Debug Command 26 - Range Step Command

Parameters

Pid

= Process ID of debuggee
Tid
= Thread ID of thread to range-step
Cmd
= DBG_C_RangeStep
Value
= Linear address denoting start of range (exclusive)
Addr
= Linear address denoting end of range (exclusive)

Returns

The RangeStep notification is usually returned, but any Debug notification may be returned. See DosDebug Notifications for more information.

This command allows a debugger to specify a range of addresses (bounded by the linear addresses in the Value and Addr fields) through which a debuggee thread should single-step until one of the following conditions occurs:

• The debuggee thread's linear EIP (instruction pointer) is outside the range. 
  The linear EIPs of consecutive debuggee threads are the same.
  
  Some other notification occurs.

  When the DBG_C_RangeStep command returns, the register set is automatically updated to reflect the thread that detected the event.

  Callgates that result in a privilege level transition to ring 0 will appear to range-step as a single instruction, with the range-step continuing after the function completes. This hides ring 0 execution from debuggers.

  Attempting to range-step a thread that is frozen results in an error.

  Restrictions

  To accomplish callgate single-stepping, the single-step must be simulated because the flags (specifically, the TF bit) are not stored in the ring 0 callgate stack frame. Because of this, a range-step that results in leaving a ring 0 callgate will sometimes not execute any user-space code. The following range-step should function normally.

  Range-stepping some REP instructions may not work correctly due to errors in the 80386 processor.

  ---

  [Back] [Next]