Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

1080 lines
30 KiB

//----------------------------------------------------------------------------
//
// Stack walking support.
//
// Copyright (C) Microsoft Corporation, 1997-2001.
//
//----------------------------------------------------------------------------
#include "ntsdp.hpp"
IMAGE_IA64_RUNTIME_FUNCTION_ENTRY g_EpcRfeBuffer;
PIMAGE_IA64_RUNTIME_FUNCTION_ENTRY g_EpcRfe;
PFPO_DATA
SynthesizeKnownFpo(PSTR Symbol, ULONG64 OffStart, ULONG64 Disp)
{
static ULONG64 s_Nr2, s_Lu2, s_Eh3, s_Kuit;
if (!s_Nr2 || !s_Lu2 || !s_Eh3 || !s_Kuit)
{
GetOffsetFromSym("nt!_NLG_Return2", &s_Nr2, NULL);
GetOffsetFromSym("nt!_local_unwind2", &s_Lu2, NULL);
GetOffsetFromSym("nt!_except_handler3", &s_Eh3, NULL);
GetOffsetFromSym("nt!KiUnexpectedInterruptTail", &s_Kuit, NULL);
}
if (OffStart == s_Nr2 || OffStart == s_Lu2)
{
static FPO_DATA s_Lu2Fpo;
s_Lu2Fpo.ulOffStart = (ULONG)OffStart;
s_Lu2Fpo.cbProcSize = 0x68;
s_Lu2Fpo.cdwLocals = 4;
s_Lu2Fpo.cdwParams = 0;
s_Lu2Fpo.cbProlog = 0;
s_Lu2Fpo.cbRegs = 3;
s_Lu2Fpo.fHasSEH = 0;
s_Lu2Fpo.fUseBP = 0;
s_Lu2Fpo.reserved = 0;
s_Lu2Fpo.cbFrame = FRAME_FPO;
return &s_Lu2Fpo;
}
else if (OffStart == s_Eh3)
{
static FPO_DATA s_Eh3Fpo;
s_Eh3Fpo.ulOffStart = (ULONG)OffStart;
s_Eh3Fpo.cbProcSize = 0xbd;
s_Eh3Fpo.cdwLocals = 2;
s_Eh3Fpo.cdwParams = 4;
s_Eh3Fpo.cbProlog = 3;
s_Eh3Fpo.cbRegs = 4;
s_Eh3Fpo.fHasSEH = 0;
s_Eh3Fpo.fUseBP = 0;
s_Eh3Fpo.reserved = 0;
s_Eh3Fpo.cbFrame = FRAME_NONFPO;
return &s_Eh3Fpo;
}
else if (OffStart == s_Kuit)
{
//
// KiUnexpectedInterruptTail has three special stubs
// following it for CommonDispatchException[0-2]Args.
// These stubs set up for the appropriate number of
// arguments and then call CommonDispatchException.
// They do not have symbols or FPO data so fake some
// up if we're in the region immediately after KUIT.
//
PFPO_DATA KuitData = (PFPO_DATA)
SymFunctionTableAccess(g_CurrentProcess->Handle, OffStart);
if (KuitData != NULL &&
Disp >= (ULONG64)KuitData->cbProcSize &&
Disp < (ULONG64)KuitData->cbProcSize + 0x20)
{
static FPO_DATA s_CdeStubFpo;
s_CdeStubFpo.ulOffStart = (ULONG)OffStart;
s_CdeStubFpo.cbProcSize = 0x10;
s_CdeStubFpo.cdwLocals = 0;
s_CdeStubFpo.cdwParams = 0;
s_CdeStubFpo.cbProlog = 0;
s_CdeStubFpo.cbRegs = 0;
s_CdeStubFpo.fHasSEH = 0;
s_CdeStubFpo.fUseBP = 0;
s_CdeStubFpo.reserved = 0;
s_CdeStubFpo.cbFrame = FRAME_TRAP;
return &s_CdeStubFpo;
}
}
return NULL;
}
PFPO_DATA
SynthesizeFpoDataForModule(DWORD64 PCAddr)
{
DWORD64 Offset;
USHORT StdCallArgs;
CHAR symbuf[MAX_SYMBOL_LEN];
GetSymbolStdCall( PCAddr,
symbuf,
sizeof(symbuf),
&Offset,
&StdCallArgs);
if (Offset == PCAddr)
{
// No symbol.
return NULL;
}
PFPO_DATA KnownFpo =
SynthesizeKnownFpo(symbuf, PCAddr - Offset, Offset);
if (KnownFpo != NULL)
{
return KnownFpo;
}
if (StdCallArgs == 0xffff)
{
return NULL;
}
static FPO_DATA s_SynthFpo;
s_SynthFpo.ulOffStart = (ULONG)(PCAddr - Offset);
s_SynthFpo.cbProcSize = (ULONG)(Offset + 10);
s_SynthFpo.cdwLocals = 0;
s_SynthFpo.cdwParams = StdCallArgs;
s_SynthFpo.cbProlog = 0;
s_SynthFpo.cbRegs = 0;
s_SynthFpo.fHasSEH = 0;
s_SynthFpo.fUseBP = 0;
s_SynthFpo.reserved = 0;
s_SynthFpo.cbFrame = FRAME_NONFPO;
return &s_SynthFpo;
}
PFPO_DATA
SynthesizeFpoDataForFastSyscall(ULONG64 Offset)
{
static FPO_DATA s_FastFpo;
// XXX drewb - Temporary until the fake user-shared
// module is worked out.
s_FastFpo.ulOffStart = (ULONG)Offset;
s_FastFpo.cbProcSize = X86_SHARED_SYSCALL_SIZE;
s_FastFpo.cdwLocals = 0;
s_FastFpo.cdwParams = 0;
s_FastFpo.cbProlog = 0;
s_FastFpo.cbRegs = 0;
s_FastFpo.fHasSEH = 0;
s_FastFpo.fUseBP = 0;
s_FastFpo.reserved = 0;
s_FastFpo.cbFrame = FRAME_FPO;
return &s_FastFpo;
}
PFPO_DATA
ModifyFpoRecord(PDEBUG_IMAGE_INFO Image, PFPO_DATA FpoData)
{
if (FpoData->cdwLocals == 80)
{
static ULONG64 s_CommonDispatchException;
// Some versions of CommonDispatchException have
// the wrong locals size, which screws up stack
// traces. Detect and fix up these problems.
if (s_CommonDispatchException == 0)
{
GetOffsetFromSym("nt!CommonDispatchException",
&s_CommonDispatchException,
NULL);
}
if (Image->BaseOfImage + FpoData->ulOffStart ==
s_CommonDispatchException)
{
static FPO_DATA s_CdeFpo;
s_CdeFpo = *FpoData;
s_CdeFpo.cdwLocals = 20;
FpoData = &s_CdeFpo;
}
}
else if (FpoData->cdwLocals == 0 && FpoData->cdwParams == 0 &&
FpoData->cbRegs == 3)
{
static ULONG64 s_KiSwapThread;
// KiSwapThread has shrink-wrapping so that three registers
// are pushed in only a portion of the code. Unfortunately,
// the most important place in the code -- the call to
// KiSwapContext -- is outside of this region and therefore
// the register count is wrong much more often than it's
// correct. Switch the register count to two to make it
// correct more often than wrong.
if (s_KiSwapThread == 0)
{
GetOffsetFromSym("nt!KiSwapThread", &s_KiSwapThread, NULL);
}
if (Image->BaseOfImage + FpoData->ulOffStart ==
s_KiSwapThread)
{
static FPO_DATA s_KstFpo;
s_KstFpo = *FpoData;
s_KstFpo.cbRegs = 2;
FpoData = &s_KstFpo;
}
}
else if (FpoData->fHasSEH)
{
static FPO_DATA s_SehFpo;
s_SehFpo = *FpoData;
s_SehFpo.cbFrame = FRAME_NONFPO;
FpoData = &s_SehFpo;
}
return FpoData;
}
PFPO_DATA
FindFpoDataForModule(DWORD64 PCAddr)
/*++
Routine Description:
Locates the fpo data structure in the process's linked list for the
requested module.
Arguments:
PCAddr - address contained in the program counter
Return Value:
null - could not locate the entry
valid address - found the entry at the adress retured
--*/
{
PPROCESS_INFO Process;
PDEBUG_IMAGE_INFO Image;
PFPO_DATA FpoData;
Process = g_CurrentProcess;
Image = Process->ImageHead;
FpoData = 0;
while (Image)
{
if ((PCAddr >= Image->BaseOfImage) &&
(PCAddr < Image->BaseOfImage + Image->SizeOfImage))
{
FpoData = (PFPO_DATA)
SymFunctionTableAccess(g_CurrentProcess->Handle, PCAddr);
if (!FpoData)
{
FpoData = SynthesizeFpoDataForModule(PCAddr);
}
else
{
FpoData = ModifyFpoRecord(Image, FpoData);
}
return FpoData;
}
Image = Image->Next;
}
ULONG64 FscBase;
switch(IsInFastSyscall(PCAddr, &FscBase))
{
case FSC_FOUND:
return SynthesizeFpoDataForFastSyscall(FscBase);
}
// the function is not part of any known loaded image
return NULL;
}
LPVOID
SwFunctionTableAccess(
HANDLE hProcess,
ULONG64 AddrBase
)
{
static IMAGE_ALPHA_RUNTIME_FUNCTION_ENTRY s_Axp32;
static IMAGE_ALPHA64_RUNTIME_FUNCTION_ENTRY s_Axp64;
static IMAGE_IA64_RUNTIME_FUNCTION_ENTRY s_Ia64;
static _IMAGE_RUNTIME_FUNCTION_ENTRY s_Amd64;
PVOID pife;
if (g_EffMachine == IMAGE_FILE_MACHINE_I386)
{
return (LPVOID)FindFpoDataForModule( AddrBase );
}
pife = SymFunctionTableAccess64(hProcess, AddrBase);
switch (g_EffMachine)
{
case IMAGE_FILE_MACHINE_AXP64:
if (!pife)
{
return NULL;
}
s_Axp64.BeginAddress =
((PIMAGE_FUNCTION_ENTRY64)pife)->StartingAddress;
s_Axp64.EndAddress =
((PIMAGE_FUNCTION_ENTRY64)pife)->EndingAddress;
s_Axp64.ExceptionHandler = 0;
s_Axp64.HandlerData = 0;
s_Axp64.PrologEndAddress =
((PIMAGE_FUNCTION_ENTRY64)pife)->EndOfPrologue;
return &s_Axp64;
case IMAGE_FILE_MACHINE_ALPHA:
if (!pife)
{
return NULL;
}
s_Axp32.BeginAddress =
((PIMAGE_FUNCTION_ENTRY)pife)->StartingAddress;
s_Axp32.EndAddress =
((PIMAGE_FUNCTION_ENTRY)pife)->EndingAddress;
s_Axp32.ExceptionHandler = 0;
s_Axp32.HandlerData = 0;
s_Axp32.PrologEndAddress =
((PIMAGE_FUNCTION_ENTRY)pife)->EndOfPrologue;
return &s_Axp32;
case IMAGE_FILE_MACHINE_IA64:
if (pife)
{
s_Ia64 = *(PIMAGE_IA64_RUNTIME_FUNCTION_ENTRY)pife;
return &s_Ia64;
}
else
{
if (IS_KERNEL_TARGET() &&
(AddrBase >= IA64_MM_EPC_VA) &&
(AddrBase < (IA64_MM_EPC_VA + IA64_PAGE_SIZE)))
{
return g_EpcRfe;
}
else
{
return NULL;
}
}
break;
case IMAGE_FILE_MACHINE_AMD64:
if (pife)
{
s_Amd64 = *(_PIMAGE_RUNTIME_FUNCTION_ENTRY)pife;
return &s_Amd64;
}
break;
}
return NULL;
}
DWORD64
SwTranslateAddress(
HANDLE hProcess,
HANDLE hThread,
LPADDRESS64 lpaddress
)
{
//
// don't support 16bit stacks
//
return 0;
}
BOOL
SwReadMemory32(
HANDLE hProcess,
ULONG dwBaseAddress,
LPVOID lpBuffer,
DWORD nSize,
LPDWORD lpNumberOfBytesRead
)
{
return SwReadMemory(hProcess,
EXTEND64(dwBaseAddress),
lpBuffer,
nSize,
lpNumberOfBytesRead);
}
BOOL
SwReadMemory(
HANDLE hProcess,
ULONG64 BaseAddress,
LPVOID lpBuffer,
DWORD nSize,
LPDWORD lpNumberOfBytesRead
)
{
DBG_ASSERT(hProcess == g_CurrentProcess->Handle);
if (IS_KERNEL_TARGET())
{
DWORD BytesRead;
HRESULT Status;
if ((LONG_PTR)lpNumberOfBytesRead == -1)
{
if (g_TargetMachineType == IMAGE_FILE_MACHINE_I386)
{
BaseAddress += g_TargetMachine->m_SizeTargetContext;
}
Status = g_Target->ReadControl(CURRENT_PROC,
(ULONG)BaseAddress,
lpBuffer,
nSize,
&BytesRead);
return Status == S_OK;
}
}
if (g_Target->ReadVirtual(BaseAddress, lpBuffer, nSize,
lpNumberOfBytesRead) != S_OK)
{
// Make sure bytes read is zero.
if (lpNumberOfBytesRead != NULL)
{
*lpNumberOfBytesRead = 0;
}
return FALSE;
}
else
{
return TRUE;
}
}
DWORD64
SwGetModuleBase(
HANDLE hProcess,
ULONG64 Address
)
{
PDEBUG_IMAGE_INFO Image = g_CurrentProcess->ImageHead;
if (g_EffMachine == IMAGE_FILE_MACHINE_IA64 &&
IS_KERNEL_TARGET() &&
(Address >= IA64_MM_EPC_VA) &&
(Address < (IA64_MM_EPC_VA + IA64_PAGE_SIZE)))
{
Address -= (IA64_MM_EPC_VA - g_SystemCallVirtualAddress);
}
while (Image)
{
if ((Address >= Image->BaseOfImage) &&
(Address < (Image->BaseOfImage + Image->SizeOfImage)))
{
return Image->BaseOfImage;
}
Image = Image->Next;
}
// If no regular module was found we need to look in
// the dynamic function tables to see if an entry
// there matches.
ULONG64 DynBase = g_Target->
GetDynamicFunctionTableBase(g_Machine, Address);
if (DynBase)
{
return DynBase;
}
if (IS_KERNEL_TARGET())
{
// If no modules have been loaded there's still a possibility
// of getting a kernel stack trace (without symbols) by going
// after the module base directly. This also makes it possible
// to get a stack trace when there are no symbols available.
if (g_CurrentProcess->ImageHead == NULL)
{
return GetKernelModuleBase( Address );
}
}
return 0;
}
DWORD
SwGetModuleBase32(
HANDLE hProcess,
DWORD Address
)
{
return (DWORD)SwGetModuleBase(hProcess, Address);
}
void
PrintStackTraceHeaderLine(
ULONG Flags
)
{
if ( (Flags & DEBUG_STACK_COLUMN_NAMES) == 0 )
{
return;
}
StartOutLine(DEBUG_OUTPUT_NORMAL, OUT_LINE_NO_TIMESTAMP);
if (Flags & DEBUG_STACK_FRAME_NUMBERS)
{
dprintf(" # ");
}
if (Flags & DEBUG_STACK_FRAME_ADDRESSES)
{
g_Machine->PrintStackFrameAddressesTitle(Flags);
}
if (Flags & DEBUG_STACK_ARGUMENTS)
{
g_Machine->PrintStackArgumentsTitle(Flags);
}
g_Machine->PrintStackCallSiteTitle(Flags);
dprintf("\n");
}
VOID
PrintStackFrame(
PDEBUG_STACK_FRAME StackFrame,
ULONG Flags
)
{
DWORD64 displacement;
CHAR symbuf[MAX_SYMBOL_LEN];
USHORT StdCallArgs;
ULONG64 InstructionOffset = StackFrame->InstructionOffset;
if (g_EffMachine == IMAGE_FILE_MACHINE_IA64 &&
IS_KERNEL_TARGET() &&
(InstructionOffset >= IA64_MM_EPC_VA) &&
(InstructionOffset < (IA64_MM_EPC_VA + IA64_PAGE_SIZE)))
{
InstructionOffset = InstructionOffset -
(IA64_MM_EPC_VA - g_SystemCallVirtualAddress);
}
GetSymbolStdCall(InstructionOffset,
symbuf,
sizeof(symbuf),
&displacement,
&StdCallArgs);
StartOutLine(DEBUG_OUTPUT_NORMAL, OUT_LINE_NO_TIMESTAMP);
if (Flags & DEBUG_STACK_FRAME_NUMBERS)
{
dprintf("%02lx ", StackFrame->FrameNumber);
}
if (Flags & DEBUG_STACK_FRAME_ADDRESSES)
{
g_Machine->PrintStackFrameAddresses(Flags, StackFrame);
}
if (Flags & DEBUG_STACK_ARGUMENTS)
{
g_Machine->PrintStackArguments(Flags, StackFrame);
}
g_Machine->PrintStackCallSite(Flags, StackFrame,
symbuf, displacement,
StdCallArgs);
if (Flags & DEBUG_STACK_SOURCE_LINE)
{
OutputLineAddr(InstructionOffset, " [%s @ %d]");
}
dprintf( "\n" );
}
VOID
PrintStackTrace(
ULONG NumFrames,
PDEBUG_STACK_FRAME StackFrames,
ULONG Flags
)
{
ULONG i;
PrintStackTraceHeaderLine(Flags);
for (i = 0; i < NumFrames; i++)
{
PrintStackFrame(StackFrames + i, Flags);
}
}
void
GetStkTraceArgsForCurrentScope(
PULONG64 FramePointer,
PULONG64 StackPointer,
PULONG64 InstructionPointer,
PCROSS_PLATFORM_CONTEXT ContextCopyPointer
)
{
PCROSS_PLATFORM_CONTEXT ScopeContext = GetCurrentScopeContext();
if (ScopeContext != NULL)
{
g_Machine->PushContext(ScopeContext);
switch (g_EffMachine)
{
case IMAGE_FILE_MACHINE_I386:
if (*InstructionPointer == 0)
{
*InstructionPointer = g_Machine->GetReg64(X86_EIP);
}
if (*StackPointer == 0)
{
*StackPointer = g_Machine->GetReg64(X86_ESP);
}
if (*FramePointer == 0)
{
*FramePointer = g_Machine->GetReg64(X86_EBP);
}
break;
case IMAGE_FILE_MACHINE_IA64:
*InstructionPointer = g_Machine->GetReg64(STIIP);
*StackPointer = g_Machine->GetReg64(INTSP);
*FramePointer = g_Machine->GetReg64(RSBSP);
break;
case IMAGE_FILE_MACHINE_AXP64:
case IMAGE_FILE_MACHINE_ALPHA:
*InstructionPointer = g_Machine->GetReg64(ALPHA_FIR);
*StackPointer = g_Machine->GetReg64(SP_REG);
*FramePointer = g_Machine->GetReg64(FP_REG);
break;
case IMAGE_FILE_MACHINE_AMD64:
*InstructionPointer = g_Machine->GetReg64(AMD64_RIP);
*StackPointer = g_Machine->GetReg64(AMD64_RSP);
*FramePointer = g_Machine->GetReg64(AMD64_RBP);
break;
default:
break;
}
if (ContextCopyPointer)
{
*ContextCopyPointer = g_Machine->m_Context;
}
g_Machine->PopContext();
}
else
{
if (ContextCopyPointer)
{
*ContextCopyPointer = g_Machine->m_Context;
}
}
}
DWORD
StackTrace(
ULONG64 FramePointer,
ULONG64 StackPointer,
ULONG64 InstructionPointer,
PDEBUG_STACK_FRAME StackFrames,
ULONG NumFrames,
ULONG64 ExtThread,
ULONG Flags,
BOOL EstablishingScope
)
{
STACKFRAME64 VirtualFrame;
DWORD i;
CROSS_PLATFORM_CONTEXT Context;
PVOID FunctionEntry;
ULONG64 Value;
ULONG result;
BOOL SymWarning = FALSE;
ULONG X86Ebp;
if (!EstablishingScope)
{
RequireCurrentScope();
}
//
// let's start clean
//
ZeroMemory( StackFrames, sizeof(StackFrames[0]) * NumFrames );
ZeroMemory( &VirtualFrame, sizeof(VirtualFrame) );
if (g_Machine->GetContextState(MCTX_FULL) != S_OK)
{
return 0;
}
ULONG Seg;
if ((!FramePointer && !InstructionPointer && !StackPointer) ||
(g_EffMachine == IMAGE_FILE_MACHINE_I386))
{
// Do the default stack trace for current debug context
// For x86, set these if any of them is 0
GetStkTraceArgsForCurrentScope(&FramePointer, &StackPointer,
&InstructionPointer, &Context);
}
if (IS_KERNEL_TARGET())
{
//
// if debugger was initialized at boot, usermode addresses needed for
// stack traces on IA64 were not available. Try it now:
//
if (g_EffMachine == IMAGE_FILE_MACHINE_IA64 &&
!KdDebuggerData.KeUserCallbackDispatcher)
{
VerifyKernelBase (FALSE);
}
ULONG64 ThreadData;
// If no explicit thread is given then we use the
// current thread. However, the current thread is only
// valid if the current thread is the event thread since
// tracing back into user mode requires that the appropriate
// user-mode memory state be active.
if (ExtThread != 0)
{
ThreadData = ExtThread;
}
else if (g_CurrentProcess->CurrentThread != g_EventThread ||
g_CurrentProcess != g_EventProcess ||
GetImplicitThreadData(&ThreadData) != S_OK)
{
ThreadData = 0;
}
VirtualFrame.KdHelp.Thread = ThreadData;
VirtualFrame.KdHelp.ThCallbackStack = ThreadData ?
KdDebuggerData.ThCallbackStack : 0;
VirtualFrame.KdHelp.KiCallUserMode = KdDebuggerData.KiCallUserMode;
VirtualFrame.KdHelp.NextCallback = KdDebuggerData.NextCallback;
VirtualFrame.KdHelp.KeUserCallbackDispatcher =
KdDebuggerData.KeUserCallbackDispatcher;
VirtualFrame.KdHelp.FramePointer = KdDebuggerData.FramePointer;
VirtualFrame.KdHelp.SystemRangeStart = g_SystemRangeStart;
}
//
// setup the program counter
//
if (!InstructionPointer)
{
if (g_EffMachine == IMAGE_FILE_MACHINE_I386)
{
ADDR Addr;
VirtualFrame.AddrPC.Mode = AddrModeFlat;
g_Machine->GetPC(&Addr);
VirtualFrame.AddrPC.Segment = Addr.seg;
VirtualFrame.AddrPC.Offset = Flat(Addr);
}
}
else
{
VirtualFrame.AddrPC.Mode = AddrModeFlat;
Seg = g_Machine->GetSegRegNum(SEGREG_CODE);
VirtualFrame.AddrPC.Segment =
Seg ? (WORD)GetRegVal32(Seg) : 0;
VirtualFrame.AddrPC.Offset = InstructionPointer;
}
//
// setup the frame pointer
//
if (!FramePointer)
{
if (g_EffMachine == IMAGE_FILE_MACHINE_I386)
{
ADDR Addr;
VirtualFrame.AddrFrame.Mode = AddrModeFlat;
g_Machine->GetFP(&Addr);
VirtualFrame.AddrFrame.Segment = Addr.seg;
VirtualFrame.AddrFrame.Offset = Flat(Addr);
}
}
else
{
VirtualFrame.AddrFrame.Mode = AddrModeFlat;
Seg = g_Machine->GetSegRegNum(SEGREG_STACK);
VirtualFrame.AddrFrame.Segment =
Seg ? (WORD)GetRegVal32(Seg) : 0;
VirtualFrame.AddrFrame.Offset = FramePointer;
}
VirtualFrame.AddrBStore = VirtualFrame.AddrFrame;
if (g_EffMachine == IMAGE_FILE_MACHINE_I386)
{
X86Ebp = (ULONG) VirtualFrame.AddrFrame.Offset;
}
//
// setup the stack pointer
//
if (!StackPointer)
{
if (g_EffMachine == IMAGE_FILE_MACHINE_I386)
{
ADDR Addr;
VirtualFrame.AddrStack.Mode = AddrModeFlat;
g_Machine->GetSP(&Addr);
VirtualFrame.AddrStack.Segment = Addr.seg;
VirtualFrame.AddrStack.Offset = Flat(Addr);
}
}
else
{
VirtualFrame.AddrStack.Mode = AddrModeFlat;
Seg = g_Machine->GetSegRegNum(SEGREG_STACK);
VirtualFrame.AddrStack.Segment =
Seg ? (WORD)GetRegVal32(Seg) : 0;
VirtualFrame.AddrStack.Offset = StackPointer;
}
if (g_EffMachine == IMAGE_FILE_MACHINE_IA64 &&
IS_KERNEL_TARGET() &&
g_SystemCallVirtualAddress)
{
PVOID functionEntry;
ULONG numberOfBytesRead;
functionEntry = SwFunctionTableAccess (g_CurrentProcess->Handle,
g_SystemCallVirtualAddress);
if (functionEntry != NULL)
{
RtlCopyMemory(&g_EpcRfeBuffer, functionEntry,
sizeof(IMAGE_IA64_RUNTIME_FUNCTION_ENTRY));
g_EpcRfe = &g_EpcRfeBuffer;
}
else
{
g_EpcRfe = NULL;
}
}
for (i = 0; i < NumFrames; i++)
{
// SwReadMemory doesn't currently use the thread handle
// but send in something reasonable in case of future changes.
if (!StackWalk64(g_EffMachine,
g_CurrentProcess->Handle,
OS_HANDLE(g_CurrentProcess->CurrentThread->Handle),
&VirtualFrame,
&Context,
SwReadMemory,
SwFunctionTableAccess,
SwGetModuleBase,
SwTranslateAddress))
{
break;
}
StackFrames[i].InstructionOffset = VirtualFrame.AddrPC.Offset;
StackFrames[i].ReturnOffset = VirtualFrame.AddrReturn.Offset;
StackFrames[i].FrameOffset = VirtualFrame.AddrFrame.Offset;
StackFrames[i].StackOffset = VirtualFrame.AddrStack.Offset;
StackFrames[i].FuncTableEntry = (ULONG64)VirtualFrame.FuncTableEntry;
StackFrames[i].Virtual = VirtualFrame.Virtual;
StackFrames[i].FrameNumber = i;
// NOTE - we have more reserved space in the DEBUG_STACK_FRAME
memcpy(StackFrames[i].Reserved, VirtualFrame.Reserved,
sizeof(VirtualFrame.Reserved));
memcpy(StackFrames[i].Params, VirtualFrame.Params,
sizeof(VirtualFrame.Params));
if (g_EffMachine == IMAGE_FILE_MACHINE_IA64 &&
IS_KERNEL_TARGET())
{
if ((VirtualFrame.AddrPC.Offset >= IA64_MM_EPC_VA) &&
(VirtualFrame.AddrPC.Offset <
(IA64_MM_EPC_VA + IA64_PAGE_SIZE)))
{
VirtualFrame.AddrPC.Offset -=
(IA64_MM_EPC_VA - g_SystemCallVirtualAddress);
}
if ((i != 0) &&
(StackFrames[i - 1].InstructionOffset >= IA64_MM_EPC_VA) &&
(VirtualFrame.AddrPC.Offset <
(IA64_MM_EPC_VA + IA64_PAGE_SIZE)))
{
StackFrames[i - 1].ReturnOffset =
VirtualFrame.AddrPC.Offset;
}
} else if (g_EffMachine == IMAGE_FILE_MACHINE_I386)
{
if (StackFrames[i].FuncTableEntry)
{
PFPO_DATA FpoData = (PFPO_DATA)StackFrames[i].FuncTableEntry;
if (FpoData->cbFrame == FRAME_FPO &&
!FpoData->fUseBP)
{
SAVE_EBP(&StackFrames[i]) = (ULONG64) (LONG64) (LONG) X86Ebp;
}
}
X86Ebp = Context.X86Context.Ebp;
}
if (Flags && i == 0)
{
PrintStackTraceHeaderLine(Flags);
}
IMAGEHLP_MODULE64 Mod;
// If the current frame's PC is in a loaded module and
// that module does not have symbols it's very possible
// that the stack trace will be incorrect since the
// debugger has to guess about how to unwind the stack.
// Non-x86 architectures have unwind info in the images
// themselves so restrict this check to x86.
Mod.SizeOfStruct = sizeof(Mod);
if (!SymWarning &&
NumFrames > 1 &&
g_EffMachine == IMAGE_FILE_MACHINE_I386 &&
StackFrames[i].InstructionOffset != -1 &&
SymGetModuleInfo64(g_CurrentProcess->Handle,
StackFrames[i].InstructionOffset, &Mod) &&
(Mod.SymType == SymNone || Mod.SymType == SymExport ||
Mod.SymType == SymDeferred))
{
WarnOut("WARNING: Stack unwind information not available. "
"Following frames may be wrong.\n");
// Only show one warning per trace.
SymWarning = TRUE;
}
if (Flags)
{
PrintStackFrame(StackFrames + i, Flags);
if (Flags & DEBUG_STACK_NONVOLATILE_REGISTERS)
{
g_Machine->PrintStackNonvolatileRegisters(Flags,
StackFrames + i,
&Context, i);
}
}
}
return i;
}
#define BASIC_STACK \
(DEBUG_STACK_COLUMN_NAMES | DEBUG_STACK_FRAME_ADDRESSES | \
DEBUG_STACK_SOURCE_LINE)
ULONG g_StackTraceTypeFlags[STACK_TRACE_TYPE_MAX] =
{
BASIC_STACK, // Default
BASIC_STACK | DEBUG_STACK_ARGUMENTS, // kb
BASIC_STACK | DEBUG_STACK_ARGUMENTS | DEBUG_STACK_FUNCTION_INFO |
DEBUG_STACK_NONVOLATILE_REGISTERS, // kv
0, // kd
BASIC_STACK | DEBUG_STACK_PARAMETERS, // kp
BASIC_STACK | DEBUG_STACK_FRAME_NUMBERS, // kn
BASIC_STACK | DEBUG_STACK_ARGUMENTS | DEBUG_STACK_FRAME_NUMBERS, // kbn
BASIC_STACK | DEBUG_STACK_ARGUMENTS | DEBUG_STACK_FUNCTION_INFO |
DEBUG_STACK_NONVOLATILE_REGISTERS | DEBUG_STACK_FRAME_NUMBERS,// kvn
DEBUG_STACK_FRAME_NUMBERS, // kdn
BASIC_STACK | DEBUG_STACK_PARAMETERS | DEBUG_STACK_FRAME_NUMBERS // kpn
};
VOID
DoStackTrace(
ULONG64 FramePointer,
ULONG64 StackPointer,
ULONG64 InstructionPointer,
ULONG NumFrames,
STACK_TRACE_TYPE TraceType
)
{
PDEBUG_STACK_FRAME StackFrames;
ULONG NumFramesToRead;
DWORD FrameCount;
if (NumFrames == 0)
{
NumFrames = g_DefaultStackTraceDepth;
}
if (TraceType == STACK_TRACE_TYPE_KD)
{
NumFramesToRead = 1;
}
else
{
NumFramesToRead = NumFrames;
}
StackFrames = (PDEBUG_STACK_FRAME)
malloc( sizeof(StackFrames[0]) * NumFramesToRead );
if (!StackFrames)
{
ErrOut( "could not allocate memory for stack trace\n" );
return;
}
ULONG Flags = g_StackTraceTypeFlags[TraceType];
if ((TraceType == STACK_TRACE_TYPE_KB) && g_Machine->m_Ptr64)
{
Flags |= DEBUG_STACK_FRAME_ADDRESSES_RA_ONLY;
}
FrameCount = StackTrace( FramePointer,
StackPointer,
InstructionPointer,
StackFrames,
NumFramesToRead,
0,
Flags,
FALSE
);
if (FrameCount == 0)
{
ErrOut( "could not fetch any stack frames\n" );
free(StackFrames);
return;
}
if (TraceType == STACK_TRACE_TYPE_KD)
{
// Starting with the stack pointer, dump NumFrames DWORD's
// and the symbol if possible.
ADDR startAddr;
ADDRFLAT(&startAddr, StackFrames[0].FrameOffset);
fnDumpDwordMemory(&startAddr, NumFrames, TRUE);
}
free( StackFrames );
}