The trap frame is in a random location on the stack, and setting Esp0 there
wastes significant amounts of space and may lead to unexpected stack overflows.
Also use a more descriptive expression for the V86 members of the KTRAP_FRAME.
Revert "[NTOS] On DBG builds, fill pool allocations with 0xCD and freed pool with 0xDD"
This reverts commit 24f240be8a.
Revert "[NTOS] Add compile time option to trace callers of pool allocations"
This reverts commit 8b20755040.
Revert "WIP"
This reverts commit 8cfd5c601f.
Our legacy KD module is slowly being phased out for the more recent KD64
Kernel Debugger that supports WinDbg, but at the same time we must retain
support for GCC debugging and the KDBG interface.
For the time being few #ifdef _WINKD_ have been introduced in KD64 so that
some of its code/data does not completely get shared yet with the legacy KD,
until the latter becomes phased out.
KD Modifications:
=================
- Remove the implementation of NtQueryDebugFilterState() /
NtSetDebugFilterState() that now comes entirely from KD64.
- Remove KD variables that are now shared with KD64.
- Share common code with KD64: KdpMoveMemory(), KdpZeroMemory(),
KdpCopyMemoryChunks(), KdpPrint(), KdpPrompt().
- KDBG: Remove the duplicated KdpCopyMemoryChunks() function.
- In KdpServiceDispatcher() and KdpEnterDebuggerException(), call the
KdpPrint() worker function that correctly probes and captures its arguments.
- Temporarily stub out KdEnterDebugger() and KdExitDebugger() that is used
by the shared code, until KD is removed and only the KD64 version of these
functions remain.
- Re-implement the KD/KDBG KdpPrompt() function using a custom KdpPromptString()
helper compatible with KD64, that is called by the KD64 implementation of
KdpPrompt(). This KdpPromptString() helper now issues the prompt on all
the KD loggers: e.g. if you use both at the same time COM-port and SCREEN
debugging, the prompt will appear on both. Before that the prompt was always
being displayed on COM port even if e.g. a SCREEN-only debug session was used...
- ppc_irq.c: Fix the prototype of KdpServiceDispatcher().
KD64 Fixes:
===========
- Initialize the MaximumLength member of the counted STRING variables
before using them elsewhere.
- Get rid of alloca() within SEH block in KdpPrint() (addendum to 7b95fcf9).
- Add the ROS-specific handy dump commands in KdSystemDebugControl().
- KD64: Update the list of supported Debug Filter Masks (KdComponentTable)
with the more up-to-date one from KDBG, that includes some components
that have been added in Vista+, but some of which we also use in ReactOS.
- NtQueryDebugFilterState(), NtSetDebugFilterState() and KdpPrint():
Add the Vista+ behaviour or falling back to the DEFAULT component ID
settings for unknown Components (compiled in only wheen NTDDI_VERSION >= NTDDI_VISTA).
+ Remove redundant comments and update these functions with SAL2 annotations.
- KDBG: Add extra documentation for the debug filter components list.
- CONFIG: Load all the supported Debug Filter Masks settings from the
registry.
- Introduce KdpScreenAcquire() / KdpScreenRelease() helpers that allow
to correctly acquire or release the screen when using INBV for
"Screen-Mode" debugging.
- Introduce KdpAcquireLock() / KdpReleaseLock() helpers so as to reduce
the copy-pasted code required when acquiring spin-locks in the KD debug
logger functions.
- Close the opened KdpLogFileHandle file in the KdpInitDebugLog() logger
in case we failed to create the logger writer thread.
Also use explicit kernel-mode handle when opening the log file.
- static-ify some local variables, remove few hardcoded values, and
minor formatting.
- Correctly define the INIT_FUNCTION's.
CORE-16448, PR #2003. Supersedes PR #1997.
This commit supersedes commit 6c5c7809 (r54503).
The original code was checking for the NMI or Double-Fault TSS by
comparing the current stack-traced EIP address with their corresponding
trap handler address ranges. That method was actually buggy because
nothing was ensuring that the trap handlers were in the "expected" order
in the kernel binary (and in memory).
Instead, we now can handle completely generic nested TSSes, instead of
just the NMI or the Double-Fault ones.
The way we proceed is by performing the full stack backtrace of the
current TSS, then once finished we check whether this TSS is nested
(has a parent). If so we change the (cached) current TSS to the latter,
restarting the backtrace at the parent TSS' latest EIP.
Examples of stack backtraces:
=============================
- General Protection fault:
<snip>
*** Fatal System Error: 0x0000007f
(0x0000000D,0x00000000,0x00000000,0x00000000)
Entered debugger on embedded INT3 at 0x0008:0x80953528.
kdb:> bt
Eip:
<ntoskrnl.exe:153529 (sdk/lib/rtl/i386/debug_asm.S:57 (RtlpBreakWithStatusInstruction))>
Frames:
<ntoskrnl.exe:899b0 (ntoskrnl/ke/bug.c:1136 (KeBugCheckWithTf))>
<ntoskrnl.exe:134826 (ntoskrnl/ke/i386/exp.c:1161 (KeRaiseUserException))>
<ntoskrnl.exe:19ae67 (ntoskrnl/ke/i386/traphdlr.c:1282 (KiTrap0DHandler))>
<ntoskrnl.exe:19a840 (:0 (KiTrap0D))>
<ntoskrnl.exe:1925e6 (ntoskrnl/include/internal/i386/intrin_i.h:45 (KiInitMachineDependent))>
<ntoskrnl.exe:187688 (ntoskrnl/ke/krnlinit.c:305 (KeInitSystem))>
<ntoskrnl.exe:17fb2f (ntoskrnl/ex/init.c:1621 (Phase1InitializationDiscard))>
<ntoskrnl.exe:3247f (ntoskrnl/ex/init.c:2019 (Phase1Initialization))>
<ntoskrnl.exe:11c079 (ntoskrnl/ps/thread.c:156 (PspSystemThreadStartup))>
<ntoskrnl.exe:135c8a (ntoskrnl/ke/i386/thrdini.c:78 (KiThreadStartup))>
<ntoskrnl.exe:11c040 (ntoskrnl/ps/thread.c:141 (PspSystemThreadStartup))>
<5d8950ec>
Couldn't access memory at 0x83E58959!
</snip>
- Double-fault (manually triggered by removing the GP handler):
Note how the backtrace explicitly specifies the crossed TSS boundaries,
and the trace in the parent TSS is indeed consistent with the previous
example. Note also that log2lines (used here to completely resolve the
trace) failed to see KiTrap08Handler(), which has been instead mistaken
for KiTrap09().
<snip>
*** Fatal System Error: 0x0000007f
(0x00000008,0x8009C000,0x00000000,0x00000000)
Entered debugger on embedded INT3 at 0x0008:0x80953528.
kdb:> bt
[Active TSS 0x0050 @ 0x80A10CA0]
Eip:
<ntoskrnl.exe:153529 (sdk/lib/rtl/i386/debug_asm.S:57 (RtlpBreakWithStatusInstruction))>
Frames:
<ntoskrnl.exe:899b0 (ntoskrnl/ke/bug.c:1136 (KeBugCheckWithTf))>
<ntoskrnl.exe:19a1d8 (ntoskrnl/ke/i386/traphdlr.c:917 (KiTrap09))> // <-- Here, log2lines fails to see it's actually KiTrap08Handler.
<ntoskrnl.exe:19a145 (:0 (KiTrap08))>
[Parent TSS 0x0028 @ 0x8009C000]
<ntoskrnl.exe:1925e6 (ntoskrnl/include/internal/i386/intrin_i.h:45 (KiInitMachineDependent))>
<ntoskrnl.exe:187688 (ntoskrnl/ke/krnlinit.c:305 (KeInitSystem))>
<ntoskrnl.exe:17fb2f (ntoskrnl/ex/init.c:1621 (Phase1InitializationDiscard))>
<ntoskrnl.exe:3247f (ntoskrnl/ex/init.c:2019 (Phase1Initialization))>
<ntoskrnl.exe:11c079 (ntoskrnl/ps/thread.c:156 (PspSystemThreadStartup))>
<ntoskrnl.exe:135c8a (ntoskrnl/ke/i386/thrdini.c:78 (KiThreadStartup))>
<ntoskrnl.exe:11c040 (ntoskrnl/ps/thread.c:141 (PspSystemThreadStartup))>
<5d8950ec>
Couldn't access memory at 0x83E58959!
</snip>
This fixes a regression introduced in 5ab1cfc which
was causing Unix (BtrFS, ExtX, and so on) volumes not
to be assigned a drive letter assigned anymore. And
thus, they were no longer mounted and presented to the
users.
CORE-16499
- Import KdpCopyMemoryChunks() from kd64/kdapi.c, and re-implement
KdbpSafeReadMemory() and KdbpSafeWriteMemory() around it.
Note that these functions read virtual memory and are equivalent of
the kd64 KdpReadVirtualMemory() and KdpWriteVirtualMemory()
respectively.
- Get rid of the KdpEnableSafeMem() call in KdInitSystem().
- Adjust kd gdbstub.c wrapper in accordance.
We allow specifying manually the TSS selector number or its descriptor address,
and dump more information from the associated KTSS structure.
Also add the KdbpRetrieveTss() helper to retrieve the PKTSS from its
corresponding selector number. It will also be useful for future improvements.
As documented in https://docs.microsoft.com/fr-fr/windows-hardware/drivers/ddi/wdm/nf-wdm-exallocatepoolwithtag
pool tag "characters" must be a value in the range 0x20 (space) to 0x7E (tilde),
which happen indeed to be the range of printable (non-extended) ASCII characters.
(The display problem was originally caught while attempting to display
the pool tag 0x3a306847 corresponding to 'Gh0:', a win32ss GDIOBJ pool tag
encoded with macro GDIOBJ_POOL_TAG().)