2 * Wine debugger - minidump handling
4 * Copyright 2005 Eric Pouech
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2.1 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301, USA
21 #define NONAMELESSUNION
22 #define NONAMELESSSTRUCT
25 #include "wine/port.h"
36 #include "wine/debug.h"
37 #include "wine/exception.h"
39 WINE_DEFAULT_DEBUG_CHANNEL(winedbg);
41 static struct be_process_io be_process_minidump_io;
43 /* we need this function on 32bit hosts to ensure we zero out the higher DWORD
44 * stored in the minidump file (sometimes it's not cleared, or the conversion from
45 * 32bit to 64bit wide integers is done as signed, which is wrong)
46 * So we clamp on 32bit CPUs (as stored in minidump information) all addresses to
47 * keep only the lower 32 bits.
48 * FIXME: as of today, since we don't support a backend CPU which is different from
49 * CPU this process is running on, casting to (DWORD_PTR) will do just fine.
51 static inline DWORD64 get_addr64(DWORD64 addr)
53 return (DWORD_PTR)addr;
56 void minidump_write(const char* file, const EXCEPTION_RECORD* rec)
59 MINIDUMP_EXCEPTION_INFORMATION mei;
60 EXCEPTION_POINTERS ep;
62 hFile = CreateFileA(file, GENERIC_READ|GENERIC_WRITE, 0, NULL, CREATE_ALWAYS,
63 FILE_ATTRIBUTE_NORMAL, NULL);
65 if (hFile == INVALID_HANDLE_VALUE) return;
69 mei.ThreadId = dbg_curr_thread->tid;
70 mei.ExceptionPointers = &ep;
71 ep.ExceptionRecord = (EXCEPTION_RECORD*)rec;
72 ep.ContextRecord = &dbg_context;
73 mei.ClientPointers = FALSE;
75 MiniDumpWriteDump(dbg_curr_process->handle, dbg_curr_process->pid,
76 hFile, MiniDumpNormal/*|MiniDumpWithDataSegs*/,
77 rec ? &mei : NULL, NULL, NULL);
81 #define Wine_ElfModuleListStream 0xFFF0
83 struct tgt_process_minidump_data
90 static inline struct tgt_process_minidump_data* private_data(struct dbg_process* pcs)
95 static BOOL tgt_process_minidump_read(HANDLE hProcess, const void* addr,
96 void* buffer, SIZE_T len, SIZE_T* rlen)
100 if (!private_data(dbg_curr_process)->mapping) return FALSE;
101 if (MiniDumpReadDumpStream(private_data(dbg_curr_process)->mapping,
102 MemoryListStream, NULL, &stream, NULL))
104 MINIDUMP_MEMORY_LIST* mml = stream;
105 MINIDUMP_MEMORY_DESCRIPTOR* mmd = &mml->MemoryRanges[0];
107 SIZE_T ilen, prev_len = 0;
109 /* There's no reason that memory ranges inside a minidump do not overlap.
110 * So be smart when looking for a given memory range (either grab a
111 * range that covers the whole requested area, or if none, the range that
112 * has the largest overlap with requested area)
114 for (i = 0; i < mml->NumberOfMemoryRanges; i++, mmd++)
116 if (get_addr64(mmd->StartOfMemoryRange) <= (DWORD_PTR)addr &&
117 (DWORD_PTR)addr < get_addr64(mmd->StartOfMemoryRange) + mmd->Memory.DataSize)
120 get_addr64(mmd->StartOfMemoryRange) + mmd->Memory.DataSize - (DWORD_PTR)addr);
121 if (ilen == len) /* whole range is matched */
127 if (found == -1 || ilen > prev_len) /* partial match, keep largest one */
136 mmd = &mml->MemoryRanges[found];
138 (char*)private_data(dbg_curr_process)->mapping + mmd->Memory.Rva + (DWORD_PTR)addr - get_addr64(mmd->StartOfMemoryRange),
140 if (rlen) *rlen = prev_len;
144 /* FIXME: this is a dirty hack to let the last frame in a bt to work
145 * However, we need to check who's to blame, this code or the current
146 * dbghelp!StackWalk implementation
148 if ((DWORD_PTR)addr < 32)
150 memset(buffer, 0, len);
151 if (rlen) *rlen = len;
157 static BOOL tgt_process_minidump_write(HANDLE hProcess, void* addr,
158 const void* buffer, SIZE_T len, SIZE_T* wlen)
163 static BOOL CALLBACK validate_file(PCWSTR name, void* user)
165 return FALSE; /* get the first file we find !! */
168 static BOOL is_pe_module_embedded(struct tgt_process_minidump_data* data,
169 MINIDUMP_MODULE* pe_mm)
171 MINIDUMP_MODULE_LIST* mml;
173 if (MiniDumpReadDumpStream(data->mapping, Wine_ElfModuleListStream, NULL,
179 for (i = 0, mm = &mml->Modules[0]; i < mml->NumberOfModules; i++, mm++)
181 if (get_addr64(mm->BaseOfImage) <= get_addr64(pe_mm->BaseOfImage) &&
182 get_addr64(mm->BaseOfImage) + mm->SizeOfImage >= get_addr64(pe_mm->BaseOfImage) + pe_mm->SizeOfImage)
189 static enum dbg_start minidump_do_reload(struct tgt_process_minidump_data* data)
192 DWORD pid = 1; /* by default */
193 HANDLE hProc = (HANDLE)0x900DBAAD;
195 MINIDUMP_MODULE_LIST* mml;
197 MINIDUMP_STRING* mds;
198 MINIDUMP_DIRECTORY* dir;
199 WCHAR exec_name[1024];
202 static WCHAR default_exec_name[] = {'<','m','i','n','i','d','u','m','p','-','e','x','e','c','>',0};
205 if (MiniDumpReadDumpStream(data->mapping, MiscInfoStream, NULL, &stream, NULL))
207 MINIDUMP_MISC_INFO* mmi = stream;
208 if (mmi->Flags1 & MINIDUMP_MISC1_PROCESS_ID)
209 pid = mmi->ProcessId;
212 /* fetch executable name (it's normally the first one in module list) */
213 lstrcpyW(exec_name, default_exec_name);
214 if (MiniDumpReadDumpStream(data->mapping, ModuleListStream, NULL, &stream, NULL))
217 if (mml->NumberOfModules)
221 mm = &mml->Modules[0];
222 mds = (MINIDUMP_STRING*)((char*)data->mapping + mm->ModuleNameRva);
223 len = mds->Length / 2;
224 memcpy(exec_name, mds->Buffer, mds->Length);
226 for (ptr = exec_name + len - 1; ptr >= exec_name; ptr--)
228 if (*ptr == '/' || *ptr == '\\')
230 memmove(exec_name, ptr + 1, (lstrlenW(ptr + 1) + 1) * sizeof(WCHAR));
237 if (MiniDumpReadDumpStream(data->mapping, SystemInfoStream, &dir, &stream, NULL))
239 MINIDUMP_SYSTEM_INFO* msi = stream;
243 dbg_printf("WineDbg starting on minidump on pid %04x\n", pid);
244 switch (msi->ProcessorArchitecture)
246 case PROCESSOR_ARCHITECTURE_UNKNOWN:
249 case PROCESSOR_ARCHITECTURE_INTEL:
250 strcpy(tmp, "Intel ");
251 switch (msi->ProcessorLevel)
253 case 3: str = "80386"; break;
254 case 4: str = "80486"; break;
255 case 5: str = "Pentium"; break;
256 case 6: str = "Pentium Pro/II or AMD Athlon"; break;
257 case 15: str = "Pentium 4 or AMD Athlon64"; break;
258 default: str = "???"; break;
261 if (msi->ProcessorLevel == 3 || msi->ProcessorLevel == 4)
263 if (HIBYTE(msi->ProcessorRevision) == 0xFF)
264 sprintf(tmp + strlen(tmp), " (%c%d)",
265 'A' + ((msi->ProcessorRevision>>4)&0xf)-0x0a,
266 ((msi->ProcessorRevision&0xf)));
268 sprintf(tmp + strlen(tmp), " (%c%d)",
269 'A' + HIBYTE(msi->ProcessorRevision),
270 LOBYTE(msi->ProcessorRevision));
272 else sprintf(tmp + strlen(tmp), " (%d.%d)",
273 HIBYTE(msi->ProcessorRevision),
274 LOBYTE(msi->ProcessorRevision));
277 case PROCESSOR_ARCHITECTURE_MIPS:
280 case PROCESSOR_ARCHITECTURE_ALPHA:
283 case PROCESSOR_ARCHITECTURE_PPC:
286 case PROCESSOR_ARCHITECTURE_AMD64:
289 case PROCESSOR_ARCHITECTURE_ARM:
296 dbg_printf(" %s was running on #%d %s CPU%s",
297 dbg_W2A(exec_name, -1), msi->u.s.NumberOfProcessors, str,
298 msi->u.s.NumberOfProcessors < 2 ? "" : "s");
299 switch (msi->MajorVersion)
302 switch (msi->MinorVersion)
304 case 51: str = "NT 3.51"; break;
305 default: str = "3-????"; break;
309 switch (msi->MinorVersion)
311 case 0: str = (msi->PlatformId == VER_PLATFORM_WIN32_NT) ? "NT 4.0" : "95"; break;
312 case 10: str = "98"; break;
313 case 90: str = "ME"; break;
314 default: str = "5-????"; break;
318 switch (msi->MinorVersion)
320 case 0: str = "2000"; break;
321 case 1: str = "XP"; break;
322 case 2: str = "Server 2003"; break;
323 default: str = "5-????"; break;
326 default: str = "???"; break;
328 dbg_printf(" on Windows %s (%u)\n", str, msi->BuildNumber);
329 /* FIXME CSD: msi->CSDVersionRva */
331 if (sizeof(MINIDUMP_SYSTEM_INFO) + 4 > dir->Location.DataSize &&
332 msi->CSDVersionRva >= dir->Location.Rva + sizeof(MINIDUMP_SYSTEM_INFO) + 4)
334 const char* code = (const char*)stream + sizeof(MINIDUMP_SYSTEM_INFO);
337 if (code[0] == 'W' && code[1] == 'I' && code[2] == 'N' && code[3] == 'E' &&
338 *(wes = (const DWORD*)(code += 4)) >= 3)
340 /* assume we have wine extensions */
341 dbg_printf(" [on %s, on top of %s (%s)]\n",
342 code + wes[1], code + wes[2], code + wes[3]);
347 dbg_curr_process = dbg_add_process(&be_process_minidump_io, pid, hProc);
349 dbg_curr_process->pio_data = data;
350 dbg_set_process_name(dbg_curr_process, exec_name);
352 dbg_init(hProc, NULL, FALSE);
354 if (MiniDumpReadDumpStream(data->mapping, ThreadListStream, NULL, &stream, NULL))
356 MINIDUMP_THREAD_LIST* mtl = stream;
359 for (i = 0; i < mtl->NumberOfThreads; i++)
361 dbg_add_thread(dbg_curr_process, mtl->Threads[i].ThreadId, NULL,
362 (void*)(DWORD_PTR)get_addr64(mtl->Threads[i].Teb));
365 /* first load ELF modules, then do the PE ones */
366 if (MiniDumpReadDumpStream(data->mapping, Wine_ElfModuleListStream, NULL,
369 WCHAR buffer[MAX_PATH];
372 for (i = 0, mm = &mml->Modules[0]; i < mml->NumberOfModules; i++, mm++)
374 mds = (MINIDUMP_STRING*)((char*)data->mapping + mm->ModuleNameRva);
375 memcpy(nameW, mds->Buffer, mds->Length);
376 nameW[mds->Length / sizeof(WCHAR)] = 0;
377 if (SymFindFileInPathW(hProc, NULL, nameW, (void*)(DWORD_PTR)mm->CheckSum,
378 0, 0, SSRVOPT_DWORD, buffer, validate_file, NULL))
379 dbg_load_module(hProc, NULL, buffer, get_addr64(mm->BaseOfImage),
382 SymLoadModuleExW(hProc, NULL, nameW, NULL, get_addr64(mm->BaseOfImage),
383 mm->SizeOfImage, NULL, SLMFLAG_VIRTUAL);
386 if (MiniDumpReadDumpStream(data->mapping, ModuleListStream, NULL, &stream, NULL))
388 WCHAR buffer[MAX_PATH];
391 for (i = 0, mm = &mml->Modules[0]; i < mml->NumberOfModules; i++, mm++)
393 mds = (MINIDUMP_STRING*)((char*)data->mapping + mm->ModuleNameRva);
394 memcpy(nameW, mds->Buffer, mds->Length);
395 nameW[mds->Length / sizeof(WCHAR)] = 0;
396 if (SymFindFileInPathW(hProc, NULL, nameW, (void*)(DWORD_PTR)mm->TimeDateStamp,
397 mm->SizeOfImage, 0, SSRVOPT_DWORD, buffer, validate_file, NULL))
398 dbg_load_module(hProc, NULL, buffer, get_addr64(mm->BaseOfImage),
400 else if (is_pe_module_embedded(data, mm))
401 dbg_load_module(hProc, NULL, nameW, get_addr64(mm->BaseOfImage),
404 SymLoadModuleExW(hProc, NULL, nameW, NULL, get_addr64(mm->BaseOfImage),
405 mm->SizeOfImage, NULL, SLMFLAG_VIRTUAL);
408 if (MiniDumpReadDumpStream(data->mapping, ExceptionStream, NULL, &stream, NULL))
410 MINIDUMP_EXCEPTION_STREAM* mes = stream;
412 if ((dbg_curr_thread = dbg_get_thread(dbg_curr_process, mes->ThreadId)))
416 dbg_curr_tid = mes->ThreadId;
417 dbg_curr_thread->in_exception = TRUE;
418 dbg_curr_thread->excpt_record.ExceptionCode = mes->ExceptionRecord.ExceptionCode;
419 dbg_curr_thread->excpt_record.ExceptionFlags = mes->ExceptionRecord.ExceptionFlags;
420 dbg_curr_thread->excpt_record.ExceptionRecord = (void*)(DWORD_PTR)get_addr64(mes->ExceptionRecord.ExceptionRecord);
421 dbg_curr_thread->excpt_record.ExceptionAddress = (void*)(DWORD_PTR)get_addr64(mes->ExceptionRecord.ExceptionAddress);
422 dbg_curr_thread->excpt_record.NumberParameters = mes->ExceptionRecord.NumberParameters;
423 for (i = 0; i < dbg_curr_thread->excpt_record.NumberParameters; i++)
425 dbg_curr_thread->excpt_record.ExceptionInformation[i] = mes->ExceptionRecord.ExceptionInformation[i];
427 memcpy(&dbg_context, (char*)data->mapping + mes->ThreadContext.Rva,
428 min(sizeof(dbg_context), mes->ThreadContext.DataSize));
429 memory_get_current_pc(&addr);
430 stack_fetch_frames(&dbg_context);
431 be_cpu->print_context(dbg_curr_thread->handle, &dbg_context, 0);
433 be_cpu->print_segment_info(dbg_curr_thread->handle, &dbg_context);
434 stack_backtrace(mes->ThreadId);
435 source_list_from_addr(&addr, 0);
441 static void cleanup(struct tgt_process_minidump_data* data)
443 if (data->mapping) UnmapViewOfFile(data->mapping);
444 if (data->hMap) CloseHandle(data->hMap);
445 if (data->hFile != INVALID_HANDLE_VALUE) CloseHandle(data->hFile);
446 HeapFree(GetProcessHeap(), 0, data);
449 static struct be_process_io be_process_minidump_io;
451 enum dbg_start minidump_reload(int argc, char* argv[])
453 struct tgt_process_minidump_data* data;
454 enum dbg_start ret = start_error_parse;
456 /* try the form <myself> minidump-file */
457 if (argc != 1) return start_error_parse;
459 WINE_TRACE("Processing Minidump file %s\n", argv[0]);
461 data = HeapAlloc(GetProcessHeap(), 0, sizeof(struct tgt_process_minidump_data));
462 if (!data) return start_error_init;
463 data->mapping = NULL;
465 data->hFile = INVALID_HANDLE_VALUE;
467 if ((data->hFile = CreateFileA(argv[0], GENERIC_READ, FILE_SHARE_READ, NULL,
468 OPEN_EXISTING, FILE_ATTRIBUTE_NORMAL, NULL)) != INVALID_HANDLE_VALUE &&
469 ((data->hMap = CreateFileMappingA(data->hFile, NULL, PAGE_READONLY, 0, 0, NULL)) != 0) &&
470 ((data->mapping = MapViewOfFile(data->hMap, FILE_MAP_READ, 0, 0, 0)) != NULL))
474 if (((MINIDUMP_HEADER*)data->mapping)->Signature == MINIDUMP_SIGNATURE)
476 ret = minidump_do_reload(data);
481 dbg_printf("Unexpected fault while reading minidump %s\n", argv[0]);
486 if (ret != start_ok) cleanup(data);
490 static BOOL tgt_process_minidump_close_process(struct dbg_process* pcs, BOOL kill)
492 struct tgt_process_minidump_data* data = private_data(pcs);
495 pcs->pio_data = NULL;
496 SymCleanup(pcs->handle);
497 dbg_del_process(pcs);
501 static BOOL tgt_process_minidump_get_selector(HANDLE hThread, DWORD sel, LDT_ENTRY* le)
503 /* so far, pretend all selectors are valid, and mapped to a 32bit flat address space */
504 memset(le, 0, sizeof(*le));
505 le->HighWord.Bits.Default_Big = 1;
509 static struct be_process_io be_process_minidump_io =
511 tgt_process_minidump_close_process,
512 tgt_process_minidump_read,
513 tgt_process_minidump_write,
514 tgt_process_minidump_get_selector,
projects / wine / blob