archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
4 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 5c6fe3db62
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '5c6fe3db62'
${ noResults }
windows-server-2003/sdktools/debuggers/exts/extdll/uexcep.cpp

647 lines
17 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //----------------------------------------------------------------------------
  2. //
  3. // User-mode exception analysis.
  4. //
  5. // Copyright (C) Microsoft Corporation, 2001.
  6. //
  7. //----------------------------------------------------------------------------
  9. #include "precomp.h"
  10. #pragma hdrstop
  11. #include "nturtl.h"
  13. typedef void (*EX_STATE_ANALYZER)(PEX_STATE ExState,
  14. UserDebugFailureAnalysis* Analysis);
  16. //----------------------------------------------------------------------------
  17. //
  18. // Exception-specific analyzers.
  19. //
  20. //----------------------------------------------------------------------------
  22. #define IMPL_EXS_ANALYZER(Name) \
  23. void \
  24. Exa_##Name(PEX_STATE ExState, \
  25. UserDebugFailureAnalysis* Analysis)
  27. IMPL_EXS_ANALYZER(STATUS_ACCESS_VIOLATION)
  28. {
  29. Analysis->SetUlong64(ExState->Exr.ExceptionInformation[0] ?
  30. DEBUG_FLR_WRITE_ADDRESS : DEBUG_FLR_READ_ADDRESS,
  31. ExState->Exr.ExceptionInformation[1]);
  33. Analysis->SetString(DEBUG_FLR_BUGCHECK_STR, "ACCESS_VIOLATION");
  34. }
  37. //----------------------------------------------------------------------------
  38. //
  39. // App verifier-specific analyzers.
  40. //
  41. //----------------------------------------------------------------------------
  43. #define IMPL_AVRF_ANALYZER(Name) \
  44. void \
  45. Avrf_##Name(PAVRF_STOP AvrfStop, \
  46. DebugFailureAnalysis* Analysis)
  49. IMPL_AVRF_ANALYZER(APPLICATION_VERIFIER_INVALID_HANDLE)
  50. {
  51. EXT_GET_HANDLE_TRACE pGetHandleTrace;
  53. if (AvrfStop->Params[1])
  54. {
  55. Analysis->SetUlong64(DEBUG_FLR_EXCEPTION_RECORD, AvrfStop->Params[1]);
  56. }
  57. if (AvrfStop->Params[2])
  58. {
  59. Analysis->SetUlong64(DEBUG_FLR_CONTEXT, AvrfStop->Params[2]);
  60. }
  62. if ((g_TargetQualifier == DEBUG_DUMP_SMALL) ||
  63. (g_TargetQualifier == DEBUG_DUMP_DEFAULT) ||
  64. (g_TargetQualifier == DEBUG_DUMP_FULL))
  65. {
  66. return;
  67. }
  69. // Look for most recent handle trace which resulted in
  70. // bad reference
  71. if (g_ExtControl->
  72. GetExtensionFunction(0, "GetHandleTrace",
  73. (FARPROC*)&pGetHandleTrace) == S_OK &&
  74. pGetHandleTrace)
  75. {
  76. ULONG64 Handle = 0;
  77. ULONG64 Stack[10];
  80. #ifndef HANDLE_TRACE_DB_BADREF
  81. #define HANDLE_TRACE_DB_BADREF 3
  82. #endif
  83. if ((*pGetHandleTrace)(g_ExtClient, HANDLE_TRACE_DB_BADREF,
  84. 0, &Handle,
  85. Stack, sizeof(Stack)/sizeof(Stack[0])) == S_OK)
  86. {
  87. // Found the bad handle !!
  88. Analysis->SetUlong64(DEBUG_FLR_BAD_HANDLE, Handle);
  89. }
  90. }
  92. return;
  93. }
  95. IMPL_AVRF_ANALYZER(APPLICATION_VERIFIER_LOCK_IN_UNLOADED_DLL)
  96. {
  97. CHAR DllName[MAX_PATH];
  99. if (AvrfStop->Params[0])
  100. {
  101. Analysis->SetUlong64(DEBUG_FLR_CRITICAL_SECTION, AvrfStop->Params[0]);
  102. }
  103. if (AvrfStop->Params[2])
  104. {
  105. if (ReadMemory(AvrfStop->Params[2],
  106. DllName,
  107. sizeof(DllName),
  108. NULL))
  109. {
  110. DllName[MAX_PATH-1] = DllName[MAX_PATH-2] = 0;
  111. if (DllName[0])
  112. {
  113. wchr2ansi((PWCHAR) DllName, DllName);
  115. Analysis->SetString(DEBUG_FLR_IMAGE_NAME, DllName);
  116. Analysis->SetUlong(DEBUG_FLR_FOLLOWUP_DRIVER_ONLY, 1);
  117. }
  118. }
  119. }
  120. if (AvrfStop->Params[3])
  121. {
  122. Analysis->SetUlong64(DEBUG_FLR_FAULTING_MODULE, AvrfStop->Params[3]);
  123. }
  124. }
  126. IMPL_AVRF_ANALYZER(APPLICATION_VERIFIER_ACCESS_VIOLATION)
  127. {
  128. if (AvrfStop->Params[0])
  129. {
  130. Analysis->SetUlong64(DEBUG_FLR_INVALID_HEAP_ADDRESS, AvrfStop->Params[0]);
  131. }
  132. if (AvrfStop->Params[1])
  133. {
  134. Analysis->SetUlong64(DEBUG_FLR_FAULTING_IP, AvrfStop->Params[1]);
  135. }
  136. if (AvrfStop->Params[2])
  137. {
  138. Analysis->SetUlong64(DEBUG_FLR_EXCEPTION_RECORD, AvrfStop->Params[2]);
  139. }
  140. if (AvrfStop->Params[3])
  141. {
  142. Analysis->SetUlong64(DEBUG_FLR_CONTEXT, AvrfStop->Params[3]);
  143. }
  144. }
  146. IMPL_AVRF_ANALYZER(APPLICATION_VERIFIER_CORRUPTED_HEAP_BLOCK)
  147. {
  148. if (AvrfStop->Params[1])
  149. {
  150. Analysis->SetUlong64(DEBUG_FLR_INVALID_HEAP_ADDRESS, AvrfStop->Params[1]);
  151. }
  152. }
  154. IMPL_AVRF_ANALYZER(APPLICATION_VERIFIER_LOCK_IN_FREED_HEAP)
  155. {
  156. CHAR DllName[MAX_PATH];
  158. if (AvrfStop->Params[0])
  159. {
  160. Analysis->SetUlong64(DEBUG_FLR_CRITICAL_SECTION, AvrfStop->Params[0]);
  161. }
  162. }
  164. BOOL
  165. CheckAppVerifierEnabled(
  166. void
  167. )
  168. {
  169. ULONG64 PebAddress;
  170. ULONG Flags;
  171. ULONG BytesRead;
  172. ULONG I;
  173. ULONG64 GlobalFlags;
  175. //
  176. // No app verifier on NT 4
  177. //
  178. if (g_TargetBuild < 2195)
  179. {
  180. return FALSE;
  181. }
  183. GetPebAddress(0, &PebAddress);
  185. if (PebAddress)
  186. {
  187. if (!InitTypeRead (PebAddress, ntdll!_PEB))
  188. {
  189. GlobalFlags = ReadField (NtGlobalFlag);
  192. if ((GlobalFlags & FLG_APPLICATION_VERIFIER))
  193. {
  194. return TRUE;
  195. }
  196. }
  197. }
  199. return FALSE;
  200. }
  202. BOOL
  203. GetVerifierDataFromException(
  204. PEX_STATE ExState,
  205. PULONG Code,
  206. PULONG64 Param1,
  207. PULONG64 Param2,
  208. PULONG64 Param3,
  209. PULONG64 Param4
  210. )
  211. {
  212. CHAR Buffer[MAX_PATH];
  213. ULONG64 Disp;
  215. *Code = 0;
  216. if (ExState == NULL)
  217. {
  218. return FALSE;
  219. }
  220. if (ExState->FirstChance &&
  221. ExState->Exr.ExceptionCode == STATUS_INVALID_HANDLE)
  222. {
  223. if (FaIsFunctionAddr(ExState->Exr.ExceptionAddress,
  224. "KiRaiseUserExceptionDispatcher"))
  225. {
  226. // Most likely this is a use of invalid handle, but verifier
  227. // couldn't catch it because app is under debugger
  229. *Code = APPLICATION_VERIFIER_INVALID_HANDLE ; // INVALID_HANDLE;
  230. *Param1 = STATUS_INVALID_HANDLE;
  231. return TRUE;
  232. }
  233. }
  234. return FALSE;
  235. }
  239. BOOL
  240. GetVerifierStopData(
  241. PULONG Code,
  242. PULONG64 Param1,
  243. PULONG64 Param2,
  244. PULONG64 Param3,
  245. PULONG64 Param4
  246. )
  247. {
  248. ULONG64 CurrentStopAddress;
  249. ULONG PointerSize = IsPtr64() ? 8 : 4;
  251. *Code = 0;
  253. CurrentStopAddress = GetExpression("ntdll!AVrfpStopData");
  254. if (CurrentStopAddress == 0)
  255. {
  256. CurrentStopAddress = GetExpression("verifier!AVrfpStopData");
  257. }
  259. if (CurrentStopAddress == 0)
  260. {
  261. dprintf( "Unable to resolve AVrfpStopData symbol.\n");
  262. return FALSE;
  263. }
  265. if (!ReadMemory(CurrentStopAddress, Code, sizeof(*Code), NULL) ||
  266. !ReadPointer(CurrentStopAddress + PointerSize, Param1) ||
  267. !ReadPointer(CurrentStopAddress + 2*PointerSize, Param2) ||
  268. !ReadPointer(CurrentStopAddress + 3*PointerSize, Param3) ||
  269. !ReadPointer(CurrentStopAddress + 4*PointerSize, Param4))
  270. {
  271. dprintf("Cannot read AVrfpStopData values.\n");
  272. return FALSE;
  273. }
  274. if (*Code)
  275. {
  276. return TRUE;
  277. }
  278. return FALSE;
  279. }
  281. HRESULT
  282. DoVerifierAnalysis(
  283. PEX_STATE ExState,
  284. DebugFailureAnalysis* Analysis
  285. )
  286. {
  287. AVRF_STOP AvrfStop = {0};
  289. if (!GetVerifierStopData(&AvrfStop.Code, &AvrfStop.Params[0], &AvrfStop.Params[1],
  290. &AvrfStop.Params[2], &AvrfStop.Params[3]) &&
  291. !GetVerifierDataFromException(ExState, &AvrfStop.Code, &AvrfStop.Params[0],
  292. &AvrfStop.Params[1], &AvrfStop.Params[2],
  293. &AvrfStop.Params[3]))
  294. {
  295. // Doesn't look like a verifier bug
  297. return S_FALSE;
  298. }
  299. CHAR BugCheckStr[40];
  301. sprintf(BugCheckStr, "AVRF_%lx", AvrfStop.Code);
  302. Analysis->SetString(DEBUG_FLR_BUGCHECK_STR, BugCheckStr);
  304. #define CALL_AVRF_ANALYZER(Name) \
  305. case Name: \
  306. Avrf_##Name(&AvrfStop, \
  307. Analysis); \
  308. break;
  310. switch (AvrfStop.Code)
  311. {
  312. CALL_AVRF_ANALYZER(APPLICATION_VERIFIER_INVALID_HANDLE);
  313. CALL_AVRF_ANALYZER(APPLICATION_VERIFIER_LOCK_IN_UNLOADED_DLL);
  314. CALL_AVRF_ANALYZER(APPLICATION_VERIFIER_CORRUPTED_HEAP_BLOCK);
  315. CALL_AVRF_ANALYZER(APPLICATION_VERIFIER_ACCESS_VIOLATION);
  317. case APPLICATION_VERIFIER_LOCK_DOUBLE_INITIALIZE:
  318. case APPLICATION_VERIFIER_LOCK_OVER_RELEASED:
  319. case APPLICATION_VERIFIER_LOCK_NOT_INITIALIZED:
  320. case APPLICATION_VERIFIER_LOCK_ALREADY_INITIALIZED:
  321. case APPLICATION_VERIFIER_LOCK_INVALID_LOCK_COUNT:
  322. CALL_AVRF_ANALYZER(APPLICATION_VERIFIER_LOCK_IN_FREED_HEAP);
  323. default:
  324. break;
  325. }
  326. return S_OK;
  327. }
  329. //----------------------------------------------------------------------------
  330. //
  331. // Generic exception analysis handling.
  332. //
  333. //----------------------------------------------------------------------------
  335. struct EX_ANALYZER_ENTRY
  336. {
  337. ULONG Code;
  338. EX_STATE_ANALYZER Analyzer;
  339. };
  341. #define EXS_ANALYZER_ENTRY(Name) \
  342. Name, Exa_##Name
  344. EX_ANALYZER_ENTRY g_ExAnalyzers[] =
  345. {
  346. EXS_ANALYZER_ENTRY(STATUS_ACCESS_VIOLATION),
  347. 0, NULL,
  348. };
  350. void
  351. UeFillAnalysis(PEX_STATE ExState,
  352. UserDebugFailureAnalysis* Analysis)
  353. {
  354. HRESULT Status;
  356. //
  357. // Add common analysis entries.
  358. //
  360. Analysis->SetFailureClass(DEBUG_CLASS_USER_WINDOWS);
  361. Analysis->SetFailureType(DEBUG_FLR_USER_CRASH);
  362. Analysis->SetFailureCode(ExState->Exr.ExceptionCode);
  364. Analysis->SetUlong64(DEBUG_FLR_FAULTING_IP, ExState->Exr.ExceptionAddress);
  365. Analysis->SetUlong64(DEBUG_FLR_EXCEPTION_RECORD, -1);
  367. CHAR BugCheckStr[40];
  369. sprintf(BugCheckStr, "%lx", ExState->Exr.ExceptionCode);
  370. Analysis->SetString(DEBUG_FLR_BUGCHECK_STR, BugCheckStr);
  371. Analysis->SetString(DEBUG_FLR_DEFAULT_BUCKET_ID, "APPLICATION_FAULT");
  374. CHAR ProcessName[512];
  375. ULONG Size;
  376. PCHAR Name;
  378. Status = g_ExtSystem->GetCurrentProcessExecutableName(ProcessName,
  379. sizeof(ProcessName),
  380. &Size);
  381. if ((Status == S_OK) && (Size > 1))
  382. {
  383. if (Name = strrchr(ProcessName, '\\'))
  384. {
  385. Name++;
  386. }
  387. else
  388. {
  389. Name = ProcessName;
  390. }
  392. Analysis->SetString(DEBUG_FLR_PROCESS_NAME, Name);
  394. if (!_stricmp("iexplore.exe", Name))
  395. {
  396. Analysis->SetFailureType(DEBUG_FLR_IE_CRASH);
  397. }
  398. }
  400. if (g_TargetPlatform == VER_PLATFORM_WIN32_NT)
  401. {
  402. Analysis->CheckModuleSymbols("ntdll", "OS");
  404. if (CheckAppVerifierEnabled())
  405. {
  406. // This proces has app verifier enabled
  407. DoVerifierAnalysis(ExState, Analysis);
  408. }
  409. }
  411. //
  412. // Find an analyzer for the exception and run it.
  413. //
  415. EX_ANALYZER_ENTRY* Entry = g_ExAnalyzers;
  416. while (Entry->Analyzer)
  417. {
  418. if (Entry->Code == ExState->Exr.ExceptionCode)
  419. {
  420. Entry->Analyzer(ExState, Analysis);
  421. break;
  422. }
  424. Entry++;
  425. }
  428. Analysis->ProcessInformation();
  429. }
  431. UserDebugFailureAnalysis*
  432. UeAnalyze(
  433. PEX_STATE ExState,
  434. ULONG Flags
  435. )
  436. {
  437. ULONG EventType;
  438. DEBUG_LAST_EVENT_INFO_EXCEPTION LastEx;
  440. if (g_ExtControl->GetLastEventInformation(&EventType,
  441. &ExState->ProcId,
  442. &ExState->ThreadId,
  443. &LastEx, sizeof(LastEx), NULL,
  444. NULL, 0, NULL) != S_OK)
  445. {
  446. ExtErr("Unable to get last event information\n");
  447. return NULL;
  448. }
  449. if (EventType != DEBUG_EVENT_EXCEPTION)
  450. {
  451. ExtErr("Event is not an exception\n");
  452. return NULL;
  453. }
  455. ExState->Exr = LastEx.ExceptionRecord;
  456. ExState->FirstChance = LastEx.FirstChance;
  458. UserDebugFailureAnalysis* Analysis = new UserDebugFailureAnalysis;
  459. if (Analysis)
  460. {
  461. Analysis->SetProcessingFlags(Flags);
  463. __try
  464. {
  465. UeFillAnalysis(ExState, Analysis);
  466. }
  467. __except(FaExceptionFilter(GetExceptionInformation()))
  468. {
  469. delete Analysis;
  470. Analysis = NULL;
  471. }
  472. }
  474. return Analysis;
  475. }
  477. HRESULT
  478. AnalyzeUserException(
  479. PCSTR args
  480. )
  481. {
  482. ULONG Flags = 0;
  484. if (g_TargetClass != DEBUG_CLASS_USER_WINDOWS)
  485. {
  486. dprintf("!analyzeuexception is for user mode only\n");
  487. return E_FAIL;
  488. }
  490. for (;;)
  491. {
  492. while (*args == ' ' || *args == '\t')
  493. {
  494. args++;
  495. }
  497. if (*args == '-')
  498. {
  499. ++args;
  500. switch(*args)
  501. {
  502. case 'v':
  503. Flags |= FAILURE_ANALYSIS_VERBOSE;
  504. break;
  506. case 'f':
  507. break;
  509. default:
  510. dprintf("Unknown option %c\n", *args);
  511. break;
  512. }
  513. ++args;
  514. }
  515. else
  516. {
  517. break;
  518. }
  519. }
  521. dprintf("*******************************************************************************\n");
  522. dprintf("* *\n");
  523. dprintf("* Exception Analysis *\n");
  524. dprintf("* *\n");
  525. dprintf("*******************************************************************************\n");
  526. dprintf("\n");
  528. if (!(Flags & FAILURE_ANALYSIS_VERBOSE))
  529. {
  530. dprintf("Use !analyze -v to get detailed debugging information.\n\n");
  531. }
  533. EX_STATE ExState;
  534. UserDebugFailureAnalysis* Analysis = UeAnalyze(&ExState, Flags);
  536. if (!Analysis)
  537. {
  538. dprintf("\n\nFailure could not be analyzed\n\n");
  540. g_ExtControl->Execute(DEBUG_OUTCTL_ALL_CLIENTS, ".lastevent",
  541. DEBUG_EXECUTE_DEFAULT);
  543. return E_FAIL;
  544. }
  546. Analysis->Output();
  548. delete Analysis;
  550. return S_OK;
  551. }
  554. DECLARE_API( analyzeuexception )
  555. {
  556. INIT_API();
  558. HRESULT Hr = AnalyzeUserException(args);
  560. EXIT_API();
  562. return Hr;
  563. }
  565. //----------------------------------------------------------------------------
  566. //
  567. // UserDebugFailureAnalysis.
  568. //
  569. //----------------------------------------------------------------------------
  571. UserDebugFailureAnalysis::UserDebugFailureAnalysis(void)
  572. : m_NtDllModule("ntdll"),
  573. m_Kernel32Module("kernel32"),
  574. m_Advapi32Module("advapi32")
  575. {
  576. }
  578. DEBUG_POOL_REGION
  579. UserDebugFailureAnalysis::GetPoolForAddress(ULONG64 Addr)
  580. {
  581. return DbgPoolRegionUnknown;
  582. }
  584. PCSTR
  585. UserDebugFailureAnalysis::DescribeAddress(ULONG64 Address)
  586. {
  587. // XXX drewb - QueryVirtual to say something about the address?
  588. return NULL;
  589. }
  591. FOLLOW_ADDRESS
  592. UserDebugFailureAnalysis::IsPotentialFollowupAddress(ULONG64 Address)
  593. {
  594. // XXX drewb - Check against maximum user address, but there's
  595. // no guaranteed way to get the maximum user address.
  597. return FollowYes;
  598. }
  600. FOLLOW_ADDRESS
  601. UserDebugFailureAnalysis::IsFollowupContext(ULONG64 Address1, ULONG64 Address2,
  602. ULONG64 Address3)
  603. {
  604. // XXX drewb - Check against maximum user address, but there's
  605. // no guaranteed way to get the maximum user address.
  607. return FollowYes;
  608. }
  610. FlpClasses
  611. UserDebugFailureAnalysis::GetFollowupClass(ULONG64 Address,
  612. PCSTR Module, PCSTR Routine)
  613. {
  614. if (m_NtDllModule.Contains(Address) ||
  615. m_Kernel32Module.Contains(Address) ||
  616. m_Advapi32Module.Contains(Address) ||
  617. (!_strcmpi(Module, "SharedUserData") &&
  618. Routine && !_strcmpi(Routine, "SystemCallStub")))
  619. {
  620. return FlpOSRoutine;
  621. }
  622. else if (!_strcmpi(Module, "shell32") ||
  623. !_strcmpi(Module, "user32") ||
  624. !_strcmpi(Module, "gdi32") ||
  625. !_strcmpi(Module, "mshtml") ||
  626. !_strcmpi(Module, "ole32") ||
  627. !_strcmpi(Module, "verifier") ||
  628. !_strcmpi(Module, "rpcrt4"))
  629. {
  630. return FlpOSFilterDrv;
  631. }
  632. else
  633. {
  634. return FlpUnknownDrv;
  635. }
  636. }
  639. BOOL
  640. UserDebugFailureAnalysis::CheckForCorruptionInHTE(
  641. ULONG64 hTableEntry,
  642. PCHAR Owner,
  643. ULONG OwnerSize
  644. )
  645. {
  646. return FALSE;
  647. }