Commit 98bdb0f5 authored by ussrhero's avatar ussrhero
Browse files

added stack trace info

parent cc090039
......@@ -12,6 +12,8 @@ from config import getModuleInfoProvider
moduleInfoProvider = None
defaultModuleFilter = 'not ( manufactor in ("Microsoft") and type in ("system") )'
class DumpStatus:
Error = 0
......@@ -26,18 +28,38 @@ class DumpModule(object):
moduleInfo = json.loads( moduleInfoProvider.getModuleInfo(self.name) )
self.manufactor = moduleInfo.get("manufactor", "Unknown")
self.desc = moduleInfo.get("desc", "")
self.isDriver = ( mod.begin() & 0x8000000000000000 ) != 0
self.type = moduleInfo.get("type", "system")
def getUniqueId(self):
return "%s_%x" % (self.name, self.timestamp)
def __getitem__(self,name):
return {
'manufactor' : self.manufactor,
'type' : self.type,
'name' : self.name,
'timestamp' : self.timestamp,
}[name]
class DumpStackInfo(object):
def __init__(self):
self.frames = [ pykd.findSymbol(frame.ip, showDisplacement=False) for frame in pykd.getStack() ]
self.uniqueId = hash("".join(self.frames))
def getUniqueId(self):
return self.uniqueId
class DumpCrashInfo(object):
def __init__(self):
self.bugCheckCode, _, _, _, _ = pykd.bugCheckData()
self.crashStack = DumpStackInfo()
def getUniqueId(self):
return self.bugCheckCode
return "%x_%s" % (self.bugCheckCode, self.crashStack.getUniqueId() )
def __getitem__(self,name):
return getattr(self, name)
......@@ -60,7 +82,7 @@ class DumpDesc(object):
targetSystem = pykd.targetSystem()
self.modules = [ DumpModule(m) for m in targetSystem.currentProcess().modules() ]
self.modules = [ DumpModule(m) for m in targetSystem.currentProcess().modules() if ( m.begin() & 0x8000000000000000 ) != 0 ]
self.desc = pykd.getSystemVersion().buildString
self.crashInfo = DumpCrashInfo()
......@@ -103,7 +125,7 @@ def getUniqueModuleList(dumpDescList, moduleFilter):
for dump in dumpDescList:
for module in dump.modules:
if module.isDriver and (moduleFilter == '' or eval(moduleFilter, globals(), { 'manufactor' : module.manufactor, 'isDriver' : module.isDriver, 'name' : module.name } ) ):
if moduleFilter == '' or eval(moduleFilter, globals(), module ):
moduleId = module.getUniqueId()
if not moduleId in uniqueModules:
uniqueModules[moduleId] = module
......@@ -155,7 +177,8 @@ def printModuleDiff(dumpDescList, moduleFilter, verbose, rate):
print ("\t\tin all dumps")
else:
for dump in dumps:
print ("\t\t%s" % dump.dumpName)
print ("\t\t%s" % dump.dumpName)
print("")
def printOsDiff(dumpDescList, verbose):
......@@ -170,11 +193,13 @@ def printOsDiff(dumpDescList, verbose):
print ("System: %s in %d%% dumps" % ( systemdesc, len(dumps)*100/len(dumpDescList) ) )
if verbose:
print("\tDump files:")
if len(dumps) == len(dumpDescList):
print ("\t\tin all dumps")
else:
for dump in dumps:
print ("\t\t%s" % dump.dumpName)
print("")
def printCrashDiff(dumpDescList, crashFilter, verbose, rate):
......@@ -184,14 +209,29 @@ def printCrashDiff(dumpDescList, crashFilter, verbose, rate):
crashInfoList = getUniqueCrashList(dumpDescList, crashFilter)
for crash in crashInfoList.values():
crashRate = len( [ d for d in dumpDescList if d.crashInfo.getUniqueId() == crash.getUniqueId() ] ) * 100 / len( dumpDescList )
if crashRate < rate:
continue
dumps = [ dump for dump in dumpDescList if dump.crashInfo.getUniqueId() == crash.getUniqueId() ]
print ("BugCheck Code: %x in %d%% dumps" % ( crash.bugCheckCode, len(dumps)*100/len(dumpDescList) ) )
print ("Crash in %d%% dumps" % ( len(dumps)*100/len(dumpDescList) ) )
if verbose:
if len(dumps) == len(dumpDescList):
print ("\t\tin all dumps")
else:
if len(dumps) < len(dumpDescList):
print("\tDump files:")
for dump in dumps:
print ("\t\t%s" % dump.dumpName)
print ("\t\t%s" % dump.dumpName)
print ("\tBugCheck Code: %x" % ( crash.bugCheckCode ) )
print ("\tStacktrace:")
for frame in crash.crashStack.frames:
print ("\t\t%s" % frame)
print("")
def printDiff(args):
......@@ -256,7 +296,7 @@ def main():
parser.add_argument('-f', '--files', metavar='FILE', nargs='+', help='list of dump files')
parser.add_argument('-d', '--dir', metavar='DIRECTORY', help='directory with dump files')
parser.add_argument('-m', '--module', metavar='FILTER', nargs='?', dest='moduleFilter', help='module filter', default='not manufactor in ("Microsoft")' )
parser.add_argument('-m', '--module', metavar='FILTER', nargs='?', dest='moduleFilter', help='module filter', default=defaultModuleFilter )
parser.add_argument('-c', '--crash', dest = 'crashFilter', nargs='?', help='crash filter')
parser.add_argument('-v', '--verbose', help='verbose output', action='store_true', default=False)
parser.add_argument('-r', '--rate', help='filter dump by rate', type=int, default=0)
......
......@@ -76,6 +76,10 @@ moduleDB = r'''
{"name" : "acpipagr", "manufactor" : "Microsoft" },
{"name" : "nvvhci", "manufactor" : "NVIDIA", "type" : "hardware" },
{"name" : "WdNisDrv", "manufactor" : "Windows Defender"},
{"name" : "tbs", "manufactor" : "Microsoft", "type" : "system" }
{"name" : "tbs", "manufactor" : "Microsoft", "type" : "system" },
{"name" : "vmbkmclr", "manufactor" : "Microsoft", "type" : "hyperv", "desc" : "Hyper-V Virtual Memory Bus Root KMCL" },
{"name" : "HECIx64", "manufactor" : "Intel", "type" : "hardware", "desc" : "Intel Management Engine Interface"},
{"name" : "MsSecFlt", "manufactor" : "Microsoft", "type" : "system", "desc" : "Microsoft Security Events Component Minifilter" }
]
'''
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment