archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 7b07a90fc1
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '7b07a90fc1'
${ noResults }
windows-server-2003/sdktools/profiler/view.c

818 lines
19 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. #include <windows.h>
  2. #include <stdio.h>
  3. #include "view.h"
  4. #include "except.h"
  5. #include "disasm.h"
  6. #include "dump.h"
  7. #include "profiler.h"
  8. #include "memory.h"
  9. #include "filter.h"
  11. static PVIEWCHAIN *ppViewHead = 0;
  12. static CRITICAL_SECTION viewCritSec;
  13. static CRITICAL_SECTION mapCritSec;
  14. static PTAGGEDADDRESS pTagHead = 0;
  15. static PBRANCHADDRESS pBranchHead = 0;
  17. BOOL
  18. InitializeViewData(VOID)
  19. {
  20. InitializeCriticalSection(&viewCritSec);
  21. InitializeCriticalSection(&mapCritSec);
  23. //
  24. // Allocate hashing data
  25. //
  26. ppViewHead = (PVIEWCHAIN *)AllocMem(sizeof(PVIEWCHAIN) * (MAX_MAP_SIZE >> MAP_STRIDE_BITS));
  27. if (0 == ppViewHead) {
  28. return FALSE;
  29. }
  31. return TRUE;
  32. }
  34. PVIEWCHAIN
  35. AddViewToMonitor(DWORD dwAddress,
  36. BPType bpType)
  37. {
  38. PVIEWCHAIN pView;
  39. DWORD dwHash;
  41. //
  42. // If address is higher than the map size, fail it
  43. //
  44. if (dwAddress >= MAX_MAP_SIZE) {
  45. return 0;
  46. }
  48. //
  49. // This occurs when a call tries to map over an existing trace breakpoint
  50. //
  51. if (*(BYTE *)dwAddress == X86_BREAKPOINT) {
  52. return 0;
  53. }
  55. //
  56. // Check if we're filtering this address
  57. //
  58. if (TRUE == IsAddressFiltered(dwAddress)) {
  59. return 0;
  60. }
  62. //
  63. // Allocate a chain entry
  64. //
  65. pView = AllocMem(sizeof(VIEWCHAIN));
  66. if (0 == pView) {
  67. return 0;
  68. }
  70. pView->bMapped = FALSE;
  71. pView->bTraced = FALSE;
  72. pView->dwAddress = dwAddress;
  73. pView->dwMapExtreme = dwAddress;
  74. pView->jByteReplaced = *(BYTE *)dwAddress;
  75. pView->bpType = bpType;
  77. //
  78. // Set a breakpoint at the top of the code
  79. //
  80. WRITEBYTE(dwAddress, X86_BREAKPOINT);
  82. EnterCriticalSection(&viewCritSec);
  84. //
  85. // Add view point to monitor list
  86. //
  87. dwHash = dwAddress >> MAP_STRIDE_BITS;
  88. if (0 == ppViewHead[dwHash]) {
  89. ppViewHead[dwHash] = pView;
  90. }
  91. else {
  92. //
  93. // Chain to head
  94. //
  95. pView->pNext = ppViewHead[dwHash];
  96. ppViewHead[dwHash] = pView;
  97. }
  99. LeaveCriticalSection(&viewCritSec);
  101. return pView;
  102. }
  104. PVIEWCHAIN
  105. RestoreAddressFromView(DWORD dwAddress,
  106. BOOL bResetData)
  107. {
  108. BOOL bResult = FALSE;
  109. PVIEWCHAIN pTemp;
  111. EnterCriticalSection(&viewCritSec);
  113. pTemp = ppViewHead[dwAddress >> MAP_STRIDE_BITS];
  114. while (pTemp) {
  115. //
  116. // Is this our entry
  117. //
  118. if (dwAddress == pTemp->dwAddress) {
  119. //
  120. // Set a breakpoint at the top of the code
  121. //
  122. if (TRUE == bResetData) {
  123. WRITEBYTE(dwAddress, pTemp->jByteReplaced);
  124. }
  125. else {
  126. WRITEBYTE(dwAddress, X86_BREAKPOINT);
  127. }
  129. //
  130. // Return with modified data
  131. //
  132. break;
  133. }
  135. pTemp = pTemp->pNext;
  136. }
  138. LeaveCriticalSection(&viewCritSec);
  140. return pTemp;
  141. }
  143. PVIEWCHAIN
  144. FindView(DWORD dwAddress) {
  145. PVIEWCHAIN pTemp;
  147. if (dwAddress >= MAX_MAP_SIZE) {
  148. return 0;
  149. }
  151. EnterCriticalSection(&viewCritSec);
  153. pTemp = ppViewHead[dwAddress >> MAP_STRIDE_BITS];
  154. while (pTemp) {
  155. //
  156. // See if address is mapped
  157. //
  158. if (dwAddress == pTemp->dwAddress) {
  159. LeaveCriticalSection(&viewCritSec);
  161. return pTemp;
  162. }
  164. pTemp = pTemp->pNext;
  165. }
  167. LeaveCriticalSection(&viewCritSec);
  169. return 0;
  170. }
  172. BOOL
  173. MapCode(PVIEWCHAIN pvMap) {
  174. BOOL bResult;
  175. DWORD dwCurrent;
  176. DWORD *pdwAddress;
  177. DWORD *pdwTemp;
  178. PCHAR pCode;
  179. PVIEWCHAIN pvTemp;
  180. DWORD dwLength;
  181. DWORD dwJumpEIP;
  182. LONG lOffset;
  183. DWORD dwInsLength;
  184. DWORD dwTemp;
  185. BYTE tempCode[32];
  186. BYTE jOperand;
  187. DWORD dwProfileEnd = 0;
  188. CHAR szBuffer[MAX_PATH];
  190. //
  191. // Map termination through all conditionals
  192. //
  193. dwCurrent = pvMap->dwAddress;
  195. //
  196. // Take the mapping lock
  197. //
  198. LockMapper();
  200. //
  201. // Forward scan through code to find termination
  202. //
  203. while(1) {
  204. strncpy(tempCode, (PCHAR)dwCurrent, 32);
  206. //
  207. // Make sure the instruction is unmodified
  208. //
  209. if (tempCode[0] == (BYTE)X86_BREAKPOINT) {
  210. //
  211. // Rebuild instruction without breakpoints
  212. //
  213. pvTemp = FindView(dwCurrent);
  214. if (pvTemp) {
  215. //
  216. // Replace the bytes if we have a match
  217. //
  218. tempCode[0] = pvTemp->jByteReplaced;
  219. }
  220. }
  222. //
  223. // Calculate instruction length
  224. //
  225. dwInsLength = GetInstructionLengthFromAddress((PVOID)tempCode);
  227. //
  228. // Follow a forward trace through jumps to the ret
  229. //
  230. if ((tempCode[0] >= (BYTE)0x70) && (tempCode[0] <= (BYTE)0x7f)) {
  231. //
  232. // Update the end of the region marker
  233. //
  234. if (dwCurrent > dwProfileEnd) {
  235. dwProfileEnd = dwCurrent;
  236. }
  238. //
  239. // Relative branch
  240. //
  241. dwJumpEIP = (dwCurrent + 2 + (CHAR)(tempCode[1]));
  243. //
  244. // Mark this branch as executed
  245. //
  246. bResult = AddTaggedAddress(dwCurrent);
  247. if (FALSE == bResult) {
  248. return FALSE;
  249. }
  251. if (dwJumpEIP > dwCurrent) {
  252. //
  253. // Push the opposite branch
  254. //
  255. bResult = PushBranch(dwCurrent + dwInsLength);
  256. if (FALSE == bResult) {
  257. return FALSE;
  258. }
  260. dwCurrent = dwJumpEIP;
  261. }
  262. else {
  263. //
  264. // Push the opposite branch
  265. //
  266. bResult = PushBranch(dwJumpEIP);
  267. if (FALSE == bResult) {
  268. return FALSE;
  269. }
  271. dwCurrent += dwInsLength;
  272. }
  274. continue;
  275. }
  277. if (tempCode[0] == (BYTE)0x0f) {
  278. if ((tempCode[1] >= (BYTE)0x80) && (tempCode[1] <= (BYTE)0x8f)) {
  279. //
  280. // Update the end of the region marker
  281. //
  282. if (dwCurrent > dwProfileEnd) {
  283. dwProfileEnd = dwCurrent;
  284. }
  286. //
  287. // Relative branch
  288. //
  289. dwJumpEIP = (dwCurrent + 6 + *(LONG *)(&(tempCode[2])));
  291. //
  292. // Mark this branch as executed
  293. //
  294. bResult = AddTaggedAddress(dwCurrent);
  295. if (FALSE == bResult) {
  296. return FALSE;
  297. }
  299. if (dwJumpEIP > dwCurrent) {
  300. //
  301. // Push the opposite branch
  302. //
  303. bResult = PushBranch(dwCurrent + dwInsLength);
  304. if (FALSE == bResult) {
  305. return FALSE;
  306. }
  308. dwCurrent = dwJumpEIP;
  309. }
  310. else {
  311. //
  312. // Push the opposite branch
  313. //
  314. bResult = PushBranch(dwJumpEIP);
  315. if (FALSE == bResult) {
  316. return FALSE;
  317. }
  319. dwCurrent += dwInsLength;
  320. }
  322. continue;
  323. }
  324. }
  326. if (tempCode[0] == (BYTE)0xe3) {
  327. //
  328. // Update the end of the region marker
  329. //
  330. if (dwCurrent > dwProfileEnd) {
  331. dwProfileEnd = dwCurrent;
  332. }
  334. //
  335. // Relative branch
  336. //
  337. dwJumpEIP = (dwCurrent + 2 + (CHAR)(tempCode[1]));
  339. //
  340. // Mark this branch as executed
  341. //
  342. bResult = AddTaggedAddress(dwCurrent);
  343. if (FALSE == bResult) {
  344. return FALSE;
  345. }
  347. if (dwJumpEIP > dwCurrent) {
  348. //
  349. // Push the opposite branch
  350. //
  351. bResult = PushBranch(dwCurrent + dwInsLength);
  352. if (FALSE == bResult) {
  353. return FALSE;
  354. }
  356. dwCurrent = dwJumpEIP;
  357. }
  358. else {
  359. //
  360. // Push the opposite branch
  361. //
  362. bResult = PushBranch(dwJumpEIP);
  363. if (FALSE == bResult) {
  364. return FALSE;
  365. }
  367. dwCurrent += dwInsLength;
  368. }
  370. continue;
  371. }
  373. if (tempCode[0] == (BYTE)0xeb) {
  374. //
  375. // Update the end of the region marker
  376. //
  377. if (dwCurrent > dwProfileEnd) {
  378. dwProfileEnd = dwCurrent;
  379. }
  381. //
  382. // Jump relative
  383. //
  384. dwJumpEIP = (dwCurrent + 2 + (CHAR)(tempCode[1]));
  386. //
  387. // Mark this branch as executed
  388. //
  389. bResult = AddTaggedAddress(dwCurrent);
  390. if (FALSE == bResult) {
  391. return FALSE;
  392. }
  394. //
  395. // Jmp must always be followed
  396. //
  397. dwCurrent = dwJumpEIP;
  398. continue;
  399. }
  401. if (tempCode[0] == (BYTE)0xe9) {
  402. //
  403. // Update the end of the region marker
  404. //
  405. if (dwCurrent > dwProfileEnd) {
  406. dwProfileEnd = dwCurrent;
  407. }
  409. //
  410. // Jump relative
  411. //
  412. dwJumpEIP = (dwCurrent + 5 + *(LONG *)(&(tempCode[1])));
  414. //
  415. // Mark this branch as executed
  416. //
  417. bResult = AddTaggedAddress(dwCurrent);
  418. if (FALSE == bResult) {
  419. return FALSE;
  420. }
  422. //
  423. // Jump must always be followed
  424. //
  425. dwCurrent = dwJumpEIP;
  426. continue;
  427. }
  429. //
  430. // Probe for calls and jumps
  431. //
  432. if (tempCode[0] == (BYTE)0xff) {
  433. //
  434. // Tests for whether this is a call or not
  435. //
  436. jOperand = (tempCode[1] >> 3) & 7;
  437. if ((jOperand == 2) ||
  438. (jOperand == 3) ||
  439. (jOperand == 4) ||
  440. (jOperand == 5)) {
  441. //
  442. // Update the end of the region marker
  443. //
  444. if (dwCurrent > dwProfileEnd) {
  445. dwProfileEnd = dwCurrent;
  446. }
  448. //
  449. // Add our mapping breakpoint with the appropriate type
  450. //
  451. if ((jOperand == 2) ||
  452. (jOperand == 3)) {
  453. pvTemp = AddViewToMonitor(dwCurrent,
  454. Call);
  455. if (pvTemp) {
  456. pvTemp->bMapped = TRUE;
  457. }
  458. }
  459. else {
  460. //
  461. // These kinds of jumps are always a break (there's no way to forward trace them)
  462. //
  463. pvTemp = AddViewToMonitor(dwCurrent,
  464. Jump);
  465. if (pvTemp) {
  466. pvTemp->bMapped = TRUE;
  467. }
  468. else {
  469. //
  470. // Special case for mapping breakpoints which really are just jumps
  471. //
  472. pvTemp = FindView(dwCurrent);
  473. if (pvTemp) {
  474. pvTemp->bMapped = TRUE;
  475. pvTemp->bpType = Jump;
  476. }
  477. }
  479. //
  480. // Mark this branch as executed
  481. //
  482. bResult = AddTaggedAddress(dwCurrent);
  483. if (FALSE == bResult) {
  484. return FALSE;
  485. }
  487. //
  488. // Dump the tree
  489. //
  490. dwTemp = PopBranch();
  491. if (dwTemp) {
  492. dwCurrent = dwTemp;
  493. continue;
  494. }
  496. break;
  497. }
  498. }
  499. }
  501. if (tempCode[0] == (BYTE)0xe8) {
  502. //
  503. // Update the end of the region marker
  504. //
  505. if (dwCurrent > dwProfileEnd) {
  506. dwProfileEnd = dwCurrent;
  507. }
  509. //
  510. // Add this top call to the view
  511. //
  512. pvTemp = AddViewToMonitor(dwCurrent,
  513. Call);
  514. if (pvTemp) {
  515. pvTemp->bMapped = TRUE;
  516. }
  517. }
  519. if (tempCode[0] == (BYTE)0x9a) {
  520. //
  521. // Update the end of the region marker
  522. //
  523. if (dwCurrent > dwProfileEnd) {
  524. dwProfileEnd = dwCurrent;
  525. }
  527. //
  528. // Add this top call to the view
  529. //
  530. pvTemp = AddViewToMonitor(dwCurrent,
  531. Call);
  532. if (pvTemp) {
  533. pvTemp->bMapped = TRUE;
  534. }
  535. }
  537. if (tempCode[0] == (BYTE)0xea) {
  538. //
  539. // Update the end of the region marker
  540. //
  541. if (dwCurrent > dwProfileEnd) {
  542. dwProfileEnd = dwCurrent;
  543. }
  545. //
  546. // Absolute far jumps are a terminating condition - flush all branches
  547. //
  548. pvTemp = AddViewToMonitor(dwCurrent,
  549. Jump);
  550. if (pvTemp) {
  551. pvTemp->bMapped = TRUE;
  552. }
  554. //
  555. // Mark this branch as executed
  556. //
  557. bResult = AddTaggedAddress(dwCurrent);
  558. if (FALSE == bResult) {
  559. return FALSE;
  560. }
  562. //
  563. // Dump the tree
  564. //
  565. dwTemp = PopBranch();
  566. if (dwTemp) {
  567. dwCurrent = dwTemp;
  568. continue;
  569. }
  571. break;
  572. }
  574. if (*(WORD *)(&(tempCode[0])) == 0xffff) {
  575. //
  576. // Update the end of the region marker
  577. //
  578. if (dwCurrent > dwProfileEnd) {
  579. dwProfileEnd = dwCurrent;
  580. }
  582. //
  583. // This is also a trace path terminator - see if we need to trace more conditions
  584. //
  585. dwTemp = PopBranch();
  586. if (dwTemp) {
  587. //
  588. // We have a branch to follow
  589. //
  590. dwCurrent = dwTemp;
  591. continue;
  592. }
  594. //
  595. // Update the end of the address range
  596. //
  597. break;
  598. }
  600. if (tempCode[0] == (BYTE)0xc3) {
  601. //
  602. // This is also a trace path terminator - see if we need to trace more conditions
  603. //
  604. if (dwCurrent > dwProfileEnd) {
  605. dwProfileEnd = dwCurrent;
  606. }
  608. dwTemp = PopBranch();
  609. if (dwTemp) {
  610. //
  611. // We have a branch to follow
  612. //
  613. dwCurrent = dwTemp;
  614. continue;
  615. }
  617. break;
  618. }
  620. if (tempCode[0] == (BYTE)0xc2) {
  621. //
  622. // This is also a trace path terminator - see if we need to trace more conditions
  623. //
  624. if (dwCurrent > dwProfileEnd) {
  625. dwProfileEnd = dwCurrent;
  626. }
  628. dwTemp = PopBranch();
  629. if (dwTemp) {
  630. //
  631. // We have a branch to follow
  632. //
  633. dwCurrent = dwTemp;
  634. continue;
  635. }
  637. break;
  638. }
  640. dwCurrent += dwInsLength;
  641. }
  643. if (dwProfileEnd) {
  644. pvMap->dwMapExtreme = dwProfileEnd;
  645. }
  646. else {
  647. pvMap->dwMapExtreme = dwCurrent;
  648. }
  650. bResult = WriteMapInfo(pvMap->dwAddress,
  651. pvMap->dwMapExtreme);
  652. if (!bResult) {
  653. return FALSE;
  654. }
  656. //
  657. // Restore the code we've whacked around
  658. //
  659. bResult = RestoreTaggedAddresses();
  660. if (FALSE == bResult) {
  661. return FALSE;
  662. }
  664. //
  665. // Assert if this _ever_ happens
  666. //
  667. if (pBranchHead != 0) {
  668. Sleep(20000);
  669. _asm int 3
  670. }
  672. //
  673. // We're mapped
  674. //
  675. pvMap->bMapped = TRUE;
  677. //
  678. // Release the mapping lock
  679. //
  680. UnlockMapper();
  682. return TRUE;
  683. }
  685. //
  686. // Trace helpers
  687. //
  688. BOOL
  689. AddTaggedAddress(DWORD dwAddress)
  690. {
  691. PTAGGEDADDRESS pTagTemp;
  692. DWORD dwTempAddress;
  694. //
  695. // Make sure we haven't addressed this tag
  696. //
  697. if (*(WORD *)dwAddress == 0xFFFF) {
  698. //
  699. // No need since it's already tagged
  700. //
  701. return TRUE;
  702. }
  704. //
  705. // Store off the bytes we are tagging
  706. //
  707. pTagTemp = AllocMem(sizeof(TAGGEDADDRESS));
  708. if (0 == pTagTemp) {
  709. return FALSE;
  710. }
  712. pTagTemp->dwAddress = dwAddress;
  713. pTagTemp->wBytesReplaced = *(WORD *)dwAddress;
  715. //
  716. // Chain the entry
  717. //
  718. if (0 == pTagHead) {
  719. pTagHead = pTagTemp;
  720. }
  721. else {
  722. pTagTemp->pNext = pTagHead;
  723. pTagHead = pTagTemp;
  724. }
  726. //
  727. // Mark this branch as executed
  728. //
  729. WRITEWORD(dwAddress, 0xFFFF);
  731. return TRUE;
  732. }
  734. BOOL
  735. RestoreTaggedAddresses(VOID)
  736. {
  737. PTAGGEDADDRESS pTagTemp;
  738. PTAGGEDADDRESS pTagTemp2;
  740. //
  741. // Walk the tag list and replace the marked branches with their original bytes
  742. //
  743. pTagTemp = pTagHead;
  744. while(pTagTemp) {
  745. //
  746. // Dirty up the code now so the branches can auto terminate
  747. //
  748. WRITEWORD(pTagTemp->dwAddress, pTagTemp->wBytesReplaced);
  750. pTagTemp2 = pTagTemp;
  752. pTagTemp = pTagTemp->pNext;
  754. //
  755. // Dump the old allocated memory
  756. //
  757. FreeMem(pTagTemp2);
  758. }
  760. pTagHead = 0;
  762. return TRUE;
  763. }
  765. BOOL
  766. PushBranch(DWORD dwAddress)
  767. {
  768. PBRANCHADDRESS pBranchTemp;
  770. pBranchTemp = AllocMem(sizeof(BRANCHADDRESS));
  771. if (0 == pBranchTemp) {
  772. return FALSE;
  773. }
  775. pBranchTemp->dwAddress = dwAddress;
  777. if (0 == pBranchHead) {
  778. pBranchHead = pBranchTemp;
  779. }
  780. else {
  781. pBranchTemp->pNext = pBranchHead;
  782. pBranchHead = pBranchTemp;
  783. }
  785. return TRUE;
  786. }
  788. DWORD
  789. PopBranch(VOID)
  790. {
  791. PBRANCHADDRESS pBranchTemp;
  792. DWORD dwAddress = 0;
  794. pBranchTemp = pBranchHead;
  796. if (0 == pBranchTemp) {
  797. return 0;
  798. }
  800. dwAddress = pBranchTemp->dwAddress;
  801. pBranchHead = pBranchHead->pNext;
  803. FreeMem(pBranchTemp);
  805. return dwAddress;
  806. }
  808. VOID
  809. LockMapper(VOID)
  810. {
  811. EnterCriticalSection(&mapCritSec);
  812. }
  814. VOID
  815. UnlockMapper(VOID)
  816. {
  817. LeaveCriticalSection(&mapCritSec);
  818. }