dmp文件读取(六)- Others
| 阅读 | 共 2472 字,阅读约
Overview
dmp文件读取(六)
dmp文件中包含各种stream,前面已经介绍完线程、模块、异常、内存这四种stream的读取,至此,核心的stream读取已经介绍完,本章介绍其他的stream读取,这些stream不是不重要,而是代码比较简单,这些stream包括:
- MD_SYSTEM_INFO_STREAM
- MD_MISC_INFO_STREAM
- MD_BREAKPAD_INFO_STREAM
- MD_ASSERTION_INFO_STREAM
MD_SYSTEM_INFO_STREAM
- 包含cpu架构
- 包含操作系统信息
- MDRawSystemInfo
system stream 读取入口
1ProcessResult MinidumpProcessor::Process(
2 Minidump *dump, ProcessState *process_state) {
3 bool has_cpu_info = GetCPUInfo(dump, &process_state->system_info_);
4}
5
6bool MinidumpProcessor::GetCPUInfo(Minidump *dump, SystemInfo *info) {
7 ...
8 MinidumpSystemInfo *system_info;
9 const MDRawSystemInfo *raw_system_info = GetSystemInfo(dump, &system_info);
10}
11
12static const MDRawSystemInfo* GetSystemInfo(Minidump *dump,
13 MinidumpSystemInfo **system_info) {
14 MinidumpSystemInfo *minidump_system_info = dump->GetSystemInfo();
15 if (!minidump_system_info)
16 return NULL;
17
18 if (system_info)
19 *system_info = minidump_system_info;
20
21 return minidump_system_info->system_info();
22}
MinidumpSystemInfo
- MinidumpSystemInfo类用来保存系统信息
- 核心数据结构是:MDRawSystemInfo
- stream type是MD_SYSTEM_INFO_STREAM
系统信息数据结构:MDRawSystemInfo
MDRawSystemInfo结构体保存了系统核心信息,包括:
- 处理器架构:processor_architecture
- 操作系统类型:platform_id
- 处理器数量:number_of_processors
- 版本号:主版本号、次版本号、构建版本号、平台id
- cpu信息
1typedef struct {
2 /* The next 3 fields and numberOfProcessors are from the SYSTEM_INFO
3 * structure as returned by GetSystemInfo */
4 uint16_t processor_architecture;
5 uint16_t processor_level; /* x86: 5 = 586, 6 = 686, ... */
6 /* ARM: 6 = ARMv6, 7 = ARMv7 ... */
7 uint16_t processor_revision; /* x86: 0xMMSS, where MM=model,
8 * SS=stepping */
9 /* ARM: 0 */
10
11 uint8_t number_of_processors;
12 uint8_t product_type; /* Windows: VER_NT_* from WinNT.h */
13
14 /* The next 5 fields are from the OSVERSIONINFO structure as returned
15 * by GetVersionEx */
16 uint32_t major_version;
17 uint32_t minor_version;
18 uint32_t build_number;
19 uint32_t platform_id;
20 MDRVA csd_version_rva; /* MDString further identifying the
21 * host OS.
22 * Windows: name of the installed OS
23 * service pack.
24 * Mac OS X: the Apple OS build number
25 * (sw_vers -buildVersion).
26 * Linux: uname -srvmo */
27
28 uint16_t suite_mask; /* Windows: VER_SUITE_* from WinNT.h */
29 uint16_t reserved2;
30
31 MDCPUInformation cpu;
32} MDRawSystemInfo; /* MINIDUMP_SYSTEM_INFO */
处理器架构
- MDRawSystemInfo中的processor_architecture的取值
- 枚举类MDCPUArchitecture表示
1typedef enum {
2 MD_CPU_ARCHITECTURE_X86 = 0, /* PROCESSOR_ARCHITECTURE_INTEL */
3 MD_CPU_ARCHITECTURE_MIPS = 1, /* PROCESSOR_ARCHITECTURE_MIPS */
4 MD_CPU_ARCHITECTURE_ALPHA = 2, /* PROCESSOR_ARCHITECTURE_ALPHA */
5 MD_CPU_ARCHITECTURE_PPC = 3, /* PROCESSOR_ARCHITECTURE_PPC */
6 MD_CPU_ARCHITECTURE_SHX = 4, /* PROCESSOR_ARCHITECTURE_SHX
7 * (Super-H) */
8 MD_CPU_ARCHITECTURE_ARM = 5, /* PROCESSOR_ARCHITECTURE_ARM */
9 MD_CPU_ARCHITECTURE_IA64 = 6, /* PROCESSOR_ARCHITECTURE_IA64 */
10 MD_CPU_ARCHITECTURE_ALPHA64 = 7, /* PROCESSOR_ARCHITECTURE_ALPHA64 */
11 MD_CPU_ARCHITECTURE_MSIL = 8, /* PROCESSOR_ARCHITECTURE_MSIL
12 * (Microsoft Intermediate Language) */
13 MD_CPU_ARCHITECTURE_AMD64 = 9, /* PROCESSOR_ARCHITECTURE_AMD64 */
14 MD_CPU_ARCHITECTURE_X86_WIN64 = 10,
15 /* PROCESSOR_ARCHITECTURE_IA32_ON_WIN64 (WoW64) */
16 MD_CPU_ARCHITECTURE_SPARC = 0x8001, /* Breakpad-defined value for SPARC */
17 MD_CPU_ARCHITECTURE_PPC64 = 0x8002, /* Breakpad-defined value for PPC64 */
18 MD_CPU_ARCHITECTURE_ARM64 = 0x8003, /* Breakpad-defined value for ARM64 */
19 MD_CPU_ARCHITECTURE_MIPS64 = 0x8004, /* Breakpad-defined value for MIPS64 */
20 MD_CPU_ARCHITECTURE_UNKNOWN = 0xffff /* PROCESSOR_ARCHITECTURE_UNKNOWN */
21} MDCPUArchitecture;
操作系统类型
- MDRawSystemInfo中的platform_id的取值
- 枚举类MDOSPlatform表示
- 从这里也可以看出,breakpad支持的操作类型
1typedef enum {
2 MD_OS_WIN32S = 0, /* VER_PLATFORM_WIN32s (Windows 3.1) */
3 MD_OS_WIN32_WINDOWS = 1, /* VER_PLATFORM_WIN32_WINDOWS (Windows 95-98-Me) */
4 MD_OS_WIN32_NT = 2, /* VER_PLATFORM_WIN32_NT (Windows NT, 2000+) */
5 MD_OS_WIN32_CE = 3, /* VER_PLATFORM_WIN32_CE, VER_PLATFORM_WIN32_HH
6 * (Windows CE, Windows Mobile, "Handheld") */
7 /* The following values are Breakpad-defined. */
8 MD_OS_UNIX = 0x8000, /* Generic Unix-ish */
9 MD_OS_MAC_OS_X = 0x8101, /* Mac OS X/Darwin */
10 MD_OS_IOS = 0x8102, /* iOS */
11 MD_OS_LINUX = 0x8201, /* Linux */
12 MD_OS_SOLARIS = 0x8202, /* Solaris */
13 MD_OS_ANDROID = 0x8203, /* Android */
14 MD_OS_PS3 = 0x8204, /* PS3 */
15 MD_OS_NACL = 0x8205 /* Native Client (NaCl) */
16} MDOSPlatform;
MD_MISC_INFO_STREAM
- 包含进程崩溃时间等很多信息
misc stream读取入口
1ProcessResult MinidumpProcessor::Process(
2 Minidump *dump, ProcessState *process_state) {
3 bool has_process_create_time =
4 GetProcessCreateTime(dump, &process_state->process_create_time_);
5}
MinidumpMiscInfo
- misc信息保存在MinidumpMiscInfo类中
- 核心数据结构为MDRawMiscInfo
- stream type为MD_MISC_INFO_STREAM
MDRawMiscInfo
- misc是混杂的意思,却如其名,很多信息都保存在这里
- breakpad中用到一个很重要的是进程运行时间:process_create_time
1typedef struct {
2 uint32_t size_of_info; /* Length of entire MDRawMiscInfo structure. */
3 uint32_t flags1;
4
5 /* The next field is only valid if flags1 contains
6 * MD_MISCINFO_FLAGS1_PROCESS_ID. */
7 uint32_t process_id;
8
9 /* The next 3 fields are only valid if flags1 contains
10 * MD_MISCINFO_FLAGS1_PROCESS_TIMES. */
11 uint32_t process_create_time; /* time_t process started */
12 uint32_t process_user_time; /* seconds of user CPU time */
13 uint32_t process_kernel_time; /* seconds of kernel CPU time */
14
15 /* The following fields are not present in MINIDUMP_MISC_INFO but are
16 * in MINIDUMP_MISC_INFO_2. When this struct is populated, these values
17 * may not be set. Use flags1 and size_of_info to determine whether these
18 * values are present. These are only valid when flags1 contains
19 * MD_MISCINFO_FLAGS1_PROCESSOR_POWER_INFO. */
20 uint32_t processor_max_mhz;
21 uint32_t processor_current_mhz;
22 uint32_t processor_mhz_limit;
23 uint32_t processor_max_idle_state;
24 uint32_t processor_current_idle_state;
25
26 /* The following fields are not present in MINIDUMP_MISC_INFO_2 but are
27 * in MINIDUMP_MISC_INFO_3. When this struct is populated, these values
28 * may not be set. Use flags1 and size_of_info to determine whether these
29 * values are present. */
30 /* The following field is only valid if flags1 contains
31 * MD_MISCINFO_FLAGS1_PROCESS_INTEGRITY. */
32 uint32_t process_integrity_level;
33
34 /* The following field is only valid if flags1 contains
35 * MD_MISCINFO_FLAGS1_PROCESS_EXECUTE_FLAGS. */
36 uint32_t process_execute_flags;
37
38 /* The following field is only valid if flags1 contains
39 * MD_MISCINFO_FLAGS1_PROTECTED_PROCESS. */
40 uint32_t protected_process;
41
42 /* The following 2 fields are only valid if flags1 contains
43 * MD_MISCINFO_FLAGS1_TIMEZONE. */
44 uint32_t time_zone_id;
45 MDTimeZoneInformation time_zone;
46
47 /* The following fields are not present in MINIDUMP_MISC_INFO_3 but are
48 * in MINIDUMP_MISC_INFO_4. When this struct is populated, these values
49 * may not be set. Use flags1 and size_of_info to determine whether these
50 * values are present. */
51
52 /* The following 2 fields are only valid if flags1 contains
53 * MD_MISCINFO_FLAGS1_BUILDSTRING. */
54 uint16_t build_string[MD_MAX_PATH]; /* UTF-16-encoded, 0-terminated */
55 uint16_t dbg_bld_str[40]; /* UTF-16-encoded, 0-terminated */
56
57 /* The following fields are not present in MINIDUMP_MISC_INFO_4 but are
58 * in MINIDUMP_MISC_INFO_5. When this struct is populated, these values
59 * may not be set. Use flags1 and size_of_info to determine whether these
60 * values are present. */
61
62 /* The following field has its own flags for establishing the validity of
63 * the structure's contents.*/
64 MDXStateConfigFeatureMscInfo xstate_data;
65
66 /* The following field is only valid if flags1 contains
67 * MD_MISCINFO_FLAGS1_PROCESS_COOKIE. */
68 uint32_t process_cookie;
69} MDRawMiscInfo;
MD_BREAKPAD_INFO_STREAM
- 包含breakpad自定义的一些信息
- 比如:崩溃的线程id
breakpad info 读取入口
1ProcessResult MinidumpProcessor::Process(
2 Minidump *dump, ProcessState *process_state) {
3 MinidumpBreakpadInfo *breakpad_info = dump->GetBreakpadInfo();
4}
MinidumpBreakpadInfo
- breakpad信息保存在MinidumpBreakpadInfo类中
- 核心数据结构是MDRawBreakpadInfo
- stream type为MD_BREAKPAD_INFO_STREAM
MDRawBreakpadInfo
1typedef struct {
2 uint32_t validity;
3 // 崩溃的线程id,如果有这个字段,以这个字段为准。没有就取dump中的崩溃线程id
4 // 这个id必须是ThreadList中的一个
5 uint32_t dump_thread_id;
6 uint32_t requesting_thread_id;
7} MDRawBreakpadInfo;
MD_ASSERTION_INFO_STREAM
- 枚举值0x47670002
- MDRawAssertionInfo
断言信息读取入口
1ProcessResult MinidumpProcessor::Process(
2 Minidump *dump, ProcessState *process_state) {
3 ...
4 // 读取断言信息
5 process_state->assertion_ = GetAssertion(dump);
6 ...
7}
8
9string MinidumpProcessor::GetAssertion(Minidump *dump) {
10 MinidumpAssertion *assertion = dump->GetAssertion();
11 ...
12}
MinidumpAssertion
- 断言信息保存在MinidumpAssertion类中
- 核心数据结构为MDRawAssertionInfo
- stream type为MD_ASSERTION_INFO_STREAM
MDRawAssertionInfo
MDRawAssertionInfo结构体存储程序崩溃时断言的核心信息,包括:
- expression:断言表达式
- function:在哪个函数发生了断言
- file:哪个文件发生了断言
- line:断言的行号
- type:断言类型
1typedef struct {
2 /* expression, function, and file are 0-terminated UTF-16 strings. They
3 * may be truncated if necessary, but should always be 0-terminated when
4 * written to a file.
5 * Fixed-length strings are used because MiniDumpWriteDump doesn't offer
6 * a way for user streams to point to arbitrary RVAs for strings. */
7 uint16_t expression[128]; /* Assertion that failed... */
8 uint16_t function[128]; /* ...within this function... */
9 uint16_t file[128]; /* ...in this file... */
10 uint32_t line; /* ...at this line. */
11 uint32_t type;
12} MDRawAssertionInfo;
MDAssertionInfoData
- 断言类型,用变量type表示
- 可选值为枚举类MDAssertionInfoData
1typedef enum {
2 MD_ASSERTION_INFO_TYPE_UNKNOWN = 0,
3
4 /* Used for assertions that would be raised by the MSVC CRT but are
5 * directed to an invalid parameter handler instead. */
6 MD_ASSERTION_INFO_TYPE_INVALID_PARAMETER,
7
8 /* Used for assertions that would be raised by the MSVC CRT but are
9 * directed to a pure virtual call handler instead. */
10 MD_ASSERTION_INFO_TYPE_PURE_VIRTUAL_CALL,
11
12 /* Used for assertions that would be raised by the MSVC CRT but are
13 * directed to a new operator handler instead. */
14 MD_ASSERTION_INFO_TYPE_NEW_OPERATOR_ERROR,
15
16 /* Used for assertions that would be raised by the MSVC CRT but are
17 * directed to a security handler instead. */
18 MD_ASSERTION_INFO_TYPE_SECURITY_ERROR,
19
20 /* Used for assertions that would be raised by the MSVC CRT but are
21 * directed to a abort handler instead. */
22 MD_ASSERTION_INFO_TYPE_SIGNAL_ABORT,
23
24 /* Used for assertions that would be raised by the MSVC CRT but are
25 * directed to a interrupt handler instead. */
26 MD_ASSERTION_INFO_TYPE_SIGNAL_INTERRUPT,
27
28 /* Used for assertions that would be raised by the MSVC CRT but are
29 * directed to a terminate handler instead. */
30 MD_ASSERTION_INFO_TYPE_SIGNAL_TERMINATE,
31
32 /* Used for assertions that would be raised by the MSVC CRT but are
33 * directed to a ILL handler instead. */
34 MD_ASSERTION_INFO_TYPE_SIGNAL_ILLEGAL_INSTRUCTION,
35
36 /* Used for assertions that would be raised by the MSVC CRT but are
37 * directed to a SEGE handler instead. */
38 MD_ASSERTION_INFO_TYPE_SIGNAL_SEGMENT_VIOLATION
39} MDAssertionInfoData;