ntdll: Support debugger attach from a 64-bit process to a 32-bit process.

dlls/ntdll/process.c

@@ -558,6 +558,16 @@ NTSTATUS WINAPI DbgUiIssueRemoteBreakin( HANDLE process )
 
     status = NtCreateThreadEx( &handle, THREAD_ALL_ACCESS, &attr, process,
                                DbgUiRemoteBreakin, NULL, 0, 0, 0, 0, NULL );
+#ifdef _WIN64
+    /* FIXME: hack for debugging 32-bit wow64 process without a 64-bit ntdll */
+    if (status == STATUS_INVALID_PARAMETER)
+    {
+        ULONG_PTR wow;
+        if (!NtQueryInformationProcess( process, ProcessWow64Information, &wow, sizeof(wow), NULL ) && wow)
+            status = NtCreateThreadEx( &handle, THREAD_ALL_ACCESS, &attr, process,
+                                       (void *)0x7ffe1000, NULL, 0, 0, 0, 0, NULL );
+    }
+#endif
     if (!status) NtClose( handle );
     return status;
 }

dlls/ntdll/tests/wow64.c

@@ -39,7 +39,6 @@ static NTSTATUS (WINAPI *pNtWow64ReadVirtualMemory64)(HANDLE,ULONG64,void*,ULONG
 static NTSTATUS (WINAPI *pNtWow64WriteVirtualMemory64)(HANDLE,ULONG64,const void *,ULONG64,ULONG64*);
 #endif
 
-static BOOL is_win64 = (sizeof(void *) > sizeof(int));
 static BOOL is_wow64;
 static void *code_mem;
 
@@ -329,7 +328,6 @@ static void test_peb_teb(void)
         }
 
         ret = DebugActiveProcess( pi.dwProcessId );
-        todo_wine_if( is_win64 )
         ok( ret, "debugging failed\n" );
         if (!ReadProcessMemory( pi.hProcess, proc_info.PebBaseAddress, &peb, sizeof(peb), &res )) res = 0;
         ok( res == sizeof(peb), "wrong len %lx\n", res );

dlls/ntdll/unix/loader.c

@@ -106,6 +106,7 @@ static const char so_dir[] = "/aarch64-unix";
 static const char so_dir[] = "";
 #endif
 
+void     (WINAPI *pDbgUiRemoteBreakin)( void *arg ) = NULL;
 NTSTATUS (WINAPI *pKiRaiseUserExceptionDispatcher)(void) = NULL;
 NTSTATUS (WINAPI *pKiUserExceptionDispatcher)(EXCEPTION_RECORD*,CONTEXT*) = NULL;
 void     (WINAPI *pKiUserApcDispatcher)(CONTEXT*,ULONG_PTR,ULONG_PTR,ULONG_PTR,PNTAPCFUNC) = NULL;
@@ -1046,6 +1047,7 @@ static void load_ntdll_functions( HMODULE module )
     if (!(p##name = (void *)find_named_export( module, ntdll_exports, #name ))) \
         ERR( "%s not found\n", #name )
 
+    GET_FUNC( DbgUiRemoteBreakin );
     GET_FUNC( KiRaiseUserExceptionDispatcher );
     GET_FUNC( KiUserExceptionDispatcher );
     GET_FUNC( KiUserApcDispatcher );

dlls/ntdll/unix/server.c

@@ -534,6 +534,10 @@ static void invoke_system_apc( const apc_call_t *call, apc_result_t *result, BOO
         if (reserve == call->create_thread.reserve && commit == call->create_thread.commit &&
             (ULONG_PTR)func == call->create_thread.func && (ULONG_PTR)arg == call->create_thread.arg)
         {
+#ifndef _WIN64
+            /* FIXME: hack for debugging 32-bit process without a 64-bit ntdll */
+            if (is_wow64 && func == (void *)0x7ffe1000) func = pDbgUiRemoteBreakin;
+#endif
             attr->TotalLength = sizeof(buffer);
             attr->Attributes[0].Attribute    = PS_ATTRIBUTE_CLIENT_ID;
             attr->Attributes[0].Size         = sizeof(id);

dlls/ntdll/unix/unix_private.h

@@ -92,6 +92,7 @@ static const LONG teb_offset = 0x2000;
 #define FILE_USE_FILE_POINTER_POSITION ((LONGLONG)-2)
 
 /* callbacks to PE ntdll from the Unix side */
+extern void     (WINAPI *pDbgUiRemoteBreakin)( void *arg ) DECLSPEC_HIDDEN;
 extern NTSTATUS (WINAPI *pKiRaiseUserExceptionDispatcher)(void) DECLSPEC_HIDDEN;
 extern NTSTATUS (WINAPI *pKiUserExceptionDispatcher)(EXCEPTION_RECORD*,CONTEXT*) DECLSPEC_HIDDEN;
 extern void     (WINAPI *pKiUserApcDispatcher)(CONTEXT*,ULONG_PTR,ULONG_PTR,ULONG_PTR,PNTAPCFUNC) DECLSPEC_HIDDEN;