archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
8 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 744f0b4006
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '744f0b4006'
${ noResults }
windows-xp/Source/XPSP1/NT/base/tools/ntsdexts/hleak.c

524 lines
11 KiB
Raw Normal View History

Add source files
4 years ago
  4. #define REASONABLE_NUMBER 8
  7. typedef BOOL (_ID_MATCH_FN)(
  8. PVOID A,
  9. PVOID B);
  10. typedef _ID_MATCH_FN * PID_MATCH_FN;
  12. typedef VOID (_ID_BANNER_FN)(
  13. PVOID Id
  14. );
  15. typedef _ID_BANNER_FN * PID_BANNER_FN;
  17. typedef VOID (_HANDLE_CALLBACK_FN)(
  18. PVOID Context,
  19. HANDLE Here,
  20. HANDLE There
  21. );
  22. typedef _HANDLE_CALLBACK_FN * PHANDLE_CALLBACK_FN;
  25. #define MATCH_LARGE_INT ((PID_MATCH_FN)1)
  27. typedef struct _HANDLE_TRACK {
  28. LIST_ENTRY List ;
  29. ULONG Flags ;
  30. ULONG Count ;
  31. ULONG Size ;
  32. PHANDLE Handles ;
  33. HANDLE HandleList[ REASONABLE_NUMBER ];
  34. UCHAR IdData[ 1 ];
  35. } HANDLE_TRACK, * PHANDLE_TRACK ;
  37. typedef struct _HANDLE_TRACK_ARRAY {
  38. ULONG Count ;
  39. ULONG Size ;
  40. ULONG IdDataSize ;
  41. PID_MATCH_FN MatchFunc ;
  42. LIST_ENTRY List ;
  43. } HANDLE_TRACK_ARRAY, * PHANDLE_TRACK_ARRAY ;
  45. typedef struct _THREAD_TRACK_INFO {
  46. CLIENT_ID Id ;
  47. PVOID Win32StartAddress ;
  48. DWORD Status ;
  49. } THREAD_TRACK_INFO ;
  51. typedef struct _HANDLE_LEAK_HELPER {
  52. PWSTR Type ;
  53. PID_BANNER_FN Banner ;
  54. PHANDLE_CALLBACK_FN Filter ;
  55. ULONG ArraySize ;
  56. PID_MATCH_FN Match ;
  57. } HANDLE_LEAK_HELPER, * PHANDLE_LEAK_HELPER ;
  59. _ID_BANNER_FN ThreadBanner ;
  60. _ID_BANNER_FN TokenBanner ;
  61. _HANDLE_CALLBACK_FN ThreadCallback ;
  62. _HANDLE_CALLBACK_FN TokenCallback ;
  64. HANDLE_LEAK_HELPER HandleLeakHelpers[] = {
  65. { L"Thread", ThreadBanner, ThreadCallback, sizeof( THREAD_TRACK_INFO ), MATCH_LARGE_INT },
  66. { L"Token", TokenBanner, TokenCallback, sizeof( TOKEN_CONTROL ), MATCH_LARGE_INT }
  67. };
  70. PHANDLE_TRACK_ARRAY
  71. CreateArray(
  72. ULONG IdDataSize,
  73. PID_MATCH_FN MatchFn
  74. )
  75. {
  76. PHANDLE_TRACK_ARRAY Array ;
  78. Array = RtlAllocateHeap( RtlProcessHeap(), 0, sizeof( HANDLE_TRACK_ARRAY ) );
  80. if ( Array )
  81. {
  82. Array->Count = 0 ;
  83. Array->Size = 0;
  84. Array->IdDataSize = IdDataSize ;
  85. Array->MatchFunc = MatchFn ;
  87. InitializeListHead( &Array->List );
  89. return Array ;
  90. }
  92. return NULL ;
  93. }
  95. VOID
  96. DeleteArray(
  97. PHANDLE_TRACK_ARRAY Array
  98. )
  99. {
  100. ULONG i ;
  101. PHANDLE_TRACK Track ;
  103. while ( !IsListEmpty( &Array->List ) )
  104. {
  105. Track = (PHANDLE_TRACK) RemoveHeadList( &Array->List );
  107. if ( Track->Handles != Track->HandleList )
  108. {
  109. RtlFreeHeap( RtlProcessHeap(), 0, Track->Handles );
  110. }
  112. RtlFreeHeap( RtlProcessHeap(), 0, Track );
  113. }
  115. RtlFreeHeap( RtlProcessHeap(), 0, Array );
  116. }
  119. VOID
  120. ExtendTrack(
  121. PHANDLE_TRACK Track
  122. )
  123. {
  124. PHANDLE NewHandle ;
  126. NewHandle = RtlAllocateHeap( RtlProcessHeap(), 0, (Track->Size + REASONABLE_NUMBER ) *
  127. sizeof( HANDLE ) );
  129. if ( NewHandle )
  130. {
  131. CopyMemory( NewHandle,
  132. Track->Handles,
  133. Track->Count * sizeof( HANDLE ) );
  135. if ( Track->Handles != Track->HandleList )
  136. {
  137. RtlFreeHeap( RtlProcessHeap(), 0, Track->Handles );
  138. }
  140. Track->Handles = NewHandle ;
  141. Track->Size += REASONABLE_NUMBER ;
  142. }
  143. }
  145. VOID
  146. AddHandleToArray(
  147. PHANDLE_TRACK_ARRAY Array,
  148. PVOID IdData,
  149. HANDLE Handle
  150. )
  151. {
  152. ULONG i;
  153. ULONG j;
  154. BOOL Match ;
  155. PHANDLE_TRACK Track ;
  156. PLIST_ENTRY Scan ;
  158. Scan = Array->List.Flink ;
  160. while ( Scan != &Array->List )
  161. {
  162. Track = (PHANDLE_TRACK) Scan ;
  164. if ( Array->MatchFunc == MATCH_LARGE_INT )
  165. {
  166. Match = ((PLARGE_INTEGER) Track->IdData)->QuadPart ==
  167. ((PLARGE_INTEGER) IdData)->QuadPart ;
  168. }
  169. else
  170. {
  171. Match = Array->MatchFunc( Track->IdData, IdData );
  172. }
  174. if ( Match )
  175. {
  176. //
  177. // We have a match:
  178. //
  180. if ( Track->Count == Track->Size )
  181. {
  182. ExtendTrack( Track );
  183. }
  185. if ( Track->Count < Track->Size )
  186. {
  187. Track->Handles[
  188. Track->Count ] = Handle ;
  190. Track->Count++;
  191. }
  193. return ;
  194. }
  196. Scan = Scan->Flink ;
  197. }
  199. //
  200. // No match, gotta add a new tid
  201. //
  203. Track = RtlAllocateHeap( RtlProcessHeap(), 0,
  204. sizeof( HANDLE_TRACK ) + Array->IdDataSize );
  206. if ( Track )
  207. {
  208. Track->Size = REASONABLE_NUMBER ;
  209. Track->Count = 1 ;
  210. Track->Handles = Track->HandleList ;
  211. Track->HandleList[0] = Handle ;
  213. CopyMemory( Track->IdData, IdData, Array->IdDataSize );
  215. InsertTailList( &Array->List, &Track->List );
  216. }
  218. }
  220. VOID
  221. DumpArray(
  222. PHANDLE_TRACK_ARRAY Array,
  223. PID_BANNER_FN Banner
  224. )
  225. {
  226. ULONG j;
  227. PHANDLE_TRACK Track ;
  228. PLIST_ENTRY Scan ;
  230. Scan = Array->List.Flink ;
  232. while ( Scan != &Array->List )
  233. {
  234. Track = (PHANDLE_TRACK) Scan ;
  236. Banner( Track->IdData );
  238. dprintf(" Handles \t%d: ", Track->Count );
  239. for ( j = 0 ; j < Track->Count ; j++ )
  240. {
  241. dprintf("%x, ", Track->Handles[j] );
  242. }
  244. dprintf("\n");
  246. Scan = Scan->Flink ;
  247. }
  249. }
  251. VOID
  252. HandleScanner(
  253. HANDLE hCurrentProcess,
  254. PWSTR Type,
  255. PVOID Context,
  256. PHANDLE_CALLBACK_FN Callback
  257. )
  258. {
  259. DWORD HandleCount;
  260. NTSTATUS Status;
  261. DWORD Total;
  262. DWORD Handle;
  263. DWORD Hits;
  264. DWORD Matches;
  265. HANDLE hHere ;
  266. PHANDLE_TRACK_ARRAY Array ;
  267. POBJECT_TYPE_INFORMATION pTypeInfo;
  268. UCHAR Buffer[1024];
  270. Status = NtQueryInformationProcess( hCurrentProcess,
  271. ProcessHandleCount,
  272. &HandleCount,
  273. sizeof( HandleCount ),
  274. NULL );
  276. if ( !NT_SUCCESS( Status ) )
  277. {
  278. return;
  279. }
  281. Hits = 0;
  282. Handle = 0;
  283. Matches = 0;
  285. while ( Hits < HandleCount )
  286. {
  287. Status = NtDuplicateObject( hCurrentProcess, (HANDLE)(DWORD_PTR)Handle,
  288. NtCurrentProcess(), &hHere,
  289. 0, 0,
  290. DUPLICATE_SAME_ACCESS );
  292. if ( NT_SUCCESS( Status ) )
  293. {
  295. pTypeInfo = (POBJECT_TYPE_INFORMATION) Buffer;
  297. ZeroMemory( Buffer, 1024 );
  299. Status = NtQueryObject( hHere, ObjectTypeInformation, pTypeInfo, 1024, NULL );
  301. if (NT_SUCCESS(Status))
  302. {
  303. if ( wcscmp( pTypeInfo->TypeName.Buffer, Type ) == 0 )
  304. {
  305. //
  306. // Score!
  307. //
  309. Callback( Context, hHere, (HANDLE)(DWORD_PTR)Handle );
  311. Matches++ ;
  313. }
  314. }
  316. Hits++ ;
  318. NtClose( hHere );
  320. }
  322. Handle += 4;
  323. }
  325. dprintf("%d handles to objects of type %ws\n", Matches, Type );
  326. }
  329. VOID
  330. ThreadBanner(
  331. PVOID Id
  332. )
  333. {
  334. UCHAR Symbol[ MAX_PATH ];
  335. DWORD_PTR Disp ;
  336. THREAD_TRACK_INFO * Info ;
  337. UCHAR ExitStatus[ 32 ];
  339. Info = (THREAD_TRACK_INFO *) Id ;
  341. Symbol[0] = '\0';
  343. GetSymbol( Info->Win32StartAddress, Symbol, &Disp );
  345. if ( Info->Status != STILL_ACTIVE )
  346. {
  347. sprintf(ExitStatus, " Stopped, %#x", Info->Status );
  348. }
  349. else
  350. {
  351. strcpy( ExitStatus, "<Running>");
  352. }
  354. if ( Symbol[0] )
  355. {
  356. dprintf("Thread %x.%x (%s) %s\n", Info->Id.UniqueProcess,
  357. Info->Id.UniqueThread,
  358. Symbol,
  359. ExitStatus );
  360. }
  361. else
  362. {
  363. dprintf("Thread %x.%x %s\n", Info->Id.UniqueProcess,
  364. Info->Id.UniqueThread,
  365. ExitStatus );
  367. }
  368. }
  370. VOID
  371. ThreadCallback(
  372. PVOID Context,
  373. HANDLE Here,
  374. HANDLE There
  375. )
  376. {
  377. NTSTATUS Status ;
  378. THREAD_BASIC_INFORMATION Info;
  380. THREAD_TRACK_INFO ThdInfo ;
  382. ZeroMemory( &ThdInfo, sizeof( ThdInfo ) );
  384. Status = NtQueryInformationThread( Here,
  385. ThreadBasicInformation,
  386. &Info,
  387. sizeof( Info ),
  388. NULL );
  390. if ( NT_SUCCESS( Status ) )
  391. {
  392. ThdInfo.Id = Info.ClientId ;
  393. ThdInfo.Status = Info.ExitStatus ;
  395. Status = NtQueryInformationThread( Here,
  396. ThreadQuerySetWin32StartAddress,
  397. &ThdInfo.Win32StartAddress,
  398. sizeof( PVOID ),
  399. NULL );
  401. AddHandleToArray( Context, &ThdInfo , There );
  402. }
  403. }
  405. VOID
  406. TokenCallback(
  407. PVOID Context,
  408. HANDLE Here,
  409. HANDLE There
  410. )
  411. {
  412. NTSTATUS Status ;
  413. TOKEN_CONTROL Control ;
  414. TOKEN_STATISTICS Stats ;
  415. ULONG Size ;
  417. Status = NtQueryInformationToken( Here,
  418. TokenStatistics,
  419. &Stats,
  420. sizeof( Stats ),
  421. &Size );
  423. if ( NT_SUCCESS( Status ) )
  424. {
  425. Control.TokenId = Stats.TokenId ;
  426. Control.AuthenticationId = Stats.AuthenticationId ;
  427. Control.ModifiedId = Stats.ModifiedId ;
  428. NtQueryInformationToken( Here, TokenSource, &Control.TokenSource, sizeof( TOKEN_SOURCE ), &Size );
  430. AddHandleToArray( Context, &Control, There );
  431. }
  432. else
  433. {
  434. dprintf("Unable to query token information, %x\n", Status );
  435. }
  436. }
  438. VOID
  439. TokenBanner(
  440. PVOID Id
  441. )
  442. {
  443. PTOKEN_CONTROL Control ;
  445. Control = (PTOKEN_CONTROL) Id ;
  447. dprintf("Token Id %x:%x, LogonId = %x:%x, Source = %s\n",
  448. Control->TokenId.HighPart, Control->TokenId.LowPart,
  449. Control->AuthenticationId.HighPart, Control->AuthenticationId.LowPart,
  450. Control->TokenSource.SourceName );
  451. }
  454. DECLARE_API( hleak )
  455. {
  456. UNICODE_STRING String ;
  457. PHANDLE_LEAK_HELPER Helper = NULL ;
  458. PHANDLE_TRACK_ARRAY Array ;
  459. int i ;
  461. INIT_API();
  463. if ( !args ||
  464. (*args == '\0' ) )
  465. {
  466. dprintf( "!hleak <typename>\n" );
  467. goto Exit;
  468. }
  470. while ( *args == ' ' )
  471. {
  472. args++ ;
  473. }
  475. if ( !RtlCreateUnicodeStringFromAsciiz( &String, args ) )
  476. {
  477. goto Exit;
  478. }
  480. for ( i = 0 ;
  481. i < sizeof( HandleLeakHelpers ) / sizeof( HANDLE_LEAK_HELPER ) ;
  482. i++ )
  483. {
  484. if ( _wcsicmp( String.Buffer, HandleLeakHelpers[ i ].Type ) == 0 )
  485. {
  486. Helper = &HandleLeakHelpers[ i ];
  487. break;
  488. }
  489. }
  491. if ( Helper == NULL )
  492. {
  493. dprintf( "The type '%ws' was not recognized. Valid types are:\n", String.Buffer );
  494. for ( i = 0 ;
  495. i < sizeof( HandleLeakHelpers ) / sizeof( HANDLE_LEAK_HELPER ) ;
  496. i++ )
  497. {
  498. dprintf( "\t%ws\n", HandleLeakHelpers[ i ].Type );
  499. }
  500. RtlFreeUnicodeString( &String );
  501. goto Exit;
  502. }
  504. RtlFreeUnicodeString( &String );
  506. Array = CreateArray( Helper->ArraySize, Helper->Match );
  508. if ( !Array )
  509. {
  510. dprintf( "not enough memory\n" );
  511. }
  513. HandleScanner( g_hCurrentProcess,
  514. Helper->Type,
  515. Array,
  516. Helper->Filter );
  518. DumpArray( Array, Helper->Banner );
  520. DeleteArray( Array );
  522. Exit:
  523. EXIT_API();
  524. }