Header for Demonstrating Profiling Crash

Header for Demonstrating Profiling Crash

There follows a header, PROFILE.H, to use with the one source file, PROCRASH.CPP, for a small console application that demonstrates a Bug Check From User Mode By Profiling.

/*  ************************************************************************  *
 *                                 profile.h                                  *
 *  ************************************************************************  */

/*  This header defines various programming elements that support profiling
    but which are not ordinarily available in headers from the Windows SDK.  */

#pragma once

/*  Keep the Visual Studio text editor happy. Perhaps it doesn't even try to 
    work out that all use of this header in its project - or in the whole 
    solution it comes from - includes WINDOWS.H first.  */

#ifdef      __INTELLISENSE__
#include    <windows.h>
#endif

/*  ************************************************************************  */
/*  From Microsoft's headers for kernel-mode programming  */

extern "C" {

/*  The demonstration is of a coding error in the undocumented functions
    for profiling. Being low-level, these work with the well-known
    kernel-mode status code, not the Win32 error code. There are SDK headers 
    that define the NTSTATUS and some selection of related macros, but 
    arguably not naturally.  */

typedef __success (return >= 0) LONG NTSTATUS;

#define NT_SUCCESS(Status)  ((NTSTATUS) (Status) >= 0)

#define STATUS_SUCCESS      ((NTSTATUS) 0)

/*  The functions that create a profile object take among their arguments a 
    profile source that is defined in headers from the Windows Driver Kit 
    (WDK) and which may as well be reproduced whole.  */

typedef enum _KPROFILE_SOURCE {
    ProfileTime,
    ProfileAlignmentFixup,
    ProfileTotalIssues,
    ProfilePipelineDry,
    ProfileLoadInstructions,
    ProfilePipelineFrozen,
    ProfileBranchInstructions,
    ProfileTotalNonissues,
    ProfileDcacheMisses,
    ProfileIcacheMisses,
    ProfileCacheMisses,
    ProfileBranchMispredictions,
    ProfileStoreInstructions,
    ProfileFpInstructions,
    ProfileIntegerInstructions,
    Profile2Issue,
    Profile3Issue,
    Profile4Issue,
    ProfileSpecialInstructions,
    ProfileTotalCycles,
    ProfileIcacheIssues,
    ProfileDcacheAccesses,
    ProfileMemoryBarrierCycles,
    ProfileLoadLinkedIssues,
    ProfileMaximum
} KPROFILE_SOURCE;

/*  Another argument specifies processors. Again, the type is defined in the 
    WDK.  */

typedef ULONG_PTR KAFFINITY;

/*  The functions themselves have been undocumented for two decades but 
    nowadays have declarations in a header from an Enterprise WDK for 
    Windows 10.  */

NTSYSAPI
NTSTATUS
NTAPI
NtCreateProfile (
    HANDLE *ProfileHandle,
    HANDLE Process,
    PVOID ProfileBase,
    SIZE_T ProfileSize,
    ULONG BucketSize,
    ULONG *Buffer,
    ULONG BufferSize,
    KPROFILE_SOURCE ProfileSource,
    KAFFINITY Affinity);

NTSYSAPI
NTSTATUS
NTAPI
NtStartProfile (
    HANDLE ProfileHandle);

NTSYSAPI
NTSTATUS
NTAPI
NtStopProfile (
    HANDLE ProfileHandle);

/*  A helpful macro that Microsoft defines in WDK headers but omits from the
    SDK  */

#ifndef     ALIGN_UP_BY
#define     ALIGN_UP_BY(x,n)    (((ULONG_PTR) (x) + (n) - 1) & ~((n) - 1))
#endif

}   // extern "C"

/*  ************************************************************************  */

The only reason this is presented as a separate header is so that the source file is more easily read just for what’s particular to what it demonstrates.