reactos/ntoskrnl
Hermès Bélusca-Maïto d21ff0ed13
[NTOS:KDBG] Rewrite the TSS handling code in the backtrace function, removing limitations (and bugs) of the original code.
CORE-16448, PR #2003. Supersedes PR #1997.

This commit supersedes commit 6c5c7809 (r54503).

The original code was checking for the NMI or Double-Fault TSS by
comparing the current stack-traced EIP address with their corresponding
trap handler address ranges. That method was actually buggy because
nothing was ensuring that the trap handlers were in the "expected" order
in the kernel binary (and in memory).

Instead, we now can handle completely generic nested TSSes, instead of
just the NMI or the Double-Fault ones.
The way we proceed is by performing the full stack backtrace of the
current TSS, then once finished we check whether this TSS is nested
(has a parent). If so we change the (cached) current TSS to the latter,
restarting the backtrace at the parent TSS' latest EIP.

Examples of stack backtraces:
=============================

- General Protection fault:

<snip>

*** Fatal System Error: 0x0000007f
                       (0x0000000D,0x00000000,0x00000000,0x00000000)

Entered debugger on embedded INT3 at 0x0008:0x80953528.
kdb:> bt
Eip:
<ntoskrnl.exe:153529 (sdk/lib/rtl/i386/debug_asm.S:57 (RtlpBreakWithStatusInstruction))>
Frames:
<ntoskrnl.exe:899b0 (ntoskrnl/ke/bug.c:1136 (KeBugCheckWithTf))>
<ntoskrnl.exe:134826 (ntoskrnl/ke/i386/exp.c:1161 (KeRaiseUserException))>
<ntoskrnl.exe:19ae67 (ntoskrnl/ke/i386/traphdlr.c:1282 (KiTrap0DHandler))>
<ntoskrnl.exe:19a840 (:0 (KiTrap0D))>
<ntoskrnl.exe:1925e6 (ntoskrnl/include/internal/i386/intrin_i.h:45 (KiInitMachineDependent))>
<ntoskrnl.exe:187688 (ntoskrnl/ke/krnlinit.c:305 (KeInitSystem))>
<ntoskrnl.exe:17fb2f (ntoskrnl/ex/init.c:1621 (Phase1InitializationDiscard))>
<ntoskrnl.exe:3247f (ntoskrnl/ex/init.c:2019 (Phase1Initialization))>
<ntoskrnl.exe:11c079 (ntoskrnl/ps/thread.c:156 (PspSystemThreadStartup))>
<ntoskrnl.exe:135c8a (ntoskrnl/ke/i386/thrdini.c:78 (KiThreadStartup))>
<ntoskrnl.exe:11c040 (ntoskrnl/ps/thread.c:141 (PspSystemThreadStartup))>
<5d8950ec>
Couldn't access memory at 0x83E58959!

</snip>

- Double-fault (manually triggered by removing the GP handler):

Note how the backtrace explicitly specifies the crossed TSS boundaries,
and the trace in the parent TSS is indeed consistent with the previous
example. Note also that log2lines (used here to completely resolve the
trace) failed to see KiTrap08Handler(), which has been instead mistaken
for KiTrap09().

<snip>

*** Fatal System Error: 0x0000007f
                       (0x00000008,0x8009C000,0x00000000,0x00000000)

Entered debugger on embedded INT3 at 0x0008:0x80953528.
kdb:> bt
[Active TSS 0x0050 @ 0x80A10CA0]
Eip:
<ntoskrnl.exe:153529 (sdk/lib/rtl/i386/debug_asm.S:57 (RtlpBreakWithStatusInstruction))>
Frames:
<ntoskrnl.exe:899b0 (ntoskrnl/ke/bug.c:1136 (KeBugCheckWithTf))>
<ntoskrnl.exe:19a1d8 (ntoskrnl/ke/i386/traphdlr.c:917 (KiTrap09))>      // <-- Here, log2lines fails to see it's actually KiTrap08Handler.
<ntoskrnl.exe:19a145 (:0 (KiTrap08))>
[Parent TSS 0x0028 @ 0x8009C000]
<ntoskrnl.exe:1925e6 (ntoskrnl/include/internal/i386/intrin_i.h:45 (KiInitMachineDependent))>
<ntoskrnl.exe:187688 (ntoskrnl/ke/krnlinit.c:305 (KeInitSystem))>
<ntoskrnl.exe:17fb2f (ntoskrnl/ex/init.c:1621 (Phase1InitializationDiscard))>
<ntoskrnl.exe:3247f (ntoskrnl/ex/init.c:2019 (Phase1Initialization))>
<ntoskrnl.exe:11c079 (ntoskrnl/ps/thread.c:156 (PspSystemThreadStartup))>
<ntoskrnl.exe:135c8a (ntoskrnl/ke/i386/thrdini.c:78 (KiThreadStartup))>
<ntoskrnl.exe:11c040 (ntoskrnl/ps/thread.c:141 (PspSystemThreadStartup))>
<5d8950ec>
Couldn't access memory at 0x83E58959!

</snip>
2019-11-13 02:14:48 +01:00
..
cache [NDK][NTOS] Add global definition of INIT_FUNCTION/INIT_SECTION (#779) 2018-12-30 12:19:11 +01:00
cc [NTOS:CC] CcWriteVirtualAddress(): Do not round 'Size' 2019-07-01 21:30:25 +02:00
config [NTOSKRNL] Disable LUID mapping until it's properly implemented 2019-06-01 14:40:54 +02:00
dbgk [NTOS:MM] Fix MmGetFileNameForAddress() callers. (#1723) 2019-07-14 00:32:23 +02:00
ex [NTOSKRNL] Implement NtQuerySystemInformation(SystemLogicalProcessorInformation) 2019-09-27 20:36:59 +02:00
fsrtl [NTOS][CLASS2][FFS][WIN32SS] Fix some pool tags so that they correctly appear in pool dump lists. 2019-11-01 19:12:27 +01:00
fstub [NTOSKRNL] Properly check for Ft volumes 2019-11-11 21:20:58 +01:00
inbv [NTOS:INBV] Refactor boot screen code and resources (#1649) 2019-08-20 01:52:25 +02:00
include [NTOS][CLASS2][FFS][WIN32SS] Fix some pool tags so that they correctly appear in pool dump lists. 2019-11-01 19:12:27 +01:00
io [NTOSKRNL] Declare IoRemoteBootClient in internal headers 2019-10-21 14:16:58 +02:00
kd [NTOS:KD][KDBG] Get rid of kdmemsup.c as its functionality has been superseded by that implemented in mm/arm3/mmdbg.c. 2019-11-03 23:46:52 +01:00
kd64 [NTOS:KD64] Whitespace fixes only! 2019-11-03 23:46:51 +01:00
kdbg [NTOS:KDBG] Rewrite the TSS handling code in the backtrace function, removing limitations (and bugs) of the original code. 2019-11-13 02:14:48 +01:00
ke [NTOS:KE] Fix 'Sert' typo, in a comment (#1929) 2019-09-23 01:13:07 +02:00
lpc [NDK][NTOS] Add global definition of INIT_FUNCTION/INIT_SECTION (#779) 2018-12-30 12:19:11 +01:00
mm [MM:AMD64] Remove the _WINKD_ around MmDebugPte since it's now used by both kd64 (windbg) and KDBG through the usage of mmdbg.c 2019-11-03 23:46:54 +01:00
ntkrnlmp Merge pull request #1335 from ariscop/CMP0065 2019-02-03 12:57:20 +01:00
ob [NTOSKRNL] Handle symlink parsing when it's bound to a specific object 2019-08-19 10:45:50 +02:00
po [NTOSKRNL] Demote some noisy dprints 2019-08-23 13:03:36 +02:00
ps [NTOSKRNL][PS] Implement NtQueueApcThreadEx and use it in NtQueueApcThread 2019-08-15 12:32:09 +02:00
rtl
se [NTOSKRNL] Implement SeRegisterLogonSessionTerminatedRoutine() and SeUnregisterLogonSessionTerminatedRoutine(). 2019-08-04 14:01:26 +02:00
tests
vdm [NDK][NTOS] Add global definition of INIT_FUNCTION/INIT_SECTION (#779) 2018-12-30 12:19:11 +01:00
vf
wmi [FASTFAT][FLTMGR][NTOS] Do not explicitly call ObfDereferenceObject() (#1636) 2019-06-22 16:20:58 +02:00
CMakeLists.txt [CMAKE] Disable INIT section ld scripts for now. CORE-16183 ROSBE-154 2019-07-07 16:06:43 +02:00
guid.c [NTOSKRNL] Rewrite IoAssignDriveLetters to make NT5 compliant 2019-10-21 18:28:40 +02:00
KrnlFun.c
ntdll.S
ntos.cmake [NTOS:KD][KDBG] Get rid of kdmemsup.c as its functionality has been superseded by that implemented in mm/arm3/mmdbg.c. 2019-11-03 23:46:52 +01:00
ntoskrnl.rc [NTOS:INBV] Refactor boot screen code and resources (#1649) 2019-08-20 01:52:25 +02:00
ntoskrnl.spec
sysfuncs.lst