archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
4.9 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/base/tools/kdexts2/session.cpp

4522 lines
129 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 2000 Microsoft Corporation
  5. Module Name:
  7. session.cxx
  9. Abstract:
  11. This file contains the routines to handle session.
  13. Author:
  15. Jason Hartman (JasonHa) 2000-09-28
  17. Environment:
  19. User Mode
  21. --*/
  23. #include "precomp.h"
  25. #define STRSAFE_NO_DEPRECATE
  26. #include "strsafe.h"
  28. //
  29. // Special defines
  30. //
  32. // ddk\inc\ntddk.h:
  33. #define PROTECTED_POOL 0x80000000
  35. // base\ntos\inc\pool.h:
  36. #define POOL_QUOTA_MASK 8
  39. // Information about how to handle a process listing
  40. // and status about how it was handled.
  41. class CProcessListing
  42. {
  43. public:
  44. IN ULONG m_cListLimit;
  45. IN OUT ULONG m_cTotal;
  46. IN OUT ULONG m_cProcessed;
  47. IN OUT ULONG64 m_oStartProcess;
  48. OUT ULONG64 m_oLastProcess;
  50. public:
  51. CProcessListing(ULONG cListLimit = -1) {
  52. m_cListLimit = cListLimit;
  53. m_cTotal = 0;
  54. m_cProcessed = 0;
  55. m_oStartProcess = 0;
  56. m_oLastProcess = 0;
  57. }
  59. void PrepareForNextListing()
  60. {
  61. m_oStartProcess = m_oLastProcess;
  62. }
  64. BOOL Unprocessed()
  65. {
  66. return (m_cTotal > m_cProcessed);
  67. }
  68. };
  71. #define SESSION_SEARCH_LIMIT 50
  73. ULONG SessionId = CURRENT_SESSION;
  74. CHAR SessionStr[16] = "CURRENT";
  76. CachedType HwPte = { FALSE, "NT!HARDWARE_PTE", 0, 0, 0 };
  78. #define NUM_CACHED_SESSIONS 8
  80. struct {
  81. BOOL Valid;
  82. ULONG64 SessionSpaceAddr;
  83. ULONG64 SessionProcess;
  84. } CachedSession[NUM_CACHED_SESSIONS+1] = { { 0, 0 } };
  85. ULONG ExtraCachedSessionId;
  87. #define NUM_CACHED_DIR_BASES 8
  89. struct {
  90. BOOL Valid;
  91. ULONG64 PageDirBase;
  92. } CachedDirBase[NUM_CACHED_DIR_BASES+1] = { { FALSE, 0} };
  95. struct {
  96. BOOL Valid;
  97. ULONG64 PhysAddr;
  98. ULONG64 Data;
  99. } CachedPhysAddr[2] = { { 0, 0, 0} };
  101. class BitFieldInfo {
  102. public:
  103. BitFieldInfo() { Valid = FALSE; };
  104. BitFieldInfo(ULONG InitBitPos, ULONG InitBits) {
  105. Valid = Compose(InitBitPos, InitBits);
  106. }
  108. BOOL Compose(ULONG CBitPos, ULONG CBits)
  109. {
  110. BitPos = CBitPos;
  111. Bits = CBits;
  112. Mask = (((((ULONG64) 1) << Bits) - 1) << BitPos);
  113. return TRUE;
  114. }
  116. BOOL Valid;
  117. ULONG BitPos;
  118. ULONG Bits;
  119. ULONG64 Mask;
  120. };
  122. BitFieldInfo *MMPTEValid = NULL;
  123. BitFieldInfo *MMPTEProto = NULL;
  124. BitFieldInfo *MMPTETrans = NULL;
  125. BitFieldInfo *MMPTEX86LargePage = NULL;
  126. BitFieldInfo *MMPTEpfn = NULL;
  128. HRESULT
  129. GetBitMap(
  130. PDEBUG_CLIENT Client,
  131. ULONG64 pBitMap,
  132. PRTL_BITMAP *pBitMapOut
  133. );
  135. HRESULT
  136. FreeBitMap(
  137. PRTL_BITMAP pBitMap
  138. );
  140. HRESULT
  141. OutputSessionProcesses(
  142. PDEBUG_CLIENT Client,
  143. ULONG Session,
  144. PCSTR args,
  145. CProcessListing *pProcessListing
  146. );
  149. /**************************************************************************\
  150. *
  151. * Routine Name:
  152. *
  153. * SessionInit
  154. *
  155. * Routine Description:
  156. *
  157. * Initialize or reinitialize information to be read from symbols files
  158. *
  159. * Arguments:
  160. *
  161. * Client - PDEBUG_CLIENT
  162. *
  163. * Return Value:
  164. *
  165. * none
  166. *
  167. \**************************************************************************/
  169. void SessionInit(PDEBUG_CLIENT Client)
  170. {
  171. for (int s = 0; s < sizeof(CachedSession)/sizeof(CachedSession[0]); s++)
  172. {
  173. CachedSession[s].Valid = FALSE;
  174. }
  175. ExtraCachedSessionId = INVALID_SESSION;
  177. for (int s = 0; s < sizeof(CachedDirBase)/sizeof(CachedDirBase[0]); s++)
  178. {
  179. CachedDirBase[s].Valid = INVALID_UNIQUE_STATE;
  180. }
  182. if (MMPTEValid != NULL) MMPTEValid->Valid = FALSE;
  183. if (MMPTEProto != NULL) MMPTEProto->Valid = FALSE;
  184. if (MMPTETrans != NULL) MMPTETrans->Valid = FALSE;
  185. if (MMPTEX86LargePage != NULL) MMPTEX86LargePage->Valid = FALSE;
  186. if (MMPTEpfn != NULL) MMPTEpfn->Valid = FALSE;
  188. CachedPhysAddr[0].Valid = FALSE;
  189. CachedPhysAddr[1].Valid = FALSE;
  191. return;
  192. }
  195. /**************************************************************************\
  196. *
  197. * Routine Name:
  198. *
  199. * SessionExit
  200. *
  201. * Routine Description:
  202. *
  203. * Clean up any outstanding allocations or references
  204. *
  205. * Arguments:
  206. *
  207. * none
  208. *
  209. * Return Value:
  210. *
  211. * none
  212. *
  213. \**************************************************************************/
  215. void SessionExit()
  216. {
  217. if (MMPTEValid != NULL)
  218. {
  219. delete MMPTEValid;
  220. MMPTEValid = NULL;
  221. }
  223. if (MMPTEProto != NULL)
  224. {
  225. delete MMPTEProto;
  226. MMPTEProto = NULL;
  227. }
  229. if (MMPTETrans != NULL)
  230. {
  231. delete MMPTETrans;
  232. MMPTETrans = NULL;
  233. }
  235. if (MMPTEX86LargePage != NULL)
  236. {
  237. delete MMPTEX86LargePage;
  238. MMPTEX86LargePage = NULL;
  239. }
  241. if (MMPTEpfn != NULL)
  242. {
  243. delete MMPTEpfn;
  244. MMPTEpfn = NULL;
  245. }
  247. return;
  248. }
  250. #if 0
  251. /**************************************************************************\
  252. *
  253. * Routine Name:
  254. *
  255. * GetMMPTEValid
  256. *
  257. * Routine Description:
  258. *
  259. * Extract Valid value from MMPTE
  260. *
  261. \**************************************************************************/
  263. HRESULT
  264. GetMMPTEValid(
  265. PDEBUG_CLIENT Client,
  266. ULONG64 MMPTE64,
  267. PULONG64 Valid
  268. )
  269. {
  270. HRESULT hr = S_FALSE;
  272. if (MMPTEValid == NULL)
  273. {
  274. MMPTEValid = new BitFieldInfo;
  275. }
  277. if (MMPTEValid == NULL)
  278. {
  279. hr = E_OUTOFMEMORY;
  280. }
  281. else if (MMPTEValid->Valid)
  282. {
  283. hr = S_OK;
  284. }
  285. else
  286. {
  287. ULONG VaildOffset, ValidBits;
  289. if (GetBitFieldOffset("nt!HARDWARE_PTE", "Valid", &VaildOffset, &ValidBits) == S_OK)
  290. {
  291. MMPTEValid->Valid = MMPTEValid->Compose(VaildOffset, ValidBits);
  292. hr = MMPTEValid->Valid ? S_OK : S_FALSE;
  293. }
  294. }
  296. if (Valid != NULL)
  297. {
  298. if (hr == S_OK)
  299. {
  300. *Valid = (MMPTE64 & MMPTEValid->Mask) >> MMPTEValid->BitPos;
  301. }
  302. else
  303. {
  304. *Valid = 0;
  305. }
  306. }
  308. return hr;
  309. }
  312. /**************************************************************************\
  313. *
  314. * Routine Name:
  315. *
  316. * GetMMPTEProto
  317. *
  318. * Routine Description:
  319. *
  320. * Extract Prototype value from MMPTE
  321. *
  322. \**************************************************************************/
  324. HRESULT
  325. GetMMPTEProto(
  326. PDEBUG_CLIENT Client,
  327. ULONG64 MMPTE64,
  328. PULONG64 Proto
  329. )
  330. {
  331. HRESULT hr = S_FALSE;
  333. if (MMPTEProto == NULL)
  334. {
  335. MMPTEProto = new BitFieldInfo;
  336. }
  338. if (MMPTEProto == NULL)
  339. {
  340. hr = E_OUTOFMEMORY;
  341. }
  342. else if (MMPTEProto->Valid)
  343. {
  344. hr = S_OK;
  345. }
  346. else
  347. {
  348. ULONG ProtoOffset, ProtoBits;
  350. if (GetBitFieldOffset("nt!MMPTE_PROTOTYPE", "Prototype", &ProtoOffset, &ProtoBits) == S_OK)
  351. {
  352. MMPTEProto->Valid = MMPTEProto->Compose(ProtoOffset, ProtoBits);
  353. hr = MMPTEProto->Valid ? S_OK : S_FALSE;
  354. }
  355. }
  357. if (Proto != NULL)
  358. {
  359. if (hr == S_OK)
  360. {
  361. *Proto = (MMPTE64 & MMPTEProto->Mask) >> MMPTEProto->BitPos;
  362. }
  363. else
  364. {
  365. *Proto = 0;
  366. }
  367. }
  369. return hr;
  370. }
  373. /**************************************************************************\
  374. *
  375. * Routine Name:
  376. *
  377. * GetMMPTETrans
  378. *
  379. * Routine Description:
  380. *
  381. * Extract Transition value from MMPTE
  382. *
  383. \**************************************************************************/
  385. HRESULT
  386. GetMMPTETrans(
  387. PDEBUG_CLIENT Client,
  388. ULONG64 MMPTE64,
  389. PULONG64 Trans
  390. )
  391. {
  392. HRESULT hr = S_FALSE;
  394. if (MMPTETrans == NULL)
  395. {
  396. MMPTETrans = new BitFieldInfo;
  397. }
  399. if (MMPTETrans == NULL)
  400. {
  401. hr = E_OUTOFMEMORY;
  402. }
  403. else if (MMPTETrans->Valid)
  404. {
  405. hr = S_OK;
  406. }
  407. else
  408. {
  409. ULONG TransOffset, TransBits;
  411. if (GetBitFieldOffset("nt!MMPTE_PROTOTYPE", "Transition", &TransOffset, &TransBits) == S_OK)
  412. {
  413. MMPTETrans->Valid = MMPTETrans->Compose(TransOffset, TransBits);
  415. hr = MMPTETrans->Valid ? S_OK : S_FALSE;
  416. }
  417. }
  419. if (Trans != NULL)
  420. {
  421. if (hr == S_OK)
  422. {
  423. *Trans = (MMPTE64 & MMPTETrans->Mask) >> MMPTETrans->BitPos;
  424. }
  425. else
  426. {
  427. *Trans = 0;
  428. }
  429. }
  431. return hr;
  432. }
  435. /**************************************************************************\
  436. *
  437. * Routine Name:
  438. *
  439. * GetMMPTEX86LargePage
  440. *
  441. * Routine Description:
  442. *
  443. * Extract LargePage value from X86 MMPTE
  444. *
  445. \**************************************************************************/
  447. HRESULT
  448. GetMMPTEX86LargePage(
  449. PDEBUG_CLIENT Client,
  450. ULONG64 MMPTE64,
  451. PULONG64 X86LargePage
  452. )
  453. {
  454. HRESULT hr = S_FALSE;
  456. if (TargetMachine != IMAGE_FILE_MACHINE_I386)
  457. {
  458. if (X86LargePage != NULL) *X86LargePage = 0;
  459. return hr;
  460. }
  462. if (MMPTEX86LargePage == NULL)
  463. {
  464. MMPTEX86LargePage = new BitFieldInfo;
  465. }
  467. if (MMPTEX86LargePage == NULL)
  468. {
  469. hr = E_OUTOFMEMORY;
  470. }
  471. else if (MMPTEX86LargePage->Valid)
  472. {
  473. hr = S_OK;
  474. }
  475. else
  476. {
  477. ULONG LrPgOffset, LrPgBits;
  479. if (GetBitFieldOffset("nt!HARDWARE_PTE", "LargePage", &LrPgOffset, &LrPgBits) == S_OK)
  480. {
  481. MMPTEX86LargePage->Valid = MMPTEX86LargePage->Compose(LrPgOffset, LrPgBits);
  482. hr = MMPTEX86LargePage->Valid ? S_OK : S_FALSE;
  483. }
  484. }
  486. if (X86LargePage != NULL)
  487. {
  488. if (hr == S_OK)
  489. {
  490. *X86LargePage = (MMPTE64 & MMPTEX86LargePage->Mask) >> MMPTEX86LargePage->BitPos;
  491. }
  492. else
  493. {
  494. *X86LargePage = 0;
  495. }
  496. }
  498. return hr;
  499. }
  502. /**************************************************************************\
  503. *
  504. * Routine Name:
  505. *
  506. * GetMMPTEpfn
  507. *
  508. * Routine Description:
  509. *
  510. * Extract Page Frame Number value from MMPTE
  511. *
  512. \**************************************************************************/
  513. #define GET_BITS_UNSHIFTED 1
  514. HRESULT
  515. GetMMPTEpfn(
  516. PDEBUG_CLIENT Client,
  517. ULONG64 MMPTE64,
  518. PULONG64 pfn,
  519. FLONG Flags
  520. )
  521. {
  522. HRESULT hr = S_FALSE;
  524. if (MMPTEpfn == NULL)
  525. {
  526. MMPTEpfn = new BitFieldInfo;
  527. }
  529. if (MMPTEpfn == NULL)
  530. {
  531. hr = E_OUTOFMEMORY;
  532. }
  533. else if (MMPTEpfn->Valid)
  534. {
  535. hr = S_OK;
  536. }
  537. else
  538. {
  539. ULONG pfnPosition, pfnBits;
  541. if (GetBitFieldOffset("nt!HARDWARE_PTE", "PageFrameNumber", &pfnPosition, &pfnBits) == S_OK)
  542. {
  543. MMPTEpfn->Valid = MMPTEpfn->Compose(pfnPosition, pfnBits);
  544. hr = MMPTEpfn->Valid ? S_OK : S_FALSE;
  545. }
  546. }
  548. if (pfn != NULL)
  549. {
  550. if (hr == S_OK)
  551. {
  552. *pfn = (MMPTE64 & MMPTEpfn->Mask);
  553. if (!(Flags & GET_BITS_UNSHIFTED))
  554. {
  555. *pfn >>= MMPTEpfn->BitPos;
  556. }
  557. }
  558. else
  559. {
  560. *pfn = 0;
  561. }
  562. }
  564. return hr;
  565. }
  566. #endif // 0
  567. // Copied from nt\base\ntos\rtl\bitmap.c
  569. static CONST ULONG FillMaskUlong[] = {
  570. 0x00000000, 0x00000001, 0x00000003, 0x00000007,
  571. 0x0000000f, 0x0000001f, 0x0000003f, 0x0000007f,
  572. 0x000000ff, 0x000001ff, 0x000003ff, 0x000007ff,
  573. 0x00000fff, 0x00001fff, 0x00003fff, 0x00007fff,
  574. 0x0000ffff, 0x0001ffff, 0x0003ffff, 0x0007ffff,
  575. 0x000fffff, 0x001fffff, 0x003fffff, 0x007fffff,
  576. 0x00ffffff, 0x01ffffff, 0x03ffffff, 0x07ffffff,
  577. 0x0fffffff, 0x1fffffff, 0x3fffffff, 0x7fffffff,
  578. 0xffffffff
  579. };
  581. ULONG
  582. OSCompat_RtlFindLastBackwardRunClear (
  583. IN PRTL_BITMAP BitMapHeader,
  584. IN ULONG FromIndex,
  585. IN PULONG StartingRunIndex
  586. )
  587. {
  588. ULONG Start;
  589. ULONG End;
  590. PULONG PHunk;
  591. ULONG Hunk;
  593. //
  594. // Take care of the boundary case of the null bitmap
  595. //
  597. if (BitMapHeader->SizeOfBitMap == 0) {
  599. *StartingRunIndex = FromIndex;
  600. return 0;
  601. }
  603. //
  604. // Scan backwards for the first clear bit
  605. //
  607. End = FromIndex;
  609. //
  610. // Build pointer to the ULONG word in the bitmap
  611. // containing the End bit, then read in the bitmap
  612. // hunk. Set the rest of the bits in this word, NOT
  613. // inclusive of the FromIndex bit.
  614. //
  616. PHunk = BitMapHeader->Buffer + (End / 32);
  617. Hunk = *PHunk | ~FillMaskUlong[(End % 32) + 1];
  619. //
  620. // If the first subword is set then we can proceed to
  621. // take big steps in the bitmap since we are now ULONG
  622. // aligned in the search
  623. //
  625. if (Hunk == (ULONG)~0) {
  627. //
  628. // Adjust the pointers backwards
  629. //
  631. End -= (End % 32) + 1;
  632. PHunk--;
  634. while ( PHunk > BitMapHeader->Buffer ) {
  636. //
  637. // Stop at first word with set bits
  638. //
  640. if (*PHunk != (ULONG)~0) break;
  642. PHunk--;
  643. End -= 32;
  644. }
  645. }
  647. //
  648. // Bitwise search backward for the clear bit
  649. //
  651. while ((End != MAXULONG) && (RtlCheckBit( BitMapHeader, End ) == 1)) { End -= 1; }
  653. //
  654. // Scan backwards for the first set bit
  655. //
  657. Start = End;
  659. //
  660. // We know that the clear bit was in the last word we looked at,
  661. // so continue from there to find the next set bit, clearing the
  662. // previous bits in the word.
  663. //
  665. Hunk = *PHunk & FillMaskUlong[Start % 32];
  667. //
  668. // If the subword is unset then we can proceed in big steps
  669. //
  671. if (Hunk == (ULONG)0) {
  673. //
  674. // Adjust the pointers backward
  675. //
  677. Start -= (Start % 32) + 1;
  678. PHunk--;
  680. while ( PHunk > BitMapHeader->Buffer ) {
  682. //
  683. // Stop at first word with set bits
  684. //
  686. if (*PHunk != (ULONG)0) break;
  688. PHunk--;
  689. Start -= 32;
  690. }
  691. }
  693. //
  694. // Bitwise search backward for the set bit
  695. //
  697. while ((Start != MAXULONG) && (RtlCheckBit( BitMapHeader, Start ) == 0)) { Start -= 1; }
  699. //
  700. // Compute the index and return the length
  701. //
  703. *StartingRunIndex = Start + 1;
  704. return (End - Start);
  705. }
  707. HRESULT
  708. GetSessionNumbers(
  709. IN PDEBUG_CLIENT Client,
  710. OUT PULONG CurrentSession,
  711. OUT PULONG DefaultSession,
  712. OUT PULONG TotalSessions,
  713. OUT PRTL_BITMAP *SessionList
  714. )
  715. {
  716. HRESULT hr = S_FALSE;
  718. if (CurrentSession != NULL)
  719. {
  720. ULONG Processor;
  721. ULONG64 Process=0;
  723. Process = GetExpression("@$Proc");
  725. if (!Process || !GetProcessSessionId(Process, CurrentSession))
  726. {
  727. *CurrentSession = INVALID_SESSION;
  728. } else
  729. {
  730. hr = S_OK;
  731. }
  732. }
  734. if (DefaultSession != NULL)
  735. {
  736. *DefaultSession = SessionId;
  737. hr = S_OK;
  738. }
  740. if ((TotalSessions != NULL) ||
  741. (SessionList != NULL))
  742. {
  743. ULONG SessionCount = 0;
  744. PRTL_BITMAP SessionListBitMap = NULL;
  745. ULONG64 SessionIdListPointerAddr = 0;
  746. ULONG64 SessionIdListAddr = 0;
  748. PDEBUG_SYMBOLS Symbols;
  749. PDEBUG_DATA_SPACES Data;
  751. if (TotalSessions)
  752. {
  753. *TotalSessions = 0;
  754. }
  755. if (SessionList)
  756. {
  757. *SessionList = NULL;
  758. }
  760. if ((hr = Client->QueryInterface(__uuidof(IDebugSymbols),
  761. (void **)&Symbols)) != S_OK)
  762. {
  763. return hr;
  764. }
  766. if ((hr = Client->QueryInterface(__uuidof(IDebugDataSpaces),
  767. (void **)&Data)) != S_OK)
  768. {
  769. Symbols->Release();
  770. return hr;
  771. }
  773. CHAR PointerName[] = "NT!MiSessionIdBitmap";
  774. hr = Symbols->GetOffsetByName(PointerName, &SessionIdListPointerAddr);
  775. if (hr != S_OK)
  776. {
  777. ExtErr("Unable to locate %s\n", PointerName);
  778. }
  779. else
  780. {
  781. hr = Data->ReadPointersVirtual(1, SessionIdListPointerAddr, &SessionIdListAddr);
  783. if ((hr == S_OK) && (SessionIdListAddr != 0))
  784. {
  785. hr = GetBitMap(Client, SessionIdListAddr, &SessionListBitMap);
  787. if (hr == S_OK)
  788. {
  789. SessionCount = RtlNumberOfSetBits(SessionListBitMap);
  790. }
  791. } else
  792. {
  793. ExtErr("Unable to read MiSessionIdBitmap @ %p\n", SessionIdListPointerAddr);
  794. }
  795. }
  797. if (TotalSessions)
  798. {
  799. *TotalSessions = SessionCount;
  800. }
  802. // Free or return BitMap
  803. if (SessionListBitMap)
  804. {
  805. if (SessionList)
  806. {
  807. *SessionList = SessionListBitMap;
  808. }
  809. else
  810. {
  811. FreeBitMap(SessionListBitMap);
  812. }
  813. }
  815. Data->Release();
  816. Symbols->Release();
  817. }
  819. return hr;
  820. }
  823. HRESULT
  824. SetDefaultSession(
  825. IN PDEBUG_CLIENT Client,
  826. IN ULONG NewSession,
  827. OUT OPTIONAL PULONG OldSession
  828. )
  829. {
  830. HRESULT hr = S_FALSE;
  831. ULONG64 SessionProcess;
  832. ULONG PrevSession;
  834. GetSessionNumbers(Client, NULL, &PrevSession, NULL, NULL);
  836. if (OldSession)
  837. {
  838. *OldSession = PrevSession;
  839. }
  840. if ((NewSession == CURRENT_SESSION) ||
  841. (GetSessionSpace(NewSession, NULL, &SessionProcess) == S_OK))
  842. {
  843. if (GetProcessSessionId(SessionProcess, &SessionId) &&
  844. (SessionId != PrevSession))
  845. {
  846. CHAR SetImplicitProcess[100];
  848. hr = StringCbPrintfA(SetImplicitProcess, sizeof(SetImplicitProcess),
  849. ".process %p", SessionProcess);
  850. if (hr == S_OK)
  851. {
  852. hr = g_ExtControl->Execute(DEBUG_OUTCTL_AMBIENT,
  853. SetImplicitProcess, DEBUG_EXECUTE_DEFAULT );
  854. }
  855. if (SessionId == CURRENT_SESSION)
  856. {
  857. strcpy(SessionStr, "CURRENT");
  858. }
  859. else
  860. {
  861. _ultoa(SessionId, SessionStr, 10);
  862. }
  864. }
  866. hr = S_OK;
  867. }
  869. return hr;
  870. }
  872. typedef (WINAPI* PENUM_SESSION_CB)(ULONG64 Process, ULONG SessionId, PVOID Context);
  874. BOOL
  875. EnumerateSessionProcesses(
  876. IN ULONG Session,
  877. IN PVOID Context,
  878. IN PENUM_SESSION_CB Callback
  879. )
  880. {
  881. ULONG TotalSessions;
  882. ULONG WsListEntryOffset;
  883. ULONG SessionOffset;
  884. ULONG SessionProcessLinksOffset;
  885. ULONG64 MiSessionWsList;
  886. ULONG64 SessionWsListStart;
  887. ULONG64 Next;
  888. ULONG64 SessionSpace;
  889. ULONG SessionId;
  891. MiSessionWsList = GetExpression("nt!MiSessionWsList");
  892. if (!MiSessionWsList || !ReadPointer(MiSessionWsList, &SessionWsListStart))
  893. {
  894. dprintf("Cannot get nt!MiSessionWsList\n");
  895. return FALSE;
  896. }
  898. if (GetFieldOffset("nt!_MM_SESSION_SPACE", "WsListEntry", &WsListEntryOffset) ||
  899. GetFieldOffset("nt!_MM_SESSION_SPACE", "Session", &SessionOffset))
  900. {
  901. dprintf("Cannot find nt!_MM_SESSION_SPACE type.\n");
  902. return FALSE;
  903. }
  905. if (GetFieldOffset("nt!_EPROCESS", "SessionProcessLinks", &SessionProcessLinksOffset))
  906. {
  907. dprintf("Cannot find nt!_EPROCESS type.\n");
  908. return FALSE;
  909. }
  911. SessionSpace = SessionWsListStart-WsListEntryOffset;
  913. do
  914. {
  915. if (GetFieldValue(SessionSpace, "nt!_MM_SESSION_SPACE", "SessionId", SessionId) ||
  916. !ReadPointer(SessionSpace+WsListEntryOffset, &Next) ||
  917. InitTypeRead(SessionSpace, nt!_MM_SESSION_SPACE) )
  918. {
  919. dprintf("Cannot read nt!_MM_SESSION_SPACE @ %p\n", SessionSpace);
  920. return FALSE;
  921. }
  923. if (CheckControlC())
  924. {
  925. break;
  926. }
  928. if (Session == SessionId || Session == -1)
  929. {
  930. ULONG64 SessionProcessList = ReadField(ProcessList.Flink);
  931. ULONG64 NextProcess = 0;
  932. ULONG64 Process;
  933. CHAR ImageFileName[64];
  935. Process = SessionProcessList - SessionProcessLinksOffset;
  936. if (!ReadPointer(SessionProcessList, &NextProcess))
  937. {
  938. dprintf("Cannot read memory SessionProcessLinks for rocess %p\n", Process);
  939. NextProcess = 0;
  940. break;
  941. }
  942. while (NextProcess && NextProcess != SessionProcessList)
  943. {
  944. if (CheckControlC())
  945. {
  946. break;
  947. }
  949. (*Callback)(Process, SessionId, Context);
  951. Process = NextProcess - SessionProcessLinksOffset;
  952. if (!ReadPointer(NextProcess, &NextProcess))
  953. {
  954. dprintf("Cannot read memory SessionProcessLinks for rocess %p\n", Process);
  955. break;
  956. }
  957. }
  958. }
  959. SessionSpace = Next - WsListEntryOffset;
  960. } while (Next && (Next != MiSessionWsList));
  961. return TRUE;
  962. }
  965. BOOL
  966. DumpSessionInfo(
  967. IN ULONG Flags,
  968. IN ULONG SessionIdToDump,
  969. IN PCHAR ProcessName
  970. )
  971. {
  972. ULONG TotalSessions;
  973. ULONG WsListEntryOffset;
  974. ULONG SessionOffset;
  975. ULONG SessionProcessLinksOffset;
  976. ULONG64 MiSessionWsList;
  977. ULONG64 SessionWsListStart;
  978. ULONG64 Next;
  979. ULONG64 SessionSpace;
  980. ULONG CurrentSessionId;
  981. PCHAR Pad = " ";
  983. if (SessionIdToDump == DEFAULT_SESSION)
  984. {
  985. SessionId = SessionId;
  986. }
  988. if (!(Flags & 1) && (SessionIdToDump == CURRENT_SESSION))
  989. {
  990. GetCurrentSession(&SessionSpace, &SessionIdToDump);
  991. }
  993. if (SessionIdToDump != -1)
  994. {
  995. dprintf("Dumping Session %lx\n", SessionIdToDump);
  996. Pad = "";
  997. }
  998. else
  999. {
  1000. PRTL_BITMAP pSessionIdBitmap;
  1001. ULONG Id;
  1003. pSessionIdBitmap = GetBitmap(GetPointerValue("nt!MiSessionIdBitmap"));
  1005. TotalSessions = 0;
  1006. if (pSessionIdBitmap)
  1007. {
  1008. for (Id = 0; Id < pSessionIdBitmap->SizeOfBitMap; ++Id)
  1009. {
  1010. if (RtlCheckBit(pSessionIdBitmap, Id))
  1011. {
  1012. TotalSessions++;
  1013. }
  1014. }
  1015. HeapFree( GetProcessHeap(), 0, pSessionIdBitmap );
  1016. }
  1018. if (TotalSessions)
  1019. {
  1020. dprintf("Total sessions : %lx\n", TotalSessions);
  1021. } else
  1022. {
  1023. // GetPointerValue already printed error, We might still be able to get
  1024. // MiSessionWsList so continue
  1025. }
  1026. }
  1028. MiSessionWsList = GetExpression("nt!MiSessionWsList");
  1029. if (!MiSessionWsList || !ReadPointer(MiSessionWsList, &SessionWsListStart))
  1030. {
  1031. dprintf("Cannot get nt!MiSessionWsList\n");
  1032. return FALSE;
  1033. }
  1035. if (GetFieldOffset("nt!_MM_SESSION_SPACE", "WsListEntry", &WsListEntryOffset) ||
  1036. GetFieldOffset("nt!_MM_SESSION_SPACE", "Session", &SessionOffset))
  1037. {
  1038. dprintf("Cannot find nt!_MM_SESSION_SPACE type.\n");
  1039. return FALSE;
  1040. }
  1042. if (GetFieldOffset("nt!_EPROCESS", "SessionProcessLinks", &SessionProcessLinksOffset))
  1043. {
  1044. dprintf("Cannot find nt!_EPROCESS type.\n");
  1045. return FALSE;
  1046. }
  1048. SessionSpace = SessionWsListStart-WsListEntryOffset;
  1050. do
  1051. {
  1052. if (GetFieldValue(SessionSpace, "nt!_MM_SESSION_SPACE", "SessionId", CurrentSessionId) ||
  1053. !ReadPointer(SessionSpace+WsListEntryOffset, &Next) ||
  1054. InitTypeRead(SessionSpace, nt!_MM_SESSION_SPACE) )
  1055. {
  1056. dprintf("Cannot read nt!_MM_SESSION_SPACE @ %p\n", SessionSpace);
  1057. return FALSE;
  1058. }
  1060. if (CheckControlC())
  1061. {
  1062. break;
  1063. }
  1065. if (SessionIdToDump == CurrentSessionId || SessionIdToDump == -1)
  1066. {
  1067. // Dump Session
  1068. dprintf("\n");
  1069. if (SessionIdToDump == -1)
  1070. {
  1071. dprintf("%sSession %lx\n", Pad, CurrentSessionId);
  1072. }
  1073. dprintf("%s_MM_SESSION_SPACE %p\n", Pad, SessionSpace);
  1074. dprintf("%s_MMSESSION %p\n", Pad, SessionSpace+SessionOffset);
  1075. if (Flags & 2)
  1076. {
  1077. // Dump Process in the session
  1078. ULONG64 SessionProcessList = ReadField(ProcessList.Flink);
  1079. ULONG64 NextProcess = 0;
  1080. ULONG64 Process;
  1081. CHAR ImageFileName[64];
  1083. Process = SessionProcessList - SessionProcessLinksOffset;
  1084. if (!ReadPointer(SessionProcessList, &NextProcess))
  1085. {
  1086. dprintf("Cannot read memory SessionProcessLinks for rocess %p\n", Process);
  1087. NextProcess = 0;
  1088. break;
  1089. }
  1090. while (NextProcess && NextProcess != SessionProcessList)
  1091. {
  1092. if (CheckControlC())
  1093. {
  1094. break;
  1095. }
  1097. ZeroMemory(ImageFileName, sizeof(ImageFileName));
  1099. if (ProcessName && *ProcessName)
  1100. {
  1101. if (!GetFieldValue(Process, "nt!_EPROCESS", "ImageFileName", ImageFileName) &&
  1102. !_stricmp(ImageFileName, ProcessName))
  1103. {
  1104. DumpProcess(Pad, Process, Flags >> 2, NULL);
  1105. }
  1106. } else
  1107. {
  1108. DumpProcess(Pad, Process, Flags >> 2, NULL);
  1109. }
  1111. Process = NextProcess - SessionProcessLinksOffset;
  1112. if (!ReadPointer(NextProcess, &NextProcess))
  1113. {
  1114. dprintf("Cannot read memory SessionProcessLinks for rocess %p\n", Process);
  1115. break;
  1116. }
  1117. }
  1118. }
  1119. }
  1120. SessionSpace = Next - WsListEntryOffset;
  1121. } while (Next && (Next != MiSessionWsList));
  1122. return TRUE;
  1123. }
  1126. HRESULT
  1127. GetCurrentSession(
  1128. PULONG64 CurSessionSpace,
  1129. PULONG CurSessionId
  1130. )
  1131. {
  1132. static DEBUG_VALUE LastSessionSpace = { 0, DEBUG_VALUE_INVALID };
  1133. static DEBUG_VALUE LastSessionId = { INVALID_SESSION, DEBUG_VALUE_INVALID };
  1134. ULONG64 SessionSpaceAddr;
  1135. HRESULT hr = S_OK;
  1136. ULONG CurrentSession;
  1138. if (CurSessionSpace != NULL) *CurSessionSpace = 0;
  1139. if (CurSessionId != NULL) *CurSessionId = INVALID_SESSION;
  1141. // Get the current session space
  1142. if (LastSessionSpace.Type == DEBUG_VALUE_INVALID)
  1143. {
  1144. ULONG Processor;
  1145. ULONG64 Process=0, Start;
  1146. ULONG SessionProcessLinksOffset;
  1148. // Get current process
  1149. Process = GetExpression("@$Proc");
  1150. Start = 0;
  1151. GetFieldOffset("nt!_EPROCESS", "SessionProcessLinks", &SessionProcessLinksOffset);
  1153. hr = S_FALSE;
  1154. if (!GetProcessSessionId(Process, &CurrentSession))
  1155. {
  1156. hr = E_FAIL;
  1157. } else
  1158. {
  1159. hr = GetFieldValue(Process, "nt!_EPROCESS", "Session", SessionSpaceAddr);
  1160. }
  1161. if ((hr != S_OK) || (SessionSpaceAddr == 0))
  1162. {
  1163. // This process doesn't belong to a session, look for a process is 0 session
  1164. hr = GetSessionSpace(0, &SessionSpaceAddr, NULL);
  1165. }
  1166. }
  1168. if (hr == S_OK)
  1169. {
  1170. if (CurSessionSpace != NULL) *CurSessionSpace = SessionSpaceAddr;
  1171. if (CurSessionId != NULL) *CurSessionId = CurrentSession;
  1172. }
  1174. return hr;
  1175. }
  1177. HRESULT
  1178. GetSessionSpace(
  1179. ULONG Session,
  1180. PULONG64 pSessionSpace,
  1181. PULONG64 pSessionProcess
  1182. )
  1183. {
  1184. ULONG TotalSessions;
  1185. ULONG WsListEntryOffset;
  1186. ULONG SessionOffset;
  1187. ULONG64 MiSessionWsList;
  1188. ULONG64 SessionWsListStart;
  1189. ULONG64 Next;
  1190. ULONG64 SessionSpace;
  1191. ULONG SessionIdLookup;
  1192. HRESULT hr;
  1194. if (Session == DEFAULT_SESSION)
  1195. {
  1196. Session = SessionId;
  1197. }
  1199. if (Session == CURRENT_SESSION)
  1200. {
  1201. ULONG64 CurSessionSpace;
  1202. ULONG CurSessionId;
  1204. hr = GetCurrentSession(&SessionSpace, &SessionIdLookup);
  1205. if (hr == S_OK)
  1206. {
  1207. if (pSessionSpace)
  1208. {
  1209. *pSessionSpace = SessionSpace;
  1210. }
  1211. return hr;
  1212. }
  1213. }
  1214. else
  1215. {
  1216. if (Session < NUM_CACHED_SESSIONS)
  1217. {
  1218. if (CachedSession[Session].Valid &&
  1219. CachedSession[Session].SessionSpaceAddr != 0)
  1220. {
  1221. if (pSessionSpace != NULL) *pSessionSpace = CachedSession[Session].SessionSpaceAddr;
  1222. if (pSessionProcess != NULL) *pSessionProcess = CachedSession[Session].SessionProcess;
  1223. return S_OK;
  1224. }
  1225. }
  1226. else if (ExtraCachedSessionId != INVALID_SESSION &&
  1227. Session == ExtraCachedSessionId)
  1228. {
  1229. if (CachedSession[NUM_CACHED_SESSIONS].Valid &&
  1230. CachedSession[NUM_CACHED_SESSIONS].SessionSpaceAddr != 0)
  1231. {
  1232. if (pSessionSpace != NULL) *pSessionSpace = CachedSession[NUM_CACHED_SESSIONS].SessionSpaceAddr;
  1233. if (pSessionProcess != NULL) *pSessionProcess = CachedSession[NUM_CACHED_SESSIONS].SessionProcess;
  1234. return S_OK;
  1235. }
  1236. }
  1238. }
  1240. MiSessionWsList = GetExpression("nt!MiSessionWsList");
  1241. if (!MiSessionWsList || !ReadPointer(MiSessionWsList, &SessionWsListStart))
  1242. {
  1243. dprintf("Cannot get nt!MiSessionWsList\n");
  1244. return FALSE;
  1245. }
  1247. if (GetFieldOffset("nt!_MM_SESSION_SPACE", "WsListEntry", &WsListEntryOffset) ||
  1248. GetFieldOffset("nt!_MM_SESSION_SPACE", "Session", &SessionOffset))
  1249. {
  1250. dprintf("Cannot find nt!_MM_SESSION_SPACE type.\n");
  1251. return FALSE;
  1252. }
  1254. SessionSpace = SessionWsListStart-WsListEntryOffset;
  1256. do
  1257. {
  1258. if (GetFieldValue(SessionSpace, "nt!_MM_SESSION_SPACE", "SessionId", SessionIdLookup) ||
  1259. !ReadPointer(SessionSpace+WsListEntryOffset, &Next) ||
  1260. InitTypeRead(SessionSpace, nt!_MM_SESSION_SPACE) )
  1261. {
  1262. dprintf("Cannot read nt!_MM_SESSION_SPACE @ %p\n", SessionSpace);
  1263. return FALSE;
  1264. }
  1266. if (CheckControlC())
  1267. {
  1268. break;
  1269. }
  1271. if (Session == SessionIdLookup)
  1272. {
  1273. ULONG SessionProcessLinksOffset;
  1274. ULONG64 SessionProcessList = ReadField(ProcessList.Flink);
  1276. if (pSessionSpace)
  1277. {
  1278. *pSessionSpace = SessionSpace;
  1279. }
  1280. ExtVerb("Session %ld lookup found Session @ 0x%p.\n",
  1281. Session, SessionSpace);
  1283. if (GetFieldOffset("nt!_EPROCESS", "SessionProcessLinks", &SessionProcessLinksOffset))
  1284. {
  1285. dprintf("Cannot find nt!_EPROCESS type.\n");
  1286. return E_FAIL;
  1287. }
  1289. if (Session < NUM_CACHED_SESSIONS)
  1290. {
  1291. CachedSession[Session].Valid = TRUE;
  1292. CachedSession[Session].SessionSpaceAddr = SessionSpace;
  1293. CachedSession[Session].SessionProcess = SessionProcessList - SessionProcessLinksOffset;
  1294. }
  1295. else
  1296. {
  1297. ExtraCachedSessionId = Session;
  1298. CachedSession[NUM_CACHED_SESSIONS].Valid = TRUE;
  1299. CachedSession[NUM_CACHED_SESSIONS].SessionSpaceAddr = SessionSpace;
  1300. CachedSession[NUM_CACHED_SESSIONS].SessionProcess = SessionProcessList - SessionProcessLinksOffset;
  1301. }
  1303. if (pSessionProcess)
  1304. {
  1305. *pSessionProcess = SessionProcessList - SessionProcessLinksOffset;
  1306. }
  1307. return S_OK;
  1308. }
  1309. SessionSpace = Next - WsListEntryOffset;
  1310. } while (Next && (Next != MiSessionWsList));
  1311. return E_FAIL;
  1312. }
  1314. HRESULT
  1315. GetSessionDirBase(
  1316. PDEBUG_CLIENT Client,
  1317. ULONG Session,
  1318. PULONG64 PageDirBase
  1319. )
  1320. {
  1321. HRESULT hr = S_FALSE;
  1322. ULONG64 SessionSpaceOffset;
  1323. ULONG64 Process = -1;
  1324. ULONG SessionIdCheck;
  1325. ULONG64 dvPageDirBase;
  1326. CHAR szCommand[MAX_PATH];
  1328. static ULONG LastSession = -2;
  1329. static ULONG64 LastSessionPageDirBase = 0;
  1331. if (Session == DEFAULT_SESSION)
  1332. {
  1333. Session = SessionId;
  1334. }
  1336. if (Session == LastSession &&
  1337. LastSessionPageDirBase != 0)
  1338. {
  1339. *PageDirBase = LastSessionPageDirBase;
  1340. return S_OK;
  1341. }
  1343. *PageDirBase = 0;
  1345. if ((hr == GetSessionSpace(Session, &SessionSpaceOffset, NULL)) == S_OK)
  1346. {
  1347. ULONG SessionProcessLinksOffset;
  1349. if ((hr = GetFieldOffset("nt!_EPROCESS", "SessionProcessLinks", &SessionProcessLinksOffset)) == S_OK)
  1350. {
  1351. dprintf("Cannot find nt!_EPROCESS type.\n");
  1352. return E_FAIL;
  1353. }
  1355. ULONG64 SessionProcessListAddr;
  1357. if (GetFieldValue(SessionSpaceOffset, "nt!_MM_SESSION_SPACE",
  1358. "ProcessList.Flink", SessionProcessListAddr) == S_OK)
  1359. {
  1361. Process = SessionProcessListAddr - SessionProcessLinksOffset;
  1362. } else
  1363. {
  1364. dprintf("Cannot read nt!_MM_SESSION_SPACE @ %p\n", SessionSpaceOffset);
  1365. return E_FAIL;
  1366. }
  1367. }
  1368. else
  1369. {
  1370. dprintf("GetSessionSpace returned HRESULT 0x%lx.\n", hr);
  1371. }
  1374. if (GetFieldValue(Process, "nt!_KPROCESS", "DirectoryTableBase[0]", dvPageDirBase) == S_OK &&
  1375. GetProcessSessionId(Process, &SessionIdCheck) == S_OK)
  1376. {
  1377. *PageDirBase = dvPageDirBase;
  1379. if (Session != CURRENT_SESSION &&
  1380. Session != SessionIdCheck)
  1381. {
  1382. hr = S_FALSE;
  1383. }
  1384. else
  1385. {
  1386. LastSession = Session;
  1387. LastSessionPageDirBase = dvPageDirBase;
  1388. }
  1389. }
  1391. return hr;
  1392. }
  1395. #if 0
  1396. HRESULT
  1397. ReadPageTableEntry(
  1398. PDEBUG_DATA_SPACES Data,
  1399. ULONG64 PageTableBase,
  1400. ULONG64 PageTableIndex,
  1401. PULONG64 PageTableEntry
  1402. )
  1403. {
  1404. HRESULT hr;
  1405. ULONG64 PhysAddr = PageTableBase + PageTableIndex * HwPte.Size;
  1406. ULONG BytesRead;
  1409. *PageTableEntry = 0;
  1411. if (CachedPhysAddr[0].Valid &&
  1412. CachedPhysAddr[0].PhysAddr == PhysAddr)
  1413. {
  1414. *PageTableEntry = CachedPhysAddr[0].Data;
  1415. return S_OK;
  1416. }
  1417. else if (CachedPhysAddr[1].Valid &&
  1418. CachedPhysAddr[1].PhysAddr == PhysAddr)
  1419. {
  1420. *PageTableEntry = CachedPhysAddr[1].Data;
  1421. return S_OK;
  1422. }
  1424. hr = Data->ReadPhysical(PhysAddr,
  1425. PageTableEntry,
  1426. HwPte.Size,
  1427. &BytesRead);
  1429. if (hr == S_OK)
  1430. {
  1431. if (BytesRead < HwPte.Size)
  1432. {
  1433. hr = S_FALSE;
  1434. }
  1435. else
  1436. {
  1437. static CacheToggle = 1;
  1439. CacheToggle = (CacheToggle+1) % 2;
  1441. CachedPhysAddr[CacheToggle].Valid = TRUE;
  1442. CachedPhysAddr[CacheToggle].PhysAddr = *PageTableEntry;
  1443. }
  1444. }
  1446. return hr;
  1447. }
  1450. HRESULT
  1451. GetPageFrameNumber(
  1452. PDEBUG_CLIENT Client,
  1453. PDEBUG_DATA_SPACES Data,
  1454. ULONG64 PageTableBase,
  1455. ULONG64 PageTableIndex,
  1456. PULONG64 PageFrameNumber,
  1457. PBOOL Large
  1458. )
  1459. {
  1460. HRESULT hr;
  1461. ULONG64 PageTableEntry;
  1462. ULONG64 Valid, Proto, Trans, LargePage;
  1463. ULONG64 pfn;
  1465. if ((hr = ReadPageTableEntry(Data, PageTableBase, PageTableIndex, &PageTableEntry)) == S_OK)
  1466. {
  1467. if ((hr = GetMMPTEValid(Client, PageTableEntry, &Valid)) == S_OK)
  1468. {
  1469. if (Valid)
  1470. {
  1471. hr = GetMMPTEpfn(Client, PageTableEntry, PageFrameNumber, GET_BITS_UNSHIFTED);
  1473. if (hr == S_OK)
  1474. {
  1475. if (GetMMPTEX86LargePage(Client, PageTableEntry, &LargePage) == S_OK &&
  1476. LargePage != 0)
  1477. {
  1478. // Large pages map 4MB of space - there shouldn't
  1479. // be any bits set below that.
  1480. if (*PageFrameNumber & (4*1024*1024 - 1))
  1481. {
  1482. #if DBG
  1483. DbgPrint("Found large X86 page with bad frame number.\n");
  1484. DbgBreakPoint();
  1485. #endif
  1486. }
  1488. if (Large == NULL)
  1489. {
  1490. #if DBG
  1491. DbgPrint("Unexpected large X86 page found.\n");
  1492. DbgBreakPoint();
  1493. #endif
  1494. }
  1495. else
  1496. {
  1497. *Large = TRUE;
  1498. }
  1499. }
  1500. else if (Large != NULL)
  1501. {
  1502. *Large = FALSE;
  1503. }
  1504. }
  1505. }
  1506. else
  1507. {
  1508. if ((hr = GetMMPTEProto(Client, PageTableEntry, &Proto)) == S_OK &&
  1509. (hr = GetMMPTETrans(Client, PageTableEntry, &Trans)) == S_OK)
  1510. {
  1511. if (Proto == 0 && Trans == 1)
  1512. {
  1513. hr = GetMMPTEpfn(Client, PageTableEntry, PageFrameNumber, GET_BITS_UNSHIFTED);
  1514. }
  1515. else
  1516. {
  1517. hr = S_FALSE;
  1518. }
  1519. }
  1520. }
  1521. }
  1522. }
  1524. return hr;
  1525. }
  1527. HRESULT
  1528. GetNextResidentPage(
  1529. PDEBUG_CLIENT Client,
  1530. ULONG64 PageDirBase,
  1531. ULONG64 VirtAddrStart,
  1532. ULONG64 VirtAddrLimit,
  1533. PULONG64 VirtPage,
  1534. PULONG64 PhysPage
  1535. )
  1536. {
  1537. HRESULT hr;
  1538. BOOL Interrupted = FALSE;
  1539. PDEBUG_CONTROL Control = NULL;
  1540. PDEBUG_DATA_SPACES Data = NULL;
  1541. ULONG64 PageDirIndex;
  1542. ULONG64 PageTableIndex;
  1543. ULONG64 PageDirIndexLimit;
  1544. ULONG64 PageTableIndexLimit;
  1545. ULONG64 PageTableBase;
  1546. BOOL LargePage;
  1547. ULONG64 TempAddr;
  1549. if (VirtPage == NULL) VirtPage = &TempAddr;
  1550. if (PhysPage == NULL) PhysPage = &TempAddr;
  1552. *VirtPage = 0;
  1553. *PhysPage = 0;
  1555. if ((hr = Client->QueryInterface(__uuidof(IDebugDataSpaces),
  1556. (void **)&Data)) == S_OK &&
  1557. (hr = Client->QueryInterface(__uuidof(IDebugControl),
  1558. (void **)&Control)) == S_OK)
  1559. {
  1560. if (!HwPte.Valid)
  1561. {
  1562. PDEBUG_SYMBOLS Symbols;
  1564. if ((hr = Client->QueryInterface(__uuidof(IDebugSymbols),
  1565. (void **)&Symbols)) == S_OK)
  1566. {
  1567. if ((hr = Symbols->GetSymbolTypeId(HwPte.Type, &HwPte.TypeId, &HwPte.Module)) == S_OK &&
  1568. (hr = Symbols->GetTypeSize(HwPte.Module, HwPte.TypeId, &HwPte.Size)) == S_OK &&
  1569. HwPte.Size != 0)
  1570. {
  1571. HwPte.Valid = TRUE;
  1572. }
  1573. else if (hr == S_OK)
  1574. {
  1575. hr = E_FAIL;
  1576. }
  1578. Symbols->Release();
  1579. }
  1580. }
  1582. if (HwPte.Valid)
  1583. {
  1584. ULONG TableEntries = PageSize / HwPte.Size;
  1585. ULONG64 Addr;
  1587. *VirtPage = PAGE_ALIGN64(VirtAddrStart);
  1589. Addr = VirtAddrStart >> PageShift;
  1590. PageTableIndex = Addr % TableEntries;
  1591. PageDirIndex = (Addr / TableEntries) % TableEntries;
  1593. Addr = VirtAddrLimit >> PageShift;
  1594. PageTableIndexLimit = Addr % TableEntries;
  1595. PageDirIndexLimit = (Addr / TableEntries) % TableEntries;
  1597. if (VirtAddrLimit & (PageSize-1))
  1598. {
  1599. PageTableIndexLimit++;
  1600. }
  1602. hr = S_FALSE;
  1604. while (PageDirIndex < PageDirIndexLimit && hr != S_OK)
  1605. {
  1606. if ((hr = GetPageFrameNumber(Client, Data,
  1607. PageDirBase, PageDirIndex,
  1608. &PageTableBase, &LargePage)) == S_OK)
  1609. {
  1610. if (LargePage)
  1611. {
  1612. *PhysPage = PageTableBase;
  1613. }
  1614. else
  1615. {
  1616. do
  1617. {
  1618. if ((hr = GetPageFrameNumber(Client, Data,
  1619. PageTableBase, PageTableIndex,
  1620. PhysPage, NULL)) != S_OK)
  1621. {
  1622. hr = Control->GetInterrupt();
  1624. if (hr == S_OK)
  1625. {
  1626. Interrupted = TRUE;
  1627. Control->SetInterrupt(DEBUG_INTERRUPT_PASSIVE);
  1628. }
  1629. else
  1630. {
  1631. PageTableIndex++;
  1632. *VirtPage += PageSize;
  1633. }
  1634. }
  1635. } while (PageTableIndex < TableEntries && hr != S_OK);
  1636. }
  1637. }
  1638. else
  1639. {
  1640. *VirtPage += PageSize * (TableEntries - PageTableIndex);
  1641. }
  1643. if (hr != S_OK)
  1644. {
  1645. hr = Control->GetInterrupt();
  1647. if (hr == S_OK)
  1648. {
  1649. Interrupted = TRUE;
  1650. Control->SetInterrupt(DEBUG_INTERRUPT_PASSIVE);
  1651. }
  1652. else
  1653. {
  1654. PageTableIndex = 0;
  1655. PageDirIndex++;
  1656. }
  1657. }
  1658. }
  1660. if (PageDirIndex == PageDirIndexLimit &&
  1661. PageTableIndex < PageTableIndexLimit &&
  1662. hr != S_OK)
  1663. {
  1664. if ((hr = GetPageFrameNumber(Client, Data,
  1665. PageDirBase, PageDirIndex,
  1666. &PageTableBase, &LargePage)) == S_OK)
  1667. {
  1668. if (LargePage)
  1669. {
  1670. *PhysPage = PageTableBase;
  1671. }
  1672. else
  1673. {
  1674. do
  1675. {
  1676. if ((hr = GetPageFrameNumber(Client, Data,
  1677. PageTableBase, PageTableIndex,
  1678. PhysPage, NULL)) != S_OK)
  1679. {
  1680. hr = Control->GetInterrupt();
  1682. if (hr == S_OK)
  1683. {
  1684. Interrupted = TRUE;
  1685. Control->SetInterrupt(DEBUG_INTERRUPT_PASSIVE);
  1686. }
  1687. else
  1688. {
  1689. PageTableIndex++;
  1690. *VirtPage += PageSize;
  1691. }
  1692. }
  1693. } while (PageTableIndex < PageTableIndexLimit && hr != S_OK);
  1694. }
  1695. }
  1696. }
  1697. }
  1699. }
  1701. if (Control != NULL) Control->Release();
  1702. if (Data != NULL) Data->Release();
  1704. return ((Interrupted) ? E_ABORT : hr);
  1705. }
  1708. HRESULT
  1709. GetNextResidentAddress(
  1710. PDEBUG_CLIENT Client,
  1711. ULONG Session,
  1712. ULONG64 VirtAddrStart,
  1713. ULONG64 VirtAddrLimit,
  1714. PULONG64 VirtAddr,
  1715. PULONG64 PhysAddr
  1716. )
  1717. {
  1718. if (Client == NULL) return E_INVALIDARG;
  1720. HRESULT hr = S_OK;
  1721. ULONG64 PageDirBase;
  1723. if (Session == DEFAULT_SESSION)
  1724. {
  1725. Session = SessionId;
  1726. }
  1729. if (Session < NUM_CACHED_DIR_BASES &&
  1730. CachedDirBase[Session].Valid)
  1731. {
  1732. PageDirBase = CachedDirBase[Session].PageDirBase;
  1733. }
  1734. else if (SessionId == CURRENT_SESSION &&
  1735. CachedDirBase[NUM_CACHED_DIR_BASES].Valid)
  1736. {
  1737. PageDirBase = CachedDirBase[NUM_CACHED_DIR_BASES].PageDirBase;
  1738. }
  1739. else
  1740. {
  1741. DEBUG_VALUE SessionIdCheck;
  1742. DEBUG_VALUE dvPageDirBase;
  1743. BOOL ShortProcessList = (Session == CURRENT_SESSION);
  1744. ULONG Processor;
  1745. ULONG64 Process=0;
  1746. ULONG64 ProcessListHead = 0;
  1747. ULONG64 ProcessListNext = 0;
  1748. ULONG ActiveProcessLinksOff;
  1749. ULONG CurrentSession;
  1751. if (!GetCurrentProcessor(g_ExtClient, &Processor, NULL))
  1752. {
  1753. Processor = 0;
  1754. }
  1755. GetCurrentProcessAddr(Processor, 0, &Process);
  1756. GetProcessHead(&ProcessListHead, &ProcessListNext);
  1757. if (GetFieldOffset("nt!_EPROCESS", "ActiveProcessLinks", &ActiveProcessLinksOff))
  1758. {
  1759. dprintf("Unable to get EPROCESS.ActiveProcessLinks offset\n");
  1760. hr = E_FAIL;;
  1761. ProcessListNext = 0;
  1762. }
  1763. hr = S_FALSE;
  1765. while ((ProcessListNext != ProcessListHead) && ProcessListNext &&
  1766. (hr != S_OK))
  1767. {
  1768. if (!ShortProcessList)
  1769. {
  1770. Process = ProcessListNext - ActiveProcessLinksOff;
  1772. if (!ReadPointer(ProcessListNext, &ProcessListNext))
  1773. {
  1774. dprintf("Cannot read EPROCESS at %p\n", Process);
  1775. hr = E_FAIL;
  1776. break;
  1777. }
  1779. if (CheckControlC())
  1780. {
  1781. hr = E_FAIL;
  1782. break;
  1783. }
  1784. }
  1786. if (!GetProcessSessionId(Process, &CurrentSession))
  1787. {
  1788. hr = E_FAIL;
  1789. break;
  1790. }
  1791. GetFieldValue(Process, "nt!_KPROCESS", "DirectoryTableBase[0]", PageDirBase);
  1793. if (!IsPtr64())
  1794. {
  1795. PageDirBase = (ULONG64) (LONG64) (LONG) PageDirBase;
  1796. }
  1798. if ((Session == CurrentSession) || ShortProcessList)
  1799. {
  1800. hr = S_OK;
  1802. if (Session < NUM_CACHED_DIR_BASES)
  1803. {
  1804. CachedDirBase[Session].Valid = TRUE;
  1805. CachedDirBase[Session].PageDirBase = PageDirBase;
  1806. }
  1807. else if (Session == CURRENT_SESSION)
  1808. {
  1809. CachedDirBase[NUM_CACHED_DIR_BASES].Valid = TRUE;
  1810. CachedDirBase[NUM_CACHED_DIR_BASES].PageDirBase = PageDirBase;
  1811. }
  1812. }
  1813. }
  1814. }
  1816. if (hr == S_OK)
  1817. {
  1818. hr = GetNextResidentPage(Client,
  1819. PageDirBase,
  1820. VirtAddrStart,
  1821. VirtAddrLimit,
  1822. VirtAddr,
  1823. PhysAddr);
  1824. }
  1825. else
  1826. {
  1827. ExtVerb("Page Directory Base lookup failed.\n");
  1828. }
  1830. return hr;
  1831. }
  1832. #endif
  1834. DECLARE_API( dss )
  1836. /*++
  1838. Routine Description:
  1840. Dumps the session space structure
  1842. Arguments:
  1844. None.
  1846. Return Value:
  1848. None.
  1850. --*/
  1852. {
  1853. ULONG Result;
  1854. ULONG64 MmSessionSpace;
  1855. ULONG64 MmSessionSpacePtr = 0;
  1856. ULONG64 Wsle;
  1858. MmSessionSpacePtr = GetExpression(args);
  1860. if( MmSessionSpacePtr == 0 ) {
  1861. MmSessionSpacePtr = GetExpression("nt!MmSessionSpace");
  1862. if( !MmSessionSpacePtr ) {
  1863. dprintf("Unable to get address of MmSessionSpace\n");
  1864. return E_INVALIDARG;
  1865. }
  1867. if (!ReadPointer( MmSessionSpacePtr, &MmSessionSpace)) {
  1868. dprintf("Unable to get value of MmSessionSpace\n");
  1869. return E_INVALIDARG;
  1870. }
  1871. } else {
  1872. MmSessionSpace = MmSessionSpacePtr;
  1873. }
  1875. dprintf("MM_SESSION_SPACE at 0x%p\n",
  1876. MmSessionSpace
  1877. );
  1879. if (GetFieldValue(MmSessionSpace, "MM_SESSION_SPACE", "Wsle", Wsle)) {
  1880. dprintf("Unable to get value of MM_SESSION_SPACE at 0x%p\n",MmSessionSpace);
  1881. return E_INVALIDARG;
  1882. }
  1884. GetFieldOffset("MM_SESSION_SPACE", "PageTables", &Result);
  1885. dprintf("&PageTables %p\n",
  1886. MmSessionSpace + Result
  1887. );
  1889. GetFieldOffset("MM_SESSION_SPACE", "PagedPoolInfo", &Result);
  1890. dprintf("&MM_PAGED_POOL_INFO %x\n",
  1891. MmSessionSpace + Result
  1892. );
  1894. GetFieldOffset("MM_SESSION_SPACE", "Vm", &Result);
  1895. dprintf("&MMSUPPORT %p\n",
  1896. MmSessionSpace + Result
  1897. );
  1899. GetFieldOffset("MM_SESSION_SPACE", "Wsle", &Result);
  1900. dprintf("&PMMWSLE %p\n",
  1901. MmSessionSpace + Result
  1902. );
  1904. GetFieldOffset("MM_SESSION_SPACE", "Session", &Result);
  1905. dprintf("&MMSESSION %p\n",
  1906. MmSessionSpace + Result
  1907. );
  1909. GetFieldOffset("MM_SESSION_SPACE", "WorkingSetLockOwner", &Result);
  1910. dprintf("&WorkingSetLockOwner %p\n",
  1911. MmSessionSpace + Result
  1912. );
  1914. GetFieldOffset("MM_SESSION_SPACE", "PagedPool", &Result);
  1915. dprintf("&POOL_DESCRIPTOR %p\n",
  1916. MmSessionSpace + Result
  1917. );
  1919. return S_OK;
  1920. }
  1923. DECLARE_API( session )
  1924. {
  1925. INIT_API();
  1927. HRESULT hr;
  1928. ULONG NewSession = CURRENT_SESSION;
  1929. ULONG CurrentSession = INVALID_SESSION;
  1930. ULONG SessionCount = 0;
  1931. BOOL SetSession = FALSE;
  1932. PRTL_BITMAP SessionList = NULL;
  1933. DEBUG_VALUE DebugValue;
  1934. ULONG Remainder;
  1936. while (*args && isspace(*args)) args++;
  1937. if (args[0] == '-' || args[0] == '/')
  1938. {
  1939. if (args[1] == '?')
  1940. {
  1941. ExtOut("session displays number of sessions on machine and\n"
  1942. " the default SessionId used by session related extensions.\n"
  1943. "\n"
  1944. "Usage: session [ [-s] SessionId]\n"
  1945. " -s - sets default session used for session extensions\n"
  1946. "Note: Use !sprocess to dump session process\n");
  1948. EXIT_API();
  1949. return S_OK;
  1950. } else if (args[1] == 's')
  1951. {
  1952. args+=2;
  1953. SetSession = TRUE;
  1954. }
  1955. }
  1957. hr = g_ExtControl->Evaluate(args, DEBUG_VALUE_INT32, &DebugValue, &Remainder);
  1958. if (hr == S_OK)
  1959. {
  1960. args += Remainder;
  1961. }
  1962. if (GetSessionNumbers(Client, &CurrentSession, NULL, &SessionCount, &SessionList) == S_OK)
  1963. {
  1964. if (SessionCount != 0)
  1965. {
  1966. ExtOut("Sessions on machine: %lu\n", SessionCount);
  1968. // If a session wasn't specified,
  1969. // list valid sessions (up to a point).
  1970. if (hr != S_OK)
  1971. {
  1972. ULONG SessionLimit = SessionList->SizeOfBitMap;
  1974. ExtOut("Valid Sessions:");
  1976. for (ULONG CheckSession = 0; CheckSession <= SessionLimit; CheckSession++)
  1977. {
  1978. if (RtlCheckBit(SessionList, CheckSession)
  1979. /*GetSessionSpace(Client, CheckSession, NULL) == S_OK*/)
  1980. {
  1981. ExtOut(" %lu", CheckSession);
  1982. SessionCount--;
  1983. if (SessionCount == 0) break;
  1984. }
  1986. if (g_ExtControl->GetInterrupt() == S_OK)
  1987. {
  1988. ExtWarn("\n User aborted.\n");
  1989. break;
  1990. }
  1991. }
  1993. if (SessionCount > 0)
  1994. {
  1995. ExtOut(" ...?");
  1996. }
  1997. ExtOut("\n");
  1998. }
  1999. }
  2000. else if (SessionList)
  2001. {
  2002. ExtOut("There are ZERO session on machine.\n");
  2003. }
  2004. else
  2005. {
  2006. ExtErr("Couldn't determine number of sessions.\n");
  2007. }
  2009. if (SessionList)
  2010. {
  2011. FreeBitMap(SessionList);
  2012. }
  2014. if (CurrentSession != INVALID_SESSION)
  2015. {
  2016. ExtVerb("Running session: %lu\n", CurrentSession);
  2017. }
  2018. }
  2020. if ((hr == S_OK) && SetSession)
  2021. {
  2022. NewSession = DebugValue.I32;
  2024. ExtVerb("Previous Default Session: %s\n", SessionStr);
  2026. if (SetDefaultSession(Client, NewSession, NULL) != S_OK)
  2027. {
  2028. ExtErr("Couldn't set Session %lu.\n", NewSession);
  2029. }
  2030. ExtOut("Using session %s", SessionStr);
  2031. }
  2033. if (SessionId == CURRENT_SESSION)
  2034. {
  2035. if (CurrentSession != INVALID_SESSION)
  2036. {
  2037. ExtOut("Current Session %d", CurrentSession);
  2038. }
  2039. else
  2040. {
  2041. ExtOut("Error in reading current session");
  2042. }
  2043. }
  2044. ExtOut("\n");
  2046. EXIT_API();
  2047. return S_OK;
  2048. }
  2051. DECLARE_API( svtop )
  2052. {
  2053. INIT_API();
  2055. HRESULT hr;
  2056. DEBUG_VALUE SessVirtAddr;
  2057. ULONG64 PhysAddr;
  2059. if (S_OK == g_ExtControl->Evaluate(args, DEBUG_VALUE_INT64, &SessVirtAddr, NULL))
  2060. {
  2061. ExtOut("Use !vtop 0 %p\n", SessVirtAddr.I64);
  2062. }
  2063. else
  2064. {
  2065. ExtOut("Use !vtop 0 VirtualAddress\n");
  2066. }
  2068. EXIT_API();
  2069. return S_OK;
  2070. }
  2073. DECLARE_API( sprocess )
  2074. {
  2075. INIT_API();
  2077. HRESULT hr;
  2078. DEBUG_VALUE Session;
  2079. ULONG RemainingArgIndex;
  2080. DEBUG_VALUE Flag;
  2082. while (*args && isspace(*args)) args++;
  2083. if (args[0] == '-' && args[1] == '?')
  2084. {
  2085. ExtOut("sprocess is like !process, but for the SessionId specified.\n"
  2086. "\n"
  2087. "Usage: sprocess [SessionId [Flags]]\n"
  2088. " SessionId - specifies which session to dump.\n"
  2089. " Special SessionId values:\n"
  2090. " -1 - current session\n"
  2091. " Flags - see !process help\n");
  2093. EXIT_API();
  2094. return S_OK;
  2095. }
  2097. ULONG OldRadix;
  2098. g_ExtControl->GetRadix(&OldRadix);
  2099. g_ExtControl->SetRadix(10);
  2100. hr = g_ExtControl->Evaluate(args, DEBUG_VALUE_INT32, &Session, &RemainingArgIndex);
  2101. g_ExtControl->SetRadix(OldRadix);
  2103. Flag.I32 = 0;
  2105. if (hr != S_OK)
  2106. {
  2107. Session.I32 = SessionId;
  2108. hr = S_OK;
  2109. }
  2110. else
  2111. {
  2112. args += RemainingArgIndex;
  2113. hr = g_ExtControl->Evaluate(args, DEBUG_VALUE_INT32, &Flag, &RemainingArgIndex);
  2114. if (hr == S_OK)
  2115. {
  2116. args += RemainingArgIndex;
  2117. }
  2118. }
  2120. Flag.I32 = (Flag.I32 << 2) | 2;
  2121. while (*args && *args == ' ') ++args;
  2123. hr = DumpSessionInfo(Flag.I32, Session.I32, (PCHAR) (*args ? args : NULL));
  2125. EXIT_API();
  2126. return hr;
  2127. }
  2129. HRESULT
  2130. SearchLinkedList(
  2131. PDEBUG_CLIENT Client,
  2132. ULONG64 StartAddr,
  2133. ULONG64 NextLinkOffset,
  2134. ULONG64 SearchAddr,
  2135. PULONG LinksTraversed
  2136. )
  2137. {
  2138. if (LinksTraversed != NULL)
  2139. {
  2140. *LinksTraversed = 0;
  2141. }
  2143. INIT_API();
  2145. HRESULT hr = S_OK;
  2146. ULONG64 PhysAddr;
  2147. ULONG64 NextAddr = StartAddr;
  2148. ULONG LinkCount = 0;
  2149. ULONG PointerSize;
  2150. ULONG BytesRead;
  2152. PointerSize = (g_ExtControl->IsPointer64Bit() == S_OK) ? 8 : 4;
  2154. do
  2155. {
  2156. if ((hr = g_ExtData->ReadVirtual(NextLinkOffset + NextLinkOffset,
  2157. &NextAddr,
  2158. PointerSize,
  2159. &BytesRead)) == S_OK)
  2160. {
  2161. if (BytesRead == PointerSize)
  2162. {
  2163. LinkCount++;
  2164. if (PointerSize != 8)
  2165. {
  2166. NextAddr = DEBUG_EXTEND64(NextAddr);
  2167. }
  2168. ExtVerb("NextAddr: %p\n", NextAddr);
  2169. }
  2170. else
  2171. {
  2172. hr = S_FALSE;
  2173. }
  2174. }
  2175. } while (hr == S_OK &&
  2176. NextAddr != SearchAddr &&
  2177. NextAddr != 0 &&
  2178. LinkCount < 4 &&
  2179. NextAddr != StartAddr);
  2181. if (LinksTraversed != NULL)
  2182. {
  2183. *LinksTraversed = LinkCount;
  2184. }
  2186. // Did we really find SearchAddr?
  2187. if (hr == S_OK &&
  2188. NextAddr != SearchAddr)
  2189. {
  2190. hr = S_FALSE;
  2191. }
  2193. EXIT_API();
  2194. return hr;
  2195. }
  2198. DECLARE_API( walklist )
  2199. {
  2200. INIT_API();
  2202. HRESULT hr;
  2203. BOOL NeedHelp = FALSE;
  2204. BOOL SearchSessions = FALSE;
  2205. DEBUG_VALUE StartAddr;
  2206. DEBUG_VALUE OffsetToNextField = { -1, DEBUG_VALUE_INVALID };//FIELD_OFFSET(Win32PoolHead, pNext);
  2207. DEBUG_VALUE SearchAddr;
  2208. ULONG NextArg;
  2209. ULONG SessionCount;
  2210. ULONG Session = 0;
  2211. ULONG OldDefSession;
  2212. ULONG LinksToDest = 0;
  2214. while (*args && isspace(*args)) args++;
  2216. while (args[0] == '-' && !NeedHelp)
  2217. {
  2218. if (tolower(args[1]) == 'a' && isspace(args[2]))
  2219. {
  2220. SearchSessions = TRUE;
  2221. args += 2;
  2222. while (*args && isspace(*args)) args++;
  2223. }
  2224. else if (tolower(args[1]) == 'o' &&
  2225. GetExpressionEx(args+2,
  2226. &OffsetToNextField.I64, &args) == TRUE)
  2227. {
  2228. while (*args && isspace(*args)) args++;
  2229. }
  2230. else
  2231. {
  2232. NeedHelp = TRUE;
  2233. }
  2234. }
  2236. if (!NeedHelp &&
  2237. S_OK == g_ExtControl->Evaluate(args, DEBUG_VALUE_INT64, &StartAddr, &NextArg))
  2238. {
  2239. args += NextArg;
  2240. if (S_OK != g_ExtControl->Evaluate(args, DEBUG_VALUE_INT64, &SearchAddr, &NextArg))
  2241. {
  2242. SearchAddr.I64 = 0;
  2243. }
  2245. if (OffsetToNextField.Type == DEBUG_VALUE_INVALID)
  2246. {
  2247. ExtWarn("Assuming next field's offset is +8.\n");
  2248. OffsetToNextField.I64 = 8;
  2249. }
  2250. else
  2251. {
  2252. ExtOut("Using field at offset +0x%I64u for next.\n", OffsetToNextField.I64);
  2253. }
  2255. if (SearchSessions &&
  2256. GetSessionNumbers(Client, NULL, &OldDefSession, &SessionCount, NULL) == S_OK &&
  2257. SessionCount > 0)
  2258. {
  2259. ExtOut("Searching all sessions lists @ %p for %p\n", StartAddr.I64, SearchAddr.I64);
  2261. do
  2262. {
  2263. while (SetDefaultSession(Client, Session, NULL) != S_OK &&
  2264. Session <= SESSION_SEARCH_LIMIT)
  2265. {
  2266. Session++;
  2267. }
  2269. if (Session <= SESSION_SEARCH_LIMIT)
  2270. {
  2271. if ((hr = SearchLinkedList(Client, StartAddr.I64, OffsetToNextField.I64, SearchAddr.I64, &LinksToDest)) == S_OK)
  2272. {
  2273. ExtOut("Session %lu: Found %p after walking %lu linked list entries.\n", Session, SearchAddr.I64, LinksToDest);
  2274. }
  2275. else
  2276. {
  2277. ExtOut("Session %lu: Couldn't find %p after walking %lu linked list entries.\n", Session, SearchAddr.I64, LinksToDest);
  2278. }
  2280. Session++;
  2281. SessionCount--;
  2282. }
  2283. } while (SessionCount > 0 && Session <= SESSION_SEARCH_LIMIT);
  2285. if (SessionCount)
  2286. {
  2287. ExtErr("%lu sessions beyond session %lu were not searched.\n",
  2288. SessionCount, SESSION_SEARCH_LIMIT);
  2289. }
  2291. SetDefaultSession(Client, OldDefSession, NULL);
  2292. }
  2293. else
  2294. {
  2295. ExtOut("Searching Session %s list @ %p for %p\n", SessionStr, StartAddr.I64, SearchAddr.I64);
  2297. if ((hr = SearchLinkedList(Client, StartAddr.I64, OffsetToNextField.I64, SearchAddr.I64, &LinksToDest)) == S_OK)
  2298. {
  2299. ExtOut("Found %p after walking %lu linked list entries.\n", SearchAddr.I64, LinksToDest);
  2300. }
  2301. else
  2302. {
  2303. ExtOut("Couldn't find %p after walking %lu linked list entries.\n", SearchAddr.I64, LinksToDest);
  2304. }
  2305. }
  2306. }
  2307. else
  2308. {
  2309. NeedHelp = TRUE;
  2310. }
  2312. if (NeedHelp)
  2313. {
  2314. ExtOut("Usage: walklist [-a] StartAddress [SearchAddr]\n");
  2315. }
  2317. EXIT_API();
  2318. return S_OK;
  2319. }
  2322. HRESULT
  2323. GetBitMap(
  2324. PDEBUG_CLIENT Client,
  2325. ULONG64 pBitMap,
  2326. PRTL_BITMAP *pBitMapOut
  2327. )
  2328. {
  2329. HRESULT hr;
  2330. PRTL_BITMAP p;
  2331. ULONG Size;
  2332. ULONG64 Buffer;
  2333. ULONG BufferLen;
  2334. ULONG BytesRead = 0;
  2337. *pBitMapOut = NULL;
  2339. if ((GetFieldValue(pBitMap, "nt!_RTL_BITMAP", "SizeOfBitMap", Size) == S_OK) &&
  2340. (GetFieldValue(pBitMap, "nt!_RTL_BITMAP", "Buffer", Buffer) == S_OK))
  2341. {
  2342. PDEBUG_DATA_SPACES Data;
  2344. if ((hr = Client->QueryInterface(__uuidof(IDebugDataSpaces),
  2345. (void **)&Data)) == S_OK)
  2346. {
  2347. BufferLen = (Size + 7) / 8;
  2349. #if DBG
  2350. ExtVerb("Reading RTL_BITMAP @ 0x%p:\n"
  2351. " SizeOfBitMap: %lu\n"
  2352. " Buffer: 0x%p\n"
  2353. " Length in bytes: 0x%lx\n",
  2354. pBitMap,
  2355. Size,
  2356. Buffer,
  2357. BufferLen);
  2358. #endif
  2360. p = (PRTL_BITMAP) HeapAlloc( GetProcessHeap(), 0, sizeof( *p ) + BufferLen );
  2362. if (p != NULL)
  2363. {
  2364. RtlInitializeBitMap(p, (PULONG)(p + 1), Size);
  2365. hr = Data->ReadVirtual(Buffer, p->Buffer, BufferLen, &BytesRead);
  2367. if (hr != S_OK)
  2368. {
  2369. ExtErr("Error reading bitmap contents @ 0x%p\n", Buffer);
  2370. }
  2371. else if (BytesRead < BufferLen)
  2372. {
  2373. ExtErr("Error reading bitmap contents @ 0x%p\n", Buffer + BytesRead);
  2374. hr = E_FAIL;
  2375. }
  2377. if (hr != S_OK)
  2378. {
  2379. HeapFree( GetProcessHeap(), 0, p );
  2380. p = NULL;
  2381. }
  2382. else
  2383. {
  2384. *pBitMapOut = p;
  2385. }
  2386. }
  2387. else
  2388. {
  2389. hr = E_OUTOFMEMORY;
  2390. }
  2392. Data->Release();
  2393. }
  2394. else
  2395. {
  2396. ExtErr("Error setting up debugger interface.\n");
  2397. }
  2398. }
  2399. else
  2400. {
  2401. ExtErr("Error reading bitmap header @ 0x%p.\n", pBitMap);
  2402. }
  2404. return hr;
  2405. }
  2408. HRESULT
  2409. FreeBitMap(
  2410. PRTL_BITMAP pBitMap
  2411. )
  2412. {
  2413. return (HeapFree( GetProcessHeap(), 0, pBitMap) ? S_OK : S_FALSE);
  2414. }
  2417. HRESULT
  2418. CheckSingleFilter(
  2419. PUCHAR Tag,
  2420. PUCHAR Filter
  2421. )
  2422. {
  2423. ULONG i;
  2424. UCHAR tc;
  2425. UCHAR fc;
  2427. for ( i = 0; i < 4; i++ )
  2428. {
  2429. tc = (UCHAR) *Tag++;
  2430. fc = (UCHAR) *Filter++;
  2431. if ( fc == '*' ) return S_OK;
  2432. if ( fc == '?' ) continue;
  2433. if (i == 3 && (tc & ~(PROTECTED_POOL >> 24)) == fc) continue;
  2434. if ( tc != fc ) return S_FALSE;
  2435. }
  2437. return S_OK;
  2438. }
  2441. HRESULT
  2442. AccumAllFilter(
  2443. ULONG64 PoolAddr,
  2444. ULONG TagFilter,
  2445. ULONG64 PoolHeader,
  2446. PDEBUG_VALUE Tag,
  2447. ULONG BlockSize,
  2448. BOOL bQuotaWithTag,
  2449. PVOID Context
  2450. )
  2451. {
  2452. HRESULT hr;
  2453. DEBUG_VALUE PoolType;
  2454. PALLOCATION_STATS AllocStatsAccum = (PALLOCATION_STATS)Context;
  2456. if (AllocStatsAccum == NULL)
  2457. {
  2458. return E_INVALIDARG;
  2459. }
  2461. hr = GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "PoolType", PoolType.I32);
  2463. if (hr == S_OK)
  2464. {
  2465. if (PoolType.I32 == 0)
  2466. {
  2467. AllocStatsAccum->Free++;
  2468. AllocStatsAccum->FreeSize += BlockSize;
  2469. }
  2470. else
  2471. {
  2472. DEBUG_VALUE PoolIndex;
  2474. if (!NewPool)
  2475. {
  2476. hr = GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "PoolIndex", PoolIndex.I32);
  2477. }
  2479. if (hr == S_OK)
  2480. {
  2481. if (NewPool ? (PoolType.I32 & 0x04) : (PoolIndex.I32 & 0x80))
  2482. {
  2483. AllocStatsAccum->Allocated++;
  2484. AllocStatsAccum->AllocatedSize += BlockSize;
  2486. if (AllocStatsAccum->Allocated % 100 == 0)
  2487. {
  2488. ExtOut(".");
  2490. if (AllocStatsAccum->Allocated % 8000 == 0)
  2491. {
  2492. ExtOut("\n");
  2493. }
  2494. }
  2495. }
  2496. else
  2497. {
  2498. AllocStatsAccum->Free++;
  2499. AllocStatsAccum->FreeSize += BlockSize;
  2500. }
  2501. }
  2502. else
  2503. {
  2504. AllocStatsAccum->Indeterminate++;
  2505. AllocStatsAccum->IndeterminateSize += BlockSize;
  2506. }
  2507. }
  2508. }
  2509. else
  2510. {
  2511. AllocStatsAccum->Indeterminate++;
  2512. AllocStatsAccum->IndeterminateSize += BlockSize;
  2513. }
  2515. return hr;
  2516. }
  2518. HRESULT
  2519. CheckPrintAndAccumFilter(
  2520. ULONG64 PoolAddr,
  2521. ULONG TagFilter,
  2522. ULONG64 PoolHeader,
  2523. PDEBUG_VALUE Tag,
  2524. ULONG BlockSize,
  2525. BOOL bQuotaWithTag,
  2526. PVOID Context
  2527. )
  2528. {
  2529. HRESULT hr;
  2530. DEBUG_VALUE PoolType;
  2531. PALLOCATION_STATS AllocStatsAccum = (PALLOCATION_STATS)Context;
  2533. if (CheckSingleFilter(Tag->RawBytes, (PUCHAR)&TagFilter) != S_OK)
  2534. {
  2535. return S_FALSE;
  2536. }
  2538. ExtOut("0x%p size: %5lx ",//previous size: %4lx ",
  2539. PoolAddr,
  2540. BlockSize << POOL_BLOCK_SHIFT/*,
  2541. PreviousSize << POOL_BLOCK_SHIFT*/);
  2543. hr = GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "PoolType", PoolType.I32);
  2545. if (hr == S_OK)
  2546. {
  2547. if (PoolType.I32 == 0)
  2548. {
  2549. //
  2550. // "Free " with a space after it before the parentheses means
  2551. // it's been freed to a (pool manager internal) lookaside list.
  2552. // We used to print "Lookaside" but that just confused driver
  2553. // writers because they didn't know if this meant in use or not
  2554. // and many would say "but I don't use lookaside lists - the
  2555. // extension or kernel is broken".
  2556. //
  2557. // "Free" with no space after it before the parentheses means
  2558. // it is not on a pool manager internal lookaside list and is
  2559. // instead on the regular pool manager internal flink/blink
  2560. // chains.
  2561. //
  2562. // Note to anyone using the pool package, these 2 terms are
  2563. // equivalent. The fine distinction is only for those actually
  2564. // writing pool internal code.
  2565. //
  2566. ExtOut(" (Free)");
  2567. ExtOut(" %c%c%c%c\n",
  2568. Tag->RawBytes[0],
  2569. Tag->RawBytes[1],
  2570. Tag->RawBytes[2],
  2571. Tag->RawBytes[3]
  2572. );
  2574. if (AllocStatsAccum != NULL)
  2575. {
  2576. AllocStatsAccum->Free++;
  2577. AllocStatsAccum->FreeSize += BlockSize;
  2578. }
  2579. }
  2580. else
  2581. {
  2582. DEBUG_VALUE PoolIndex;
  2583. DEBUG_VALUE ProcessBilled;
  2585. if (!NewPool)
  2586. {
  2587. hr = GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "PoolIndex", PoolIndex.I32);
  2588. }
  2590. if (hr == S_OK)
  2591. {
  2592. if (NewPool ? (PoolType.I32 & 0x04) : (PoolIndex.I32 & 0x80))
  2593. {
  2594. ExtOut(" (Allocated)");
  2596. if (AllocStatsAccum != NULL)
  2597. {
  2598. AllocStatsAccum->Allocated++;
  2599. AllocStatsAccum->AllocatedSize += BlockSize;
  2600. }
  2601. }
  2602. else
  2603. {
  2604. //
  2605. // "Free " with a space after it before the parentheses means
  2606. // it's been freed to a (pool manager internal) lookaside list.
  2607. // We used to print "Lookaside" but that just confused driver
  2608. // writers because they didn't know if this meant in use or not
  2609. // and many would say "but I don't use lookaside lists - the
  2610. // extension or kernel is broken".
  2611. //
  2612. // "Free" with no space after it before the parentheses means
  2613. // it is not on a pool manager internal lookaside list and is
  2614. // instead on the regular pool manager internal flink/blink
  2615. // chains.
  2616. //
  2617. // Note to anyone using the pool package, these 2 terms are
  2618. // equivalent. The fine distinction is only for those actually
  2619. // writing pool internal code.
  2620. //
  2621. ExtOut(" (Free ) ");
  2623. if (AllocStatsAccum != NULL)
  2624. {
  2625. AllocStatsAccum->Free++;
  2626. AllocStatsAccum->FreeSize += BlockSize;
  2627. }
  2628. }
  2629. }
  2630. else
  2631. {
  2632. ExtOut(" (?) ");
  2634. if (AllocStatsAccum != NULL)
  2635. {
  2636. AllocStatsAccum->Indeterminate++;
  2637. AllocStatsAccum->IndeterminateSize += BlockSize;
  2638. }
  2639. }
  2641. if (!(PoolType.I32 & POOL_QUOTA_MASK) ||
  2642. bQuotaWithTag)
  2643. {
  2644. ExtOut(" %c%c%c%c%s",
  2645. Tag->RawBytes[0],
  2646. Tag->RawBytes[1],
  2647. Tag->RawBytes[2],
  2648. (Tag->RawBytes[3] & ~(PROTECTED_POOL >> 24)),
  2649. ((Tag->I32 & PROTECTED_POOL) ? " (Protected)" : "")
  2650. );
  2652. }
  2654. if (PoolType.I32 & POOL_QUOTA_MASK &&
  2655. GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "ProcessBilled", ProcessBilled.I64) == S_OK &&
  2656. ProcessBilled.I64 != 0)
  2657. {
  2658. ExtOut(" Process: 0x%p\n", ProcessBilled.I64);
  2659. }
  2660. else
  2661. {
  2662. ExtOut("\n");
  2663. }
  2664. }
  2665. }
  2666. else
  2667. {
  2668. ExtErr(" Couldn't determine PoolType\n");
  2670. if (AllocStatsAccum != NULL)
  2671. {
  2672. AllocStatsAccum->Indeterminate++;
  2673. AllocStatsAccum->IndeterminateSize += BlockSize;
  2674. }
  2675. }
  2677. return hr;
  2678. }
  2681. typedef struct _TAG_BUCKET : public ALLOCATION_STATS {
  2682. ULONG Tag;
  2683. _TAG_BUCKET *pNextTag;
  2684. } TAG_BUCKET, *PTAG_BUCKET;
  2686. typedef enum {
  2687. AllocatedPool,
  2688. FreePool,
  2689. IndeterminatePool,
  2690. } PoolType;
  2692. class AccumTagUsage : public ALLOCATION_STATS {
  2693. public:
  2694. AccumTagUsage(ULONG TagFilter);
  2695. ~AccumTagUsage();
  2697. HRESULT Valid();
  2698. HRESULT Add(ULONG Tag, PoolType Type, ULONG Size);
  2699. HRESULT OutputResults(BOOL TagSort);
  2700. void Reset();
  2702. private:
  2703. ULONG GetHashIndex(ULONG Tag);
  2704. PTAG_BUCKET GetBucket(ULONG Tag);
  2705. ULONG SetTagFilter(ULONG TagFilter);
  2707. static const HashBitmaskLimit = 10; // For little-endian, must <= 16
  2709. HANDLE hHeap;
  2710. ULONG Buckets;
  2711. PTAG_BUCKET *Bucket; // Array of buckets
  2713. #if BIG_ENDIAN
  2714. ULONG HighMask;
  2715. ULONG HighShift;
  2716. ULONG LowMask;
  2717. ULONG LowShift;
  2718. #else
  2719. ULONG HighShiftLeft;
  2720. ULONG HighShiftRight;
  2721. ULONG LowShiftRight;
  2722. ULONG LowMask;
  2723. #endif
  2724. };
  2727. AccumTagUsage::AccumTagUsage(
  2728. ULONG TagFilter
  2729. )
  2730. {
  2731. hHeap = GetProcessHeap();
  2732. Buckets = SetTagFilter(TagFilter);
  2733. if (Buckets != 0)
  2734. {
  2735. Bucket = (PTAG_BUCKET *)HeapAlloc(hHeap, HEAP_ZERO_MEMORY, Buckets*sizeof(*Bucket));
  2736. Reset();
  2737. }
  2738. else
  2739. {
  2740. Bucket = NULL;
  2741. }
  2742. }
  2745. AccumTagUsage::~AccumTagUsage()
  2746. {
  2747. PTAG_BUCKET pB, pBNext;
  2748. ULONG i;
  2750. if (Bucket != NULL)
  2751. {
  2752. for (i = 0; i < Buckets; i++)
  2753. {
  2754. pB = Bucket[i];
  2755. while (pB != NULL)
  2756. {
  2757. pBNext = pB->pNextTag;
  2758. HeapFree(hHeap, 0, pB);
  2759. pB = pBNext;
  2760. }
  2761. }
  2763. HeapFree(hHeap, 0, Bucket);
  2764. }
  2765. }
  2768. HRESULT
  2769. AccumTagUsage::Valid()
  2770. {
  2771. return ((Bucket != NULL) ? S_OK : S_FALSE);
  2772. }
  2775. HRESULT
  2776. AccumTagUsage::Add(
  2777. ULONG Tag,
  2778. PoolType Type,
  2779. ULONG Size
  2780. )
  2781. {
  2782. PTAG_BUCKET pBucket = GetBucket(Tag);
  2784. if (pBucket == NULL) return E_FAIL;
  2786. switch (Type)
  2787. {
  2788. case AllocatedPool:
  2789. pBucket->Allocated++;
  2790. pBucket->AllocatedSize += Size;
  2791. break;
  2792. case FreePool:
  2793. pBucket->Free++;
  2794. pBucket->FreeSize += Size;
  2795. break;
  2796. case IndeterminatePool:
  2797. default:
  2798. pBucket->Indeterminate++;
  2799. pBucket->IndeterminateSize += Size;
  2800. break;
  2801. }
  2803. return S_OK;
  2804. }
  2807. HRESULT
  2808. AccumTagUsage::OutputResults(
  2809. BOOL AllocSort
  2810. )
  2811. {
  2812. HRESULT hr;
  2813. PTAG_BUCKET pB, pBNext;
  2814. ULONG i;
  2816. if (Bucket == NULL)
  2817. {
  2818. ExtOut(" No results\n");
  2819. }
  2820. else
  2821. {
  2822. CHAR szNormal[] = "%4.4s %8lu %12I64u %8lu %12I64u\n";
  2823. CHAR szShowIndeterminate[] = "%4.4s %8lu %12I64u %8lu %12I64u %8lu %12I64u\n";
  2824. PSZ pszOutFormat = szNormal;
  2826. ExtOut("\n"
  2827. " %I64u bytes in %lu allocated pages\n"
  2828. " %I64u bytes in %lu large allocations\n"
  2829. " %I64u bytes in %lu free pages\n"
  2830. " %I64u bytes available in %lu expansion pages\n",
  2831. ((ULONG64) AllocatedPages) << PageShift,
  2832. AllocatedPages,
  2833. ((ULONG64) LargePages) << PageShift,
  2834. LargeAllocs,
  2835. ((ULONG64) FreePages) << PageShift,
  2836. FreePages,
  2837. ((ULONG64) ExpansionPages) << PageShift,
  2838. ExpansionPages);
  2840. ExtOut("\nTag Allocs Bytes Freed Bytes");
  2841. if (Indeterminate != 0)
  2842. {
  2843. ExtOut(" Unknown Bytes");
  2844. pszOutFormat = szShowIndeterminate;
  2845. }
  2846. ExtOut("\n");
  2848. if (AllocSort)
  2849. {
  2850. ExtWarn(" Sorting by allocation size isn't supported.\n");
  2851. }
  2852. //else
  2853. {
  2854. // Output results sorted by Tag (natural storage order)
  2856. for (i = 0; i < Buckets; i++)
  2857. {
  2858. for (pB = Bucket[i]; pB != NULL; pB = pB->pNextTag)
  2859. {
  2860. if (pB->Allocated)
  2861. {
  2862. ExtOut(pszOutFormat,
  2863. &pB->Tag,
  2864. pB->Allocated, ((ULONG64)pB->AllocatedSize) << POOL_BLOCK_SHIFT,
  2865. pB->Free, ((ULONG64)pB->FreeSize) << POOL_BLOCK_SHIFT,
  2866. pB->Indeterminate, ((ULONG64)pB->IndeterminateSize) << POOL_BLOCK_SHIFT
  2867. );
  2868. }
  2869. }
  2870. }
  2871. }
  2873. ExtOut("-------------------------------------------------------------------------------\n");
  2874. ExtOut(pszOutFormat,
  2875. "Ttl:",
  2876. Allocated, ((ULONG64)AllocatedSize) << POOL_BLOCK_SHIFT,
  2877. Free, ((ULONG64)FreeSize) << POOL_BLOCK_SHIFT,
  2878. Indeterminate, ((ULONG64)IndeterminateSize) << POOL_BLOCK_SHIFT
  2879. );
  2880. }
  2882. return S_OK;
  2883. }
  2886. void
  2887. AccumTagUsage::Reset()
  2888. {
  2889. PTAG_BUCKET pB, pBNext;
  2890. ULONG i;
  2892. AllocatedPages = 0;
  2893. LargePages = 0;
  2894. LargeAllocs = 0;
  2895. FreePages = 0;
  2896. ExpansionPages = 0;
  2898. Allocated = 0;
  2899. AllocatedSize = 0;
  2900. Free = 0;
  2901. FreeSize = 0;
  2902. Indeterminate = 0;
  2903. IndeterminateSize = 0;
  2905. if (Bucket != NULL)
  2906. {
  2907. for (i = 0; i < Buckets; i++)
  2908. {
  2909. pB = Bucket[i];
  2910. if (pB != NULL)
  2911. {
  2912. do
  2913. {
  2914. pBNext = pB->pNextTag;
  2915. HeapFree(hHeap, 0, pB);
  2916. pB = pBNext;
  2917. } while (pB != NULL);
  2919. Bucket[i] = NULL;
  2920. }
  2921. }
  2922. }
  2923. }
  2926. ULONG
  2927. AccumTagUsage::GetHashIndex(
  2928. ULONG Tag
  2929. )
  2930. {
  2931. #if BIG_ENDIAN
  2932. return (((Tag & HighMask) >> HighShift) | ((Tag & LowMask) >> LowShift));
  2933. #else
  2934. return ((((Tag << HighShiftLeft) >> HighShiftRight) & ~LowMask) | ((Tag >> LowShiftRight) & LowMask));
  2935. #endif
  2936. }
  2939. PTAG_BUCKET
  2940. AccumTagUsage::GetBucket(
  2941. ULONG Tag
  2942. )
  2943. {
  2944. ULONG Index = GetHashIndex(Tag);
  2945. PTAG_BUCKET pB = Bucket[Index];
  2947. if (pB == NULL ||
  2948. #if BIG_ENDIAN
  2949. pB->Tag > Tag
  2950. #else
  2951. strncmp((char *)&pB->Tag, (char *)&Tag, 4) > 0
  2952. #endif
  2953. )
  2954. {
  2955. pB = (PTAG_BUCKET)HeapAlloc(hHeap, HEAP_ZERO_MEMORY, sizeof(TAG_BUCKET));
  2957. if (pB != NULL)
  2958. {
  2959. pB->Tag = Tag;
  2960. pB->pNextTag = Bucket[Index];
  2961. Bucket[Index] = pB;
  2962. }
  2963. }
  2964. else
  2965. {
  2966. while (pB->pNextTag != NULL)
  2967. {
  2968. if (
  2969. #if BIG_ENDIAN
  2970. pB->pNextTag->Tag > Tag
  2971. #else
  2972. strncmp((char *)&pB->pNextTag->Tag, (char *)&Tag, 4) > 0
  2973. #endif
  2974. )
  2975. {
  2976. break;
  2977. }
  2979. pB = pB->pNextTag;
  2980. }
  2982. if (pB->Tag != Tag)
  2983. {
  2984. PTAG_BUCKET pBPrev = pB;
  2986. pB = (PTAG_BUCKET)HeapAlloc(hHeap, HEAP_ZERO_MEMORY, sizeof(TAG_BUCKET));
  2988. if (pB != NULL)
  2989. {
  2990. pB->Tag = Tag;
  2991. pB->pNextTag = pBPrev->pNextTag;
  2992. pBPrev->pNextTag = pB;
  2993. }
  2994. }
  2995. }
  2997. return pB;
  2998. }
  3001. ULONG
  3002. AccumTagUsage::SetTagFilter(
  3003. ULONG TagFilter
  3004. )
  3005. {
  3006. ULONG NumBuckets;
  3007. UCHAR *Filter = (UCHAR *)&TagFilter;
  3008. ULONG i;
  3009. ULONG HighMaskBits, LowMaskBits;
  3010. UCHAR fc;
  3012. #if BIG_ENDIAN
  3014. ULONG Mask = 0;
  3015. ULONG MaskBits = 0;
  3017. if (Filter[0] == '*')
  3018. {
  3019. Mask = -1;
  3020. MaskBits = 32;
  3021. }
  3022. else
  3023. {
  3024. for ( i = 0; i < 32; i += 8 )
  3025. {
  3026. Mask <<= 8;
  3027. fc = *Filter++;
  3029. if ( fc == '*' )
  3030. {
  3031. Mask |= ((1 << i) - 1);
  3032. MaskBits += 32 - i;
  3033. break;
  3034. }
  3036. if ( fc == '?' )
  3037. {
  3038. Mask |= 0xFF;
  3039. MaskBits += 8;
  3040. }
  3041. }
  3042. }
  3044. if (MaskBits > HashBitmaskLimit)
  3045. {
  3046. MaskBits = HashBitmaskLimit;
  3047. }
  3049. NumBuckets = (1 << MaskBits);
  3051. for (HighShift = 32, HighMaskBits = 0;
  3052. HighShift > 0 && HighMaskBits < MaskBits;
  3053. HighShift--)
  3054. {
  3055. if (Mask & (1 << (HighShift-1)))
  3056. {
  3057. HighMaskBits++;
  3058. }
  3059. else if (HighMaskBits)
  3060. {
  3061. break;
  3062. }
  3063. }
  3065. HighMask = Mask & ~((1 << HighShift) - 1);
  3066. Mask &= ~HighMask;
  3067. MaskBits -= HighMaskBits;
  3068. HighShift -= MaskBits;
  3070. for (LowShift = HighShift, LowMaskBits = 0;
  3071. LowShift > 0 && LowMaskBits < MaskBits;
  3072. LowShift--)
  3073. {
  3074. if (Mask & (1 << (LowShift-1)))
  3075. {
  3076. LowMaskBits++;
  3077. }
  3078. else if (LowMaskBits)
  3079. {
  3080. break;
  3081. }
  3082. }
  3084. LowMask = Mask & ~((1 << LowShift) - 1);
  3086. #else
  3088. HighMaskBits = 0;
  3089. LowMaskBits = 0;
  3091. HighShiftLeft = 32;
  3092. HighShiftRight = 32;
  3093. LowShiftRight = 32;
  3094. LowMask = 0;
  3096. for ( i = 0; i < 32; i += 8 )
  3097. {
  3098. fc = *Filter++;
  3100. if ( fc == '*' )
  3101. {
  3102. if (HighMaskBits == 0)
  3103. {
  3104. HighMaskBits = min(8, HashBitmaskLimit);
  3105. HighShiftLeft = 32 - HighMaskBits - i;
  3106. HighShiftRight = 32 - HighMaskBits;
  3108. LowMaskBits = ((HighShiftLeft != 0) ?
  3109. min(8, HashBitmaskLimit - HighMaskBits) :
  3110. 0);
  3111. HighShiftRight -= LowMaskBits;
  3112. LowShiftRight = (8 - LowMaskBits) + HighMaskBits + i;
  3113. LowMask = (1 << LowMaskBits) - 1;
  3114. }
  3115. else
  3116. {
  3117. LowMaskBits = min(8, HashBitmaskLimit - HighMaskBits);
  3118. HighShiftRight -= LowMaskBits;
  3119. LowShiftRight = (8 - LowMaskBits) + i;
  3120. LowMask = (1 << LowMaskBits) - 1;
  3121. }
  3122. break;
  3123. }
  3125. if ( fc == '?' )
  3126. {
  3127. if (HighMaskBits == 0)
  3128. {
  3129. HighMaskBits = min(8, HashBitmaskLimit);
  3130. HighShiftLeft = 32 - HighMaskBits - i;
  3131. HighShiftRight = 32 - HighMaskBits;
  3132. }
  3133. else
  3134. {
  3135. LowMaskBits = min(8, HashBitmaskLimit - HighMaskBits);
  3136. HighShiftRight -= LowMaskBits;
  3137. LowShiftRight = (8 - LowMaskBits) + i;
  3138. LowMask = (1 << LowMaskBits) - 1;
  3139. break;
  3140. }
  3141. }
  3142. }
  3144. NumBuckets = 1 << (HighMaskBits + LowMaskBits);
  3146. #endif
  3148. if (NumBuckets-1 != GetHashIndex(-1))
  3149. {
  3150. DbgPrint("AccumTagUsage::SetTagFilter: Invalid hash was generated.\n");
  3151. NumBuckets = 0;
  3152. }
  3154. return NumBuckets;
  3155. }
  3158. HRESULT
  3159. AccumTagUsageFilter(
  3160. ULONG64 PoolAddr,
  3161. ULONG TagFilter,
  3162. ULONG64 PoolHeader,
  3163. PDEBUG_VALUE Tag,
  3164. ULONG BlockSize,
  3165. BOOL bQuotaWithTag,
  3166. PVOID Context
  3167. )
  3168. {
  3169. HRESULT hr;
  3170. DEBUG_VALUE PoolType;
  3171. AccumTagUsage *atu = (AccumTagUsage *)Context;
  3172. PALLOCATION_STATS AllocStatsAccum = (PALLOCATION_STATS)atu;
  3174. if (CheckSingleFilter(Tag->RawBytes, (PUCHAR)&TagFilter) != S_OK)
  3175. {
  3176. return S_FALSE;
  3177. }
  3179. hr = GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "PoolType", PoolType.I32);
  3181. if (hr == S_OK)
  3182. {
  3183. if (PoolType.I32 == 0)
  3184. {
  3185. hr = atu->Add(Tag->I32, FreePool, BlockSize);
  3186. AllocStatsAccum->Free++;
  3187. AllocStatsAccum->FreeSize += BlockSize;
  3188. }
  3189. else
  3190. {
  3191. DEBUG_VALUE PoolIndex;
  3193. if (!(PoolType.I32 & POOL_QUOTA_MASK) ||
  3194. bQuotaWithTag)
  3195. {
  3196. Tag->I32 &= ~PROTECTED_POOL;
  3197. }
  3198. else if (PoolType.I32 & POOL_QUOTA_MASK)
  3199. {
  3200. Tag->I32 = 'CORP';
  3201. }
  3203. if (!NewPool)
  3204. {
  3205. hr = GetFieldValue(PoolHeader, "nt!_POOL_HEADER", "PoolIndex", PoolIndex.I32);
  3206. }
  3208. if (hr == S_OK)
  3209. {
  3210. if (NewPool ? (PoolType.I32 & 0x04) : (PoolIndex.I32 & 0x80))
  3211. {
  3212. hr = atu->Add(Tag->I32, AllocatedPool, BlockSize);
  3213. AllocStatsAccum->Allocated++;
  3214. AllocStatsAccum->AllocatedSize += BlockSize;
  3216. if (AllocStatsAccum->Allocated % 100 == 0)
  3217. {
  3218. ExtOut(".");
  3220. if (AllocStatsAccum->Allocated % 8000 == 0)
  3221. {
  3222. ExtOut("\n");
  3223. }
  3224. }
  3225. }
  3226. else
  3227. {
  3228. hr = atu->Add(Tag->I32, FreePool, BlockSize);
  3229. AllocStatsAccum->Free++;
  3230. AllocStatsAccum->FreeSize += BlockSize;
  3231. }
  3232. }
  3233. else
  3234. {
  3235. hr = atu->Add(Tag->I32, IndeterminatePool, BlockSize);
  3236. AllocStatsAccum->Indeterminate++;
  3237. AllocStatsAccum->IndeterminateSize += BlockSize;
  3238. }
  3239. }
  3240. }
  3241. else
  3242. {
  3243. AllocStatsAccum->Indeterminate++;
  3244. AllocStatsAccum->IndeterminateSize += BlockSize;
  3245. }
  3247. return hr;
  3248. }
  3251. HRESULT
  3252. SearchSessionPool(
  3253. PDEBUG_CLIENT Client,
  3254. ULONG Session,
  3255. ULONG TagName,
  3256. FLONG Flags,
  3257. ULONG64 RestartAddr,
  3258. PoolFilterFunc Filter,
  3259. PALLOCATION_STATS AllocStats,
  3260. PVOID Context
  3261. )
  3262. /*++
  3264. Routine Description:
  3266. Engine to search session pool.
  3268. Arguments:
  3270. TagName - Supplies the tag to search for.
  3272. Flags - Supplies 0 if a nonpaged pool search is desired.
  3273. Supplies 1 if a paged pool search is desired.
  3275. RestartAddr - Supplies the address to restart the search from.
  3277. Filter - Supplies the filter routine to use.
  3279. Context - Supplies the user defined context blob.
  3281. Return Value:
  3283. HRESULT
  3285. --*/
  3286. {
  3287. HRESULT hr;
  3289. PDEBUG_SYMBOLS Symbols;
  3290. PDEBUG_DATA_SPACES Data;
  3292. LOGICAL PhysicallyContiguous;
  3293. ULONG PoolBlockSize;
  3294. ULONG64 PoolHeader;
  3295. ULONG64 PoolPage;
  3296. ULONG64 StartPage;
  3297. ULONG64 Pool;
  3298. ULONG Previous;
  3299. ULONG64 PoolStart;
  3300. ULONG64 PoolStartPage;
  3301. ULONG64 PoolPteAddress;
  3302. ULONG64 PoolEnd;
  3303. BOOL PageReadFailed;
  3304. ULONG64 PagesRead;
  3305. ULONG64 PageReadFailures;
  3306. ULONG64 PageReadFailuresAtEnd;
  3307. ULONG64 LastPageRead;
  3309. ULONG PoolTypeFlags = Flags & (SEARCH_POOL_NONPAGED | SEARCH_POOL_PAGED);
  3311. ULONG64 NTModuleBase;
  3312. ULONG PoolHeadTypeID;
  3313. ULONG SessionHeadTypeID;
  3314. ULONG HdrSize;
  3316. ULONG64 SessionSpace;
  3318. if ((hr = Client->QueryInterface(__uuidof(IDebugSymbols),
  3319. (void **)&Symbols)) != S_OK)
  3320. {
  3321. return hr;
  3322. }
  3324. if ((hr = Client->QueryInterface(__uuidof(IDebugDataSpaces),
  3325. (void **)&Data)) != S_OK)
  3326. {
  3327. Symbols->Release();
  3328. return hr;
  3329. }
  3331. if (Session == DEFAULT_SESSION)
  3332. {
  3333. Session = SessionId;
  3334. }
  3336. if ((hr = Symbols->GetSymbolTypeId("NT!_POOL_HEADER", &PoolHeadTypeID, &NTModuleBase)) == S_OK &&
  3337. (hr = Symbols->GetTypeSize(NTModuleBase, PoolHeadTypeID, & HdrSize)) == S_OK &&
  3338. (hr = GetSessionSpace(Session, &SessionSpace, NULL)) == S_OK)
  3339. {
  3340. ULONG PoolTagOffset, ProcessBilledOffset;
  3341. BOOL bQuotaWithTag;
  3343. ULONG ReadSessionId;
  3344. ULONG64 PagedPoolInfo;
  3346. ULONG64 NonPagedPoolBytes;
  3347. ULONG64 NonPagedPoolAllocations;
  3348. ULONG64 NonPagedPoolStart;
  3349. ULONG64 NonPagedPoolEnd;
  3351. ULONG64 PagedPoolPages;
  3352. ULONG64 PagedPoolBytes;
  3353. ULONG64 PagedPoolAllocations;
  3354. ULONG64 PagedPoolStart;
  3355. ULONG64 PagedPoolEnd;
  3357. ULONG SessionSpaceTypeID;
  3358. ULONG PagedPoolInfoOffset;
  3360. BOOL SearchingPaged = FALSE;
  3361. PRTL_BITMAP PagedPoolAllocationMap = NULL;
  3362. PRTL_BITMAP EndOfPagedPoolBitmap = NULL;
  3363. ULONG BusyStart;
  3364. PRTL_BITMAP PagedPoolLargeSessionAllocationMap = NULL;
  3366. BOOL Continue = TRUE;
  3368. bQuotaWithTag = (Symbols->GetFieldOffset(NTModuleBase, PoolHeadTypeID, "PoolTag", &PoolTagOffset) == S_OK &&
  3369. Symbols->GetFieldOffset(NTModuleBase, PoolHeadTypeID, "ProcessBilled", &ProcessBilledOffset) == S_OK &&
  3370. PoolTagOffset != ProcessBilledOffset);
  3372. // General parser setup and dump MM_SESSION_SPACE structure
  3373. if ((hr = Symbols->GetTypeId(NTModuleBase, "MM_SESSION_SPACE", &SessionSpaceTypeID)) == S_OK &&
  3374. (hr = GetFieldValue(SessionSpace, "nt!MM_SESSION_SPACE", "SessionId", ReadSessionId)) == S_OK &&
  3375. (hr = Symbols->GetFieldOffset(NTModuleBase, SessionSpaceTypeID, "PagedPoolInfo", &PagedPoolInfoOffset)) == S_OK &&
  3376. (InitTypeRead(SessionSpace, nt!MM_SESSION_SPACE) == S_OK)
  3377. // (hr = OutState.OutputTypeVirtual(SessionSpace + PagedPoolInfoOffset, "NT!_MM_PAGED_POOL_INFO", 0)) == S_OK
  3378. )
  3379. {
  3380. ExtOut("Searching session %ld pool.\n", ReadSessionId);
  3382. // Remaining type output goes to PoolHead reader
  3383. }
  3384. else
  3385. {
  3386. ExtErr("Error getting basic session pool information.\n");
  3387. }
  3389. while (hr == S_OK && Continue)
  3390. {
  3391. ExtOut("\n");
  3393. if (PoolTypeFlags & SEARCH_POOL_NONPAGED)
  3394. {
  3395. NonPagedPoolBytes = ReadField(NonPagedPoolBytes);// NOFIELD
  3396. NonPagedPoolAllocations = ReadField(NonPagedPoolAllocations);// NOFIELD
  3397. if (NonPagedPoolBytes != 0 &&
  3398. NonPagedPoolAllocations != 0)
  3399. {
  3400. ExtOut("NonPaged pool: %I64u bytes in %I64u allocations\n",
  3401. NonPagedPoolBytes, NonPagedPoolAllocations);
  3402. }
  3404. ExtOut(" NonPaged pool range reader isn't implemented.\n");
  3406. PoolStart = 0;
  3407. PoolEnd = 0;
  3408. SearchingPaged = FALSE;
  3409. }
  3410. else
  3411. {
  3413. PagedPoolBytes = ReadField(PagedPoolBytes); // NOFIELD
  3414. PagedPoolAllocations = ReadField(PagedPoolAllocations); // NOFIELD
  3415. if (PagedPoolBytes != 0 &&
  3416. PagedPoolAllocations != 0)
  3417. {
  3418. ExtOut("Paged pool: %I64u bytes in %I64u allocations\n",
  3419. PagedPoolBytes, PagedPoolAllocations);
  3421. PagedPoolPages = ReadField(AllocatedPagedPool); // NOFIELD
  3422. if (PagedPoolPages != 0)
  3423. {
  3424. ExtOut(" Paged Pool Info: %I64u pages allocated\n",
  3425. PagedPoolPages);
  3426. }
  3427. }
  3429. PagedPoolStart = ReadField(PagedPoolStart);
  3430. PagedPoolEnd = ReadField(PagedPoolEnd);
  3431. if (PagedPoolStart == 0 || PagedPoolEnd == 0)
  3432. {
  3433. ExtErr(" Couldn't get PagedPool range.\n");
  3434. }
  3435. else
  3436. {
  3437. PoolStart = PagedPoolStart;
  3438. PoolEnd = PagedPoolEnd;
  3439. SearchingPaged = TRUE;
  3441. ULONG64 PagedBitMap, EndOfPagedBitMap;
  3443. PagedBitMap = ReadField(PagedPoolInfo.PagedPoolAllocationMap);
  3444. EndOfPagedBitMap = ReadField(PagedPoolInfo.EndOfPagedPoolBitmap);
  3446. if (GetBitMap(Client, PagedBitMap, &PagedPoolAllocationMap) == S_OK &&
  3447. GetBitMap(Client, EndOfPagedBitMap, &EndOfPagedPoolBitmap) == S_OK)
  3448. {
  3449. ULONG PositionAfterLastAlloc;
  3450. ULONG AllocBits;
  3451. ULONG UnusedBusyBits;
  3453. if (RtlCheckBit(EndOfPagedPoolBitmap, EndOfPagedPoolBitmap->SizeOfBitMap - 1))
  3454. {
  3455. BusyStart = PagedPoolAllocationMap->SizeOfBitMap;
  3456. UnusedBusyBits = 0;
  3457. }
  3458. else
  3459. {
  3460. OSCompat_RtlFindLastBackwardRunClear(
  3461. EndOfPagedPoolBitmap,
  3462. EndOfPagedPoolBitmap->SizeOfBitMap - 1,
  3463. &PositionAfterLastAlloc);
  3465. BusyStart = RtlFindSetBits(PagedPoolAllocationMap, 1, PositionAfterLastAlloc);
  3466. if (BusyStart < PositionAfterLastAlloc || BusyStart == -1)
  3467. {
  3468. BusyStart = PagedPoolAllocationMap->SizeOfBitMap;
  3469. UnusedBusyBits = 0;
  3470. }
  3471. else
  3472. {
  3473. UnusedBusyBits = PagedPoolAllocationMap->SizeOfBitMap - BusyStart;
  3474. }
  3475. }
  3477. AllocBits = RtlNumberOfSetBits(PagedPoolAllocationMap) - UnusedBusyBits;
  3479. AllocStats->AllocatedPages += AllocBits;
  3480. AllocStats->FreePages += (BusyStart - AllocBits);
  3481. AllocStats->ExpansionPages += UnusedBusyBits;
  3484. PagedBitMap = ReadField(PagedPoolInfo.PagedPoolLargeSessionAllocationMap); // NOFIELD
  3485. if (PagedBitMap != 0 &&
  3486. GetBitMap(Client, PagedBitMap, &PagedPoolLargeSessionAllocationMap) == S_OK)
  3487. {
  3488. ULONG AllocStart, AllocEnd;
  3489. ULONG LargeAllocs = RtlNumberOfSetBits(PagedPoolLargeSessionAllocationMap);
  3491. AllocStats->LargeAllocs += LargeAllocs;
  3493. AllocStart = 0;
  3494. AllocEnd = -1;
  3496. while (LargeAllocs > 0)
  3497. {
  3498. AllocStart = RtlFindSetBits(PagedPoolLargeSessionAllocationMap, 1, AllocStart);
  3499. if (AllocStart >= AllocEnd+1 && AllocStart != -1)
  3500. {
  3501. AllocEnd = RtlFindSetBits(EndOfPagedPoolBitmap, 1, AllocStart);
  3502. if (AllocEnd >= AllocStart && AllocEnd != -1)
  3503. {
  3504. AllocStats->LargePages += AllocEnd - AllocStart + 1;
  3505. AllocStart++;
  3506. LargeAllocs--;
  3507. }
  3508. else
  3509. {
  3510. ExtWarn(" Warning Large Pool Allocation Map or End Of Pool Map is invalid.\n");
  3511. break;
  3512. }
  3513. }
  3514. else
  3515. {
  3516. ExtWarn(" Warning Large Pool Allocation Map is invalid.\n");
  3517. break;
  3518. }
  3519. }
  3521. if (LargeAllocs != 0)
  3522. {
  3523. ExtWarn(" %lu large allocations weren't calculated.\n", LargeAllocs);
  3524. AllocStats->LargeAllocs -= LargeAllocs;
  3525. }
  3526. }
  3527. }
  3528. }
  3529. }
  3531. if (hr == S_OK)
  3532. {
  3533. ExtOut("Searching %s pool (0x%p : 0x%p) for Tag: %c%c%c%c\r\n\n",
  3534. ((PoolTypeFlags & SEARCH_POOL_NONPAGED) ? "NonPaged" : "Paged"),
  3535. PoolStart,
  3536. PoolEnd,
  3537. TagName,
  3538. TagName >> 8,
  3539. TagName >> 16,
  3540. TagName >> 24);
  3542. PageReadFailed = FALSE;
  3543. PoolStartPage = PAGE_ALIGN64(PoolStart);
  3544. PoolPage = PoolStart;
  3545. PagesRead = 0;
  3546. PageReadFailures = 0;
  3547. PageReadFailuresAtEnd = 0;
  3548. LastPageRead = PAGE_ALIGN64(PoolPage);
  3550. while (PoolPage < PoolEnd && hr == S_OK)
  3551. {
  3552. Pool = PAGE_ALIGN64(PoolPage);
  3553. StartPage = Pool;
  3554. Previous = 0;
  3556. if (Session != CURRENT_SESSION)
  3557. {
  3558. ExtOut("Currently only searching the current session is supported.\n");
  3559. PoolPage = PoolEnd;
  3560. break;
  3561. }
  3563. if (CheckControlC())
  3564. {
  3565. ExtOut("\n...terminating - searched pool to 0x%p\n",
  3566. Pool-1);
  3567. hr = E_ABORT;
  3568. break;
  3569. }
  3571. if (SearchingPaged)
  3572. {
  3573. if (PagedPoolAllocationMap != NULL)
  3574. {
  3575. ULONG StartPosition, EndPosition;
  3577. StartPosition = (ULONG)((Pool - PoolStartPage) >> PageShift);
  3578. EndPosition = RtlFindSetBits(EndOfPagedPoolBitmap, 1, StartPosition);
  3579. if (EndPosition < StartPosition) EndPosition = -1;
  3581. if (!RtlCheckBit(PagedPoolAllocationMap, StartPosition))
  3582. {
  3583. if (PageReadFailed)
  3584. {
  3585. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3586. {
  3587. ExtWarn(" to 0x%p\n", StartPage-1);
  3588. }
  3590. PageReadFailures += (StartPage - LastPageRead) >> PageShift;
  3591. LastPageRead = StartPage;
  3592. PageReadFailed = FALSE;
  3593. }
  3595. if (EndPosition == -1)
  3596. {
  3597. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3598. {
  3599. ExtWarn("No remaining pool allocations from 0x%p to 0x%p.\n", Pool, PoolEnd);
  3600. }
  3602. PoolPage = PoolEnd;
  3603. }
  3604. else
  3605. {
  3606. PoolPage = PoolStartPage + (((ULONG64)EndPosition + 1) << PageShift);
  3607. }
  3609. continue;
  3610. }
  3611. else if (EndOfPagedPoolBitmap != NULL)
  3612. {
  3613. if (PagedPoolLargeSessionAllocationMap != NULL &&
  3614. RtlCheckBit(PagedPoolLargeSessionAllocationMap, StartPosition))
  3615. {
  3616. if (EndPosition == -1)
  3617. {
  3618. ExtWarn("No end to large pool allocation @ 0x%p found.\n", Pool);
  3619. PoolPage = PoolEnd;
  3620. }
  3621. else
  3622. {
  3623. EndPosition++;
  3625. if (PageReadFailed)
  3626. {
  3627. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3628. {
  3629. ExtWarn(" to 0x%p\n", StartPage-1);
  3630. }
  3632. PageReadFailures += (StartPage - LastPageRead) >> PageShift;
  3633. LastPageRead = StartPage;
  3634. PageReadFailed = FALSE;
  3635. }
  3637. PoolPage = PoolStartPage + (((ULONG64)EndPosition) << PageShift);
  3639. if (Flags & SEARCH_POOL_PRINT_LARGE)
  3640. {
  3641. ExtOut("0x%p size: %5I64x %s UNTAGGED Large\n",
  3642. StartPage,
  3643. PoolPage - StartPage,
  3644. ((RtlAreBitsSet(PagedPoolAllocationMap, StartPosition, EndPosition - StartPosition)) ?
  3645. "(Allocated)" :
  3646. ((RtlAreBitsClear(PagedPoolAllocationMap, StartPosition, EndPosition - StartPosition)) ?
  3647. "(! Free !) " :
  3648. "(!! Partially Allocated !!)"))
  3649. );
  3650. }
  3652. if (Flags & SEARCH_POOL_LARGE_ONLY)
  3653. {
  3654. // Quickly locate next large allocation
  3655. StartPosition = RtlFindSetBits(PagedPoolLargeSessionAllocationMap, 1, EndPosition);
  3657. if (StartPosition < EndPosition || StartPosition == -1)
  3658. {
  3659. ExtVerb(" No large allocations found after 0x%p\n", PoolPage-1);
  3660. PoolPage = PoolEnd;
  3661. }
  3662. else
  3663. {
  3664. PoolPage = PoolStartPage + (((ULONG64)StartPosition) << PageShift);
  3665. }
  3666. }
  3667. }
  3669. continue;
  3670. }
  3671. else if (EndPosition == -1)
  3672. {
  3673. if (PageReadFailed)
  3674. {
  3675. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3676. {
  3677. ExtWarn(" to 0x%p\n", StartPage-1);
  3678. }
  3680. PageReadFailures += (StartPage - LastPageRead) >> PageShift;
  3681. LastPageRead = StartPage;
  3682. PageReadFailed = FALSE;
  3683. }
  3685. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3686. {
  3687. ExtWarn("No remaining pool allocations from 0x%p to 0x%p.\n", Pool, PoolEnd);
  3688. }
  3690. PoolPage = PoolEnd;
  3692. continue;
  3693. }
  3694. else if (StartPosition >= BusyStart)
  3695. {
  3696. ExtWarn("Found end of allocation at %lu within expansion pages starting at %lu.\n",
  3697. EndPosition, BusyStart);
  3698. }
  3699. }
  3700. }
  3701. }
  3703. if (Flags & SEARCH_POOL_LARGE_ONLY)
  3704. {
  3705. ExtErr(" Unable to identify large pages. Terminating search at 0x%p.\n", StartPage);
  3706. PoolPage = PoolEnd;
  3707. hr = E_FAIL;
  3708. continue;
  3709. }
  3711. // Search page for small allocations
  3712. while (PAGE_ALIGN64(Pool) == StartPage && hr == S_OK)
  3713. {
  3714. DEBUG_VALUE HdrPoolTag, BlockSize, PreviousSize, AllocatorBackTraceIndex, PoolTagHash;
  3715. ULONG PoolType;
  3718. if ((hr = GetFieldValue(Pool, "nt!_POOL_HEADER", "PoolTag", HdrPoolTag.I32)) != S_OK)
  3719. {
  3720. if (hr != S_OK)
  3721. {
  3722. PSTR psz;
  3724. ExtErr("Type read error %lx @ 0x%p.\n", hr, Pool);
  3726. ExtWarn("Failed to read an allocated page @ 0x%p.\n", StartPage);
  3728. if (hr == MEMORY_READ_ERROR)
  3729. {
  3730. hr = S_OK;
  3731. }
  3732. else
  3733. {
  3734. ExtOut("\n...terminating - searched pool to 0x%p\n",
  3735. Pool);
  3736. hr = E_ABORT;
  3737. }
  3739. if (hr == E_ABORT)
  3740. {
  3741. break;
  3742. }
  3743. }
  3745. if (!PageReadFailed)
  3746. {
  3747. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3748. {
  3749. ExtWarn(" Couldn't read pool from 0x%p", Pool);
  3750. }
  3752. PagesRead += (StartPage - LastPageRead) / PageSize;
  3753. LastPageRead = StartPage;
  3754. PageReadFailed = TRUE;
  3755. }
  3756. #if 0
  3757. if ((hr = GetNextResidentAddress(Client,
  3758. Session,
  3759. StartPage + PageSize,
  3760. PoolEnd,
  3761. &PoolPage,
  3762. NULL)) != S_OK)
  3763. #endif
  3764. if ((PoolPage = GetNextResidentAddress(StartPage + PageSize,
  3765. PoolEnd)) == 0)
  3766. {
  3767. if (hr != E_ABORT)
  3768. {
  3769. hr = S_OK;
  3770. }
  3772. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3773. {
  3774. ExtWarn(" to 0x%p.\n", PoolEnd);
  3775. ExtWarn("No remaining resident page found.\n");
  3776. }
  3778. PageReadFailuresAtEnd = (PoolEnd - LastPageRead) / PageSize;
  3779. PageReadFailures += PageReadFailuresAtEnd;
  3780. LastPageRead = PoolEnd;
  3781. PageReadFailed = FALSE;
  3783. PoolPage = PoolEnd;
  3784. }
  3786. break;
  3787. }
  3789. if (PageReadFailed)
  3790. {
  3791. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3792. {
  3793. ExtWarn(" to 0x%p\n", StartPage-1);
  3794. }
  3796. PageReadFailures += (StartPage - LastPageRead) / PageSize;
  3797. LastPageRead = StartPage;
  3798. PageReadFailed = FALSE;
  3799. }
  3801. if (GetFieldValue(Pool, "nt!_POOL_HEADER", "BlockSize", BlockSize.I32) != S_OK)
  3802. {
  3803. ExtErr("Error reading BlockSize @ 0x%p.\n", Pool);
  3804. break;
  3805. }
  3807. if ((BlockSize.I32 << POOL_BLOCK_SHIFT) > PageSize)//POOL_PAGE_SIZE)
  3808. {
  3809. ExtVerb("Bad allocation size @ 0x%p, too large\n", Pool);
  3810. break;
  3811. }
  3813. if (BlockSize.I32 == 0)
  3814. {
  3815. ExtVerb("Bad allocation size @ 0x%p, zero is invalid\n", Pool);
  3816. break;
  3817. }
  3819. if (GetFieldValue(Pool, "nt!_POOL_HEADER", "PreviousSize", PreviousSize.I32) != S_OK ||
  3820. PreviousSize.I32 != Previous)
  3821. {
  3822. ExtVerb("Bad previous allocation size @ 0x%p, last size was 0x%lx\n", Pool, Previous);
  3823. break;
  3824. }
  3826. Filter(Pool,
  3827. TagName,
  3828. Pool,
  3829. &HdrPoolTag,
  3830. BlockSize.I32,
  3831. bQuotaWithTag,
  3832. Context
  3833. );
  3835. Previous = BlockSize.I32;
  3836. Pool += (Previous << POOL_BLOCK_SHIFT);
  3838. if ( CheckControlC())
  3839. {
  3840. ExtOut("\n...terminating - searched pool to 0x%p\n",
  3841. PoolPage-1);
  3842. hr = E_ABORT;
  3843. }
  3844. }
  3846. if (hr == S_OK)
  3847. {
  3848. PoolPage = (PoolPage + PageSize);
  3849. }
  3850. }
  3852. if (PageReadFailed)
  3853. {
  3854. if (Flags & SEARCH_POOL_PRINT_UNREAD)
  3855. {
  3856. ExtWarn(" to 0x%p\n", StartPage-1);
  3857. }
  3859. PageReadFailuresAtEnd = (PoolPage - LastPageRead) / PageSize;
  3860. PageReadFailures += PageReadFailuresAtEnd;
  3861. PageReadFailed = FALSE;
  3862. }
  3863. else
  3864. {
  3865. PagesRead += (PoolPage - LastPageRead) / PageSize;
  3866. }
  3868. ExtOut(" Pages Read: %I64d\n"
  3869. " Failures: %I64d (%I64d at end of search)\n",
  3870. PagesRead, PageReadFailures, PageReadFailuresAtEnd);
  3871. }
  3873. if (PoolTypeFlags == (SEARCH_POOL_NONPAGED | SEARCH_POOL_PAGED))
  3874. {
  3875. PoolTypeFlags = SEARCH_POOL_PAGED;
  3876. }
  3877. else
  3878. {
  3879. Continue = FALSE;
  3880. }
  3881. }
  3883. if (PagedPoolAllocationMap != NULL) FreeBitMap(PagedPoolAllocationMap);
  3884. if (EndOfPagedPoolBitmap != NULL) FreeBitMap(EndOfPagedPoolBitmap);
  3885. if (PagedPoolLargeSessionAllocationMap != NULL) FreeBitMap(PagedPoolLargeSessionAllocationMap);
  3886. }
  3888. return hr;
  3889. }
  3892. HRESULT
  3893. GetTagFilter(
  3894. PDEBUG_CLIENT Client,
  3895. PCSTR *pArgs,
  3896. PDEBUG_VALUE TagFilter
  3897. )
  3898. {
  3899. HRESULT hr;
  3901. PCSTR args;
  3902. PCSTR TagArg;
  3904. ULONG TagLen;
  3905. CHAR TagEnd;
  3906. ULONG WildCardPos;
  3909. TagArg = args = *pArgs;
  3910. TagFilter->Type = DEBUG_VALUE_INVALID;
  3912. do
  3913. {
  3914. args++;
  3915. } while (*args != '\0' && !isspace(*args));
  3917. while (isspace(*args)) args++;
  3919. if (TagArg[0] == '0' && TagArg[1] == 'x')
  3920. {
  3921. TagFilter->I64 = GetExpression(TagArg);
  3922. }
  3923. else
  3924. {
  3925. if (TagArg[0] == '`' || TagArg[0] == '\'' || TagArg[0] == '\"')
  3926. {
  3927. TagEnd = TagArg[0];
  3928. TagArg++;
  3929. args = TagArg;
  3931. while (args - TagArg < 4 &&
  3932. *args != '\0' &&
  3933. *args != TagEnd)
  3934. {
  3935. args++;
  3936. }
  3937. TagLen = (ULONG)(args - TagArg);
  3938. if (*args == TagEnd) args++;
  3939. while (isspace(*args)) args++;
  3940. }
  3941. else
  3942. {
  3943. TagLen = (ULONG)(args - TagArg);
  3944. TagEnd = '\0';
  3945. }
  3947. if (TagLen == 0 ||
  3948. (TagLen < 4 &&
  3949. TagArg[TagLen-1] != '*'
  3950. ) ||
  3951. (TagLen >= 4 &&
  3952. TagArg[4] != '\0' &&
  3953. !isspace(TagArg[4]) &&
  3954. (TagArg[4] != TagEnd || (TagArg[5] != '\0' && !isspace(TagArg[5])))
  3955. )
  3956. )
  3957. {
  3958. ExtErr(" Invalid Tag filter.\n");
  3959. hr = E_INVALIDARG;
  3960. }
  3961. else
  3962. {
  3963. hr = S_OK;
  3965. for (WildCardPos = 0; WildCardPos < TagLen; WildCardPos++)
  3966. {
  3967. if (TagArg[WildCardPos] == '*')
  3968. {
  3969. ULONG NewTagLen = WildCardPos + 1;
  3970. if (NewTagLen < TagLen)
  3971. {
  3972. ExtWarn(" Ignoring %lu characters after * in Tag.\n",
  3973. TagLen - NewTagLen);
  3974. }
  3975. TagLen = NewTagLen;
  3976. // loop will terminate
  3977. }
  3978. }
  3980. if (TagLen < 4)
  3981. {
  3982. TagFilter->I32 = ' ';
  3983. while (TagLen-- > 0)
  3984. {
  3985. TagFilter->RawBytes[TagLen] = TagArg[TagLen];
  3986. }
  3987. }
  3988. else
  3989. {
  3990. TagFilter->I32 = TagArg[0] | (TagArg[1] << 8) | (TagArg[2] << 16) | (TagArg[3] << 24);
  3991. }
  3992. TagFilter->Type = DEBUG_VALUE_INT32;
  3993. }
  3994. }
  3996. if (hr == S_OK)
  3997. {
  3998. *pArgs = args;
  3999. }
  4001. return hr;
  4002. }
  4005. HRESULT
  4006. OutputAllocStats(
  4007. PALLOCATION_STATS AllocStats,
  4008. BOOL PartialResults
  4009. )
  4010. {
  4011. ExtOut("\n"
  4012. " %I64u bytes in %lu allocated pages\n"
  4013. " %I64u bytes in %lu large allocations\n"
  4014. " %I64u bytes in %lu free pages\n"
  4015. " %I64u bytes available in %lu expansion pages\n"
  4016. "\n"
  4017. "%s found (small allocations only): %lu\n"
  4018. " Allocated: %I64u bytes in %lu entries\n"
  4019. " Free: %I64u bytes in %lu entries\n"
  4020. " Undetermined: %I64u bytes in %lu entries\n",
  4021. ((ULONG64) AllocStats->AllocatedPages) << PageShift,
  4022. AllocStats->AllocatedPages,
  4023. ((ULONG64) AllocStats->LargePages) << PageShift,
  4024. AllocStats->LargeAllocs,
  4025. ((ULONG64) AllocStats->FreePages) << PageShift,
  4026. AllocStats->FreePages,
  4027. ((ULONG64) AllocStats->ExpansionPages) << PageShift,
  4028. AllocStats->ExpansionPages,
  4029. ((PartialResults) ? "PARTIAL entries" : "Entries"),
  4030. AllocStats->Allocated + AllocStats->Free + AllocStats->Indeterminate,
  4031. ((ULONG64)AllocStats->AllocatedSize) << POOL_BLOCK_SHIFT,
  4032. AllocStats->Allocated,
  4033. ((ULONG64)AllocStats->FreeSize) << POOL_BLOCK_SHIFT,
  4034. AllocStats->Free,
  4035. ((ULONG64)AllocStats->IndeterminateSize) << POOL_BLOCK_SHIFT,
  4036. AllocStats->Indeterminate
  4037. );
  4038. return S_OK;
  4039. }
  4042. DECLARE_API( spoolfind )
  4043. {
  4044. HRESULT hr = S_OK;
  4046. INIT_API( );
  4048. BOOL BadArg = FALSE;
  4049. ULONG RemainingArgIndex;
  4051. DEBUG_VALUE TagName = { 0, DEBUG_VALUE_INVALID };
  4053. FLONG Flags = 0;
  4054. DEBUG_VALUE Session = { DEFAULT_SESSION, DEBUG_VALUE_INVALID };
  4056. while (isspace(*args)) args++;
  4058. while (!BadArg && hr == S_OK)
  4059. {
  4060. while (isspace(*args)) args++;
  4062. if (*args == '-')
  4063. {
  4064. // Process switches
  4066. args++;
  4067. BadArg = (*args == '\0' || isspace(*args));
  4069. while (*args != '\0' && !isspace(*args))
  4070. {
  4071. switch (tolower(*args))
  4072. {
  4073. case 'f':
  4074. Flags |= SEARCH_POOL_PRINT_UNREAD;
  4075. args++;
  4076. break;
  4078. case 'l':
  4079. Flags |= SEARCH_POOL_PRINT_LARGE;
  4080. args++;
  4081. break;
  4083. case 'n':
  4084. Flags |= SEARCH_POOL_NONPAGED;
  4085. args++;
  4086. break;
  4088. case 'p':
  4089. Flags |= SEARCH_POOL_PAGED;
  4090. args++;
  4091. break;
  4093. case 's':
  4094. if (Session.Type != DEBUG_VALUE_INVALID)
  4095. {
  4096. ExtErr("Session argument specified multiple times.\n");
  4097. BadArg = TRUE;
  4098. }
  4099. else
  4100. {
  4101. args++;
  4102. hr = GetExpressionEx(args, &Session.I64, &args);
  4103. if (hr == FALSE)
  4104. {
  4105. ExtErr("Invalid Session.\n");
  4106. }
  4107. }
  4108. break;
  4110. default:
  4111. BadArg = TRUE;
  4112. break;
  4113. }
  4115. if (BadArg) break;
  4116. }
  4117. }
  4118. else
  4119. {
  4120. if (*args == '\0') break;
  4122. if (TagName.Type == DEBUG_VALUE_INVALID)
  4123. {
  4124. hr = GetTagFilter(Client, &args, &TagName);
  4125. }
  4126. else
  4127. {
  4128. ExtErr("Unrecognized argument @ %s\n", args);
  4129. BadArg = TRUE;
  4130. }
  4131. }
  4132. }
  4134. if (!BadArg && hr == S_OK)
  4135. {
  4136. if (TagName.Type == DEBUG_VALUE_INVALID)
  4137. {
  4138. if (Flags & SEARCH_POOL_PRINT_LARGE)
  4139. {
  4140. TagName.I32 = ' *';
  4141. Flags |= SEARCH_POOL_LARGE_ONLY;
  4142. }
  4143. else
  4144. {
  4145. ExtErr("Missing Tag.\n");
  4146. hr = E_INVALIDARG;
  4147. }
  4148. }
  4149. }
  4151. if (BadArg || hr != S_OK)
  4152. {
  4153. if (*args == '?')
  4154. {
  4155. ExtOut("spoolfind is like !kdexts.poolfind, but for the SessionId specified.\n"
  4156. "\n");
  4157. }
  4159. ExtOut("Usage: spoolfind [-lnpf] [-s SessionId] Tag\n"
  4160. " -f - show read failure ranges\n"
  4161. " -l - show large allocations\n"
  4162. " -n - show non-paged pool\n"
  4163. " -p - show paged pool\n"
  4164. "\n"
  4165. " Tag - Pool tag to search for\n"
  4166. " Can be 4 character string or\n"
  4167. " hex value in 0xXXXX format\n"
  4168. "\n"
  4169. " SessionId - session to dump\n"
  4170. " Special SessionId values:\n"
  4171. " -1 - current session\n"
  4172. " -2 - last !session SessionId (default)\n"
  4173. );
  4174. }
  4175. else
  4176. {
  4177. ALLOCATION_STATS AllocStats = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
  4179. if ((Flags & (SEARCH_POOL_PAGED | SEARCH_POOL_NONPAGED)) == 0)
  4180. {
  4181. Flags |= SEARCH_POOL_PAGED | SEARCH_POOL_NONPAGED;
  4182. }
  4184. if (Session.Type == DEBUG_VALUE_INVALID)
  4185. {
  4186. Session.I32 = DEFAULT_SESSION;
  4187. }
  4189. hr = SearchSessionPool(Client,
  4190. Session.I32, TagName.I32, Flags,
  4191. 0,
  4192. CheckPrintAndAccumFilter, &AllocStats, &AllocStats);
  4194. if (hr == S_OK || hr == E_ABORT)
  4195. {
  4196. OutputAllocStats(&AllocStats, (hr != S_OK));
  4197. }
  4198. else
  4199. {
  4200. ExtWarn("SearchSessionPool returned %lx\n", hr);
  4201. }
  4202. }
  4204. return hr;
  4205. }
  4208. DECLARE_API( spoolsum )
  4209. {
  4210. HRESULT hr = S_OK;
  4212. INIT_API( );
  4214. ULONG RemainingArgIndex;
  4216. FLONG Flags = 0;
  4217. DEBUG_VALUE Session = { DEFAULT_SESSION, DEBUG_VALUE_INVALID };
  4219. while (isspace(*args)) args++;
  4221. while (hr == S_OK)
  4222. {
  4223. while (isspace(*args)) args++;
  4225. if (*args == '-')
  4226. {
  4227. // Process switches
  4229. args++;
  4230. if (*args == '\0' || isspace(*args)) hr = E_INVALIDARG;
  4232. while (*args != '\0' && !isspace(*args))
  4233. {
  4234. switch (tolower(*args))
  4235. {
  4236. case 'f':
  4237. Flags |= SEARCH_POOL_PRINT_UNREAD;
  4238. args++;
  4239. break;
  4241. case 'n':
  4242. Flags |= SEARCH_POOL_NONPAGED;
  4243. args++;
  4244. break;
  4246. case 'p':
  4247. Flags |= SEARCH_POOL_PAGED;
  4248. args++;
  4249. break;
  4251. case 's':
  4252. if (Session.Type != DEBUG_VALUE_INVALID)
  4253. {
  4254. ExtErr("Session argument specified multiple times.\n");
  4255. hr = E_INVALIDARG;
  4256. }
  4257. else
  4258. {
  4259. args++;
  4260. hr = GetExpressionEx(args, &Session.I64, &args);
  4261. if (hr == FALSE)
  4262. {
  4263. ExtErr("Invalid Session.\n");
  4264. }
  4265. }
  4266. break;
  4268. default:
  4269. hr = E_INVALIDARG;
  4270. break;
  4271. }
  4273. if (hr != S_OK) break;
  4274. }
  4275. }
  4276. else
  4277. {
  4278. if (*args == '\0') break;
  4280. if (Session.Type == DEBUG_VALUE_INVALID)
  4281. {
  4282. hr = GetExpressionEx(args, &Session.I64, &args);
  4283. if (hr == FALSE)
  4284. {
  4285. ExtErr("Invalid Session.\n");
  4286. }
  4287. }
  4288. else
  4289. {
  4290. ExtErr("Unrecognized argument @ %s\n", args);
  4291. hr = E_INVALIDARG;
  4292. }
  4293. }
  4294. }
  4296. if (hr != S_OK)
  4297. {
  4298. if (*args == '?')
  4299. {
  4300. ExtOut("spoolsum summarizes session pool information for SessionId specified.\n"
  4301. "\n");
  4302. hr = S_OK;
  4303. }
  4305. ExtOut("Usage: spoolsum [-fnp] [[-s] SessionId]\n"
  4306. " f - show read failure ranges\n"
  4307. " n - show non-paged pool\n"
  4308. " p - show paged pool (Default)\n"
  4309. "\n"
  4310. " SessionId - session to dump\n"
  4311. " Special SessionId values:\n"
  4312. " -1 - current session\n"
  4313. " -2 - last !session SessionId (default)\n"
  4314. );
  4315. }
  4316. else
  4317. {
  4318. ALLOCATION_STATS AllocStats = { 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
  4320. if ((Flags & (SEARCH_POOL_PAGED | SEARCH_POOL_NONPAGED)) == 0)
  4321. {
  4322. Flags |= SEARCH_POOL_PAGED;
  4323. }
  4325. hr = SearchSessionPool(Client,
  4326. DEFAULT_SESSION, ' *', Flags,
  4327. 0,
  4328. AccumAllFilter, &AllocStats, &AllocStats);
  4330. if (hr == S_OK || hr == E_ABORT)
  4331. {
  4332. OutputAllocStats(&AllocStats, (hr != S_OK));
  4333. }
  4334. else
  4335. {
  4336. ExtWarn("SearchSessionPool returned %lx\n", hr);
  4337. }
  4338. }
  4340. return hr;
  4341. }
  4344. DECLARE_API( spoolused )
  4345. {
  4346. HRESULT hr = S_OK;
  4348. INIT_API( );
  4350. BOOL BadArg = FALSE;
  4351. ULONG RemainingArgIndex;
  4353. DEBUG_VALUE TagName = { 0, DEBUG_VALUE_INVALID };
  4355. BOOL NonPagedUsage = FALSE;
  4356. BOOL PagedUsage = FALSE;
  4357. BOOL AllocSort = FALSE;
  4358. DEBUG_VALUE Session = { DEFAULT_SESSION, DEBUG_VALUE_INVALID };
  4360. while (isspace(*args)) args++;
  4362. while (!BadArg && hr == S_OK)
  4363. {
  4364. while (isspace(*args)) args++;
  4366. if (*args == '-')
  4367. {
  4368. // Process switches
  4370. args++;
  4371. BadArg = (*args == '\0' || isspace(*args));
  4373. while (*args != '\0' && !isspace(*args))
  4374. {
  4375. switch (tolower(*args))
  4376. {
  4377. case 'a':
  4378. AllocSort = TRUE;
  4379. args++;
  4380. break;
  4382. case 'n':
  4383. NonPagedUsage = TRUE;
  4384. args++;
  4385. break;
  4387. case 'p':
  4388. PagedUsage = TRUE;
  4389. args++;
  4390. break;
  4392. case 's':
  4393. if (Session.Type != DEBUG_VALUE_INVALID)
  4394. {
  4395. ExtErr("Session argument specified multiple times.\n");
  4396. BadArg = TRUE;
  4397. }
  4398. else
  4399. {
  4400. args++;
  4401. hr = GetExpressionEx(args, &Session.I64, &args);
  4402. if (hr == FALSE)
  4403. {
  4404. ExtErr("Invalid Session.\n");
  4405. }
  4406. }
  4407. break;
  4409. default:
  4410. BadArg = TRUE;
  4411. break;
  4412. }
  4414. if (BadArg) break;
  4415. }
  4416. }
  4417. else
  4418. {
  4419. if (*args == '\0') break;
  4421. if (TagName.Type == DEBUG_VALUE_INVALID)
  4422. {
  4423. hr = GetTagFilter(Client, &args, &TagName);
  4424. }
  4425. else
  4426. {
  4427. ExtErr("Unrecognized argument @ %s\n", args);
  4428. BadArg = TRUE;
  4429. }
  4430. }
  4431. }
  4433. if (BadArg || hr != S_OK)
  4434. {
  4435. if (*args == '?')
  4436. {
  4437. ExtOut("spoolused is like !kdexts.poolused, but for the SessionId specified.\n"
  4438. "\n");
  4439. }
  4441. ExtOut("Usage: spoolused [-anp] [-s SessionId] [Tag]\n"
  4442. " -a - sort by allocation size (Not Implemented)\n"
  4443. " -n - show non-paged pool\n"
  4444. " -p - show paged pool\n"
  4445. "\n"
  4446. " SessionId - session to dump\n"
  4447. " Special SessionId values:\n"
  4448. " -1 - current session\n"
  4449. " -2 - last !session SessionId (default)\n"
  4450. "\n"
  4451. " Tag - Pool tag filter\n"
  4452. " Can be 4 character string or\n"
  4453. " hex value in 0xXXXX format\n"
  4454. );
  4455. }
  4456. else
  4457. {
  4458. if (!NonPagedUsage && !PagedUsage)
  4459. {
  4460. NonPagedUsage = TRUE;
  4461. PagedUsage = TRUE;
  4462. }
  4464. if (Session.Type == DEBUG_VALUE_INVALID)
  4465. {
  4466. Session.I32 = DEFAULT_SESSION;
  4467. }
  4469. if (TagName.Type == DEBUG_VALUE_INVALID)
  4470. {
  4471. TagName.I32 = ' *';
  4472. }
  4474. AccumTagUsage atu(TagName.I32);
  4476. if (atu.Valid() != S_OK)
  4477. {
  4478. ExtErr("Error: failed to prepare tag usage reader.\n");
  4479. hr = E_FAIL;
  4480. }
  4482. if (hr == S_OK && NonPagedUsage)
  4483. {
  4484. hr = SearchSessionPool(Client,
  4485. Session.I32, TagName.I32, SEARCH_POOL_NONPAGED,
  4486. 0,
  4487. AccumTagUsageFilter, &atu, &atu);
  4489. if (hr == S_OK || hr == E_ABORT)
  4490. {
  4491. atu.OutputResults(AllocSort);
  4492. }
  4493. else
  4494. {
  4495. ExtWarn("SearchSessionPool returned %lx\n", hr);
  4496. }
  4497. }
  4499. if (hr == S_OK && PagedUsage)
  4500. {
  4501. if (NonPagedUsage) atu.Reset();
  4503. hr = SearchSessionPool(Client,
  4504. Session.I32, TagName.I32, SEARCH_POOL_PAGED,
  4505. 0,
  4506. AccumTagUsageFilter, &atu, &atu);
  4508. if (hr == S_OK || hr == E_ABORT)
  4509. {
  4510. atu.OutputResults(AllocSort);
  4511. }
  4512. else
  4513. {
  4514. ExtWarn("SearchSessionPool returned %lx\n", hr);
  4515. }
  4516. }
  4517. }
  4519. return hr;
  4520. }