archive
/
windows-server-2003
mirror of https://github.com/selfrender/Windows-Server-2003
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Leaked source code of windows server 2003
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
3 Commits
1 Branch
0 Tags
1.5 GiB
Tree: 827363a95b
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '827363a95b'
${ noResults }
windows-server-2003/sdktools/debuggers/exts/extdll/analyze.h

336 lines
9.4 KiB
Raw Normal View History

commiting as it is
4 years ago
  1. //----------------------------------------------------------------------------
  2. //
  3. // Generic failure analysis framework.
  4. //
  5. // Copyright (C) Microsoft Corporation, 2001.
  6. //
  7. //----------------------------------------------------------------------------
  9. #ifndef __ANALYZE_H__
  10. #define __ANALYZE_H__
  12. #define E_FAILURE_FOLLOWUP_INFO_NOT_FOUND 0x80100001
  13. #define E_FAILURE_BAD_STACK 0x80100002
  14. #define E_FAILURE_ZEROED_STACK 0x80100003
  15. #define E_FAILURE_WRONG_SYMBOLS 0x80100004
  16. #define E_FAILURE_CORRUPT_MODULE_LIST 0x80100005
  18. #define MAX_STACK_FRAMES 50
  20. typedef enum FOLLOW_ADDRESS
  21. {
  22. FollowYes,
  23. FollowSkip,
  24. FollowStop
  25. } FOLLOW_ADDRESS;
  27. typedef enum FlpClasses
  28. {
  29. FlpIgnore = 0,
  30. FlpOSInternalRoutine, // followups marked as last_ (ignore routines)
  31. FlpOSRoutine, // nt!* or maybe_ followup
  32. FlpOSFilterDrv, // fsfilter!, scsiport! etc.
  33. FlpUnknownDrv,
  34. FlpSpecific, // bugcheck or other source tells us exactly what
  35. // the failure is.
  36. MaxFlpClass
  37. } FlpClasses;
  39. typedef struct _FOLLOWUP_DESCS
  40. {
  41. ULONG64 InstructionOffset;
  42. CHAR Owner[100];
  43. } FOLLOWUP_DESCS, *PFOLLOWUP_DESCS;
  46. typedef struct _FLR_LOOKUP_TABLE {
  47. DEBUG_FLR_PARAM_TYPE Data;
  48. PSTR String;
  49. } FLR_LOOKUP_TABLE, *PFLR_LOOKUP_TABLE;
  51. extern FLR_LOOKUP_TABLE FlrLookupTable[];
  53. struct ModuleParams
  54. {
  55. ModuleParams(PCSTR ModName)
  56. {
  57. m_Name = ModName;
  58. m_Valid = FALSE;
  59. }
  61. ULONG64 GetBase(void)
  62. {
  63. return Update() == S_OK ? m_Base : 0;
  64. }
  65. ULONG GetSize(void)
  66. {
  67. return Update() == S_OK ? m_Size : 0;
  68. }
  69. BOOL Contains(ULONG64 Address)
  70. {
  71. if (Update() == S_OK)
  72. {
  73. return Address >= m_Base && Address < m_Base + m_Size;
  74. }
  76. return FALSE;
  77. }
  79. private:
  80. HRESULT Update(void);
  82. PCSTR m_Name;
  83. BOOL m_Valid;
  84. ULONG64 m_Base;
  85. ULONG m_Size;
  86. };
  88. LONG
  89. FaExceptionFilter(
  90. struct _EXCEPTION_POINTERS *ExceptionInfo
  91. );
  93. BOOL
  94. FaGetSymbol(
  95. ULONG64 Address,
  96. PCHAR Name,
  97. PULONG64 Disp,
  98. ULONG NameSize
  99. );
  101. BOOL
  102. FaIsFunctionAddr(
  103. ULONG64 IP,
  104. PSTR FuncName
  105. );
  107. BOOL
  108. FaGetFollowupInfo(
  109. IN OPTIONAL ULONG64 Addr,
  110. IN OPTIONAL PSTR SymbolName,
  111. OUT OPTIONAL PCHAR Owner,
  112. ULONG OwnerSize
  113. );
  115. BOOL
  116. FaShowFollowUp(
  117. PCHAR Name
  118. );
  120. ULONG64
  121. FaGetImplicitStackOffset(
  122. void
  123. );
  125. LPSTR
  126. TimeToStr(
  127. ULONG TimeDateStamp,
  128. BOOL DateOnly
  129. );
  132. //----------------------------------------------------------------------------
  133. //
  134. // DebugFailureAnalysis.
  135. //
  136. //----------------------------------------------------------------------------
  138. class DebugFailureAnalysis : public IDebugFailureAnalysis
  139. {
  140. public:
  141. DebugFailureAnalysis(void);
  142. ~DebugFailureAnalysis(void);
  144. //
  145. // IDebugFailureAnalysis.
  146. //
  148. STDMETHOD(QueryInterface)(
  149. THIS_
  150. IN REFIID InterfaceId,
  151. OUT PVOID* Interface
  152. );
  153. STDMETHOD_(ULONG, AddRef)(
  154. THIS
  155. );
  156. STDMETHOD_(ULONG, Release)(
  157. THIS
  158. );
  160. STDMETHOD_(ULONG, GetFailureClass)(void);
  161. STDMETHOD_(DEBUG_FAILURE_TYPE, GetFailureType)(void);
  162. STDMETHOD_(ULONG, GetFailureCode)(void);
  163. STDMETHOD_(FA_ENTRY*, Get)(FA_TAG Tag);
  164. STDMETHOD_(FA_ENTRY*, GetNext)(FA_ENTRY* Entry, FA_TAG Tag,
  165. FA_TAG TagMask);
  166. STDMETHOD_(FA_ENTRY*, GetString)(FA_TAG Tag, PSTR Str, ULONG MaxSize);
  167. STDMETHOD_(FA_ENTRY*, GetBuffer)(FA_TAG Tag, PVOID Buf, ULONG Size);
  168. STDMETHOD_(FA_ENTRY*, GetUlong)(FA_TAG Tag, PULONG Value);
  169. STDMETHOD_(FA_ENTRY*, GetUlong64)(FA_TAG Tag, PULONG64 Value);
  170. STDMETHOD_(FA_ENTRY*, NextEntry)(FA_ENTRY* Entry);
  172. //
  173. // DebugFailureAnalysis.
  174. //
  176. virtual DEBUG_POOL_REGION GetPoolForAddress(ULONG64 Addr) = 0;
  177. virtual PCSTR DescribeAddress(ULONG64 Address) = 0;
  178. virtual FOLLOW_ADDRESS IsPotentialFollowupAddress(ULONG64 Address) = 0;
  179. virtual FOLLOW_ADDRESS IsFollowupContext(ULONG64 Address1,
  180. ULONG64 Address2,
  181. ULONG64 Address3) = 0;
  183. virtual FlpClasses GetFollowupClass(ULONG64 Address,
  184. PCSTR Module, PCSTR Routine) = 0;
  185. virtual BOOL CheckForCorruptionInHTE(ULONG64 hTableEntry,PCHAR Owner,
  186. ULONG OwnerSize) = 0;
  187. virtual BOOL IsManualBreakin(PDEBUG_STACK_FRAME Stk, ULONG Frames) = 0;
  189. void SetFailureClass(ULONG Class)
  190. {
  191. m_FailureClass = Class;
  192. }
  193. void SetFailureType(DEBUG_FAILURE_TYPE Type)
  194. {
  195. m_FailureType = Type;
  196. }
  197. void SetFailureCode(ULONG Code)
  198. {
  199. m_FailureCode = Code;
  200. }
  202. ULONG GetProcessingFlags(void)
  203. {
  204. return m_ProcessingFlags;
  205. }
  206. void SetProcessingFlags(ULONG Flags)
  207. {
  208. m_ProcessingFlags = Flags;
  209. }
  211. void Output();
  212. void OutputEntry(FA_ENTRY* Entry);
  213. void OutputEntryParam(DEBUG_FLR_PARAM_TYPE Type);
  214. BOOL AddCorruptModules(void);
  215. void GenerateBucketId(void);
  216. void DbFindBucketInfo(void);
  217. void AnalyzeStack(void);
  218. void FindFollowupOnRawStack(ULONG64 StackBase,
  219. PFOLLOWUP_DESCS PossibleFollowups,
  220. FlpClasses *BestClassFollowUp);
  221. BOOL GetTriageInfoFromStack(PDEBUG_STACK_FRAME Stack,
  222. ULONG Frames,
  223. ULONG64 Instruction,
  224. PFOLLOWUP_DESCS PossibleFollowups,
  225. FlpClasses *BestClassFollowUp);
  226. void SetSymbolNameAndModule(void);
  227. HRESULT CheckModuleSymbols(PSTR ModName, PSTR ShowName);
  228. void ProcessInformation(void);
  229. BOOL ProcessInformationPass(void);
  231. FA_ENTRY* Set(FA_TAG Tag, ULONG Size);
  232. FA_ENTRY* SetString(FA_TAG Tag, PSTR Str);
  233. FA_ENTRY* SetStrings(FA_TAG Tag, ULONG Count, PSTR* Strs);
  234. FA_ENTRY* SetBuffer(FA_TAG Tag, PVOID Buf, ULONG Size);
  235. FA_ENTRY* SetUlong(FA_TAG Tag, ULONG Value)
  236. {
  237. FA_ENTRY* Entry = SetBuffer(Tag, &Value, sizeof(Value));
  238. return Entry;
  239. }
  240. FA_ENTRY* SetUlong64(FA_TAG Tag, ULONG64 Value)
  241. {
  242. FA_ENTRY* Entry = SetBuffer(Tag, &Value, sizeof(Value));
  243. return Entry;
  244. }
  245. FA_ENTRY* SetUlong64s(FA_TAG Tag, ULONG Count, PULONG64 Values)
  246. {
  247. FA_ENTRY* Entry = SetBuffer(Tag, Values, Count * sizeof(*Values));
  248. return Entry;
  249. }
  251. FA_ENTRY* Add(FA_TAG Tag, ULONG Size);
  253. ULONG Delete(FA_TAG Tag, FA_TAG TagMask);
  254. void Empty(void);
  255. BOOL IsEmpty(void)
  256. {
  257. return m_DataUsed == 0;
  258. }
  260. BOOL ValidEntry(FA_ENTRY* Entry)
  261. {
  262. return (PUCHAR)Entry >= m_Data &&
  263. (ULONG)((PUCHAR)Entry - m_Data) < m_DataUsed;
  264. }
  267. protected:
  268. ULONG m_Refs;
  269. ULONG m_FailureClass;
  270. DEBUG_FAILURE_TYPE m_FailureType;
  271. ULONG m_FailureCode;
  272. ULONG m_ProcessingFlags;
  274. PUCHAR m_Data;
  275. ULONG m_DataLen;
  276. ULONG m_DataUsed;
  278. FOLLOWUP_DESCS PossibleFollowups[MaxFlpClass];
  279. FlpClasses BestClassFollowUp;
  281. void PackData(PUCHAR Dst, ULONG Len)
  282. {
  283. PUCHAR Src = Dst + Len;
  284. memmove(Dst, Src, m_DataUsed - (ULONG)(Src - m_Data));
  285. m_DataUsed -= Len;
  286. }
  287. FA_ENTRY* AllocateEntry(ULONG FullSize);
  288. };
  290. class KernelDebugFailureAnalysis : public DebugFailureAnalysis
  291. {
  292. public:
  293. KernelDebugFailureAnalysis(void);
  295. virtual DEBUG_POOL_REGION GetPoolForAddress(ULONG64 Addr);
  296. virtual PCSTR DescribeAddress(ULONG64 Address);
  297. virtual FOLLOW_ADDRESS IsPotentialFollowupAddress(ULONG64 Address);
  298. virtual FOLLOW_ADDRESS IsFollowupContext(ULONG64 Address1,
  299. ULONG64 Address2,
  300. ULONG64 Address3);
  301. virtual FlpClasses GetFollowupClass(ULONG64 Address,
  302. PCSTR Module, PCSTR Routine);
  303. virtual BOOL CheckForCorruptionInHTE(ULONG64 hTableEntry,PCHAR Owner,
  304. ULONG OwnerSize);
  305. virtual BOOL IsManualBreakin(PDEBUG_STACK_FRAME Stk, ULONG Frames);
  307. BOOL AddCorruptingPool(ULONG64 Pool);
  308. ModuleParams m_KernelModule;
  309. };
  311. class UserDebugFailureAnalysis : public DebugFailureAnalysis
  312. {
  313. public:
  314. UserDebugFailureAnalysis(void);
  316. virtual DEBUG_POOL_REGION GetPoolForAddress(ULONG64 Addr);
  317. virtual PCSTR DescribeAddress(ULONG64 Address);
  318. virtual FOLLOW_ADDRESS IsPotentialFollowupAddress(ULONG64 Address);
  319. virtual FOLLOW_ADDRESS IsFollowupContext(ULONG64 Address1,
  320. ULONG64 Address2,
  321. ULONG64 Address3);
  322. virtual FlpClasses GetFollowupClass(ULONG64 Address,
  323. PCSTR Module, PCSTR Routine);
  324. virtual BOOL CheckForCorruptionInHTE(ULONG64 hTableEntry,PCHAR Owner,
  325. ULONG OwnerSize);
  326. virtual BOOL IsManualBreakin(PDEBUG_STACK_FRAME Stk, ULONG Frames)
  327. {
  328. return FALSE;
  329. }
  331. ModuleParams m_NtDllModule;
  332. ModuleParams m_Kernel32Module;
  333. ModuleParams m_Advapi32Module;
  334. };
  336. #endif // #ifndef __ANALYZE_H__