|
|
/*++
Copyright (c) 1992 Microsoft Corporation
Module Name:
query.c
Abstract:
This module contains the RtlQueryProcessInformation function
Author:
Steve Wood (stevewo) 01-Apr-1994
Revision History:
--*/
#include <ntos.h>
#include "ldrp.h"
#include <stktrace.h>
#include <heap.h>
#include <stdio.h>
#define AdjustPointer( t, p, d ) (p); if ((p) != NULL) (p) = (t)((ULONG_PTR)(p) + (d))
NTSYSAPINTSTATUSNTAPIRtlpQueryProcessDebugInformationRemote( IN OUT PRTL_DEBUG_INFORMATION Buffer ){ NTSTATUS Status; ULONG i; ULONG_PTR Delta; PRTL_PROCESS_HEAPS Heaps; PRTL_HEAP_INFORMATION HeapInfo;
if (Buffer->EventPairTarget != NULL) { Status = NtWaitLowEventPair( Buffer->EventPairTarget ); } else { Status = STATUS_SUCCESS; }
while (NT_SUCCESS( Status )) { Status = RtlQueryProcessDebugInformation( NtCurrentTeb()->ClientId.UniqueProcess, Buffer->Flags, Buffer ); if (NT_SUCCESS( Status )) { if (Delta = Buffer->ViewBaseDelta) { //
// Need to relocate buffer pointers back to client addresses
//
AdjustPointer( PRTL_PROCESS_MODULES, Buffer->Modules, Delta ); AdjustPointer( PRTL_PROCESS_BACKTRACES, Buffer->BackTraces, Delta ); Heaps = AdjustPointer( PRTL_PROCESS_HEAPS, Buffer->Heaps, Delta ); if (Heaps != NULL) { for (i=0; i<Heaps->NumberOfHeaps; i++) { HeapInfo = &Heaps->Heaps[ i ]; AdjustPointer( PRTL_HEAP_TAG, HeapInfo->Tags, Delta ); AdjustPointer( PRTL_HEAP_ENTRY, HeapInfo->Entries, Delta ); } }
AdjustPointer( PRTL_PROCESS_LOCKS, Buffer->Locks, Delta ); } }
if (Buffer->EventPairTarget == NULL) { //
// If no event pair handle, then exit loop and terminate
//
break; }
Status = NtSetHighWaitLowEventPair( Buffer->EventPairTarget ); if (Buffer->EventPairTarget == NULL) { break; } }
//
// All done with buffer, remove from our address space
// then terminate ourselves so client wakes up.
//
NtUnmapViewOfSection( NtCurrentProcess(), Buffer ); RtlExitUserThread (Status); return Status;}
NTSTATUSRtlpChangeQueryDebugBufferTarget( IN PRTL_DEBUG_INFORMATION Buffer, IN HANDLE TargetProcessId, OUT PHANDLE ReturnedTargetProcessHandle ){ NTSTATUS Status; CLIENT_ID OldTargetClientId, NewTargetClientId; OBJECT_ATTRIBUTES ObjectAttributes; HANDLE OldTargetProcess, NewTargetProcess, NewHandle; PHANDLE pOldHandle; ULONG DuplicateHandleFlags;
if (Buffer->EventPairClient != NULL && Buffer->TargetProcessId == TargetProcessId ) { return STATUS_SUCCESS; }
InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL );
DuplicateHandleFlags = DUPLICATE_CLOSE_SOURCE | DUPLICATE_SAME_ACCESS | DUPLICATE_SAME_ATTRIBUTES;
if (Buffer->EventPairClient != NULL) { pOldHandle = &Buffer->EventPairTarget; } else { pOldHandle = NULL; }
if (Buffer->TargetProcessId != NULL) { OldTargetClientId.UniqueProcess = Buffer->TargetProcessId; OldTargetClientId.UniqueThread = 0; Status = NtOpenProcess( &OldTargetProcess, PROCESS_ALL_ACCESS, &ObjectAttributes, &OldTargetClientId ); if (!NT_SUCCESS( Status )) { return Status; } } else { OldTargetProcess = NtCurrentProcess(); DuplicateHandleFlags &= ~DUPLICATE_CLOSE_SOURCE; if (pOldHandle != NULL) { pOldHandle = &Buffer->EventPairClient; } }
if (ARGUMENT_PRESENT( TargetProcessId )) { NewTargetClientId.UniqueProcess = TargetProcessId; NewTargetClientId.UniqueThread = 0; Status = NtOpenProcess( &NewTargetProcess, PROCESS_ALL_ACCESS, &ObjectAttributes, &NewTargetClientId ); if (!NT_SUCCESS( Status )) { if (OldTargetProcess != NtCurrentProcess()) { NtClose( OldTargetProcess ); } return Status; } } else { NewTargetProcess = NULL; }
NewHandle = NULL; if (pOldHandle != NULL) { Status = NtDuplicateObject( OldTargetProcess, *pOldHandle, NewTargetProcess, &NewHandle, 0, 0, DuplicateHandleFlags ); if (!NT_SUCCESS( Status )) { if (OldTargetProcess != NtCurrentProcess()) { NtClose( OldTargetProcess ); } if (NewTargetProcess != NULL) { NtClose( NewTargetProcess ); } return Status; } }
if (OldTargetProcess != NtCurrentProcess()) { NtUnmapViewOfSection( OldTargetProcess, Buffer->ViewBaseTarget ); } else { Buffer->ViewBaseTarget = Buffer->ViewBaseClient; }
if (NewTargetProcess != NULL) { Status = NtMapViewOfSection( Buffer->SectionHandleClient, NewTargetProcess, &Buffer->ViewBaseTarget, 0, 0, NULL, &Buffer->ViewSize, ViewUnmap, 0, PAGE_READWRITE ); if (Status == STATUS_CONFLICTING_ADDRESSES) { Buffer->ViewBaseTarget = NULL; Status = NtMapViewOfSection( Buffer->SectionHandleClient, NewTargetProcess, &Buffer->ViewBaseTarget, 0, 0, NULL, &Buffer->ViewSize, ViewUnmap, 0, PAGE_READWRITE ); }
if (!NT_SUCCESS( Status )) { if (NewHandle != NULL) { NtDuplicateObject( NewTargetProcess, &NewHandle, NULL, NULL, 0, 0, DUPLICATE_CLOSE_SOURCE ); }
return Status; }
if (ARGUMENT_PRESENT( ReturnedTargetProcessHandle )) { *ReturnedTargetProcessHandle = NewTargetProcess; } else { NtClose( NewTargetProcess ); } }
Buffer->EventPairTarget = NewHandle; Buffer->ViewBaseDelta = (ULONG_PTR)Buffer->ViewBaseClient - (ULONG_PTR)Buffer->ViewBaseTarget; return STATUS_SUCCESS;}
PVOIDRtlpCommitQueryDebugInfo( IN PRTL_DEBUG_INFORMATION Buffer, IN ULONG Size ){ NTSTATUS Status; PVOID Result; PVOID CommitBase; SIZE_T CommitSize; SIZE_T NeededSize;
Size = (Size + 3) & ~3; NeededSize = Buffer->OffsetFree + Size; if (NeededSize > Buffer->CommitSize) { if (NeededSize >= Buffer->ViewSize) { return NULL; }
CommitBase = (PCHAR)Buffer + Buffer->CommitSize; CommitSize = NeededSize - Buffer->CommitSize; Status = NtAllocateVirtualMemory( NtCurrentProcess(), &CommitBase, 0, &CommitSize, MEM_COMMIT, PAGE_READWRITE ); if (!NT_SUCCESS( Status )) { return NULL; }
Buffer->CommitSize += CommitSize; }
Result = (PCHAR)Buffer + Buffer->OffsetFree; Buffer->OffsetFree = NeededSize; return Result;}
VOIDRtlpDeCommitQueryDebugInfo( IN PRTL_DEBUG_INFORMATION Buffer, IN PVOID p, IN ULONG Size ){ Size = (Size + 3) & ~3; if (p == (PVOID)(Buffer->OffsetFree - Size)) { Buffer->OffsetFree -= Size; }}
NTSYSAPIPRTL_DEBUG_INFORMATIONNTAPIRtlCreateQueryDebugBuffer( IN ULONG MaximumCommit OPTIONAL, IN BOOLEAN UseEventPair ){ NTSTATUS Status; HANDLE Section; PRTL_DEBUG_INFORMATION Buffer; LARGE_INTEGER MaximumSize; ULONG_PTR ViewSize, CommitSize;
if (!ARGUMENT_PRESENT( (PVOID)(ULONG_PTR)MaximumCommit )) { // Sundown Note: ULONG zero-extended.
MaximumCommit = 4 * 1024 * 1024; } MaximumSize.QuadPart = MaximumCommit; Status = NtCreateSection( &Section, SECTION_ALL_ACCESS, NULL, &MaximumSize, PAGE_READWRITE, SEC_RESERVE, NULL ); if (!NT_SUCCESS( Status )) { return NULL; }
Buffer = NULL; ViewSize = MaximumCommit; Status = NtMapViewOfSection( Section, NtCurrentProcess(), &Buffer, 0, 0, NULL, &ViewSize, ViewUnmap, 0, PAGE_READWRITE ); if (!NT_SUCCESS( Status )) { NtClose( Section ); return NULL; }
CommitSize = 1; Status = NtAllocateVirtualMemory( NtCurrentProcess(), &Buffer, 0, &CommitSize, MEM_COMMIT, PAGE_READWRITE ); if (!NT_SUCCESS( Status )) { NtUnmapViewOfSection( NtCurrentProcess(), Buffer ); NtClose( Section ); return NULL; }
if (UseEventPair) { Status = NtCreateEventPair( &Buffer->EventPairClient, EVENT_PAIR_ALL_ACCESS, NULL ); if (!NT_SUCCESS( Status )) { NtUnmapViewOfSection( NtCurrentProcess(), Buffer ); NtClose( Section ); return NULL; } }
Buffer->SectionHandleClient = Section; Buffer->ViewBaseClient = Buffer; Buffer->OffsetFree = 0; Buffer->CommitSize = CommitSize; Buffer->ViewSize = ViewSize; return Buffer;}
NTSYSAPINTSTATUSNTAPIRtlDestroyQueryDebugBuffer( IN PRTL_DEBUG_INFORMATION Buffer ){ NTSTATUS Status; HANDLE ProcessHandle, ThreadHandle; THREAD_BASIC_INFORMATION BasicInformation; SIZE_T BigSize;
RtlpChangeQueryDebugBufferTarget( Buffer, NULL, NULL );
Status = STATUS_SUCCESS; if (Buffer->TargetThreadHandle != NULL) {
Buffer->EventPairTarget = NULL; NtSetLowEventPair( Buffer->EventPairClient ); NtClose( Buffer->EventPairClient ); Status = NtWaitForSingleObject( Buffer->TargetThreadHandle, TRUE, NULL ); if (NT_SUCCESS( Status )) { Status = NtQueryInformationThread( Buffer->TargetThreadHandle, ThreadBasicInformation, &BasicInformation, sizeof( BasicInformation ), NULL ); if (NT_SUCCESS( Status )) { Status = BasicInformation.ExitStatus; } }
}
NtClose( Buffer->SectionHandleClient ); NtUnmapViewOfSection( NtCurrentProcess(), Buffer ); return Status;}
NTSYSAPINTSTATUSNTAPIRtlQueryProcessDebugInformation( IN HANDLE UniqueProcessId, IN ULONG Flags, IN OUT PRTL_DEBUG_INFORMATION Buffer ){ NTSTATUS Status = STATUS_SUCCESS; HANDLE ProcessHandle, ThreadHandle; THREAD_BASIC_INFORMATION BasicInformation;
HANDLE hNiProcess = NULL;
Buffer->Flags = Flags; if (Buffer->OffsetFree != 0) { RtlZeroMemory( (Buffer+1), Buffer->OffsetFree - (SIZE_T)sizeof(*Buffer) ); } Buffer->OffsetFree = sizeof( *Buffer );
//
// Get process handle for noninvasive query if required
//
if ( (NtCurrentTeb()->ClientId.UniqueProcess != UniqueProcessId) && (Flags & RTL_QUERY_PROCESS_NONINVASIVE) && (Flags & ( RTL_QUERY_PROCESS_MODULES | RTL_QUERY_PROCESS_MODULES32 ) ) && !(Flags & ~( RTL_QUERY_PROCESS_MODULES | RTL_QUERY_PROCESS_MODULES32 | RTL_QUERY_PROCESS_NONINVASIVE ) ) ) { OBJECT_ATTRIBUTES ObjectAttributes; CLIENT_ID NiProcessId;
InitializeObjectAttributes( &ObjectAttributes, NULL, 0, NULL, NULL ); NiProcessId.UniqueProcess = UniqueProcessId; NiProcessId.UniqueThread = 0;
if (!NT_SUCCESS( NtOpenProcess( &hNiProcess, PROCESS_ALL_ACCESS, &ObjectAttributes, &NiProcessId ) ) ) { hNiProcess = NULL; } }
if ( (NtCurrentTeb()->ClientId.UniqueProcess != UniqueProcessId) && !hNiProcess ) { //
// Perform remote query
//
ProcessHandle = NULL; Status = RtlpChangeQueryDebugBufferTarget( Buffer, UniqueProcessId, &ProcessHandle ); if (!NT_SUCCESS( Status )) { return Status; }
if (ProcessHandle == NULL) {waitForDump: Status = NtSetLowWaitHighEventPair( Buffer->EventPairClient ); } else { //
// don't let the debugger see this remote thread !
// This is a very ugly but effective way to prevent
// the debugger deadlocking with the target process when calling
// this function.
//
Status = RtlCreateUserThread( ProcessHandle, NULL, TRUE, 0, 0, 0, RtlpQueryProcessDebugInformationRemote, Buffer->ViewBaseTarget, &ThreadHandle, NULL ); if (NT_SUCCESS( Status )) {
Status = NtSetInformationThread( ThreadHandle, ThreadHideFromDebugger, NULL, 0 );
if ( !NT_SUCCESS(Status) ) { NtTerminateThread(ThreadHandle,Status); NtClose(ThreadHandle); NtClose(ProcessHandle); return Status; }
NtResumeThread(ThreadHandle,NULL);
if (Buffer->EventPairClient != NULL) { Buffer->TargetThreadHandle = ThreadHandle; Buffer->TargetProcessHandle = ProcessHandle; goto waitForDump; }
Status = NtWaitForSingleObject( ThreadHandle, TRUE, NULL );
if (NT_SUCCESS( Status )) { Status = NtQueryInformationThread( ThreadHandle, ThreadBasicInformation, &BasicInformation, sizeof( BasicInformation ), NULL ); if (NT_SUCCESS( Status )) { Status = BasicInformation.ExitStatus; } if (NT_SUCCESS (Status) && (Flags&(RTL_QUERY_PROCESS_MODULES|RTL_QUERY_PROCESS_MODULES32)) != 0 && Buffer->Modules == NULL) { Status = STATUS_PROCESS_IS_TERMINATING; } }
NtClose( ThreadHandle );
}
NtClose( ProcessHandle ); } } else { if (Flags & (RTL_QUERY_PROCESS_MODULES | RTL_QUERY_PROCESS_MODULES32)) { Status = RtlQueryProcessModuleInformation( hNiProcess, Flags, Buffer ); if (Status != STATUS_SUCCESS) { goto closeNiProcessAndBreak; } }
if (Flags & RTL_QUERY_PROCESS_BACKTRACES) { Status = RtlQueryProcessBackTraceInformation( Buffer ); if (Status != STATUS_SUCCESS) { goto closeNiProcessAndBreak; } }
if (Flags & RTL_QUERY_PROCESS_LOCKS) { Status = RtlQueryProcessLockInformation( Buffer ); if (Status != STATUS_SUCCESS) { goto closeNiProcessAndBreak; } }
if (Flags & (RTL_QUERY_PROCESS_HEAP_SUMMARY | RTL_QUERY_PROCESS_HEAP_TAGS | RTL_QUERY_PROCESS_HEAP_ENTRIES ) ) { Status = RtlQueryProcessHeapInformation( Buffer ); if (Status != STATUS_SUCCESS) { goto closeNiProcessAndBreak; } }
closeNiProcessAndBreak: if ( hNiProcess ) { NtClose( hNiProcess ); } }
return Status;}
NTSTATUSLdrQueryProcessModuleInformationEx( IN HANDLE hProcess OPTIONAL, IN ULONG_PTR Flags OPTIONAL, OUT PRTL_PROCESS_MODULES ModuleInformation, IN ULONG ModuleInformationLength, OUT PULONG ReturnLength OPTIONAL );
NTSTATUSNTAPIRtlQueryProcessModuleInformation( IN HANDLE hProcess OPTIONAL, IN ULONG Flags, IN OUT PRTL_DEBUG_INFORMATION Buffer ){ NTSTATUS Status; ULONG RequiredLength; PRTL_PROCESS_MODULES Modules; ULONG LdrFlags = (Flags & RTL_QUERY_PROCESS_MODULES32) != 0;
Status = LdrQueryProcessModuleInformationEx( hProcess, LdrFlags, NULL, 0, &RequiredLength ); if (Status == STATUS_INFO_LENGTH_MISMATCH) { Modules = RtlpCommitQueryDebugInfo( Buffer, RequiredLength ); if (Modules != NULL) { Status = LdrQueryProcessModuleInformationEx( hProcess, LdrFlags, Modules, RequiredLength, &RequiredLength ); if (NT_SUCCESS( Status )) { Buffer->Modules = Modules; return STATUS_SUCCESS; } } }
return STATUS_NO_MEMORY;}
NTSTATUSRtlQueryProcessBackTraceInformation( IN OUT PRTL_DEBUG_INFORMATION Buffer ){#if i386
NTSTATUS Status; OUT PRTL_PROCESS_BACKTRACES BackTraces; PRTL_PROCESS_BACKTRACE_INFORMATION BackTraceInfo; PSTACK_TRACE_DATABASE DataBase; PRTL_STACK_TRACE_ENTRY p, *pp; ULONG n;
DataBase = RtlpAcquireStackTraceDataBase(); if (DataBase == NULL) { return STATUS_SUCCESS; }
BackTraces = RtlpCommitQueryDebugInfo( Buffer, FIELD_OFFSET( RTL_PROCESS_BACKTRACES, BackTraces ) ); if (BackTraces == NULL) { return STATUS_NO_MEMORY; }
DataBase->DumpInProgress = TRUE; RtlpReleaseStackTraceDataBase(); try { BackTraces->CommittedMemory = (ULONG)DataBase->CurrentUpperCommitLimit - (ULONG)DataBase->CommitBase; BackTraces->ReservedMemory = (ULONG)DataBase->EntryIndexArray - (ULONG)DataBase->CommitBase; BackTraces->NumberOfBackTraceLookups = DataBase->NumberOfEntriesLookedUp; BackTraces->NumberOfBackTraces = DataBase->NumberOfEntriesAdded; BackTraceInfo = RtlpCommitQueryDebugInfo( Buffer, (sizeof( *BackTraceInfo ) * BackTraces->NumberOfBackTraces) ); if (BackTraceInfo == NULL) { Status = STATUS_NO_MEMORY; } else { Status = STATUS_SUCCESS; n = DataBase->NumberOfEntriesAdded; pp = DataBase->EntryIndexArray; while (n--) { p = *--pp; BackTraceInfo->SymbolicBackTrace = NULL; BackTraceInfo->TraceCount = p->TraceCount; BackTraceInfo->Index = p->Index; BackTraceInfo->Depth = p->Depth; RtlMoveMemory( BackTraceInfo->BackTrace, p->BackTrace, p->Depth * sizeof( PVOID ) ); BackTraceInfo++; } } } finally { DataBase->DumpInProgress = FALSE; }
if (NT_SUCCESS( Status )) { Buffer->BackTraces = BackTraces; }
return Status;#else
return STATUS_SUCCESS;#endif // i386
}
NTSTATUSRtlpQueryProcessEnumHeapsRoutine( PVOID HeapHandle, PVOID Parameter ){ PRTL_DEBUG_INFORMATION Buffer = (PRTL_DEBUG_INFORMATION)Parameter; PRTL_PROCESS_HEAPS Heaps = Buffer->Heaps; PHEAP Heap = (PHEAP)HeapHandle; PRTL_HEAP_INFORMATION HeapInfo; PHEAP_SEGMENT Segment; UCHAR SegmentIndex;
HeapInfo = RtlpCommitQueryDebugInfo( Buffer, sizeof( *HeapInfo ) ); if (HeapInfo == NULL) { return STATUS_NO_MEMORY; }
HeapInfo->BaseAddress = Heap; HeapInfo->Flags = Heap->Flags; HeapInfo->EntryOverhead = sizeof( HEAP_ENTRY ); HeapInfo->CreatorBackTraceIndex = Heap->AllocatorBackTraceIndex; SegmentIndex = HEAP_MAXIMUM_SEGMENTS; while (SegmentIndex--) { Segment = Heap->Segments[ SegmentIndex ]; if (Segment) { HeapInfo->BytesCommitted += (Segment->NumberOfPages - Segment->NumberOfUnCommittedPages ) * PAGE_SIZE;
} } HeapInfo->BytesAllocated = HeapInfo->BytesCommitted - (Heap->TotalFreeSize << HEAP_GRANULARITY_SHIFT); Heaps->NumberOfHeaps += 1; return STATUS_SUCCESS;}
NTSYSAPINTSTATUSNTAPIRtlQueryProcessHeapInformation( IN OUT PRTL_DEBUG_INFORMATION Buffer ){ NTSTATUS Status; PHEAP Heap; BOOLEAN LockAcquired; PRTL_PROCESS_HEAPS Heaps; PRTL_HEAP_INFORMATION HeapInfo; ULONG NumberOfHeaps; PVOID *ProcessHeaps; UCHAR SegmentIndex; ULONG i, n, TagIndex; PHEAP_SEGMENT Segment; PRTL_HEAP_TAG Tags; PHEAP_PSEUDO_TAG_ENTRY PseudoTags; PRTL_HEAP_ENTRY Entries; PHEAP_ENTRY CurrentBlock; PHEAP_ENTRY_EXTRA ExtraStuff; PRTL_HEAP_ENTRY p; PLIST_ENTRY Head, Next; PHEAP_VIRTUAL_ALLOC_ENTRY VirtualAllocBlock; ULONG Size; PHEAP_UNCOMMMTTED_RANGE UnCommittedRange;
Heaps = RtlpCommitQueryDebugInfo( Buffer, FIELD_OFFSET( RTL_PROCESS_HEAPS, Heaps ) ); if (Heaps == NULL) { return STATUS_NO_MEMORY; }
Buffer->Heaps = Heaps; Status = RtlEnumProcessHeaps( RtlpQueryProcessEnumHeapsRoutine, Buffer ); if (NT_SUCCESS( Status )) { if (Buffer->Flags & RTL_QUERY_PROCESS_HEAP_TAGS) { Heap = RtlpGlobalTagHeap; if (Heap->TagEntries != NULL) { HeapInfo = RtlpCommitQueryDebugInfo( Buffer, sizeof( *HeapInfo ) ); if (HeapInfo == NULL) { return STATUS_NO_MEMORY; }
HeapInfo->BaseAddress = Heap; HeapInfo->Flags = Heap->Flags; HeapInfo->EntryOverhead = sizeof( HEAP_ENTRY ); Heaps->NumberOfHeaps += 1; }
for (i=0; i<Heaps->NumberOfHeaps; i++) { HeapInfo = &Heaps->Heaps[ i ]; if (Buffer->SpecificHeap == NULL || Buffer->SpecificHeap == HeapInfo->BaseAddress ) { Heap = HeapInfo->BaseAddress; HeapInfo->NumberOfTags = Heap->NextAvailableTagIndex; n = HeapInfo->NumberOfTags * sizeof( RTL_HEAP_TAG ); if (Heap->PseudoTagEntries != NULL) { HeapInfo->NumberOfTags += HEAP_MAXIMUM_FREELISTS + 1; n += (HEAP_MAXIMUM_FREELISTS + 1) * sizeof( RTL_HEAP_TAG ); } Tags = RtlpCommitQueryDebugInfo( Buffer, n ); if (Tags == NULL) { Status = STATUS_NO_MEMORY; break; } HeapInfo->Tags = Tags; if ((PseudoTags = Heap->PseudoTagEntries) != NULL) { HeapInfo->NumberOfPseudoTags = HEAP_NUMBER_OF_PSEUDO_TAG; HeapInfo->PseudoTagGranularity = HEAP_GRANULARITY; for (TagIndex=0; TagIndex<=HEAP_MAXIMUM_FREELISTS; TagIndex++) { Tags->NumberOfAllocations = PseudoTags->Allocs; Tags->NumberOfFrees = PseudoTags->Frees; Tags->BytesAllocated = PseudoTags->Size << HEAP_GRANULARITY_SHIFT; Tags->TagIndex = (USHORT)(TagIndex | HEAP_PSEUDO_TAG_FLAG); if (TagIndex == 0) { swprintf( Tags->TagName, L"Objects>%4u", HEAP_MAXIMUM_FREELISTS << HEAP_GRANULARITY_SHIFT ); } else if (TagIndex < HEAP_MAXIMUM_FREELISTS) { swprintf( Tags->TagName, L"Objects=%4u", TagIndex << HEAP_GRANULARITY_SHIFT ); } else { swprintf( Tags->TagName, L"VirtualAlloc", TagIndex << HEAP_GRANULARITY_SHIFT ); }
Tags += 1; PseudoTags += 1; } }
RtlMoveMemory( Tags, Heap->TagEntries, Heap->NextAvailableTagIndex * sizeof( RTL_HEAP_TAG ) ); for (TagIndex=0; TagIndex<Heap->NextAvailableTagIndex; TagIndex++) { Tags->BytesAllocated <<= HEAP_GRANULARITY_SHIFT; Tags += 1; } } } } } else { Buffer->Heaps = NULL; } if (NT_SUCCESS( Status )) { if (Buffer->Flags & RTL_QUERY_PROCESS_HEAP_ENTRIES) { for (i=0; i<Heaps->NumberOfHeaps; i++) { HeapInfo = &Heaps->Heaps[ i ]; Heap = HeapInfo->BaseAddress; if (Buffer->SpecificHeap == NULL || Buffer->SpecificHeap == Heap ) { if (!(Heap->Flags & HEAP_NO_SERIALIZE)) { RtlEnterCriticalSection( (PRTL_CRITICAL_SECTION)Heap->LockVariable ); LockAcquired = TRUE; } else { LockAcquired = FALSE; }
try { for (SegmentIndex=0; SegmentIndex<HEAP_MAXIMUM_SEGMENTS; SegmentIndex++) { Segment = Heap->Segments[ SegmentIndex ]; if (!Segment) { continue; }
Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) ); if (Entries == NULL) { Status = STATUS_NO_MEMORY; break; } else if (HeapInfo->Entries == NULL) { HeapInfo->Entries = Entries; }
Entries->Flags = RTL_HEAP_SEGMENT; Entries->AllocatorBackTraceIndex = Segment->AllocatorBackTraceIndex; Entries->Size = Segment->NumberOfPages * PAGE_SIZE; Entries->u.s2.CommittedSize = (Segment->NumberOfPages - Segment->NumberOfUnCommittedPages ) * PAGE_SIZE; Entries->u.s2.FirstBlock = Segment->FirstEntry; HeapInfo->NumberOfEntries++;
UnCommittedRange = Segment->UnCommittedRanges; CurrentBlock = Segment->FirstEntry; while (CurrentBlock < Segment->LastValidEntry) { Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) ); if (Entries == NULL) { Status = STATUS_NO_MEMORY; break; }
Size = CurrentBlock->Size << HEAP_GRANULARITY_SHIFT; Entries->Size = Size; HeapInfo->NumberOfEntries++; if (CurrentBlock->Flags & HEAP_ENTRY_BUSY) { if (CurrentBlock->Flags & HEAP_ENTRY_EXTRA_PRESENT) { ExtraStuff = (PHEAP_ENTRY_EXTRA)(CurrentBlock + CurrentBlock->Size - 1);#if i386
Entries->AllocatorBackTraceIndex = ExtraStuff->AllocatorBackTraceIndex;#endif // i386
Entries->Flags |= RTL_HEAP_SETTABLE_VALUE; Entries->u.s1.Settable = ExtraStuff->Settable; Entries->u.s1.Tag = ExtraStuff->TagIndex; } else { Entries->u.s1.Tag = CurrentBlock->SmallTagIndex; }
Entries->Flags |= RTL_HEAP_BUSY | (CurrentBlock->Flags & HEAP_ENTRY_SETTABLE_FLAGS); } else if (CurrentBlock->Flags & HEAP_ENTRY_EXTRA_PRESENT) { PHEAP_FREE_ENTRY_EXTRA FreeExtra;
FreeExtra = (PHEAP_FREE_ENTRY_EXTRA)(CurrentBlock + CurrentBlock->Size) - 1; Entries->u.s1.Tag = FreeExtra->TagIndex; Entries->AllocatorBackTraceIndex = FreeExtra->FreeBackTraceIndex; }
if (CurrentBlock->Flags & HEAP_ENTRY_LAST_ENTRY) { CurrentBlock += CurrentBlock->Size; if (UnCommittedRange == NULL) { CurrentBlock = Segment->LastValidEntry; } else { Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) ); if (Entries == NULL) { Status = STATUS_NO_MEMORY; break; }
Entries->Flags = RTL_HEAP_UNCOMMITTED_RANGE; Entries->Size = UnCommittedRange->Size; HeapInfo->NumberOfEntries++;
CurrentBlock = (PHEAP_ENTRY) ((PCHAR)UnCommittedRange->Address + UnCommittedRange->Size); UnCommittedRange = UnCommittedRange->Next; } } else { CurrentBlock += CurrentBlock->Size; } } }
Head = &Heap->VirtualAllocdBlocks; Next = Head->Flink; while (Head != Next) { VirtualAllocBlock = CONTAINING_RECORD( Next, HEAP_VIRTUAL_ALLOC_ENTRY, Entry ); CurrentBlock = &VirtualAllocBlock->BusyBlock; Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) ); if (Entries == NULL) { Status = STATUS_NO_MEMORY; break; } else if (HeapInfo->Entries == NULL) { HeapInfo->Entries = Entries; }
Entries->Flags = RTL_HEAP_SEGMENT; Entries->Size = VirtualAllocBlock->ReserveSize; Entries->u.s2.CommittedSize = VirtualAllocBlock->CommitSize; Entries->u.s2.FirstBlock = CurrentBlock; HeapInfo->NumberOfEntries++; Entries = RtlpCommitQueryDebugInfo( Buffer, sizeof( *Entries ) ); if (Entries == NULL) { Status = STATUS_NO_MEMORY; break; }
Entries->Size = VirtualAllocBlock->CommitSize; Entries->Flags = RTL_HEAP_BUSY | (CurrentBlock->Flags & HEAP_ENTRY_SETTABLE_FLAGS);#if i386
Entries->AllocatorBackTraceIndex = VirtualAllocBlock->ExtraStuff.AllocatorBackTraceIndex;#endif // i386
Entries->Flags |= RTL_HEAP_SETTABLE_VALUE; Entries->u.s1.Settable = VirtualAllocBlock->ExtraStuff.Settable; Entries->u.s1.Tag = VirtualAllocBlock->ExtraStuff.TagIndex; HeapInfo->NumberOfEntries++;
Next = Next->Flink; } } finally { //
// Unlock the heap
//
if (LockAcquired) { RtlLeaveCriticalSection( (PRTL_CRITICAL_SECTION)Heap->LockVariable ); } } }
if (!NT_SUCCESS( Status )) { break; } } } }
return Status;}
NTSYSAPINTSTATUSNTAPIRtlQueryProcessLockInformation( IN OUT PRTL_DEBUG_INFORMATION Buffer ){ NTSTATUS Status; PLIST_ENTRY Head, Next; PRTL_PROCESS_LOCKS Locks; PRTL_PROCESS_LOCK_INFORMATION LockInfo; PRTL_CRITICAL_SECTION CriticalSection; PRTL_CRITICAL_SECTION_DEBUG DebugInfo; PRTL_RESOURCE Resource; PRTL_RESOURCE_DEBUG ResourceDebugInfo;
Locks = RtlpCommitQueryDebugInfo( Buffer, FIELD_OFFSET( RTL_PROCESS_LOCKS, Locks ) ); if (Locks == NULL) { return STATUS_NO_MEMORY; }
RtlEnterCriticalSection( &RtlCriticalSectionLock ); Head = &RtlCriticalSectionList; Next = Head->Flink; Status = STATUS_SUCCESS; while (Next != Head) { DebugInfo = CONTAINING_RECORD( Next, RTL_CRITICAL_SECTION_DEBUG, ProcessLocksList ); LockInfo = RtlpCommitQueryDebugInfo( Buffer, sizeof( RTL_PROCESS_LOCK_INFORMATION ) ); if (LockInfo == NULL) { Status = STATUS_NO_MEMORY; break; }
CriticalSection = DebugInfo->CriticalSection; try { LockInfo->Address = CriticalSection; LockInfo->Type = DebugInfo->Type; LockInfo->CreatorBackTraceIndex = DebugInfo->CreatorBackTraceIndex; if (LockInfo->Type == RTL_CRITSECT_TYPE) { LockInfo->OwningThread = CriticalSection->OwningThread; LockInfo->LockCount = CriticalSection->LockCount; LockInfo->RecursionCount = CriticalSection->RecursionCount; LockInfo->ContentionCount = DebugInfo->ContentionCount; LockInfo->EntryCount = DebugInfo->EntryCount; } else { Resource = (PRTL_RESOURCE)CriticalSection; ResourceDebugInfo = Resource->DebugInfo; LockInfo->ContentionCount = ResourceDebugInfo->ContentionCount; LockInfo->OwningThread = Resource->ExclusiveOwnerThread; LockInfo->LockCount = Resource->NumberOfActive; LockInfo->NumberOfWaitingShared = Resource->NumberOfWaitingShared; LockInfo->NumberOfWaitingExclusive = Resource->NumberOfWaitingExclusive; }
Locks->NumberOfLocks++; } except (EXCEPTION_EXECUTE_HANDLER) { DbgPrint("NTDLL: Lost critical section %08lX\n", CriticalSection); RtlpDeCommitQueryDebugInfo( Buffer, LockInfo, sizeof( RTL_PROCESS_LOCK_INFORMATION ) ); }
if (Next == Next->Flink) { //
// Bail if list is circular
//
break; } else { Next = Next->Flink; } }
RtlLeaveCriticalSection( &RtlCriticalSectionLock );
if (NT_SUCCESS( Status )) { Buffer->Locks = Locks; }
return Status;}
|
