNtWow64ReadVirtualMemory64( process, ptr64, buffer, size, NULL );
ok( !status, "NtWow64ReadVirtualMemory64 failed %x\n", status );
ok( !memcmp( buffer, init_block, size ), "wrong 64-bit init block\n" );
NtClose( process );
}
}
else todo_wine win_skip( "LdrSystemDllInitBlock not supported\n" );
}
static void test_cpu_area(void)
{
TEB64 *teb64 = (TEB64 *)NtCurrentTeb()->GdiBatchCount;
ULONG64 ptr;
NTSTATUS status;
if (!is_wow64) return;
if (!ntdll_module) return;
if ((ptr = get_proc_address64( ntdll_module, "RtlWow64GetCurrentCpuArea" )))
{
USHORT machine = 0xdead;
ULONG64 context, context_ex;
ULONG64 args[] = { (ULONG_PTR)&machine, (ULONG_PTR)&context, (ULONG_PTR)&context_ex };
status = call_func64( ptr, ARRAY_SIZE(args), args );
ok( !status, "RtlWow64GetCpuAreaInfo failed %x\n", status );
ok( machine == IMAGE_FILE_MACHINE_I386, "wrong machine %x\n", machine );
ok( context == teb64->TlsSlots[WOW64_TLS_CPURESERVED] + 4, "wrong context %s / %s\n",
wine_dbgstr_longlong(context), wine_dbgstr_longlong(teb64->TlsSlots[WOW64_TLS_CPURESERVED]) );
ok( !context_ex, "got context_ex %s\n", wine_dbgstr_longlong(context_ex) );
args[0] = args[1] = args[2] = 0;
status = call_func64( ptr, ARRAY_SIZE(args), args );
ok( !status, "RtlWow64GetCpuAreaInfo failed %x\n", status );
}
else win_skip( "RtlWow64GetCpuAreaInfo not supported\n" );
}
#endif /* _WIN64 */
START_TEST(wow64)
{
init();
test_query_architectures();
test_peb_teb();
test_selectors();
#ifndef _WIN64
test_nt_wow64();
test_modules();
test_init_block();
#endif
test_cpu_area();
}