archive
/
windows-xp
mirror of https://github.com/tongzx/nt5src
2
0
Fork 0
Code Issues Projects Releases Wiki Activity
Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
9 Commits
1 Branch
0 Tags
2.0 GiB
Tree: 75c48ba87f
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from '75c48ba87f'
${ noResults }
windows-xp/Source/XPSP1/NT/sdktools/debuggers/imagehlp/walk.c

514 lines
14 KiB
Raw Normal View History

Add source files
4 years ago
  1. /*++
  3. Copyright (c) 1993 Microsoft Corporation
  5. Module Name:
  7. walk.c
  9. Abstract:
  11. This function implements the stack walking api.
  13. Author:
  15. Wesley Witt (wesw) 1-Oct-1993
  17. Environment:
  19. User Mode
  21. --*/
  23. #include <private.h>
  24. #include "globals.h"
  26. #ifndef PAGE_SIZE
  27. #if defined(_X86_) || defined(_AMD64_)
  28. #define PAGE_SIZE 0x1000
  29. #elif defined(_ALPHA_) || defined(_IA64_)
  30. #define PAGE_SIZE 0x2000
  31. #else
  32. #error Unknown processor architecture
  33. #endif
  34. #endif
  36. BOOL
  37. ReadMemoryRoutineLocal(
  38. HANDLE hProcess,
  39. DWORD64 qwBaseAddress,
  40. LPVOID lpBuffer,
  41. DWORD nSize,
  42. LPDWORD lpNumberOfBytesRead
  43. );
  45. LPVOID
  46. FunctionTableAccessRoutineLocal(
  47. HANDLE hProcess,
  48. DWORD64 AddrBase
  49. );
  51. DWORD64
  52. GetModuleBaseRoutineLocal(
  53. HANDLE hProcess,
  54. DWORD64 ReturnAddress
  55. );
  57. DWORD64
  58. TranslateAddressRoutineLocal(
  59. HANDLE hProcess,
  60. HANDLE hThread,
  61. LPADDRESS64 lpaddr
  62. );
  64. BOOL
  65. ImagepReadMemoryThunk(
  66. HANDLE hProcess,
  67. DWORD64 qwBaseAddress,
  68. LPVOID lpBuffer,
  69. DWORD nSize,
  70. LPDWORD lpNumberOfBytesRead
  71. )
  72. {
  73. PREAD_PROCESS_MEMORY_ROUTINE fnImagepUserReadMemory32;
  75. fnImagepUserReadMemory32 = tlsvar(ImagepUserReadMemory32);
  76. return fnImagepUserReadMemory32(
  77. hProcess,
  78. (DWORD)qwBaseAddress,
  79. lpBuffer,
  80. nSize,
  81. lpNumberOfBytesRead
  82. );
  83. }
  85. LPVOID
  86. ImagepFunctionTableAccessThunk(
  87. HANDLE hProcess,
  88. DWORD64 AddrBase
  89. )
  90. {
  91. PFUNCTION_TABLE_ACCESS_ROUTINE fnImagepUserFunctionTableAccess32;
  93. fnImagepUserFunctionTableAccess32 = tlsvar(ImagepUserFunctionTableAccess32);
  94. return fnImagepUserFunctionTableAccess32(
  95. hProcess,
  96. (DWORD)AddrBase
  97. );
  98. }
  100. PIMAGE_ALPHA64_RUNTIME_FUNCTION_ENTRY
  101. AlphaFunctionTableAccessThunk(
  102. HANDLE hProcess,
  103. DWORD64 AddrBase
  104. )
  105. {
  106. PIMAGE_ALPHA_RUNTIME_FUNCTION_ENTRY FunctionEntry32;
  107. PFUNCTION_TABLE_ACCESS_ROUTINE fnImagepUserFunctionTableAccess32;
  109. fnImagepUserFunctionTableAccess32 = tlsvar(ImagepUserFunctionTableAccess32);
  110. FunctionEntry32 = (PIMAGE_ALPHA_RUNTIME_FUNCTION_ENTRY)
  111. fnImagepUserFunctionTableAccess32(
  112. hProcess,
  113. (DWORD)AddrBase
  114. );
  116. if (FunctionEntry32) {
  117. ConvertAlphaRf32To64( FunctionEntry32, &tlsvar(Axp64FunctionEntry) );
  119. return &tlsvar(Axp64FunctionEntry);
  120. }
  122. return NULL;
  123. }
  125. DWORD64
  126. ImagepGetModuleBaseThunk(
  127. HANDLE hProcess,
  128. DWORD64 ReturnAddress
  129. )
  130. {
  131. PGET_MODULE_BASE_ROUTINE fnImagepUserGetModuleBase32;
  133. fnImagepUserGetModuleBase32 = tlsvar(ImagepUserGetModuleBase32);
  134. return (ULONG64)(LONG64)(LONG)fnImagepUserGetModuleBase32(
  135. hProcess,
  136. (DWORD)ReturnAddress
  137. );
  138. }
  140. DWORD64
  141. ImagepTranslateAddressThunk(
  142. HANDLE hProcess,
  143. HANDLE hThread,
  144. LPADDRESS64 lpaddr
  145. )
  146. {
  147. return 0;
  148. }
  150. void
  151. StackFrame32To64(
  152. LPSTACKFRAME StackFrame32,
  153. LPSTACKFRAME64 StackFrame64
  154. )
  155. {
  156. Address32To64(&StackFrame32->AddrPC, &StackFrame64->AddrPC );
  157. Address32To64(&StackFrame32->AddrReturn, &StackFrame64->AddrReturn );
  158. Address32To64(&StackFrame32->AddrFrame, &StackFrame64->AddrFrame );
  159. Address32To64(&StackFrame32->AddrStack, &StackFrame64->AddrStack );
  160. StackFrame64->FuncTableEntry = StackFrame32->FuncTableEntry;
  161. StackFrame64->Far = StackFrame32->Far;
  162. StackFrame64->Virtual = StackFrame32->Virtual;
  163. StackFrame64->Params[0] = StackFrame32->Params[0];
  164. StackFrame64->Params[1] = StackFrame32->Params[1];
  165. StackFrame64->Params[2] = StackFrame32->Params[2];
  166. StackFrame64->Params[3] = StackFrame32->Params[3];
  167. StackFrame64->Reserved[0] = StackFrame32->Reserved[0];
  168. StackFrame64->Reserved[1] = StackFrame32->Reserved[1];
  169. StackFrame64->Reserved[2] = StackFrame32->Reserved[2];
  170. KdHelp32To64(&StackFrame32->KdHelp, &StackFrame64->KdHelp);
  171. }
  173. void
  174. StackFrame64To32(
  175. LPSTACKFRAME64 StackFrame64,
  176. LPSTACKFRAME StackFrame32
  177. )
  178. {
  179. Address64To32(&StackFrame64->AddrPC, &StackFrame32->AddrPC );
  180. Address64To32(&StackFrame64->AddrReturn, &StackFrame32->AddrReturn );
  181. Address64To32(&StackFrame64->AddrFrame, &StackFrame32->AddrFrame );
  182. Address64To32(&StackFrame64->AddrStack, &StackFrame32->AddrStack );
  183. StackFrame32->FuncTableEntry = StackFrame64->FuncTableEntry;
  184. StackFrame32->Far = StackFrame64->Far;
  185. StackFrame32->Virtual = StackFrame64->Virtual;
  186. StackFrame32->Params[0] = (ULONG)StackFrame64->Params[0];
  187. StackFrame32->Params[1] = (ULONG)StackFrame64->Params[1];
  188. StackFrame32->Params[2] = (ULONG)StackFrame64->Params[2];
  189. StackFrame32->Params[3] = (ULONG)StackFrame64->Params[3];
  190. StackFrame32->Reserved[0] = (ULONG)StackFrame64->Reserved[0];
  191. StackFrame32->Reserved[1] = (ULONG)StackFrame64->Reserved[1];
  192. StackFrame32->Reserved[2] = (ULONG)StackFrame64->Reserved[2];
  193. }
  195. BOOL
  196. StackWalk(
  197. DWORD MachineType,
  198. HANDLE hProcess,
  199. HANDLE hThread,
  200. LPSTACKFRAME StackFrame32,
  201. LPVOID ContextRecord,
  202. PREAD_PROCESS_MEMORY_ROUTINE ReadMemory32,
  203. PFUNCTION_TABLE_ACCESS_ROUTINE FunctionTableAccess32,
  204. PGET_MODULE_BASE_ROUTINE GetModuleBase32,
  205. PTRANSLATE_ADDRESS_ROUTINE TranslateAddress32
  206. )
  207. {
  208. BOOL rval;
  209. BOOL UseSym = FALSE;
  210. PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemory;
  211. PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccess;
  212. PGET_MODULE_BASE_ROUTINE64 GetModuleBase;
  213. PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress;
  214. STACKFRAME64 StackFrame;
  216. // Alpha stack walking no longer requires the FunctionTableAccess callback
  217. // except for backward compatability with debuggers that didn't specify
  218. // a GetModuleBase callback. If the GetModuleBase routine is provided
  219. // then set FunctionTableAccess to NULL to prevent a mixture of the
  220. // callback and read-from-image methods of accessing function table entries.
  222. if (MachineType == IMAGE_FILE_MACHINE_ALPHA) {
  223. if (GetModuleBase32 == NULL && FunctionTableAccess32) {
  224. FunctionTableAccess = (PFUNCTION_TABLE_ACCESS_ROUTINE64)AlphaFunctionTableAccessThunk;
  225. tlsvar(ImagepUserFunctionTableAccess32) = FunctionTableAccess32;
  226. } else {
  227. FunctionTableAccess = NULL;
  228. }
  229. } else {
  230. if (FunctionTableAccess32) {
  231. tlsvar(ImagepUserFunctionTableAccess32) = FunctionTableAccess32;
  232. FunctionTableAccess = ImagepFunctionTableAccessThunk;
  233. } else {
  234. FunctionTableAccess = FunctionTableAccessRoutineLocal;
  235. UseSym = TRUE;
  236. }
  237. }
  239. if (GetModuleBase32) {
  240. tlsvar(ImagepUserGetModuleBase32) = GetModuleBase32;
  241. GetModuleBase = ImagepGetModuleBaseThunk;
  242. } else {
  243. GetModuleBase = GetModuleBaseRoutineLocal;
  244. UseSym = TRUE;
  245. }
  247. if (ReadMemory32) {
  248. tlsvar(ImagepUserReadMemory32) = ReadMemory32;
  249. ReadMemory = ImagepReadMemoryThunk;
  250. } else {
  251. ReadMemory = ReadMemoryRoutineLocal;
  252. }
  254. if (TranslateAddress32) {
  255. tlsvar(ImagepUserTranslateAddress32) = TranslateAddress32;
  256. TranslateAddress = ImagepTranslateAddressThunk;
  257. } else {
  258. TranslateAddress = TranslateAddressRoutineLocal;
  259. }
  261. if (UseSym) {
  262. //
  263. // We are using the code in symbols.c
  264. // hProcess better be a real valid process handle
  265. //
  267. //
  268. // Always call syminitialize. It's a nop if process
  269. // is already loaded.
  270. //
  271. if (!SymInitialize( hProcess, NULL, FALSE )) {
  272. return FALSE;
  273. }
  275. }
  277. StackFrame32To64(StackFrame32, &StackFrame);
  279. switch (MachineType) {
  280. case IMAGE_FILE_MACHINE_I386:
  281. rval = WalkX86( hProcess,
  282. hThread,
  283. &StackFrame,
  284. ContextRecord,
  285. ReadMemory,
  286. FunctionTableAccess,
  287. GetModuleBase,
  288. TranslateAddress,
  289. 0
  290. );
  291. break;
  293. case IMAGE_FILE_MACHINE_ALPHA:
  294. rval = WalkAlpha( hProcess,
  295. &StackFrame,
  296. ContextRecord,
  297. ReadMemory,
  298. GetModuleBase,
  299. FunctionTableAccess,
  300. FALSE
  301. );
  302. break;
  304. case IMAGE_FILE_MACHINE_IA64:
  305. case IMAGE_FILE_MACHINE_ALPHA64:
  306. case IMAGE_FILE_MACHINE_AMD64:
  307. default:
  308. rval = FALSE;
  309. break;
  310. }
  311. if (rval) {
  312. StackFrame64To32(&StackFrame, StackFrame32);
  313. }
  315. return rval;
  316. }
  319. BOOL
  320. StackWalk64(
  321. DWORD MachineType,
  322. HANDLE hProcess,
  323. HANDLE hThread,
  324. LPSTACKFRAME64 StackFrame,
  325. LPVOID ContextRecord,
  326. PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemory,
  327. PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccess,
  328. PGET_MODULE_BASE_ROUTINE64 GetModuleBase,
  329. PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress
  330. )
  331. {
  332. BOOL rval;
  333. BOOL UseSym = FALSE;
  335. g.MachineType = MachineType;
  336. if (!FunctionTableAccess) {
  337. FunctionTableAccess = FunctionTableAccessRoutineLocal;
  338. UseSym = TRUE;
  339. }
  341. if (!GetModuleBase) {
  342. GetModuleBase = GetModuleBaseRoutineLocal;
  343. UseSym = TRUE;
  344. }
  346. if (!ReadMemory) {
  347. ReadMemory = ReadMemoryRoutineLocal;
  348. }
  350. if (!TranslateAddress) {
  351. TranslateAddress = TranslateAddressRoutineLocal;
  352. }
  354. if (UseSym) {
  355. //
  356. // We are using the code in symbols.c
  357. // hProcess better be a real valid process handle
  358. //
  360. //
  361. // Always call syminitialize. It's a nop if process
  362. // is already loaded.
  363. //
  364. if (!SymInitialize( hProcess, NULL, FALSE )) {
  365. return FALSE;
  366. }
  368. }
  370. switch (MachineType) {
  371. case IMAGE_FILE_MACHINE_I386:
  372. rval = WalkX86( hProcess,
  373. hThread,
  374. StackFrame,
  375. ContextRecord,
  376. ReadMemory,
  377. FunctionTableAccess,
  378. GetModuleBase,
  379. TranslateAddress,
  380. WALK_FIX_FPO_EBP
  381. );
  383. break;
  385. case IMAGE_FILE_MACHINE_IA64:
  386. rval = WalkIa64( hProcess,
  387. StackFrame,
  388. ContextRecord,
  389. ReadMemory,
  390. FunctionTableAccess,
  391. GetModuleBase
  392. );
  393. break;
  395. case IMAGE_FILE_MACHINE_ALPHA:
  396. rval = WalkAlpha( hProcess,
  397. StackFrame,
  398. ContextRecord,
  399. ReadMemory,
  400. GetModuleBase,
  401. FunctionTableAccess,
  402. FALSE
  403. );
  404. break;
  406. case IMAGE_FILE_MACHINE_ALPHA64:
  407. rval = WalkAlpha( hProcess,
  408. StackFrame,
  409. ContextRecord,
  410. ReadMemory,
  411. GetModuleBase,
  412. FunctionTableAccess,
  413. TRUE
  414. );
  415. break;
  417. case IMAGE_FILE_MACHINE_AMD64:
  418. rval = WalkAmd64( hProcess,
  419. StackFrame,
  420. ContextRecord,
  421. ReadMemory,
  422. FunctionTableAccess,
  423. GetModuleBase
  424. );
  425. break;
  427. default:
  428. rval = FALSE;
  429. break;
  430. }
  432. return rval;
  433. }
  435. BOOL
  436. ReadMemoryRoutineLocal(
  437. HANDLE hProcess,
  438. DWORD64 qwBaseAddress,
  439. LPVOID lpBuffer,
  440. DWORD nSize,
  441. LPDWORD lpNumberOfBytesRead
  442. )
  443. {
  444. // ReadProcessMemory will fail if any part of the
  445. // region to read does not have read access. This
  446. // routine attempts to read the largest valid prefix
  447. // so it has to break up reads on page boundaries.
  449. BOOL Status = TRUE;
  450. SIZE_T TotalBytesRead = 0;
  451. SIZE_T Read;
  452. ULONG ReadSize;
  454. while (nSize > 0) {
  456. // Calculate bytes to read and don't let read cross
  457. // a page boundary.
  458. ReadSize = PAGE_SIZE - (ULONG)(qwBaseAddress & (PAGE_SIZE - 1));
  459. ReadSize = min(nSize, ReadSize);
  461. if (!ReadProcessMemory(hProcess, (PVOID)(ULONG_PTR)qwBaseAddress,
  462. lpBuffer, ReadSize, &Read)) {
  463. if (TotalBytesRead == 0) {
  464. // If we haven't read anything indicate failure.
  465. Status = FALSE;
  466. }
  467. break;
  468. }
  470. TotalBytesRead += Read;
  471. qwBaseAddress += Read;
  472. lpBuffer = (PVOID)((PUCHAR)lpBuffer + Read);
  473. nSize -= (DWORD)Read;
  474. }
  476. *lpNumberOfBytesRead = (DWORD)TotalBytesRead;
  477. return Status;
  478. }
  480. LPVOID
  481. FunctionTableAccessRoutineLocal(
  482. HANDLE hProcess,
  483. DWORD64 AddrBase
  484. )
  485. {
  486. return SymFunctionTableAccess64(hProcess, AddrBase);
  487. }
  489. DWORD64
  490. GetModuleBaseRoutineLocal(
  491. HANDLE hProcess,
  492. DWORD64 ReturnAddress
  493. )
  494. {
  495. IMAGEHLP_MODULE64 ModuleInfo = {0};
  496. ModuleInfo.SizeOfStruct = sizeof(ModuleInfo);
  498. if (SymGetModuleInfo64(hProcess, ReturnAddress, &ModuleInfo)) {
  499. return ModuleInfo.BaseOfImage;
  500. } else {
  501. return 0;
  502. }
  503. }
  506. DWORD64
  507. TranslateAddressRoutineLocal(
  508. HANDLE hProcess,
  509. HANDLE hThread,
  510. LPADDRESS64 paddr
  511. )
  512. {
  513. return 0;
  514. }