archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/base/ntdll/query.c

1443 lines
49 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. /*++
  3. Copyright (c) 1992 Microsoft Corporation
  5. Module Name:
  7. query.c
  9. Abstract:
  11. This module contains the RtlQueryProcessInformation function
  13. Author:
  15. Steve Wood (stevewo) 01-Apr-1994
  17. Revision History:
  19. --*/
  21. #include "ldrp.h"
  22. #include <ntos.h>
  23. #include <stktrace.h>
  24. #include <heap.h>
  25. #include <stdio.h>
  27. #define AdjustPointer( t, p, d ) (p); if ((p) != NULL) (p) = (t)((ULONG_PTR)(p) + (d))
  29. //
  30. // Define the offset from the real control data to the copy thats mapped into target processes.
  31. // We need to copies so the target process can't corrupt the information.
  32. //
  33. #define CONTROL_OFFSET (0x10000)
  35. #define CONTROL_TO_FAKE(Buffer) ((PRTL_DEBUG_INFORMATION)((PUCHAR)(Buffer) + CONTROL_OFFSET))
  36. #define FAKE_TO_CONTROL(Buffer) ((PRTL_DEBUG_INFORMATION)((PUCHAR)(Buffer) - CONTROL_OFFSET))
  39. NTSYSAPI
  40. NTSTATUS
  41. NTAPI
  42. RtlpQueryProcessDebugInformationRemote(
  43. IN OUT PRTL_DEBUG_INFORMATION Buffer
  44. )
  45. /*++
  47. Routine Description:
  49. This is the target routine for a remote query. It runds in the context of an injected thread.
  50. If event pairs are used then this code loops repeatedly as an optimization.
  52. Arguments:
  54. Buffer - Query buffer to fill out with the query results
  56. Return Value:
  58. NTSTATUS - Status of call
  60. --*/
  61. {
  62. NTSTATUS Status, Status1;
  63. ULONG i;
  64. ULONG_PTR Delta;
  65. PRTL_PROCESS_HEAPS Heaps;
  66. PRTL_HEAP_INFORMATION HeapInfo;
  67. HANDLE EventPairTarget;
  69. EventPairTarget = Buffer->EventPairTarget;
  71. if (EventPairTarget != NULL) {
  72. Status = NtWaitLowEventPair (EventPairTarget);
  73. } else {
  74. Status = STATUS_SUCCESS;
  75. }
  77. while (NT_SUCCESS (Status)) {
  78. Status = RtlQueryProcessDebugInformation (NtCurrentTeb()->ClientId.UniqueProcess,
  79. Buffer->Flags,
  80. Buffer);
  81. if (NT_SUCCESS (Status)) {
  82. Delta = Buffer->ViewBaseDelta;
  83. if (Delta) {
  84. //
  85. // Need to relocate buffer pointers back to client addresses
  86. //
  87. AdjustPointer (PRTL_PROCESS_MODULES, Buffer->Modules, Delta);
  88. AdjustPointer (PRTL_PROCESS_BACKTRACES, Buffer->BackTraces, Delta);
  89. Heaps = AdjustPointer (PRTL_PROCESS_HEAPS, Buffer->Heaps, Delta);
  90. if (Heaps != NULL) {
  91. for (i=0; i<Heaps->NumberOfHeaps; i++) {
  92. HeapInfo = &Heaps->Heaps[ i ];
  93. AdjustPointer (PRTL_HEAP_TAG, HeapInfo->Tags, Delta);
  94. AdjustPointer (PRTL_HEAP_ENTRY, HeapInfo->Entries, Delta);
  95. }
  96. }
  98. AdjustPointer (PRTL_PROCESS_LOCKS, Buffer->Locks, Delta);
  99. }
  100. }
  103. //
  104. // If we were supposed to be a one shot then exit now.
  105. //
  106. if (EventPairTarget == NULL) {
  107. //
  108. // If no event pair handle, then exit loop and terminate
  109. //
  110. break;
  111. }
  113. Status = NtSetHighWaitLowEventPair (EventPairTarget);
  115. //
  116. // The client side will clear this variable to signal we should exit
  117. //
  118. if (Buffer->EventPairTarget == NULL) {
  119. //
  120. // If no event pair handle, then exit loop and terminate
  121. //
  122. break;
  123. }
  125. }
  127. //
  128. // All done with buffer, remove from our address space
  129. // then terminate ourselves so client wakes up.
  130. //
  131. Buffer->ViewBaseTarget = NULL;
  132. Status1 = NtUnmapViewOfSection (NtCurrentProcess(), Buffer);
  133. ASSERT (NT_SUCCESS (Status1));
  134. RtlExitUserThread (Status);
  136. //
  137. // NEVER REACHED.
  138. //
  139. }
  142. NTSTATUS
  143. RtlpChangeQueryDebugBufferTarget(
  144. IN PRTL_DEBUG_INFORMATION Buffer,
  145. IN HANDLE TargetProcessId,
  146. OUT PHANDLE ReturnedTargetProcessHandle OPTIONAL
  147. )
  148. /*++
  150. Routine Description:
  152. This routine changes the target process being queried. If the current target is set then we
  153. cleanup any state assocuated with this query. If we are using event pairs then we causes the
  154. cached thread to exit the target.
  156. Arguments:
  158. Buffer - Query buffer to be assigned and deassigned from the processes.
  160. TargetProcessId - New target to be queueried. If NULL then just clear current context
  162. ReturnedProcessHandle - OPTIONAL, If present receives the process handle of the new target
  163. if there is one.
  165. Return Value:
  167. NTSTATUS - Status of call
  169. --*/
  170. {
  171. NTSTATUS Status, Status1;
  172. CLIENT_ID OldTargetClientId, NewTargetClientId;
  173. OBJECT_ATTRIBUTES ObjectAttributes;
  174. HANDLE OldTargetProcess, NewTargetProcess, NewHandle;
  175. PRTL_DEBUG_INFORMATION TargetBuffer;
  176. LARGE_INTEGER SectionOffset;
  177. HANDLE EventPairTarget = NULL;
  179. TargetBuffer = CONTROL_TO_FAKE (Buffer);
  181. if (Buffer->EventPairClient != NULL &&
  182. Buffer->TargetProcessId == TargetProcessId) {
  183. return STATUS_SUCCESS;
  184. }
  186. if (Buffer->TargetThreadHandle != NULL) {
  188. EventPairTarget = Buffer->EventPairTarget;
  189. TargetBuffer->EventPairTarget = NULL;
  190. Buffer->EventPairTarget = NULL;
  191. if (Buffer->EventPairClient != NULL) {
  192. Status = NtSetLowEventPair (Buffer->EventPairClient);
  193. ASSERT (NT_SUCCESS (Status));
  194. }
  195. Status = NtWaitForSingleObject (Buffer->TargetThreadHandle,
  196. TRUE,
  197. NULL);
  199. Status = NtClose (Buffer->TargetThreadHandle);
  200. Buffer->TargetThreadHandle = NULL;
  202. ASSERT (NT_SUCCESS (Status));
  204. Status = NtClose (Buffer->TargetProcessHandle);
  205. Buffer->TargetProcessHandle = NULL;
  206. ASSERT (NT_SUCCESS (Status));
  207. }
  210. InitializeObjectAttributes( &ObjectAttributes,
  211. NULL,
  212. 0,
  213. NULL,
  214. NULL
  215. );
  218. if (Buffer->TargetProcessId != NULL) {
  219. OldTargetClientId.UniqueProcess = Buffer->TargetProcessId;
  220. OldTargetClientId.UniqueThread = 0;
  221. Status = NtOpenProcess (&OldTargetProcess,
  222. PROCESS_ALL_ACCESS,
  223. &ObjectAttributes,
  224. &OldTargetClientId);
  225. if (!NT_SUCCESS (Status)) {
  226. return Status;
  227. }
  228. } else {
  229. OldTargetProcess = NtCurrentProcess ();
  230. }
  232. if (ARGUMENT_PRESENT( TargetProcessId )) {
  233. NewTargetClientId.UniqueProcess = TargetProcessId;
  234. NewTargetClientId.UniqueThread = 0;
  235. Status = NtOpenProcess( &NewTargetProcess,
  236. PROCESS_ALL_ACCESS,
  237. &ObjectAttributes,
  238. &NewTargetClientId
  239. );
  240. if (!NT_SUCCESS( Status )) {
  241. if (EventPairTarget != NULL) {
  242. Status = NtDuplicateObject (OldTargetProcess,
  243. EventPairTarget,
  244. NULL,
  245. NULL,
  246. 0,
  247. 0,
  248. DUPLICATE_CLOSE_SOURCE);
  249. //
  250. // The target process could have closed the handle to cause us problems.
  251. // We ignore this error as the target is only damaging itself.
  252. //
  253. }
  254. if (OldTargetProcess != NtCurrentProcess()) {
  255. Status1 = NtClose (OldTargetProcess);
  256. ASSERT (NT_SUCCESS (Status1));
  257. }
  258. return Status;
  259. }
  260. } else {
  261. NewTargetProcess = NULL;
  262. }
  264. NewHandle = NULL;
  265. if (Buffer->EventPairClient) {
  266. if (EventPairTarget != NULL) {
  267. Status = NtDuplicateObject (OldTargetProcess,
  268. EventPairTarget,
  269. NULL,
  270. NULL,
  271. 0,
  272. 0,
  273. DUPLICATE_CLOSE_SOURCE);
  274. //
  275. // The target process could have closed the handle to cause us problems.
  276. // We ignore this error as the target is only damaging itself.
  277. //
  278. }
  279. if (NewTargetProcess != NULL) {
  280. Status = NtDuplicateObject (NtCurrentProcess (),
  281. Buffer->EventPairClient,
  282. NewTargetProcess,
  283. &NewHandle,
  284. 0,
  285. 0,
  286. DUPLICATE_SAME_ACCESS);
  287. if (!NT_SUCCESS (Status)) {
  288. if (OldTargetProcess != NtCurrentProcess()) {
  289. Status1 = NtClose (OldTargetProcess);
  290. ASSERT (NT_SUCCESS (Status1));
  291. }
  292. NtClose (NewTargetProcess);
  293. return Status;
  294. }
  295. }
  297. }
  299. if (OldTargetProcess != NtCurrentProcess()) {
  300. if (TargetBuffer->ViewBaseTarget != NULL) {
  301. Status1 = NtUnmapViewOfSection (OldTargetProcess, TargetBuffer->ViewBaseTarget);
  302. TargetBuffer->ViewBaseTarget = NULL;
  303. }
  304. Status1 = NtClose (OldTargetProcess);
  305. ASSERT (NT_SUCCESS (Status1));
  306. } else {
  307. Buffer->ViewBaseTarget = Buffer->ViewBaseClient;
  308. }
  310. SectionOffset.QuadPart = CONTROL_OFFSET;
  311. if (NewTargetProcess != NULL) {
  312. Status = NtMapViewOfSection( Buffer->SectionHandleClient,
  313. NewTargetProcess,
  314. &Buffer->ViewBaseTarget,
  315. 0,
  316. 0,
  317. &SectionOffset,
  318. &Buffer->ViewSize,
  319. ViewUnmap,
  320. 0,
  321. PAGE_READWRITE
  322. );
  323. if (Status == STATUS_CONFLICTING_ADDRESSES) {
  324. Buffer->ViewBaseTarget = NULL;
  325. Status = NtMapViewOfSection( Buffer->SectionHandleClient,
  326. NewTargetProcess,
  327. &Buffer->ViewBaseTarget,
  328. 0,
  329. 0,
  330. &SectionOffset,
  331. &Buffer->ViewSize,
  332. ViewUnmap,
  333. 0,
  334. PAGE_READWRITE
  335. );
  336. }
  338. if (!NT_SUCCESS( Status )) {
  339. if (NewHandle != NULL) {
  340. NtDuplicateObject (NewTargetProcess,
  341. &NewHandle,
  342. NULL,
  343. NULL,
  344. 0,
  345. 0,
  346. DUPLICATE_CLOSE_SOURCE);
  347. }
  349. NtClose( NewTargetProcess );
  350. return Status;
  351. }
  353. if (ARGUMENT_PRESENT( ReturnedTargetProcessHandle )) {
  354. *ReturnedTargetProcessHandle = NewTargetProcess;
  355. } else {
  356. Status = NtClose (NewTargetProcess);
  357. ASSERT (NT_SUCCESS (Status));
  358. }
  359. }
  361. Buffer->EventPairTarget = NewHandle;
  362. Buffer->ViewBaseDelta = (ULONG_PTR)Buffer->ViewBaseClient - (ULONG_PTR)Buffer->ViewBaseTarget;
  363. Buffer->TargetProcessId = TargetProcessId;
  364. *TargetBuffer = *Buffer;
  365. return STATUS_SUCCESS;
  366. }
  369. PVOID
  370. RtlpCommitQueryDebugInfo(
  371. IN PRTL_DEBUG_INFORMATION Buffer,
  372. IN ULONG Size
  373. )
  374. /*++
  376. Routine Description:
  378. This routine commits a range of memory in the buffer and returns its address.
  380. Arguments:
  382. Buffer - Query buffer to have space allocated to.
  383. If there is not enough commited space then we expand.
  385. Size - Size of data to return
  387. Return Value:
  389. PVOID - Pointer to the commited space.
  391. --*/
  392. {
  393. NTSTATUS Status;
  394. PVOID Result;
  395. PVOID CommitBase;
  396. SIZE_T CommitSize;
  397. SIZE_T NeededSize;
  399. if (Size > (MAXULONG - sizeof(PVOID) + 1)) {
  400. return NULL;
  401. }
  403. Size = (Size + sizeof (PVOID) - 1) & ~(sizeof (PVOID) - 1);
  404. NeededSize = Buffer->OffsetFree + Size;
  405. if (NeededSize > Buffer->CommitSize) {
  406. if (NeededSize >= Buffer->ViewSize) {
  407. return NULL;
  408. }
  410. CommitBase = (PCHAR)Buffer + Buffer->CommitSize;
  411. CommitSize = NeededSize - Buffer->CommitSize;
  412. Status = NtAllocateVirtualMemory( NtCurrentProcess(),
  413. &CommitBase,
  414. 0,
  415. &CommitSize,
  416. MEM_COMMIT,
  417. PAGE_READWRITE
  418. );
  419. if (!NT_SUCCESS( Status )) {
  420. return NULL;
  421. }
  423. Buffer->CommitSize += CommitSize;
  424. }
  426. Result = (PCHAR)Buffer + Buffer->OffsetFree;
  427. Buffer->OffsetFree = NeededSize;
  428. return Result;
  429. }
  432. VOID
  433. RtlpDeCommitQueryDebugInfo(
  434. IN PRTL_DEBUG_INFORMATION Buffer,
  435. IN PVOID p,
  436. IN ULONG Size
  437. )
  438. /*++
  440. Routine Description:
  442. This routine returns a range of previously commited data to the buffer.
  444. Arguments:
  446. Buffer - Query buffer to have space returned to.
  448. Size - Size of data to return
  450. Return Value:
  452. None.
  454. --*/
  455. {
  456. if (Size > (MAXULONG - sizeof(PVOID) + 1)) {
  457. return;
  458. }
  460. Size = (Size + sizeof(PVOID) - 1) & ~(sizeof (PVOID) - 1);
  461. if (p == (PVOID)(Buffer->OffsetFree - Size)) {
  462. Buffer->OffsetFree -= Size;
  463. }
  464. }
  467. NTSYSAPI
  468. PRTL_DEBUG_INFORMATION
  469. NTAPI
  470. RtlCreateQueryDebugBuffer(
  471. IN ULONG MaximumCommit OPTIONAL,
  472. IN BOOLEAN UseEventPair
  473. )
  474. /*++
  476. Routine Description:
  478. Creates a new query buffer to allow a remote of local query to be done.
  480. Arguments:
  482. MaximumCommit - Largest query buffer size allowed
  484. UseEventPair - If TRUE the codes caches a single thread in the target to make repeated queries fast.
  486. Return Value:
  488. PRTL_DEBUG_INFORMATION - NULL on failure, non-NULL otherwise.
  490. --*/
  491. {
  492. NTSTATUS Status;
  493. HANDLE Section;
  494. PRTL_DEBUG_INFORMATION Buffer, ReturnBuffer;
  495. LARGE_INTEGER MaximumSize;
  496. ULONG_PTR ViewSize, CommitSize;
  498. if (!ARGUMENT_PRESENT( (PVOID)(ULONG_PTR)MaximumCommit )) { // Sundown Note: ULONG zero-extended.
  499. MaximumCommit = 4 * 1024 * 1024;
  500. }
  501. ViewSize = MaximumCommit + CONTROL_OFFSET;
  502. MaximumSize.QuadPart = ViewSize;
  503. Status = NtCreateSection( &Section,
  504. SECTION_ALL_ACCESS,
  505. NULL,
  506. &MaximumSize,
  507. PAGE_READWRITE,
  508. SEC_RESERVE,
  509. NULL
  510. );
  511. if (!NT_SUCCESS( Status )) {
  512. return NULL;
  513. }
  515. Buffer = NULL;
  516. Status = NtMapViewOfSection( Section,
  517. NtCurrentProcess(),
  518. &Buffer,
  519. 0,
  520. 0,
  521. NULL,
  522. &ViewSize,
  523. ViewUnmap,
  524. 0,
  525. PAGE_READWRITE
  526. );
  527. if (!NT_SUCCESS (Status)) {
  528. NtClose (Section);
  529. return NULL;
  530. }
  532. CommitSize = 1 + CONTROL_OFFSET;
  533. Status = NtAllocateVirtualMemory( NtCurrentProcess(),
  534. &Buffer,
  535. 0,
  536. &CommitSize,
  537. MEM_COMMIT,
  538. PAGE_READWRITE
  539. );
  540. if (!NT_SUCCESS( Status )) {
  541. NtUnmapViewOfSection( NtCurrentProcess(), Buffer );
  542. NtClose( Section );
  543. return NULL;
  544. }
  546. if (UseEventPair) {
  547. Status = NtCreateEventPair( &Buffer->EventPairClient,
  548. EVENT_PAIR_ALL_ACCESS,
  549. NULL
  550. );
  551. if (!NT_SUCCESS( Status )) {
  552. NtFreeVirtualMemory( NtCurrentProcess(), &Buffer, &CommitSize,
  553. MEM_RELEASE );
  554. NtUnmapViewOfSection( NtCurrentProcess(), Buffer );
  555. NtClose( Section );
  556. return NULL;
  557. }
  558. }
  560. ReturnBuffer = CONTROL_TO_FAKE (Buffer);
  562. Buffer->SectionHandleClient = Section;
  563. Buffer->ViewBaseClient = ReturnBuffer;
  564. Buffer->OffsetFree = sizeof (RTL_DEBUG_INFORMATION);
  565. Buffer->CommitSize = CommitSize - CONTROL_OFFSET;
  566. Buffer->ViewSize = ViewSize - CONTROL_OFFSET;
  567. *ReturnBuffer = *Buffer;
  568. return ReturnBuffer;
  569. }
  572. NTSYSAPI
  573. NTSTATUS
  574. NTAPI
  575. RtlDestroyQueryDebugBuffer(
  576. IN PRTL_DEBUG_INFORMATION Buffer
  577. )
  578. /*++
  580. Routine Description:
  582. Destroys a previously created buffer that was returned by RtlCreateQueryDebugBuffer
  584. Arguments:
  586. Buffer - Buffer pointer obtained from RtlCreateQueryDebugBuffer
  588. Return Value:
  590. NTSTATUS - Status of operation.
  592. --*/
  593. {
  594. NTSTATUS Status;
  595. PRTL_DEBUG_INFORMATION RealBuffer;
  597. RealBuffer = FAKE_TO_CONTROL (Buffer);
  599. RtlpChangeQueryDebugBufferTarget (RealBuffer, NULL, NULL);
  601. if (RealBuffer->EventPairClient != NULL) {
  602. Status = NtClose (RealBuffer->EventPairClient);
  603. ASSERT (NT_SUCCESS (Status));
  604. }
  606. Status = NtClose (RealBuffer->SectionHandleClient);
  607. ASSERT (NT_SUCCESS (Status));
  608. Status = NtUnmapViewOfSection (NtCurrentProcess(), RealBuffer);
  609. ASSERT (NT_SUCCESS (Status));
  610. return STATUS_SUCCESS;
  611. }
  614. NTSYSAPI
  615. NTSTATUS
  616. NTAPI
  617. RtlQueryProcessDebugInformation(
  618. IN HANDLE UniqueProcessId,
  619. IN ULONG Flags,
  620. IN OUT PRTL_DEBUG_INFORMATION Buffer
  621. )
  622. /*++
  624. Routine Description:
  626. Queries the current or a remote process for the specified debug information
  628. Arguments:
  630. UniqueProcessId - ProcessId of process to query
  632. Flags - Flags mask describing what to query
  634. Buffer - Buffer pointer obtained from RtlCreateQueryDebugBuffer
  636. Return Value:
  638. NTSTATUS - Status of operation.
  640. --*/
  641. {
  642. NTSTATUS Status = STATUS_SUCCESS;
  643. HANDLE ProcessHandle, ThreadHandle;
  644. THREAD_BASIC_INFORMATION BasicInformation;
  645. PRTL_DEBUG_INFORMATION RealBuffer;
  647. HANDLE hNiProcess = NULL;
  649. Buffer->Flags = Flags;
  650. if (Buffer->OffsetFree != 0) {
  651. RtlZeroMemory( (Buffer+1), Buffer->OffsetFree - (SIZE_T)sizeof(*Buffer) );
  652. }
  653. Buffer->OffsetFree = sizeof( *Buffer );
  655. //
  656. // Get process handle for noninvasive query if required
  657. //
  658. if ( (NtCurrentTeb()->ClientId.UniqueProcess != UniqueProcessId) &&
  659. (Flags & RTL_QUERY_PROCESS_NONINVASIVE) &&
  660. (Flags & ( RTL_QUERY_PROCESS_MODULES |
  661. RTL_QUERY_PROCESS_MODULES32
  662. )
  663. ) &&
  664. !(Flags & ~( RTL_QUERY_PROCESS_MODULES |
  665. RTL_QUERY_PROCESS_MODULES32 |
  666. RTL_QUERY_PROCESS_NONINVASIVE
  667. )
  668. )
  669. ) {
  670. OBJECT_ATTRIBUTES ObjectAttributes;
  671. CLIENT_ID NiProcessId;
  673. InitializeObjectAttributes( &ObjectAttributes,
  674. NULL,
  675. 0,
  676. NULL,
  677. NULL
  678. );
  679. NiProcessId.UniqueProcess = UniqueProcessId;
  680. NiProcessId.UniqueThread = 0;
  682. if (!NT_SUCCESS( NtOpenProcess( &hNiProcess,
  683. PROCESS_ALL_ACCESS,
  684. &ObjectAttributes,
  685. &NiProcessId
  686. )
  687. )
  688. ) {
  689. hNiProcess = NULL;
  690. }
  691. }
  694. if ( (NtCurrentTeb()->ClientId.UniqueProcess != UniqueProcessId) &&
  695. !hNiProcess) {
  697. RealBuffer = FAKE_TO_CONTROL (Buffer);
  699. RealBuffer->Flags = Flags;
  700. RealBuffer->OffsetFree = sizeof (*Buffer);
  702. //
  703. // Perform remote query
  704. //
  705. ProcessHandle = NULL;
  706. Status = RtlpChangeQueryDebugBufferTarget (RealBuffer, UniqueProcessId, &ProcessHandle);
  707. if (!NT_SUCCESS( Status )) {
  708. return Status;
  709. }
  711. if (ProcessHandle == NULL) {
  712. waitForDump:
  713. Status = NtSetLowWaitHighEventPair( RealBuffer->EventPairClient );
  714. } else {
  715. //
  716. // don't let the debugger see this remote thread !
  717. // This is a very ugly but effective way to prevent
  718. // the debugger deadlocking with the target process when calling
  719. // this function.
  720. //
  722. Status = RtlCreateUserThread( ProcessHandle,
  723. NULL,
  724. TRUE,
  725. 0,
  726. 0,
  727. 0,
  728. RtlpQueryProcessDebugInformationRemote,
  729. RealBuffer->ViewBaseTarget,
  730. &ThreadHandle,
  731. NULL
  732. );
  733. if (NT_SUCCESS( Status )) {
  735. Status = NtSetInformationThread( ThreadHandle,
  736. ThreadHideFromDebugger,
  737. NULL,
  738. 0
  739. );
  741. if ( !NT_SUCCESS(Status) ) {
  742. NtTerminateThread(ThreadHandle,Status);
  743. NtClose(ThreadHandle);
  744. NtClose(ProcessHandle);
  745. return Status;
  746. }
  748. NtResumeThread(ThreadHandle,NULL);
  750. if (RealBuffer->EventPairClient != NULL) {
  751. RealBuffer->TargetThreadHandle = ThreadHandle;
  752. RealBuffer->TargetProcessHandle = ProcessHandle;
  753. goto waitForDump;
  754. }
  757. Status = NtWaitForSingleObject( ThreadHandle,
  758. TRUE,
  759. NULL
  760. );
  762. if (NT_SUCCESS( Status )) {
  763. Status = NtQueryInformationThread( ThreadHandle,
  764. ThreadBasicInformation,
  765. &BasicInformation,
  766. sizeof( BasicInformation ),
  767. NULL
  768. );
  769. if (NT_SUCCESS( Status )) {
  770. Status = BasicInformation.ExitStatus;
  771. }
  772. if (NT_SUCCESS (Status) &&
  773. (Flags&(RTL_QUERY_PROCESS_MODULES|RTL_QUERY_PROCESS_MODULES32)) != 0 &&
  774. Buffer->Modules == NULL) {
  775. Status = STATUS_PROCESS_IS_TERMINATING;
  776. }
  777. }
  779. NtClose( ThreadHandle );
  781. }
  784. NtClose( ProcessHandle );
  785. }
  786. } else {
  787. if (Flags & (RTL_QUERY_PROCESS_MODULES | RTL_QUERY_PROCESS_MODULES32)) {
  788. Status = RtlQueryProcessModuleInformation( hNiProcess, Flags, Buffer );
  789. if (Status != STATUS_SUCCESS) {
  790. goto closeNiProcessAndBreak;
  791. }
  792. }
  794. if (Flags & RTL_QUERY_PROCESS_BACKTRACES) {
  795. Status = RtlQueryProcessBackTraceInformation( Buffer );
  796. if (Status != STATUS_SUCCESS) {
  797. goto closeNiProcessAndBreak;
  798. }
  799. }
  801. if (Flags & RTL_QUERY_PROCESS_LOCKS) {
  802. Status = RtlQueryProcessLockInformation( Buffer );
  803. if (Status != STATUS_SUCCESS) {
  804. goto closeNiProcessAndBreak;
  805. }
  806. }
  808. if (Flags & (RTL_QUERY_PROCESS_HEAP_SUMMARY |
  809. RTL_QUERY_PROCESS_HEAP_TAGS |
  810. RTL_QUERY_PROCESS_HEAP_ENTRIES
  811. )
  812. ) {
  813. Status = RtlQueryProcessHeapInformation( Buffer );
  814. if (Status != STATUS_SUCCESS) {
  815. goto closeNiProcessAndBreak;
  816. }
  817. }
  819. closeNiProcessAndBreak:
  820. if ( hNiProcess ) {
  821. NtClose( hNiProcess );
  822. }
  823. }
  825. return Status;
  826. }
  828. NTSTATUS
  829. LdrQueryProcessModuleInformationEx(
  830. IN HANDLE hProcess OPTIONAL,
  831. IN ULONG_PTR Flags OPTIONAL,
  832. OUT PRTL_PROCESS_MODULES ModuleInformation,
  833. IN ULONG ModuleInformationLength,
  834. OUT PULONG ReturnLength OPTIONAL
  835. );
  838. NTSTATUS
  839. NTAPI
  840. RtlQueryProcessModuleInformation
  841. (
  842. IN HANDLE hProcess OPTIONAL,
  843. IN ULONG Flags,
  844. IN OUT PRTL_DEBUG_INFORMATION Buffer
  845. )
  846. /*++
  848. Routine Description:
  850. Queries the current or a remote process for loaded module information
  852. Arguments:
  854. hProcess - Handle to the process being queuried
  856. Flags - Flags mask describing what to query
  858. Buffer - Buffer pointer obtained from RtlCreateQueryDebugBuffer
  860. Return Value:
  862. NTSTATUS - Status of operation.
  864. --*/
  865. {
  866. NTSTATUS Status;
  867. ULONG RequiredLength, BufferSize;
  868. PRTL_PROCESS_MODULES Modules;
  869. ULONG LdrFlags = (Flags & RTL_QUERY_PROCESS_MODULES32) != 0;
  871. Status = LdrQueryProcessModuleInformationEx( hProcess,
  872. LdrFlags,
  873. NULL,
  874. 0,
  875. &BufferSize
  876. );
  877. if (Status == STATUS_INFO_LENGTH_MISMATCH) {
  878. Modules = RtlpCommitQueryDebugInfo( Buffer, BufferSize );
  879. if (Modules != NULL) {
  880. RtlZeroMemory( Modules, BufferSize );
  881. Status = LdrQueryProcessModuleInformationEx( hProcess,
  882. LdrFlags,
  883. Modules,
  884. BufferSize,
  885. &RequiredLength
  886. );
  887. if (NT_SUCCESS( Status )) {
  888. Buffer->Modules = Modules;
  889. return STATUS_SUCCESS;
  890. }
  891. RtlpDeCommitQueryDebugInfo( Buffer, Modules, BufferSize );
  892. }
  893. else {
  894. Status = STATUS_NO_MEMORY;
  895. }
  896. }
  898. return Status;
  899. }
  902. NTSTATUS
  903. RtlQueryProcessBackTraceInformation(
  904. IN OUT PRTL_DEBUG_INFORMATION Buffer
  905. )
  906. /*++
  908. Routine Description:
  910. Queries the current process for back trace information
  912. Arguments:
  914. Buffer - Buffer pointer obtained from RtlCreateQueryDebugBuffer
  916. Return Value:
  918. NTSTATUS - Status of operation.
  920. --*/
  921. {
  922. #if i386
  923. NTSTATUS Status;
  924. OUT PRTL_PROCESS_BACKTRACES BackTraces;
  925. PRTL_PROCESS_BACKTRACE_INFORMATION BackTraceInfo;
  926. PSTACK_TRACE_DATABASE DataBase;
  927. PRTL_STACK_TRACE_ENTRY p, *pp;
  928. ULONG n;
  930. DataBase = RtlpAcquireStackTraceDataBase();
  931. if (DataBase == NULL) {
  932. return STATUS_SUCCESS;
  933. }
  935. BackTraces = RtlpCommitQueryDebugInfo( Buffer, FIELD_OFFSET( RTL_PROCESS_BACKTRACES, BackTraces ) );
  936. if (BackTraces == NULL) {
  937. return STATUS_NO_MEMORY;
  938. }
  940. DataBase->DumpInProgress = TRUE;
  941. RtlpReleaseStackTraceDataBase();
  942. Status = STATUS_ACCESS_VIOLATION;
  943. try {
  944. BackTraces->CommittedMemory = (ULONG)DataBase->CurrentUpperCommitLimit -
  945. (ULONG)DataBase->CommitBase;
  946. BackTraces->ReservedMemory = (ULONG)DataBase->EntryIndexArray -
  947. (ULONG)DataBase->CommitBase;
  948. BackTraces->NumberOfBackTraceLookups = DataBase->NumberOfEntriesLookedUp;
  949. BackTraces->NumberOfBackTraces = DataBase->NumberOfEntriesAdded;
  950. BackTraceInfo = RtlpCommitQueryDebugInfo( Buffer, (sizeof( *BackTraceInfo ) * BackTraces->NumberOfBackTraces) );
  951. if (BackTraceInfo == NULL) {
  952. Status = STATUS_NO_MEMORY;
  953. RtlpDeCommitQueryDebugInfo(
  954. Buffer,
  955. BackTraces,
  956. FIELD_OFFSET( RTL_PROCESS_BACKTRACES, BackTraces )
  957. );
  958. }
  959. else {
  960. Status = STATUS_SUCCESS;
  961. n = DataBase->NumberOfEntriesAdded;
  962. pp = DataBase->EntryIndexArray;
  963. while (n--) {
  964. p = *--pp;
  965. BackTraceInfo->SymbolicBackTrace = NULL;
  966. BackTraceInfo->TraceCount = p->TraceCount;
  967. BackTraceInfo->Index = p->Index;
  968. BackTraceInfo->Depth = p->Depth;
  969. RtlMoveMemory( BackTraceInfo->BackTrace,
  970. p->BackTrace,
  971. p->Depth * sizeof( PVOID )
  972. );
  973. BackTraceInfo++;
  974. }
  975. }
  976. }
  977. finally {
  978. DataBase->DumpInProgress = FALSE;
  979. }
  981. if (NT_SUCCESS( Status )) {
  982. Buffer->BackTraces = BackTraces;
  983. }
  985. return Status;
  986. #else
  987. UNREFERENCED_PARAMETER (Buffer);
  988. return STATUS_SUCCESS;
  989. #endif // i386
  990. }
  993. NTSTATUS
  994. RtlpQueryProcessEnumHeapsRoutine(
  995. PVOID HeapHandle,
  996. PVOID Parameter
  997. )
  998. {
  999. PRTL_DEBUG_INFORMATION Buffer = (PRTL_DEBUG_INFORMATION)Parameter;
  1000. PRTL_PROCESS_HEAPS Heaps = Buffer->Heaps;
  1001. PHEAP Heap = (PHEAP)HeapHandle;
  1002. PRTL_HEAP_INFORMATION HeapInfo;
  1003. PHEAP_SEGMENT Segment;
  1004. UCHAR SegmentIndex;
  1006. //
  1007. // NOTICE-2002/03/24-ELi
  1008. // This function assumes that HeapInfo is allocated immediately following
  1009. // the Buffer->Heaps allocation. Therefore, HeapInfo is not leaked.
  1010. //
  1011. HeapInfo = RtlpCommitQueryDebugInfo( Buffer, sizeof( *HeapInfo ) );
  1012. if (HeapInfo == NULL) {
  1013. return STATUS_NO_MEMORY;
  1014. }
  1016. RtlZeroMemory( HeapInfo, sizeof( *HeapInfo ) );
  1018. HeapInfo->BaseAddress = Heap;
  1019. HeapInfo->Flags = Heap->Flags;
  1020. HeapInfo->EntryOverhead = sizeof( HEAP_ENTRY );
  1021. HeapInfo->CreatorBackTraceIndex = Heap->AllocatorBackTraceIndex;
  1022. SegmentIndex = HEAP_MAXIMUM_SEGMENTS;
  1023. while (SegmentIndex--) {
  1024. Segment = Heap->Segments[ SegmentIndex ];
  1025. if (Segment) {
  1026. HeapInfo->BytesCommitted += (Segment->NumberOfPages -
  1027. Segment->NumberOfUnCommittedPages
  1028. ) * PAGE_SIZE;
  1030. }
  1031. }
  1032. HeapInfo->BytesAllocated = HeapInfo->BytesCommitted -
  1033. (Heap->TotalFreeSize << HEAP_GRANULARITY_SHIFT);
  1034. Heaps->NumberOfHeaps += 1;
  1035. return STATUS_SUCCESS;
  1036. }
  1039. NTSYSAPI
  1040. NTSTATUS
  1041. NTAPI
  1042. RtlQueryProcessHeapInformation(
  1043. IN OUT PRTL_DEBUG_INFORMATION Buffer
  1044. )
  1045. {
  1046. NTSTATUS Status;
  1047. PHEAP Heap;
  1048. BOOLEAN LockAcquired;
  1049. PRTL_PROCESS_HEAPS Heaps;
  1050. PRTL_HEAP_INFORMATION HeapInfo;
  1051. UCHAR SegmentIndex;
  1052. ULONG i, n, TagIndex;
  1053. PHEAP_SEGMENT Segment;
  1054. PRTL_HEAP_TAG Tags;
  1055. PHEAP_PSEUDO_TAG_ENTRY PseudoTags;
  1056. PRTL_HEAP_ENTRY Entries;
  1057. PHEAP_ENTRY CurrentBlock;
  1058. PHEAP_ENTRY_EXTRA ExtraStuff;
  1059. PLIST_ENTRY Head, Next;
  1060. PHEAP_VIRTUAL_ALLOC_ENTRY VirtualAllocBlock;
  1061. ULONG Size;
  1062. PHEAP_UNCOMMMTTED_RANGE UnCommittedRange;
  1064. Heaps = RtlpCommitQueryDebugInfo( Buffer, FIELD_OFFSET( RTL_PROCESS_HEAPS, Heaps ) );
  1065. if (Heaps == NULL) {
  1066. return STATUS_NO_MEMORY;
  1067. }
  1069. Heaps->NumberOfHeaps = 0;
  1071. Buffer->Heaps = Heaps;
  1072. Status = RtlEnumProcessHeaps( RtlpQueryProcessEnumHeapsRoutine, Buffer );
  1073. if (NT_SUCCESS( Status )) {
  1074. if (Buffer->Flags & RTL_QUERY_PROCESS_HEAP_TAGS) {
  1075. Heap = RtlpGlobalTagHeap;
  1076. if (Heap->TagEntries != NULL) {
  1077. HeapInfo = RtlpCommitQueryDebugInfo( Buffer, sizeof( *HeapInfo ) );
  1078. if (HeapInfo == NULL) {
  1079. return STATUS_NO_MEMORY;
  1080. }
  1082. RtlZeroMemory( HeapInfo, sizeof( *HeapInfo ) );
  1084. HeapInfo->BaseAddress = Heap;
  1085. HeapInfo->Flags = Heap->Flags;
  1086. HeapInfo->EntryOverhead = sizeof( HEAP_ENTRY );
  1087. Heaps->NumberOfHeaps += 1;
  1088. }
  1090. for (i=0; i<Heaps->NumberOfHeaps; i++) {
  1091. HeapInfo = &Heaps->Heaps[ i ];
  1092. if (Buffer->SpecificHeap == NULL ||
  1093. Buffer->SpecificHeap == HeapInfo->BaseAddress
  1094. ) {
  1095. Heap = HeapInfo->BaseAddress;
  1096. HeapInfo->NumberOfTags = Heap->NextAvailableTagIndex;
  1097. n = HeapInfo->NumberOfTags * sizeof( RTL_HEAP_TAG );
  1098. if (Heap->PseudoTagEntries != NULL) {
  1099. HeapInfo->NumberOfTags += HEAP_MAXIMUM_FREELISTS + 1;
  1100. n += (HEAP_MAXIMUM_FREELISTS + 1) * sizeof( RTL_HEAP_TAG );
  1101. }
  1102. Tags = RtlpCommitQueryDebugInfo( Buffer, n );
  1103. if (Tags == NULL) {
  1104. Status = STATUS_NO_MEMORY;
  1105. break;
  1106. }
  1107. RtlZeroMemory( Tags, n );
  1108. HeapInfo->Tags = Tags;
  1109. if ((PseudoTags = Heap->PseudoTagEntries) != NULL) {
  1110. HeapInfo->NumberOfPseudoTags = HEAP_NUMBER_OF_PSEUDO_TAG;
  1111. HeapInfo->PseudoTagGranularity = HEAP_GRANULARITY;
  1112. for (TagIndex=0; TagIndex<=HEAP_MAXIMUM_FREELISTS; TagIndex++) {
  1113. Tags->NumberOfAllocations = PseudoTags->Allocs;
  1114. Tags->NumberOfFrees = PseudoTags->Frees;
  1115. Tags->BytesAllocated = PseudoTags->Size << HEAP_GRANULARITY_SHIFT;
  1116. Tags->TagIndex = (USHORT)(TagIndex | HEAP_PSEUDO_TAG_FLAG);
  1118. if (TagIndex == 0) {
  1119. swprintf( Tags->TagName, L"Objects>%4u",
  1120. HEAP_MAXIMUM_FREELISTS << HEAP_GRANULARITY_SHIFT
  1121. );
  1122. }
  1123. else
  1124. if (TagIndex < HEAP_MAXIMUM_FREELISTS) {
  1125. swprintf( Tags->TagName, L"Objects=%4u",
  1126. TagIndex << HEAP_GRANULARITY_SHIFT
  1127. );
  1128. }
  1129. else {
  1130. swprintf( Tags->TagName, L"VirtualAlloc" );
  1131. }
  1133. Tags += 1;
  1134. PseudoTags += 1;
  1135. }
  1136. }
  1138. RtlMoveMemory( Tags,
  1139. Heap->TagEntries,
  1140. Heap->NextAvailableTagIndex * sizeof( RTL_HEAP_TAG )
  1141. );
  1142. for (TagIndex=0; TagIndex<Heap->NextAvailableTagIndex; TagIndex++) {
  1143. Tags->BytesAllocated <<= HEAP_GRANULARITY_SHIFT;
  1144. Tags += 1;
  1145. }
  1146. }
  1147. }
  1148. }
  1149. }
  1150. else {
  1151. Buffer->Heaps = NULL;
  1152. }
  1154. if (NT_SUCCESS( Status )) {
  1155. if (Buffer->Flags & RTL_QUERY_PROCESS_HEAP_ENTRIES) {
  1156. for (i=0; i<Heaps->NumberOfHeaps; i++) {
  1157. HeapInfo = &Heaps->Heaps[ i ];
  1158. Heap = HeapInfo->BaseAddress;
  1159. if (Buffer->SpecificHeap == NULL ||
  1160. Buffer->SpecificHeap == Heap
  1161. ) {
  1162. if (!(Heap->Flags & HEAP_NO_SERIALIZE)) {
  1163. RtlEnterCriticalSection( (PRTL_CRITICAL_SECTION)Heap->LockVariable );
  1164. LockAcquired = TRUE;
  1165. }
  1166. else {
  1167. LockAcquired = FALSE;
  1168. }
  1170. try {
  1171. for (SegmentIndex=0; SegmentIndex<HEAP_MAXIMUM_SEGMENTS; SegmentIndex++) {
  1172. Segment = Heap->Segments[ SegmentIndex ];
  1173. if (!Segment) {
  1174. continue;
  1175. }
  1177. Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) );
  1178. if (Entries == NULL) {
  1179. Status = STATUS_NO_MEMORY;
  1180. leave;
  1181. }
  1182. else
  1183. if (HeapInfo->Entries == NULL) {
  1184. HeapInfo->Entries = Entries;
  1185. }
  1187. RtlZeroMemory( Entries, sizeof( *Entries ) );
  1189. Entries->Flags = RTL_HEAP_SEGMENT;
  1190. Entries->AllocatorBackTraceIndex = Segment->AllocatorBackTraceIndex;
  1191. Entries->Size = Segment->NumberOfPages * PAGE_SIZE;
  1192. Entries->u.s2.CommittedSize = (Segment->NumberOfPages -
  1193. Segment->NumberOfUnCommittedPages
  1194. ) * PAGE_SIZE;
  1195. Entries->u.s2.FirstBlock = Segment->FirstEntry;
  1196. HeapInfo->NumberOfEntries++;
  1198. UnCommittedRange = Segment->UnCommittedRanges;
  1199. CurrentBlock = Segment->FirstEntry;
  1200. while (CurrentBlock < Segment->LastValidEntry) {
  1201. Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) );
  1202. if (Entries == NULL) {
  1203. Status = STATUS_NO_MEMORY;
  1204. leave;
  1205. }
  1207. RtlZeroMemory( Entries, sizeof( *Entries ) );
  1209. Size = CurrentBlock->Size << HEAP_GRANULARITY_SHIFT;
  1210. Entries->Size = Size;
  1211. HeapInfo->NumberOfEntries++;
  1212. if (CurrentBlock->Flags & HEAP_ENTRY_BUSY) {
  1213. if (CurrentBlock->Flags & HEAP_ENTRY_EXTRA_PRESENT) {
  1214. ExtraStuff = (PHEAP_ENTRY_EXTRA)(CurrentBlock + CurrentBlock->Size - 1);
  1215. #if i386
  1216. Entries->AllocatorBackTraceIndex = ExtraStuff->AllocatorBackTraceIndex;
  1217. #endif // i386
  1218. Entries->Flags |= RTL_HEAP_SETTABLE_VALUE;
  1219. Entries->u.s1.Settable = ExtraStuff->Settable;
  1220. Entries->u.s1.Tag = ExtraStuff->TagIndex;
  1221. }
  1222. else {
  1223. Entries->u.s1.Tag = CurrentBlock->SmallTagIndex;
  1224. }
  1226. Entries->Flags |= RTL_HEAP_BUSY | (CurrentBlock->Flags & HEAP_ENTRY_SETTABLE_FLAGS);
  1227. }
  1228. else
  1229. if (CurrentBlock->Flags & HEAP_ENTRY_EXTRA_PRESENT) {
  1230. PHEAP_FREE_ENTRY_EXTRA FreeExtra;
  1232. FreeExtra = (PHEAP_FREE_ENTRY_EXTRA)(CurrentBlock + CurrentBlock->Size) - 1;
  1233. Entries->u.s1.Tag = FreeExtra->TagIndex;
  1234. Entries->AllocatorBackTraceIndex = FreeExtra->FreeBackTraceIndex;
  1235. }
  1237. if (CurrentBlock->Flags & HEAP_ENTRY_LAST_ENTRY) {
  1238. CurrentBlock += CurrentBlock->Size;
  1239. if (UnCommittedRange == NULL) {
  1240. CurrentBlock = Segment->LastValidEntry;
  1241. }
  1242. else {
  1243. Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) );
  1244. if (Entries == NULL) {
  1245. Status = STATUS_NO_MEMORY;
  1246. leave;
  1247. }
  1249. RtlZeroMemory( Entries, sizeof( *Entries ) );
  1251. Entries->Flags = RTL_HEAP_UNCOMMITTED_RANGE;
  1252. Entries->Size = UnCommittedRange->Size;
  1253. HeapInfo->NumberOfEntries++;
  1255. CurrentBlock = (PHEAP_ENTRY)
  1256. ((PCHAR)UnCommittedRange->Address + UnCommittedRange->Size);
  1257. UnCommittedRange = UnCommittedRange->Next;
  1258. }
  1259. }
  1260. else {
  1261. CurrentBlock += CurrentBlock->Size;
  1262. }
  1263. }
  1264. }
  1266. Head = &Heap->VirtualAllocdBlocks;
  1267. Next = Head->Flink;
  1268. while (Head != Next) {
  1269. VirtualAllocBlock = CONTAINING_RECORD( Next, HEAP_VIRTUAL_ALLOC_ENTRY, Entry );
  1270. CurrentBlock = &VirtualAllocBlock->BusyBlock;
  1271. Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) );
  1272. if (Entries == NULL) {
  1273. Status = STATUS_NO_MEMORY;
  1274. leave;
  1275. }
  1276. else
  1277. if (HeapInfo->Entries == NULL) {
  1278. HeapInfo->Entries = Entries;
  1279. }
  1281. RtlZeroMemory( Entries, sizeof( *Entries ) );
  1283. Entries->Flags = RTL_HEAP_SEGMENT;
  1284. Entries->Size = VirtualAllocBlock->ReserveSize;
  1285. Entries->u.s2.CommittedSize = VirtualAllocBlock->CommitSize;
  1286. Entries->u.s2.FirstBlock = CurrentBlock;
  1287. HeapInfo->NumberOfEntries++;
  1288. Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) );
  1289. if (Entries == NULL) {
  1290. Status = STATUS_NO_MEMORY;
  1291. leave;
  1292. }
  1294. RtlZeroMemory( Entries, sizeof( *Entries ) );
  1296. Entries->Size = VirtualAllocBlock->CommitSize;
  1297. Entries->Flags = RTL_HEAP_BUSY | (CurrentBlock->Flags & HEAP_ENTRY_SETTABLE_FLAGS);
  1298. #if i386
  1299. Entries->AllocatorBackTraceIndex = VirtualAllocBlock->ExtraStuff.AllocatorBackTraceIndex;
  1300. #endif // i386
  1301. Entries->Flags |= RTL_HEAP_SETTABLE_VALUE;
  1302. Entries->u.s1.Settable = VirtualAllocBlock->ExtraStuff.Settable;
  1303. Entries->u.s1.Tag = VirtualAllocBlock->ExtraStuff.TagIndex;
  1304. HeapInfo->NumberOfEntries++;
  1306. Next = Next->Flink;
  1307. }
  1308. }
  1309. finally {
  1310. //
  1311. // Unlock the heap
  1312. //
  1314. if (LockAcquired) {
  1315. RtlLeaveCriticalSection( (PRTL_CRITICAL_SECTION)Heap->LockVariable );
  1316. }
  1317. }
  1318. }
  1320. if (!NT_SUCCESS( Status )) {
  1321. break;
  1322. }
  1323. }
  1324. }
  1325. }
  1327. return Status;
  1328. }
  1331. NTSYSAPI
  1332. NTSTATUS
  1333. NTAPI
  1334. RtlQueryProcessLockInformation(
  1335. IN OUT PRTL_DEBUG_INFORMATION Buffer
  1336. )
  1337. /*++
  1339. Routine Description:
  1341. Queries the current process for ciritcal section information
  1343. Arguments:
  1345. Buffer - Buffer pointer obtained from RtlCreateQueryDebugBuffer
  1347. Return Value:
  1349. NTSTATUS - Status of operation.
  1351. --*/
  1352. {
  1353. NTSTATUS Status;
  1354. PLIST_ENTRY Head, Next;
  1355. PRTL_PROCESS_LOCKS Locks;
  1356. PRTL_PROCESS_LOCK_INFORMATION LockInfo;
  1357. PRTL_CRITICAL_SECTION CriticalSection;
  1358. PRTL_CRITICAL_SECTION_DEBUG DebugInfo;
  1359. PRTL_RESOURCE Resource;
  1360. PRTL_RESOURCE_DEBUG ResourceDebugInfo;
  1362. Locks = RtlpCommitQueryDebugInfo( Buffer, FIELD_OFFSET( RTL_PROCESS_LOCKS, Locks ) );
  1363. if (Locks == NULL) {
  1364. return STATUS_NO_MEMORY;
  1365. }
  1367. Locks->NumberOfLocks = 0;
  1369. Head = &RtlCriticalSectionList;
  1371. RtlEnterCriticalSection( &RtlCriticalSectionLock );
  1372. Next = Head->Flink;
  1373. Status = STATUS_SUCCESS;
  1374. while (Next != Head) {
  1375. DebugInfo = CONTAINING_RECORD( Next,
  1376. RTL_CRITICAL_SECTION_DEBUG,
  1377. ProcessLocksList
  1378. );
  1379. LockInfo = RtlpCommitQueryDebugInfo( Buffer, sizeof( RTL_PROCESS_LOCK_INFORMATION ) );
  1380. if (LockInfo == NULL) {
  1381. Status = STATUS_NO_MEMORY;
  1382. break;
  1383. }
  1385. CriticalSection = DebugInfo->CriticalSection;
  1386. try {
  1387. LockInfo->Address = CriticalSection;
  1388. LockInfo->Type = DebugInfo->Type;
  1389. LockInfo->CreatorBackTraceIndex = DebugInfo->CreatorBackTraceIndex;
  1390. if (LockInfo->Type == RTL_CRITSECT_TYPE) {
  1391. LockInfo->OwningThread = CriticalSection->OwningThread;
  1392. LockInfo->LockCount = CriticalSection->LockCount;
  1393. LockInfo->RecursionCount = CriticalSection->RecursionCount;
  1394. LockInfo->ContentionCount = DebugInfo->ContentionCount;
  1395. LockInfo->EntryCount = DebugInfo->EntryCount;
  1397. LockInfo->NumberOfWaitingShared = 0;
  1398. LockInfo->NumberOfWaitingExclusive = 0;
  1399. }
  1400. else {
  1401. Resource = (PRTL_RESOURCE)CriticalSection;
  1402. ResourceDebugInfo = Resource->DebugInfo;
  1403. LockInfo->ContentionCount = ResourceDebugInfo->ContentionCount;
  1404. LockInfo->OwningThread = Resource->ExclusiveOwnerThread;
  1405. LockInfo->LockCount = Resource->NumberOfActive;
  1406. LockInfo->NumberOfWaitingShared = Resource->NumberOfWaitingShared;
  1407. LockInfo->NumberOfWaitingExclusive = Resource->NumberOfWaitingExclusive;
  1409. LockInfo->EntryCount = 0;
  1410. LockInfo->RecursionCount = 0;
  1411. }
  1413. Locks->NumberOfLocks++;
  1414. } except (EXCEPTION_EXECUTE_HANDLER) {
  1415. DbgPrint("NTDLL: Lost critical section %08lX\n", CriticalSection);
  1416. RtlpDeCommitQueryDebugInfo( Buffer, LockInfo, sizeof( RTL_PROCESS_LOCK_INFORMATION ) );
  1417. }
  1419. if (Next == Next->Flink) {
  1420. //
  1421. // Bail if list is circular
  1422. //
  1424. Status = STATUS_INTERNAL_ERROR;
  1425. break;
  1426. }
  1427. else {
  1428. Next = Next->Flink;
  1429. }
  1430. }
  1432. RtlLeaveCriticalSection( &RtlCriticalSectionLock );
  1434. if (NT_SUCCESS( Status )) {
  1435. Buffer->Locks = Locks;
  1436. }
  1437. else {
  1438. RtlpDeCommitQueryDebugInfo( Buffer, Locks,
  1439. FIELD_OFFSET( RTL_PROCESS_LOCKS, Locks ) );
  1440. }
  1442. return Status;
  1443. }