ReactOS 0.4.16-dev-1946-g52006dd
Functions | Variables
fxbugcheckcallback.cpp File Reference
#include "fxcorepch.hpp"
#include "fxifr.h"
#include "fxifrkm.h"
#include "fxldr.h"
#include "fxbugcheck.h"
#include <aux_klib.h>
#include <ntimage.h>
Include dependency graph for fxbugcheckcallback.cpp:

Go to the source code of this file.

Functions

_Must_inspect_result_ BOOLEAN FxpIsAddressKnownToWdf (__in PVOID Address, __in PFX_DRIVER_GLOBALS FxDriverGlobals)
 
_Must_inspect_result_ NTSTATUS FxpGetImageBase (__in PDRIVER_OBJECT DriverObject, __out PVOID *ImageBase, __out PULONG ImageSize)
 
_Must_inspect_result_ BOOLEAN FxpBugCheckCallbackFilter (__inout PFX_DRIVER_GLOBALS FxDriverGlobals)
 
VOID NTAPI FxpBugCheckCallback (__in KBUGCHECK_CALLBACK_REASON Reason, __in PKBUGCHECK_REASON_CALLBACK_RECORD Record, __inout PVOID ReasonSpecificData, __in ULONG ReasonSpecificLength)
 
VOID FxRegisterBugCheckCallback (__inout PFX_DRIVER_GLOBALS FxDriverGlobals, __in PDRIVER_OBJECT DriverObject)
 
VOID FxUnregisterBugCheckCallback (__inout PFX_DRIVER_GLOBALS FxDriverGlobals)
 
VOID NTAPI FxpLibraryBugCheckCallback (__in KBUGCHECK_CALLBACK_REASON Reason, __in PKBUGCHECK_REASON_CALLBACK_RECORD, __inout PVOID ReasonSpecificData, __in ULONG ReasonSpecificLength)
 
VOID FxInitializeBugCheckDriverInfo ()
 
VOID FxUninitializeBugCheckDriverInfo ()
 
VOID FxCacheBugCheckDriverInfo (__in PFX_DRIVER_GLOBALS FxDriverGlobals)
 
VOID FxPurgeBugCheckDriverInfo (__in PFX_DRIVER_GLOBALS FxDriverGlobals)
 

Variables

KBUGCHECK_REASON_CALLBACK_ROUTINE FxpBugCheckCallback
 
KBUGCHECK_REASON_CALLBACK_ROUTINE FxpLibraryBugCheckCallback
 

Function Documentation

◆ FxCacheBugCheckDriverInfo()

VOID FxCacheBugCheckDriverInfo ( __in PFX_DRIVER_GLOBALS  FxDriverGlobals)

Definition at line 781 of file fxbugcheckcallback.cpp.

784{
785 KIRQL irql;
786 PFX_DUMP_DRIVER_INFO_ENTRY driverInfo = NULL;
787 PFX_DUMP_DRIVER_INFO_ENTRY oldDriverInfo = NULL;
788 ULONG newCount = 0;
789
790 //
791 // Clear driver index (0-based). Drivers do not use index 0.
792 //
793 FxDriverGlobals->BugCheckDriverInfoIndex = 0;
794
795 if (NULL == FxLibraryGlobals.BugCheckDriverInfo) {
796 return;
797 }
798
799 FxLibraryGlobals.FxDriverGlobalsListLock.Acquire(&irql);
800
801 //
802 // Make sure we have enough space, else allocate some more memory.
803 //
804 if (FxLibraryGlobals.BugCheckDriverInfoIndex >=
805 FxLibraryGlobals.BugCheckDriverInfoCount) {
806
807 //
808 // Just exit if no more space in dump buffer.
809 //
810 if ((FX_MAX_DUMP_DRIVER_INFO_COUNT - FX_DUMP_DRIVER_INFO_INCREMENT) <
811 FxLibraryGlobals.BugCheckDriverInfoCount) {
812 ASSERT(FALSE);
813 goto Done;
814 }
815
816 newCount = FxLibraryGlobals.BugCheckDriverInfoCount +
817 FX_DUMP_DRIVER_INFO_INCREMENT;
818
819 //
820 // Allocate new buffer to hold driver info.
821 //
822 driverInfo = (PFX_DUMP_DRIVER_INFO_ENTRY)MxMemory::MxAllocatePoolWithTag(
823 NonPagedPool,
824 sizeof(FX_DUMP_DRIVER_INFO_ENTRY)* newCount,
825 FX_TAG);
826
827 if (NULL == driverInfo) {
828 goto Done;
829 }
830
831 //
832 // Copy data from old to new buffer.
833 //
834 RtlCopyMemory(driverInfo,
835 FxLibraryGlobals.BugCheckDriverInfo,
836 FxLibraryGlobals.BugCheckDriverInfoCount *
837 sizeof(FX_DUMP_DRIVER_INFO_ENTRY));
838 //
839 // Ok, replace global pointer and its count.
840 //
841 oldDriverInfo = FxLibraryGlobals.BugCheckDriverInfo;
842 FxLibraryGlobals.BugCheckDriverInfo = driverInfo;
843 FxLibraryGlobals.BugCheckDriverInfoCount = newCount;
844 driverInfo = NULL; // just in case.
845
846 //
847 // Free old memory.
848 //
849 MxMemory::MxFreePool(oldDriverInfo);
850 oldDriverInfo = NULL;
851 }
852
853 ASSERT(FxLibraryGlobals.BugCheckDriverInfoIndex <
854 FxLibraryGlobals.BugCheckDriverInfoCount);
855 //
856 // Compute ptr to free entry.
857 //
858 driverInfo = FxLibraryGlobals.BugCheckDriverInfo +
859 FxLibraryGlobals.BugCheckDriverInfoIndex;
860 //
861 // Cache some of this driver's info.
862 //
863 driverInfo->FxDriverGlobals = FxDriverGlobals;
864 driverInfo->Version = FxDriverGlobals->WdfBindInfo->Version;
865
866 C_ASSERT(sizeof(driverInfo->DriverName) ==
867 sizeof(FxDriverGlobals->Public.DriverName));
868 RtlCopyMemory(driverInfo->DriverName,
869 FxDriverGlobals->Public.DriverName,
870 sizeof(driverInfo->DriverName));
871 driverInfo->DriverName[ARRAY_SIZE(driverInfo->DriverName) - 1] = '\0';
872
873 //
874 // Cache this index for later when the driver is removed.
875 //
876 FxDriverGlobals->BugCheckDriverInfoIndex =
877 FxLibraryGlobals.BugCheckDriverInfoIndex;
878
879 //
880 // Update global index.
881 //
882 FxLibraryGlobals.BugCheckDriverInfoIndex++;
883
884Done:
885
886 FxLibraryGlobals.FxDriverGlobalsListLock.Release(irql);
887}
ARRAY_SIZE
#define ARRAY_SIZE(A)
Definition: main.h:20
MxMemory::MxFreePool
static __inline VOID MxFreePool(__in PVOID Ptr)
Definition: mxmemorykm.h:41
MxMemory::MxAllocatePoolWithTag
static __inline PVOID MxAllocatePoolWithTag(__in POOL_TYPE PoolType, __in SIZE_T NumberOfBytes, __in ULONG Tag)
Definition: mxmemorykm.h:30
NULL
#define NULL
Definition: types.h:112
FALSE
#define FALSE
Definition: types.h:117
irql
KIRQL irql
Definition: wave.h:1
KIRQL
UCHAR KIRQL
Definition: env_spec_w32.h:591
NonPagedPool
#define NonPagedPool
Definition: env_spec_w32.h:307
PFX_DUMP_DRIVER_INFO_ENTRY
struct _FX_DUMP_DRIVER_INFO_ENTRY * PFX_DUMP_DRIVER_INFO_ENTRY
FX_DUMP_DRIVER_INFO_INCREMENT
#define FX_DUMP_DRIVER_INFO_INCREMENT
Definition: fxbugcheck.h:67
FX_MAX_DUMP_DRIVER_INFO_COUNT
#define FX_MAX_DUMP_DRIVER_INFO_COUNT
Definition: fxbugcheck.h:73
FxLibraryGlobals
FxLibraryGlobalsType FxLibraryGlobals
Definition: globals.cpp:95
FX_TAG
#define FX_TAG
Definition: fxmacros.hpp:155
C_ASSERT
#define C_ASSERT(e)
Definition: intsafe.h:73
ASSERT
#define ASSERT(a)
Definition: mode.c:44
FxLibraryGlobalsType::BugCheckDriverInfo
PFX_DUMP_DRIVER_INFO_ENTRY BugCheckDriverInfo
Definition: fxglobals.h:791
FxLibraryGlobalsType::BugCheckDriverInfoCount
ULONG BugCheckDriverInfoCount
Definition: fxglobals.h:785
FxLibraryGlobalsType::BugCheckDriverInfoIndex
ULONG BugCheckDriverInfoIndex
Definition: fxglobals.h:780
FxLibraryGlobalsType::FxDriverGlobalsListLock
MxLockNoDynam FxDriverGlobalsListLock
Definition: fxglobals.h:772
_FX_DUMP_DRIVER_INFO_ENTRY
Definition: fxbugcheck.h:81
_FX_DUMP_DRIVER_INFO_ENTRY::FxDriverGlobals
PFX_DRIVER_GLOBALS FxDriverGlobals
Definition: fxbugcheck.h:82
_FX_DUMP_DRIVER_INFO_ENTRY::Version
WDF_VERSION Version
Definition: fxbugcheck.h:83
_FX_DUMP_DRIVER_INFO_ENTRY::DriverName
CHAR DriverName[WDF_DRIVER_GLOBALS_NAME_LEN]
Definition: fxbugcheck.h:84
RtlCopyMemory
#define RtlCopyMemory(Destination, Source, Length)
Definition: typedefs.h:263
ULONG
uint32_t ULONG
Definition: typedefs.h:59

Referenced by FxInitialize().

◆ FxInitializeBugCheckDriverInfo()

VOID FxInitializeBugCheckDriverInfo ( )

Definition at line 627 of file fxbugcheckcallback.cpp.

628{
629 NTSTATUS status;
630 UNICODE_STRING funcName;
631 PKBUGCHECK_REASON_CALLBACK_RECORD callbackRecord;
632 PFN_KE_REGISTER_BUGCHECK_REASON_CALLBACK funcPtr;
633 SIZE_T arraySize;
634 ULONG arrayCount;
635
636
637 callbackRecord = &FxLibraryGlobals.BugCheckCallbackRecord;
638 RtlZeroMemory(callbackRecord, sizeof(KBUGCHECK_REASON_CALLBACK_RECORD));
639
640 FxLibraryGlobals.BugCheckDriverInfoCount = 0;
641 FxLibraryGlobals.BugCheckDriverInfoIndex = 0;
642 FxLibraryGlobals.BugCheckDriverInfo = NULL;
643
644
645
646
647
648
649
650
651
652
653 //
654 // The KeRegisterBugCheckReasonCallback exists for xp sp1 and above. So
655 // check whether this function is defined on the current OS and register
656 // for the bugcheck callback only if this function is defined.
657 //
658 RtlInitUnicodeString(&funcName, L"KeRegisterBugCheckReasonCallback");
659 funcPtr = (PFN_KE_REGISTER_BUGCHECK_REASON_CALLBACK)
660 MmGetSystemRoutineAddress(&funcName);
661
662 if (NULL == funcPtr) {
663 goto Done;
664 }
665
666 arraySize = sizeof(FX_DUMP_DRIVER_INFO_ENTRY) * FX_DUMP_DRIVER_INFO_INCREMENT;
667 arrayCount = FX_DUMP_DRIVER_INFO_INCREMENT;
668
669 FxLibraryGlobals.BugCheckDriverInfo =
670 (PFX_DUMP_DRIVER_INFO_ENTRY)MxMemory::MxAllocatePoolWithTag(
671 NonPagedPool,
672 arraySize,
673 FX_TAG);
674
675 if (NULL == FxLibraryGlobals.BugCheckDriverInfo) {
676 goto Done;
677 }
678
679 FxLibraryGlobals.BugCheckDriverInfoCount = arrayCount;
680
681 //
682 // Init first entry for the framework.
683 //
684 FxLibraryGlobals.BugCheckDriverInfo[0].FxDriverGlobals = NULL;
685 FxLibraryGlobals.BugCheckDriverInfo[0].Version.Major = __WDF_MAJOR_VERSION;
686 FxLibraryGlobals.BugCheckDriverInfo[0].Version.Minor = __WDF_MINOR_VERSION;
687 FxLibraryGlobals.BugCheckDriverInfo[0].Version.Build = __WDF_BUILD_NUMBER;
688
689 status = RtlStringCbCopyA(
690 FxLibraryGlobals.BugCheckDriverInfo[0].DriverName,
691 sizeof(FxLibraryGlobals.BugCheckDriverInfo[0].DriverName),
692 WdfLdrType);
693
694 if (!NT_SUCCESS(status)) {
695 ASSERT(FALSE);
696 FxLibraryGlobals.BugCheckDriverInfo[0].DriverName[0] = '\0';
697 }
698
699 FxLibraryGlobals.BugCheckDriverInfoIndex++;
700
701 //
702 // Initialize the callback record.
703 //
704 KeInitializeCallbackRecord(callbackRecord);
705
706 //
707 // Register the bugcheck callback.
708 //
709 funcPtr(callbackRecord,
710 FxpLibraryBugCheckCallback,
711 KbCallbackSecondaryDumpData,
712 (PUCHAR)WdfLdrType);
713
714 ASSERT(callbackRecord->CallbackRoutine != NULL);
715
716Done:;
717}
NTSTATUS
LONG NTSTATUS
Definition: precomp.h:26
NT_SUCCESS
#define NT_SUCCESS(StatCode)
Definition: apphelp.c:33
L
#define L(x)
Definition: resources.c:13
FX_DUMP_DRIVER_INFO_ENTRY
struct _FX_DUMP_DRIVER_INFO_ENTRY FX_DUMP_DRIVER_INFO_ENTRY
FxpLibraryBugCheckCallback
KBUGCHECK_REASON_CALLBACK_ROUTINE FxpLibraryBugCheckCallback
Definition: fxbugcheckcallback.cpp:71
PFN_KE_REGISTER_BUGCHECK_REASON_CALLBACK
BOOLEAN(NTAPI * PFN_KE_REGISTER_BUGCHECK_REASON_CALLBACK)(__in PKBUGCHECK_REASON_CALLBACK_RECORD CallbackRecord, __in PKBUGCHECK_REASON_CALLBACK_ROUTINE CallbackRoutine, __in KBUGCHECK_CALLBACK_REASON Reason, __in PUCHAR Component)
Definition: fxglobalskm.h:83
WdfLdrType
PCHAR WdfLdrType
Definition: version.cpp:115
RtlInitUnicodeString
NTSYSAPI VOID NTAPI RtlInitUnicodeString(PUNICODE_STRING DestinationString, PCWSTR SourceString)
RtlStringCbCopyA
NTSTRSAFEAPI RtlStringCbCopyA(_Out_writes_bytes_(cbDest) _Always_(_Post_z_) NTSTRSAFE_PSTR pszDest, _In_ size_t cbDest, _In_ NTSTRSAFE_PCSTR pszSrc)
Definition: ntstrsafe.h:156
FxLibraryGlobalsType::BugCheckCallbackRecord
KBUGCHECK_REASON_CALLBACK_RECORD BugCheckCallbackRecord
Definition: fxglobals.h:796
_KBUGCHECK_REASON_CALLBACK_RECORD
Definition: ketypes.h:361
_KBUGCHECK_REASON_CALLBACK_RECORD::CallbackRoutine
PKBUGCHECK_REASON_CALLBACK_ROUTINE CallbackRoutine
Definition: ketypes.h:363
_UNICODE_STRING
Definition: env_spec_w32.h:368
_WDF_VERSION::Major
WDF_MAJOR_VERSION Major
Definition: fxldr.h:122
_WDF_VERSION::Build
WDF_BUILD_NUMBER Build
Definition: fxldr.h:124
_WDF_VERSION::Minor
WDF_MINOR_VERSION Minor
Definition: fxldr.h:123
status
Definition: ps.c:97
MmGetSystemRoutineAddress
PVOID NTAPI MmGetSystemRoutineAddress(IN PUNICODE_STRING SystemRoutineName)
Definition: sysldr.c:3615
SIZE_T
ULONG_PTR SIZE_T
Definition: typedefs.h:80
RtlZeroMemory
#define RtlZeroMemory(Destination, Length)
Definition: typedefs.h:262
PUCHAR
unsigned char * PUCHAR
Definition: typedefs.h:53
KeInitializeCallbackRecord
#define KeInitializeCallbackRecord(CallbackRecord)
Definition: kefuncs.h:1387

Referenced by FxLibraryGlobalsCommission().

◆ FxpBugCheckCallback()

VOID NTAPI FxpBugCheckCallback ( __in KBUGCHECK_CALLBACK_REASON  Reason,
__in PKBUGCHECK_REASON_CALLBACK_RECORD  Record,
__inout PVOID  ReasonSpecificData,
__in ULONG  ReasonSpecificLength 
)

Definition at line 306 of file fxbugcheckcallback.cpp.

339{
340 PKBUGCHECK_SECONDARY_DUMP_DATA dumpData;
341 PFX_DRIVER_GLOBALS fxDriverGlobals;
342 ULONG logSize;
343 BOOLEAN writeLog = FALSE;
344
345 UNREFERENCED_PARAMETER(Reason);
346 UNREFERENCED_PARAMETER(ReasonSpecificLength);
347
348 ASSERT(ReasonSpecificLength >= sizeof(KBUGCHECK_SECONDARY_DUMP_DATA));
349 ASSERT(Reason == KbCallbackSecondaryDumpData);
350
351 dumpData = (PKBUGCHECK_SECONDARY_DUMP_DATA) ReasonSpecificData;
352
353 //
354 // See if the IFR's minimum amount of data can fit in the dump
355 //
356 if (dumpData->MaximumAllowed < FxIFRMinLogSize) {
357 return;
358 }
359
360 //
361 // Get the driver globals containing the bugcheck callback record.
362 //
363 fxDriverGlobals = CONTAINING_RECORD(Record,
364 FX_DRIVER_GLOBALS,
365 BugCheckCallbackRecord);
366
367 //
368 // If there is not IFR data, then this bugcheck callback does not have any
369 // data to write to the minidump.
370 //
371 if (NULL == fxDriverGlobals->WdfLogHeader) {
372 return;
373 }
374
375 //
376 // Size is the length of the buffer which we log to. It should also include
377 // the size of the header (which was subtracted out in FxIFRStart).
378 //
379 logSize = ((PWDF_IFR_HEADER) fxDriverGlobals->WdfLogHeader)->Size +
380 sizeof(WDF_IFR_HEADER);
381
382 ASSERT(FxIFRMinLogSize <= logSize && logSize <= FxIFRMaxLogSize);
383
384 //
385 // Check whether log can fit in the dump.
386 //
387 if (logSize > dumpData->MaximumAllowed) {
388 return;
389 }
390
391 //
392 // Check whether this log is the one to copy.
393 //
394 if (FxpBugCheckCallbackFilter(fxDriverGlobals)) {
395 //
396 // Let everyone know that we got the best match.
397 //
398 FxLibraryGlobals.BestDriverForDumpLog = fxDriverGlobals;
399
400 //
401 // Exact match driver.
402 //
403 writeLog = TRUE;
404 }
405 else if (NULL == FxLibraryGlobals.BestDriverForDumpLog) {
406 //
407 // So far we didn't get a perfect match. Make a best effort
408 // to find a good candidate for the driver dump log.
409 //
410 if (fxDriverGlobals->FxTrackDriverForMiniDumpLog &&
411 FxLibraryGlobals.DriverTracker.GetCurrentTrackedDriver() ==
412 fxDriverGlobals) {
413 //
414 // Best effort match driver.
415 //
416 writeLog = TRUE;
417 }
418 }
419
420 if (writeLog) {
421 dumpData->OutBuffer = fxDriverGlobals->WdfLogHeader;
422 dumpData->OutBufferLength = logSize;
423 dumpData->Guid = WdfDumpGuid;
424 }
425}
BOOLEAN
unsigned char BOOLEAN
Definition: ProcessorBind.h:185
TRUE
#define TRUE
Definition: types.h:120
FxpBugCheckCallbackFilter
_Must_inspect_result_ BOOLEAN FxpBugCheckCallbackFilter(__inout PFX_DRIVER_GLOBALS FxDriverGlobals)
Definition: fxbugcheckcallback.cpp:228
fxDriverGlobals
PFX_DRIVER_GLOBALS fxDriverGlobals
Definition: fxcxdeviceinitapi.cpp:84
PWDF_IFR_HEADER
struct _WDF_IFR_HEADER * PWDF_IFR_HEADER
WDF_IFR_HEADER
struct _WDF_IFR_HEADER WDF_IFR_HEADER
FxIFRMaxLogSize
@ FxIFRMaxLogSize
Definition: fxifrkm.h:24
FxIFRMinLogSize
@ FxIFRMinLogSize
Definition: fxifrkm.h:23
Reason
PVOID PVOID PWCHAR PVOID USHORT PULONG Reason
Definition: env.c:47
UNREFERENCED_PARAMETER
#define UNREFERENCED_PARAMETER(P)
Definition: ntbasedef.h:329
FxLibraryGlobalsType::DriverTracker
FX_DRIVER_TRACKER_CACHE_AWARE DriverTracker
Definition: fxglobals.h:812
FxLibraryGlobalsType::BestDriverForDumpLog
PFX_DRIVER_GLOBALS BestDriverForDumpLog
Definition: fxglobals.h:817
_FX_DRIVER_GLOBALS
Definition: fxglobals.h:165
_FX_DRIVER_GLOBALS::WdfLogHeader
PVOID WdfLogHeader
Definition: fxglobals.h:383
_FX_DRIVER_GLOBALS::FxTrackDriverForMiniDumpLog
BOOLEAN FxTrackDriverForMiniDumpLog
Definition: fxglobals.h:483
_FX_DRIVER_TRACKER_CACHE_AWARE::GetCurrentTrackedDriver
_Must_inspect_result_ __inline PFX_DRIVER_GLOBALS GetCurrentTrackedDriver()
Definition: fxglobalskm.h:405
_KBUGCHECK_SECONDARY_DUMP_DATA
Definition: ketypes.h:333
_KBUGCHECK_SECONDARY_DUMP_DATA::OutBuffer
_Out_ PVOID OutBuffer
Definition: ketypes.h:338
_KBUGCHECK_SECONDARY_DUMP_DATA::MaximumAllowed
_In_ ULONG MaximumAllowed
Definition: ketypes.h:336
_KBUGCHECK_SECONDARY_DUMP_DATA::OutBufferLength
_Out_ ULONG OutBufferLength
Definition: ketypes.h:339
_KBUGCHECK_SECONDARY_DUMP_DATA::Guid
_Out_ GUID Guid
Definition: ketypes.h:337
CONTAINING_RECORD
#define CONTAINING_RECORD(address, type, field)
Definition: typedefs.h:260
ReasonSpecificData
_In_ struct _KBUGCHECK_REASON_CALLBACK_RECORD _Inout_ PVOID ReasonSpecificData
Definition: ketypes.h:321
Record
_In_ struct _KBUGCHECK_REASON_CALLBACK_RECORD * Record
Definition: ketypes.h:320
PKBUGCHECK_SECONDARY_DUMP_DATA
struct _KBUGCHECK_SECONDARY_DUMP_DATA * PKBUGCHECK_SECONDARY_DUMP_DATA

◆ FxpBugCheckCallbackFilter()

_Must_inspect_result_ BOOLEAN FxpBugCheckCallbackFilter ( __inout PFX_DRIVER_GLOBALS  FxDriverGlobals)

Definition at line 228 of file fxbugcheckcallback.cpp.

248{
249 PVOID codeAddr = NULL;
250 BOOLEAN found = FALSE;
251 KBUGCHECK_DATA bugCheckData = {0};
252
253 if (FxDriverGlobals->FxForceLogsInMiniDump) {
254 return TRUE;
255 }
256
257 //
258 // Retrieve the bugcheck parameters.
259 //
260 bugCheckData.BugCheckDataSize = sizeof(KBUGCHECK_DATA);
261 AuxKlibGetBugCheckData(&bugCheckData);
262
263 //
264 // Check whether the code address that caused the bugcheck is from this wdf
265 // driver.
266 //
267 switch (bugCheckData.BugCheckCode) {
268
269 case KERNEL_APC_PENDING_DURING_EXIT: // 0x20
270 codeAddr = (PVOID)bugCheckData.Parameter1;
271 found = FxpIsAddressKnownToWdf(codeAddr, FxDriverGlobals);
272 break;
273
274 case KMODE_EXCEPTION_NOT_HANDLED: // 0x1E
275 case SYSTEM_THREAD_EXCEPTION_NOT_HANDLED: // 0x7E
276 case KERNEL_MODE_EXCEPTION_NOT_HANDLED: // 0x8E
277 codeAddr = (PVOID)bugCheckData.Parameter2;
278 found = FxpIsAddressKnownToWdf(codeAddr, FxDriverGlobals);
279 break;
280
281 case PAGE_FAULT_IN_NONPAGED_AREA: // 0x50
282 codeAddr = (PVOID)bugCheckData.Parameter3;
283 found = FxpIsAddressKnownToWdf(codeAddr, FxDriverGlobals);
284 break;
285
286 case IRQL_NOT_LESS_OR_EQUAL: // 0xA
287 case DRIVER_IRQL_NOT_LESS_OR_EQUAL: // 0xD1
288 codeAddr = (PVOID)bugCheckData.Parameter4;
289 found = FxpIsAddressKnownToWdf(codeAddr, FxDriverGlobals);
290 break;
291 }
292
293 //
294 // If the code address was found in the wdf driver, then set the flag in the
295 // driver globals to indicate that the IFR data has to be written to the
296 // mini-dump.
297 //
298 if (found) {
299 FxDriverGlobals->FxForceLogsInMiniDump = TRUE;
300 }
301 return found;
302}
KBUGCHECK_DATA
struct _KBUGCHECK_DATA KBUGCHECK_DATA
AuxKlibGetBugCheckData
NTSTATUS AuxKlibGetBugCheckData(_Inout_ PKBUGCHECK_DATA BugCheckData)
Definition: aux_klib.c:178
FxpIsAddressKnownToWdf
_Must_inspect_result_ BOOLEAN FxpIsAddressKnownToWdf(__in PVOID Address, __in PFX_DRIVER_GLOBALS FxDriverGlobals)
Definition: fxbugcheckcallback.cpp:75
_KBUGCHECK_DATA
Definition: aux_klib.h:44
_KBUGCHECK_DATA::Parameter1
ULONG_PTR Parameter1
Definition: aux_klib.h:47
_KBUGCHECK_DATA::BugCheckDataSize
ULONG BugCheckDataSize
Definition: aux_klib.h:45
_KBUGCHECK_DATA::Parameter3
ULONG_PTR Parameter3
Definition: aux_klib.h:49
_KBUGCHECK_DATA::BugCheckCode
ULONG BugCheckCode
Definition: aux_klib.h:46
_KBUGCHECK_DATA::Parameter2
ULONG_PTR Parameter2
Definition: aux_klib.h:48
_KBUGCHECK_DATA::Parameter4
ULONG_PTR Parameter4
Definition: aux_klib.h:50
PVOID
void * PVOID
Definition: typedefs.h:50

Referenced by FxpBugCheckCallback().

◆ FxpGetImageBase()

_Must_inspect_result_ NTSTATUS FxpGetImageBase ( __in PDRIVER_OBJECT  DriverObject,
__out PVOID ImageBase,
__out PULONG  ImageSize 
)

Definition at line 122 of file fxbugcheckcallback.cpp.

127{
128 NTSTATUS status = STATUS_UNSUCCESSFUL;
129 ULONG modulesSize = 0;
130 AUX_MODULE_EXTENDED_INFO* modules = NULL;
131 AUX_MODULE_EXTENDED_INFO* module;
132 PVOID addressInImage = NULL;
133 ULONG numberOfModules;
134 ULONG i;
135
136 //
137 // Basic validation.
138 //
139 if (NULL == DriverObject || NULL == ImageBase || NULL == ImageSize) {
140 status = STATUS_INVALID_PARAMETER;
141 goto exit;
142 }
143
144 //
145 // Get the address of a well known entry in the Image.
146 //
147 addressInImage = (PVOID) DriverObject->DriverStart;
148 ASSERT(addressInImage != NULL);
149
150 //
151 // Initialize the AUX Kernel Library.
152 //
153 status = AuxKlibInitialize();
154 if (!NT_SUCCESS(status)) {
155 goto exit;
156 }
157
158 //
159 // Get size of area needed for loaded modules.
160 //
161 status = AuxKlibQueryModuleInformation(&modulesSize,
162 sizeof(AUX_MODULE_EXTENDED_INFO),
163 NULL);
164
165 if (!NT_SUCCESS(status) || (0 == modulesSize)) {
166 goto exit;
167 }
168
169 numberOfModules = modulesSize / sizeof(AUX_MODULE_EXTENDED_INFO);
170
171 //
172 // Allocate returned-sized memory for the modules area.
173 //
174 modules = (AUX_MODULE_EXTENDED_INFO*) ExAllocatePoolWithTag(PagedPool,
175 modulesSize,
176 '30LW');
177 if (NULL == modules) {
178 status = STATUS_INSUFFICIENT_RESOURCES;
179 goto exit;
180 }
181
182 //
183 // Request the modules array be filled with module information.
184 //
185 status = AuxKlibQueryModuleInformation(&modulesSize,
186 sizeof(AUX_MODULE_EXTENDED_INFO),
187 modules);
188
189 if (!NT_SUCCESS(status)) {
190 goto exit;
191 }
192
193 //
194 // Traverse list, searching for the well known address in Image for which the
195 // module's Image Base Address is in its range.
196 //
197 module = modules;
198
199 for (i=0; i < numberOfModules; i++) {
200
201 if (addressInImage >= module->BasicInfo.ImageBase &&
202 addressInImage < WDF_PTR_ADD_OFFSET(module->BasicInfo.ImageBase,
203 module->ImageSize)) {
204
205 *ImageBase = module->BasicInfo.ImageBase;
206 *ImageSize = module->ImageSize;
207
208 status = STATUS_SUCCESS;
209 goto exit;
210 }
211 module++;
212 }
213
214 status = STATUS_NOT_FOUND;
215
216exit:
217
218 if (modules != NULL) {
219 ExFreePool(modules);
220 modules = NULL;
221 }
222
223 return status;
224}
AuxKlibQueryModuleInformation
NTSTATUS NTAPI AuxKlibQueryModuleInformation(_In_ PULONG InformationLength, _In_ ULONG SizePerModule, _Inout_ PAUX_MODULE_EXTENDED_INFO ModuleInfo)
Definition: aux_klib.c:53
AuxKlibInitialize
NTSTATUS NTAPI AuxKlibInitialize(VOID)
Definition: aux_klib.c:26
AUX_MODULE_EXTENDED_INFO
struct _AUX_MODULE_EXTENDED_INFO AUX_MODULE_EXTENDED_INFO
ExAllocatePoolWithTag
#define ExAllocatePoolWithTag(hernya, size, tag)
Definition: env_spec_w32.h:350
ExFreePool
#define ExFreePool(addr)
Definition: env_spec_w32.h:352
PagedPool
#define PagedPool
Definition: env_spec_w32.h:308
i
GLsizei GLenum const GLvoid GLsizei GLenum GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLint GLint GLint GLshort GLshort GLshort GLubyte GLubyte GLubyte GLuint GLuint GLuint GLushort GLushort GLushort GLbyte GLbyte GLbyte GLbyte GLdouble GLdouble GLdouble GLdouble GLfloat GLfloat GLfloat GLfloat GLint GLint GLint GLint GLshort GLshort GLshort GLshort GLubyte GLubyte GLubyte GLubyte GLuint GLuint GLuint GLuint GLushort GLushort GLushort GLushort GLboolean const GLdouble const GLfloat const GLint const GLshort const GLbyte const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLdouble const GLfloat const GLfloat const GLint const GLint const GLshort const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort const GLdouble const GLfloat const GLint const GLshort GLenum GLenum GLenum GLfloat GLenum GLint GLenum GLenum GLenum GLfloat GLenum GLenum GLint GLenum GLfloat GLenum GLint GLint GLushort GLenum GLenum GLfloat GLenum GLenum GLint GLfloat const GLubyte GLenum GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLint GLint GLsizei GLsizei GLint GLenum GLenum const GLvoid GLenum GLenum const GLfloat GLenum GLenum const GLint GLenum GLenum const GLdouble GLenum GLenum const GLfloat GLenum GLenum const GLint GLsizei GLuint GLfloat GLuint GLbitfield GLfloat GLint GLuint GLboolean GLenum GLfloat GLenum GLbitfield GLenum GLfloat GLfloat GLint GLint const GLfloat GLenum GLfloat GLfloat GLint GLint GLfloat GLfloat GLint GLint const GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat GLint GLfloat GLfloat const GLdouble const GLfloat const GLdouble const GLfloat GLint i
Definition: glfuncs.h:248
exit
#define exit(n)
Definition: config.h:202
STATUS_SUCCESS
#define STATUS_SUCCESS
Definition: shellext.h:65
STATUS_NOT_FOUND
#define STATUS_NOT_FOUND
Definition: shellext.h:72
_AUX_MODULE_EXTENDED_INFO
Definition: aux_klib.h:37
STATUS_INVALID_PARAMETER
#define STATUS_INVALID_PARAMETER
Definition: udferr_usr.h:135
STATUS_UNSUCCESSFUL
#define STATUS_UNSUCCESSFUL
Definition: udferr_usr.h:132
STATUS_INSUFFICIENT_RESOURCES
#define STATUS_INSUFFICIENT_RESOURCES
Definition: udferr_usr.h:158
WDF_PTR_ADD_OFFSET
#define WDF_PTR_ADD_OFFSET(_ptr, _offset)
Definition: wdfcore.h:144
DriverObject
_Must_inspect_result_ _In_ PDRIVER_OBJECT DriverObject
Definition: wdfdriver.h:213

Referenced by FxRegisterBugCheckCallback().

◆ FxpIsAddressKnownToWdf()

_Must_inspect_result_ BOOLEAN FxpIsAddressKnownToWdf ( __in PVOID  Address,
__in PFX_DRIVER_GLOBALS  FxDriverGlobals 
)

Definition at line 75 of file fxbugcheckcallback.cpp.

105{
106
107 if (NULL == Address || NULL == FxDriverGlobals) {
108 return FALSE;
109 }
110
111 if (Address >= FxDriverGlobals->ImageAddress &&
112 Address < WDF_PTR_ADD_OFFSET(FxDriverGlobals->ImageAddress,
113 FxDriverGlobals->ImageSize)) {
114 return TRUE;
115 }
116
117 return FALSE;
118}
Address
static WCHAR Address[46]
Definition: ping.c:68

Referenced by FxpBugCheckCallbackFilter().

◆ FxpLibraryBugCheckCallback()

VOID NTAPI FxpLibraryBugCheckCallback ( __in KBUGCHECK_CALLBACK_REASON  Reason,
__in  PKBUGCHECK_REASON_CALLBACK_RECORD,
__inout PVOID  ReasonSpecificData,
__in ULONG  ReasonSpecificLength 
)

Definition at line 557 of file fxbugcheckcallback.cpp.

590{
591 PKBUGCHECK_SECONDARY_DUMP_DATA dumpData;
592 ULONG dumpSize;
593
594 UNREFERENCED_PARAMETER(Reason);
595 UNREFERENCED_PARAMETER(ReasonSpecificLength);
596
597 ASSERT(ReasonSpecificLength >= sizeof(KBUGCHECK_SECONDARY_DUMP_DATA));
598 ASSERT(Reason == KbCallbackSecondaryDumpData);
599
600 dumpData = (PKBUGCHECK_SECONDARY_DUMP_DATA) ReasonSpecificData;
601 dumpSize = FxLibraryGlobals.BugCheckDriverInfoIndex *
602 sizeof(FX_DUMP_DRIVER_INFO_ENTRY);
603 //
604 // See if the bugcheck driver info is more than can fit in the dump
605 //
606 if (dumpData->MaximumAllowed < dumpSize) {
607 dumpSize = EXP_ALIGN_DOWN_ON_BOUNDARY(
608 dumpData->MaximumAllowed,
609 sizeof(FX_DUMP_DRIVER_INFO_ENTRY));
610 }
611
612 if (0 == dumpSize) {
613 goto Done;
614 }
615
616 //
617 // Ok, provide the info about the bugcheck data.
618 //
619 dumpData->OutBuffer = FxLibraryGlobals.BugCheckDriverInfo;
620 dumpData->OutBufferLength = dumpSize;
621 dumpData->Guid = WdfDumpGuid2;
622
623Done:;
624}
EXP_ALIGN_DOWN_ON_BOUNDARY
#define EXP_ALIGN_DOWN_ON_BOUNDARY(_size, _alignment)
Definition: fxbugcheck.h:46

◆ FxPurgeBugCheckDriverInfo()

VOID FxPurgeBugCheckDriverInfo ( __in PFX_DRIVER_GLOBALS  FxDriverGlobals)

Definition at line 890 of file fxbugcheckcallback.cpp.

893{
894 KIRQL irql;
895 PFX_DUMP_DRIVER_INFO_ENTRY driverInfo = NULL;
896 ULONG driverIndex = 0;
897 ULONG shiftCount = 0;
898 ULONG i = 0;
899
900 FxLibraryGlobals.FxDriverGlobalsListLock.Acquire(&irql);
901
902 //
903 // Zero means 'not used'.
904 //
905 driverIndex = FxDriverGlobals->BugCheckDriverInfoIndex;
906 if (0 == driverIndex) {
907 goto Done;
908 }
909
910 //
911 // Check if feature is not supported.
912 //
913 if (NULL == FxLibraryGlobals.BugCheckDriverInfo) {
914 ASSERT(FALSE); // driverIndex > 0 with NULL array?
915 goto Done;
916 }
917
918
919 ASSERT(FxLibraryGlobals.BugCheckDriverInfoIndex <=
920 FxLibraryGlobals.BugCheckDriverInfoCount);
921
922 //
923 // Index boundary validation.
924 //
925 if (driverIndex >= FxLibraryGlobals.BugCheckDriverInfoIndex) {
926 ASSERT(FALSE);
927 goto Done;
928 }
929
930 //
931 // Compute ptr to driver info.
932 //
933 driverInfo = FxLibraryGlobals.BugCheckDriverInfo + driverIndex;
934
935 //
936 // Double-check that this is the same driver.
937 //
938 if (driverInfo->FxDriverGlobals != FxDriverGlobals) {
939 ASSERT(FALSE);
940 goto Done;
941 }
942
943 //
944 // Shift memory to fill hole and update global free index.
945 //
946 shiftCount = FxLibraryGlobals.BugCheckDriverInfoIndex - driverIndex - 1;
947 if (shiftCount > 0) {
948 RtlMoveMemory(driverInfo,
949 driverInfo + 1,
950 shiftCount * sizeof(FX_DUMP_DRIVER_INFO_ENTRY));
951 }
952
953 FxLibraryGlobals.BugCheckDriverInfoIndex--;
954
955 //
956 // Update cached index for all 'shifted' drivers.
957 //
958 for (i = driverIndex; i < FxLibraryGlobals.BugCheckDriverInfoIndex; ++i) {
959 FxLibraryGlobals.BugCheckDriverInfo[i].FxDriverGlobals->
960 BugCheckDriverInfoIndex--;
961 }
962
963Done:
964
965 FxLibraryGlobals.FxDriverGlobalsListLock.Release(irql);
966}
RtlMoveMemory
#define RtlMoveMemory(Destination, Source, Length)
Definition: typedefs.h:264

Referenced by FxDestroy().

◆ FxRegisterBugCheckCallback()

VOID FxRegisterBugCheckCallback ( __inout PFX_DRIVER_GLOBALS  FxDriverGlobals,
__in PDRIVER_OBJECT  DriverObject 
)

Definition at line 428 of file fxbugcheckcallback.cpp.

432{
433 UNICODE_STRING funcName;
434 PKBUGCHECK_REASON_CALLBACK_RECORD callbackRecord;
435 PFN_KE_REGISTER_BUGCHECK_REASON_CALLBACK funcPtr;
436 BOOLEAN enableDriverTracking;
437
438 //
439 // If any problem during this setup, disable driver tracking.
440 //
441 enableDriverTracking = FxDriverGlobals->FxTrackDriverForMiniDumpLog;
442 FxDriverGlobals->FxTrackDriverForMiniDumpLog = FALSE;
443
444 //
445 // Zero out callback record.
446 //
447 callbackRecord = &FxDriverGlobals->BugCheckCallbackRecord;
448 RtlZeroMemory(callbackRecord, sizeof(KBUGCHECK_REASON_CALLBACK_RECORD));
449
450 //
451 // Get the Image base address and size before registering the bugcheck
452 // callbacks. If the image base address and size cannot be computed,
453 // then the bugcheck callbacks depend on these values being properly
454 // set.
455 //
456 FxDriverGlobals->ImageAddress = NULL;
457 FxDriverGlobals->ImageSize = 0;
458
459 if (!NT_SUCCESS(FxpGetImageBase(DriverObject,
460 &FxDriverGlobals->ImageAddress,
461 &FxDriverGlobals->ImageSize))) {
462 goto Done;
463 }
464
465
466
467
468
469
470
471
472
473
474 //
475 // The KeRegisterBugCheckReasonCallback exists for xp sp1 and above. So
476 // check whether this function is defined on the current OS and register
477 // for the bugcheck callback only if this function is defined.
478 //
479 RtlInitUnicodeString(&funcName, L"KeRegisterBugCheckReasonCallback");
480 funcPtr = (PFN_KE_REGISTER_BUGCHECK_REASON_CALLBACK)
481 MmGetSystemRoutineAddress(&funcName);
482
483 if (NULL == funcPtr) {
484 goto Done;
485 }
486
487 //
488 // Register this driver with driver tracker.
489 //
490 if (enableDriverTracking) {
491 if (NT_SUCCESS(FxLibraryGlobals.DriverTracker.Register(
492 FxDriverGlobals))) {
493 FxDriverGlobals->FxTrackDriverForMiniDumpLog = TRUE;
494 }
495 }
496
497 //
498 // Initialize the callback record.
499 //
500 KeInitializeCallbackRecord(callbackRecord);
501
502 //
503 // Register the bugcheck callback.
504 //
505 funcPtr(callbackRecord,
506 FxpBugCheckCallback,
507 KbCallbackSecondaryDumpData,
508 (PUCHAR)FxDriverGlobals->Public.DriverName);
509
510 ASSERT(callbackRecord->CallbackRoutine != NULL);
511
512Done:;
513}
FxpGetImageBase
_Must_inspect_result_ NTSTATUS FxpGetImageBase(__in PDRIVER_OBJECT DriverObject, __out PVOID *ImageBase, __out PULONG ImageSize)
Definition: fxbugcheckcallback.cpp:122
FxpBugCheckCallback
KBUGCHECK_REASON_CALLBACK_ROUTINE FxpBugCheckCallback
Definition: fxbugcheckcallback.cpp:69
_FX_DRIVER_TRACKER_CACHE_AWARE::Register
_Must_inspect_result_ NTSTATUS Register(__in PFX_DRIVER_GLOBALS FxDriverGlobals)
Definition: fxbugcheckcallback.cpp:1008

Referenced by FxInitialize().

◆ FxUninitializeBugCheckDriverInfo()

VOID FxUninitializeBugCheckDriverInfo ( )

Definition at line 720 of file fxbugcheckcallback.cpp.

721{
722 UNICODE_STRING funcName;
723 PKBUGCHECK_REASON_CALLBACK_RECORD callbackRecord;
724 PFN_KE_DEREGISTER_BUGCHECK_REASON_CALLBACK funcPtr;
725
726 //
727 // Deregister callback.
728 //
729
730
731
732
733
734
735
736 callbackRecord = &FxLibraryGlobals.BugCheckCallbackRecord;
737 if (NULL == callbackRecord->CallbackRoutine) {
738 goto Done;
739 }
740
741 //
742 // The KeDeregisterBugCheckReasonCallback exists for xp sp1 and above. So
743 // check whether this function is defined on the current OS and deregister
744 // from the bugcheck callback only if this function is defined.
745 //
746 RtlInitUnicodeString(&funcName, L"KeDeregisterBugCheckReasonCallback");
747 funcPtr = (PFN_KE_DEREGISTER_BUGCHECK_REASON_CALLBACK)
748 MmGetSystemRoutineAddress(&funcName);
749
750 if (NULL == funcPtr) {
751 goto Done;
752 }
753
754 funcPtr(callbackRecord);
755 callbackRecord->CallbackRoutine = NULL;
756
757 //
758 // Release memory.
759 //
760 if (NULL == FxLibraryGlobals.BugCheckDriverInfo) {
761 goto Done;
762 }
763
764 //
765 // Dynamic KMDF framework is unloading, make sure there is only one entry
766 // left in the driver info array; the framework lib was using this entry
767 // to store its version.
768 //
769 ASSERT(1 == FxLibraryGlobals.BugCheckDriverInfoIndex);
770
771 FxLibraryGlobals.BugCheckDriverInfoIndex = 0;
772 FxLibraryGlobals.BugCheckDriverInfoCount = 0;
773
774 MxMemory::MxFreePool(FxLibraryGlobals.BugCheckDriverInfo);
775 FxLibraryGlobals.BugCheckDriverInfo = NULL;
776
777Done:;
778}
PFN_KE_DEREGISTER_BUGCHECK_REASON_CALLBACK
BOOLEAN(NTAPI * PFN_KE_DEREGISTER_BUGCHECK_REASON_CALLBACK)(__in PKBUGCHECK_REASON_CALLBACK_RECORD CallbackRecords)
Definition: fxglobalskm.h:92

Referenced by FxLibraryGlobalsDecommission().

◆ FxUnregisterBugCheckCallback()

VOID FxUnregisterBugCheckCallback ( __inout PFX_DRIVER_GLOBALS  FxDriverGlobals)

Definition at line 516 of file fxbugcheckcallback.cpp.

519{
520 UNICODE_STRING funcName;
521 PKBUGCHECK_REASON_CALLBACK_RECORD callbackRecord;
522 PFN_KE_DEREGISTER_BUGCHECK_REASON_CALLBACK funcPtr;
523
524 callbackRecord = &FxDriverGlobals->BugCheckCallbackRecord;
525 if (NULL == callbackRecord->CallbackRoutine) {
526 goto Done;
527 }
528
529 //
530 // The KeDeregisterBugCheckReasonCallback exists for xp sp1 and above. So
531 // check whether this function is defined on the current OS and deregister
532 // from the bugcheck callback only if this function is defined.
533 //
534 RtlInitUnicodeString(&funcName, L"KeDeregisterBugCheckReasonCallback");
535 funcPtr = (PFN_KE_DEREGISTER_BUGCHECK_REASON_CALLBACK)
536 MmGetSystemRoutineAddress(&funcName);
537
538 if (NULL == funcPtr) {
539 goto Done;
540 }
541
542 funcPtr(callbackRecord);
543 callbackRecord->CallbackRoutine = NULL;
544
545 //
546 // Deregister this driver with driver tracker.
547 //
548 if (FxDriverGlobals->FxTrackDriverForMiniDumpLog) {
549 FxLibraryGlobals.DriverTracker.Deregister(FxDriverGlobals);
550 }
551
552Done:;
553}
_FX_DRIVER_TRACKER_CACHE_AWARE::Deregister
VOID Deregister(__in PFX_DRIVER_GLOBALS FxDriverGlobals)
Definition: fxbugcheckcallback.cpp:1183

Referenced by FxDestroy().

Variable Documentation

◆ FxpBugCheckCallback

KBUGCHECK_REASON_CALLBACK_ROUTINE FxpBugCheckCallback

Definition at line 69 of file fxbugcheckcallback.cpp.

Referenced by FxRegisterBugCheckCallback().

◆ FxpLibraryBugCheckCallback

KBUGCHECK_REASON_CALLBACK_ROUTINE FxpLibraryBugCheckCallback

Definition at line 71 of file fxbugcheckcallback.cpp.

Referenced by FxInitializeBugCheckDriverInfo().