2013-09-04 20:17:46 -04:00
|
|
|
// --------------------------------------------------------------------------------------
|
|
|
|
//
|
|
|
|
// Written by Zoltan Csizmadia, zoltan_csizmadia@yahoo.com
|
|
|
|
// For companies(Austin,TX): If you would like to get my resume, send an email.
|
|
|
|
//
|
|
|
|
// The source is free, but if you want to use it, mention my name and e-mail address
|
|
|
|
//
|
|
|
|
// History:
|
|
|
|
// 1.0 Initial version Zoltan Csizmadia
|
|
|
|
// 1.1 WhineCube version Masken
|
|
|
|
// 1.2 Dolphin version Masken
|
|
|
|
//
|
|
|
|
// --------------------------------------------------------------------------------------
|
|
|
|
|
|
|
|
#if defined(WIN32)
|
2014-08-17 13:54:06 -04:00
|
|
|
#include <cstdio>
|
2013-09-04 20:17:46 -04:00
|
|
|
#include <windows.h>
|
2014-04-08 21:15:08 -03:00
|
|
|
#include "common/extended_trace.h"
|
|
|
|
#include "common/string_util.h"
|
2013-09-04 20:17:46 -04:00
|
|
|
using namespace std;
|
|
|
|
|
|
|
|
#include <tchar.h>
|
|
|
|
#include <ImageHlp.h>
|
|
|
|
|
|
|
|
#define BUFFERSIZE 0x200
|
|
|
|
#pragma warning(disable:4996)
|
|
|
|
|
|
|
|
// Unicode safe char* -> TCHAR* conversion
|
|
|
|
void PCSTR2LPTSTR( PCSTR lpszIn, LPTSTR lpszOut )
|
|
|
|
{
|
|
|
|
#if defined(UNICODE)||defined(_UNICODE)
|
2014-11-19 05:49:13 -03:00
|
|
|
ULONG index = 0;
|
2014-04-01 19:20:08 -03:00
|
|
|
PCSTR lpAct = lpszIn;
|
|
|
|
|
|
|
|
for( ; ; lpAct++ )
|
|
|
|
{
|
|
|
|
lpszOut[index++] = (TCHAR)(*lpAct);
|
|
|
|
if ( *lpAct == 0 )
|
|
|
|
break;
|
2014-11-19 05:49:13 -03:00
|
|
|
}
|
2013-09-04 20:17:46 -04:00
|
|
|
#else
|
2014-04-01 19:20:08 -03:00
|
|
|
// This is trivial :)
|
|
|
|
strcpy( lpszOut, lpszIn );
|
2013-09-04 20:17:46 -04:00
|
|
|
#endif
|
|
|
|
}
|
|
|
|
|
|
|
|
// Let's figure out the path for the symbol files
|
|
|
|
// Search path= ".;%_NT_SYMBOL_PATH%;%_NT_ALTERNATE_SYMBOL_PATH%;%SYSTEMROOT%;%SYSTEMROOT%\System32;" + lpszIniPath
|
|
|
|
// Note: There is no size check for lpszSymbolPath!
|
|
|
|
static void InitSymbolPath( PSTR lpszSymbolPath, PCSTR lpszIniPath )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
CHAR lpszPath[BUFFERSIZE];
|
|
|
|
|
|
|
|
// Creating the default path
|
|
|
|
// ".;%_NT_SYMBOL_PATH%;%_NT_ALTERNATE_SYMBOL_PATH%;%SYSTEMROOT%;%SYSTEMROOT%\System32;"
|
|
|
|
strcpy( lpszSymbolPath, "." );
|
|
|
|
|
|
|
|
// environment variable _NT_SYMBOL_PATH
|
|
|
|
if ( GetEnvironmentVariableA( "_NT_SYMBOL_PATH", lpszPath, BUFFERSIZE ) )
|
|
|
|
{
|
|
|
|
strcat( lpszSymbolPath, ";" );
|
|
|
|
strcat( lpszSymbolPath, lpszPath );
|
|
|
|
}
|
|
|
|
|
|
|
|
// environment variable _NT_ALTERNATE_SYMBOL_PATH
|
|
|
|
if ( GetEnvironmentVariableA( "_NT_ALTERNATE_SYMBOL_PATH", lpszPath, BUFFERSIZE ) )
|
|
|
|
{
|
|
|
|
strcat( lpszSymbolPath, ";" );
|
|
|
|
strcat( lpszSymbolPath, lpszPath );
|
|
|
|
}
|
|
|
|
|
|
|
|
// environment variable SYSTEMROOT
|
|
|
|
if ( GetEnvironmentVariableA( "SYSTEMROOT", lpszPath, BUFFERSIZE ) )
|
|
|
|
{
|
|
|
|
strcat( lpszSymbolPath, ";" );
|
|
|
|
strcat( lpszSymbolPath, lpszPath );
|
|
|
|
strcat( lpszSymbolPath, ";" );
|
|
|
|
|
|
|
|
// SYSTEMROOT\System32
|
|
|
|
strcat( lpszSymbolPath, lpszPath );
|
|
|
|
strcat( lpszSymbolPath, "\\System32" );
|
|
|
|
}
|
|
|
|
|
|
|
|
// Add user defined path
|
2014-12-03 15:57:57 -03:00
|
|
|
if ( lpszIniPath != nullptr )
|
2014-04-01 19:20:08 -03:00
|
|
|
if ( lpszIniPath[0] != '\0' )
|
|
|
|
{
|
|
|
|
strcat( lpszSymbolPath, ";" );
|
|
|
|
strcat( lpszSymbolPath, lpszIniPath );
|
|
|
|
}
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Uninitialize the loaded symbol files
|
|
|
|
BOOL UninitSymInfo() {
|
2014-04-01 19:20:08 -03:00
|
|
|
return SymCleanup( GetCurrentProcess() );
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Initializes the symbol files
|
|
|
|
BOOL InitSymInfo( PCSTR lpszInitialSymbolPath )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
CHAR lpszSymbolPath[BUFFERSIZE];
|
|
|
|
DWORD symOptions = SymGetOptions();
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-11-19 05:49:13 -03:00
|
|
|
symOptions |= SYMOPT_LOAD_LINES;
|
2014-04-01 19:20:08 -03:00
|
|
|
symOptions &= ~SYMOPT_UNDNAME;
|
|
|
|
SymSetOptions( symOptions );
|
|
|
|
InitSymbolPath( lpszSymbolPath, lpszInitialSymbolPath );
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
return SymInitialize( GetCurrentProcess(), lpszSymbolPath, TRUE);
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Get the module name from a given address
|
|
|
|
static BOOL GetModuleNameFromAddress( UINT address, LPTSTR lpszModule )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
BOOL ret = FALSE;
|
|
|
|
IMAGEHLP_MODULE moduleInfo;
|
|
|
|
|
|
|
|
::ZeroMemory( &moduleInfo, sizeof(moduleInfo) );
|
|
|
|
moduleInfo.SizeOfStruct = sizeof(moduleInfo);
|
|
|
|
|
|
|
|
if ( SymGetModuleInfo( GetCurrentProcess(), (DWORD)address, &moduleInfo ) )
|
|
|
|
{
|
|
|
|
// Got it!
|
|
|
|
PCSTR2LPTSTR( moduleInfo.ModuleName, lpszModule );
|
|
|
|
ret = TRUE;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
// Not found :(
|
|
|
|
_tcscpy( lpszModule, _T("?") );
|
|
|
|
|
|
|
|
return ret;
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Get function prototype and parameter info from ip address and stack address
|
|
|
|
static BOOL GetFunctionInfoFromAddresses( ULONG fnAddress, ULONG stackAddress, LPTSTR lpszSymbol )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
BOOL ret = FALSE;
|
|
|
|
DWORD dwSymSize = 10000;
|
|
|
|
TCHAR lpszUnDSymbol[BUFFERSIZE]=_T("?");
|
|
|
|
CHAR lpszNonUnicodeUnDSymbol[BUFFERSIZE]="?";
|
2014-12-03 15:57:57 -03:00
|
|
|
LPTSTR lpszParamSep = nullptr;
|
2014-04-01 19:20:08 -03:00
|
|
|
LPTSTR lpszParsed = lpszUnDSymbol;
|
|
|
|
PIMAGEHLP_SYMBOL pSym = (PIMAGEHLP_SYMBOL)GlobalAlloc( GMEM_FIXED, dwSymSize );
|
|
|
|
|
|
|
|
::ZeroMemory( pSym, dwSymSize );
|
|
|
|
pSym->SizeOfStruct = dwSymSize;
|
|
|
|
pSym->MaxNameLength = dwSymSize - sizeof(IMAGEHLP_SYMBOL);
|
|
|
|
|
|
|
|
// Set the default to unknown
|
|
|
|
_tcscpy( lpszSymbol, _T("?") );
|
|
|
|
|
|
|
|
// Get symbol info for IP
|
2013-09-04 20:17:46 -04:00
|
|
|
#ifndef _M_X64
|
2014-04-01 19:20:08 -03:00
|
|
|
DWORD dwDisp = 0;
|
|
|
|
if ( SymGetSymFromAddr( GetCurrentProcess(), (ULONG)fnAddress, &dwDisp, pSym ) )
|
2014-11-19 05:49:13 -03:00
|
|
|
#else
|
2014-04-01 19:20:08 -03:00
|
|
|
//makes it compile but hell im not sure if this works...
|
|
|
|
DWORD64 dwDisp = 0;
|
|
|
|
if ( SymGetSymFromAddr( GetCurrentProcess(), (ULONG)fnAddress, (PDWORD64)&dwDisp, pSym ) )
|
2013-09-04 20:17:46 -04:00
|
|
|
#endif
|
2014-04-01 19:20:08 -03:00
|
|
|
{
|
|
|
|
// Make the symbol readable for humans
|
2014-11-19 05:49:13 -03:00
|
|
|
UnDecorateSymbolName( pSym->Name, lpszNonUnicodeUnDSymbol, BUFFERSIZE,
|
|
|
|
UNDNAME_COMPLETE |
|
2014-04-01 19:20:08 -03:00
|
|
|
UNDNAME_NO_THISTYPE |
|
|
|
|
UNDNAME_NO_SPECIAL_SYMS |
|
|
|
|
UNDNAME_NO_MEMBER_TYPE |
|
|
|
|
UNDNAME_NO_MS_KEYWORDS |
|
|
|
|
UNDNAME_NO_ACCESS_SPECIFIERS );
|
|
|
|
|
|
|
|
// Symbol information is ANSI string
|
|
|
|
PCSTR2LPTSTR( lpszNonUnicodeUnDSymbol, lpszUnDSymbol );
|
|
|
|
|
|
|
|
// I am just smarter than the symbol file :)
|
2014-08-12 17:34:25 -04:00
|
|
|
if (_tcscmp(lpszUnDSymbol, _T("_WinMain@16")) == 0)
|
2014-04-01 19:20:08 -03:00
|
|
|
_tcscpy(lpszUnDSymbol, _T("WinMain(HINSTANCE,HINSTANCE,LPCTSTR,int)"));
|
2014-08-12 17:34:25 -04:00
|
|
|
else if (_tcscmp(lpszUnDSymbol, _T("_main")) == 0)
|
|
|
|
_tcscpy(lpszUnDSymbol, _T("main(int,TCHAR * *)"));
|
|
|
|
else if (_tcscmp(lpszUnDSymbol, _T("_mainCRTStartup")) == 0)
|
|
|
|
_tcscpy(lpszUnDSymbol, _T("mainCRTStartup()"));
|
|
|
|
else if (_tcscmp(lpszUnDSymbol, _T("_wmain")) == 0)
|
|
|
|
_tcscpy(lpszUnDSymbol, _T("wmain(int,TCHAR * *,TCHAR * *)"));
|
|
|
|
else if (_tcscmp(lpszUnDSymbol, _T("_wmainCRTStartup")) == 0)
|
|
|
|
_tcscpy(lpszUnDSymbol, _T("wmainCRTStartup()"));
|
2014-04-01 19:20:08 -03:00
|
|
|
|
|
|
|
lpszSymbol[0] = _T('\0');
|
|
|
|
|
|
|
|
// Let's go through the stack, and modify the function prototype, and insert the actual
|
|
|
|
// parameter values from the stack
|
2014-12-03 15:57:57 -03:00
|
|
|
if ( _tcsstr( lpszUnDSymbol, _T("(void)") ) == nullptr && _tcsstr( lpszUnDSymbol, _T("()") ) == nullptr)
|
2014-04-01 19:20:08 -03:00
|
|
|
{
|
|
|
|
ULONG index = 0;
|
|
|
|
for( ; ; index++ )
|
|
|
|
{
|
|
|
|
lpszParamSep = _tcschr( lpszParsed, _T(',') );
|
2014-12-03 15:57:57 -03:00
|
|
|
if ( lpszParamSep == nullptr )
|
2014-04-01 19:20:08 -03:00
|
|
|
break;
|
|
|
|
|
|
|
|
*lpszParamSep = _T('\0');
|
|
|
|
|
|
|
|
_tcscat( lpszSymbol, lpszParsed );
|
|
|
|
_stprintf( lpszSymbol + _tcslen(lpszSymbol), _T("=0x%08X,"), *((ULONG*)(stackAddress) + 2 + index) );
|
|
|
|
|
|
|
|
lpszParsed = lpszParamSep + 1;
|
|
|
|
}
|
|
|
|
|
|
|
|
lpszParamSep = _tcschr( lpszParsed, _T(')') );
|
2014-12-03 15:57:57 -03:00
|
|
|
if ( lpszParamSep != nullptr )
|
2014-04-01 19:20:08 -03:00
|
|
|
{
|
|
|
|
*lpszParamSep = _T('\0');
|
|
|
|
|
|
|
|
_tcscat( lpszSymbol, lpszParsed );
|
|
|
|
_stprintf( lpszSymbol + _tcslen(lpszSymbol), _T("=0x%08X)"), *((ULONG*)(stackAddress) + 2 + index) );
|
|
|
|
|
|
|
|
lpszParsed = lpszParamSep + 1;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
_tcscat( lpszSymbol, lpszParsed );
|
|
|
|
|
|
|
|
ret = TRUE;
|
2014-11-19 05:49:13 -03:00
|
|
|
}
|
2014-04-01 19:20:08 -03:00
|
|
|
GlobalFree( pSym );
|
|
|
|
|
|
|
|
return ret;
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
// Get source file name and line number from IP address
|
|
|
|
// The output format is: "sourcefile(linenumber)" or
|
|
|
|
// "modulename!address" or
|
|
|
|
// "address"
|
|
|
|
static BOOL GetSourceInfoFromAddress( UINT address, LPTSTR lpszSourceInfo )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
BOOL ret = FALSE;
|
|
|
|
IMAGEHLP_LINE lineInfo;
|
|
|
|
DWORD dwDisp;
|
|
|
|
TCHAR lpszFileName[BUFFERSIZE] = _T("");
|
|
|
|
TCHAR lpModuleInfo[BUFFERSIZE] = _T("");
|
|
|
|
|
|
|
|
_tcscpy( lpszSourceInfo, _T("?(?)") );
|
|
|
|
|
|
|
|
::ZeroMemory( &lineInfo, sizeof( lineInfo ) );
|
|
|
|
lineInfo.SizeOfStruct = sizeof( lineInfo );
|
|
|
|
|
|
|
|
if ( SymGetLineFromAddr( GetCurrentProcess(), address, &dwDisp, &lineInfo ) )
|
|
|
|
{
|
|
|
|
// Got it. Let's use "sourcefile(linenumber)" format
|
|
|
|
PCSTR2LPTSTR( lineInfo.FileName, lpszFileName );
|
|
|
|
TCHAR fname[_MAX_FNAME];
|
|
|
|
TCHAR ext[_MAX_EXT];
|
2014-12-03 15:57:57 -03:00
|
|
|
_tsplitpath(lpszFileName, nullptr, nullptr, fname, ext);
|
2014-04-01 19:20:08 -03:00
|
|
|
_stprintf( lpszSourceInfo, _T("%s%s(%d)"), fname, ext, lineInfo.LineNumber );
|
|
|
|
ret = TRUE;
|
|
|
|
}
|
|
|
|
else
|
|
|
|
{
|
|
|
|
// There is no source file information. :(
|
|
|
|
// Let's use the "modulename!address" format
|
|
|
|
GetModuleNameFromAddress( address, lpModuleInfo );
|
|
|
|
|
|
|
|
if ( lpModuleInfo[0] == _T('?') || lpModuleInfo[0] == _T('\0'))
|
|
|
|
// There is no modulename information. :((
|
|
|
|
// Let's use the "address" format
|
|
|
|
_stprintf( lpszSourceInfo, _T("0x%08X"), address );
|
|
|
|
else
|
|
|
|
_stprintf( lpszSourceInfo, _T("%s!0x%08X"), lpModuleInfo, address );
|
|
|
|
|
|
|
|
ret = FALSE;
|
|
|
|
}
|
|
|
|
|
|
|
|
return ret;
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
void PrintFunctionAndSourceInfo(FILE* file, const STACKFRAME& callstack)
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
TCHAR symInfo[BUFFERSIZE] = _T("?");
|
|
|
|
TCHAR srcInfo[BUFFERSIZE] = _T("?");
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
GetFunctionInfoFromAddresses((ULONG)callstack.AddrPC.Offset, (ULONG)callstack.AddrFrame.Offset, symInfo);
|
|
|
|
GetSourceInfoFromAddress((ULONG)callstack.AddrPC.Offset, srcInfo);
|
2014-09-07 15:50:43 -03:00
|
|
|
etfprint(file, " " + Common::TStrToUTF8(srcInfo) + " : " + Common::TStrToUTF8(symInfo) + "\n");
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
void StackTrace( HANDLE hThread, const char* lpszMessage, FILE *file )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
STACKFRAME callStack;
|
|
|
|
BOOL bResult;
|
|
|
|
CONTEXT context;
|
|
|
|
HANDLE hProcess = GetCurrentProcess();
|
|
|
|
|
|
|
|
// If it's not this thread, let's suspend it, and resume it at the end
|
|
|
|
if ( hThread != GetCurrentThread() )
|
|
|
|
if ( SuspendThread( hThread ) == -1 )
|
|
|
|
{
|
|
|
|
// whaaat ?!
|
|
|
|
etfprint(file, "Call stack info failed\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
::ZeroMemory( &context, sizeof(context) );
|
|
|
|
context.ContextFlags = CONTEXT_FULL;
|
|
|
|
|
|
|
|
if ( !GetThreadContext( hThread, &context ) )
|
|
|
|
{
|
|
|
|
etfprint(file, "Call stack info failed\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
::ZeroMemory( &callStack, sizeof(callStack) );
|
2013-09-04 20:17:46 -04:00
|
|
|
#ifndef _M_X64
|
2014-04-01 19:20:08 -03:00
|
|
|
callStack.AddrPC.Offset = context.Eip;
|
|
|
|
callStack.AddrStack.Offset = context.Esp;
|
|
|
|
callStack.AddrFrame.Offset = context.Ebp;
|
2013-09-04 20:17:46 -04:00
|
|
|
#else
|
2014-04-01 19:20:08 -03:00
|
|
|
callStack.AddrPC.Offset = context.Rip;
|
|
|
|
callStack.AddrStack.Offset = context.Rsp;
|
|
|
|
callStack.AddrFrame.Offset = context.Rbp;
|
2013-09-04 20:17:46 -04:00
|
|
|
#endif
|
2014-04-01 19:20:08 -03:00
|
|
|
callStack.AddrPC.Mode = AddrModeFlat;
|
|
|
|
callStack.AddrStack.Mode = AddrModeFlat;
|
|
|
|
callStack.AddrFrame.Mode = AddrModeFlat;
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
etfprint(file, "Call stack info: \n");
|
|
|
|
etfprint(file, lpszMessage);
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
PrintFunctionAndSourceInfo(file, callStack);
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-11-19 05:49:13 -03:00
|
|
|
for( ULONG index = 0; ; index++ )
|
2014-04-01 19:20:08 -03:00
|
|
|
{
|
|
|
|
bResult = StackWalk(
|
|
|
|
IMAGE_FILE_MACHINE_I386,
|
|
|
|
hProcess,
|
|
|
|
hThread,
|
|
|
|
&callStack,
|
2014-12-03 15:57:57 -03:00
|
|
|
nullptr,
|
|
|
|
nullptr,
|
2014-04-01 19:20:08 -03:00
|
|
|
SymFunctionTableAccess,
|
|
|
|
SymGetModuleBase,
|
2014-12-03 15:57:57 -03:00
|
|
|
nullptr);
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
if ( index == 0 )
|
|
|
|
continue;
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-11-19 05:49:13 -03:00
|
|
|
if( !bResult || callStack.AddrFrame.Offset == 0 )
|
2014-04-01 19:20:08 -03:00
|
|
|
break;
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
PrintFunctionAndSourceInfo(file, callStack);
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
}
|
2013-09-04 20:17:46 -04:00
|
|
|
|
2014-04-01 19:20:08 -03:00
|
|
|
if ( hThread != GetCurrentThread() )
|
|
|
|
ResumeThread( hThread );
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
void StackTrace(HANDLE hThread, const char* lpszMessage, FILE *file, DWORD eip, DWORD esp, DWORD ebp )
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
STACKFRAME callStack;
|
|
|
|
BOOL bResult;
|
|
|
|
TCHAR symInfo[BUFFERSIZE] = _T("?");
|
|
|
|
TCHAR srcInfo[BUFFERSIZE] = _T("?");
|
|
|
|
HANDLE hProcess = GetCurrentProcess();
|
|
|
|
|
|
|
|
// If it's not this thread, let's suspend it, and resume it at the end
|
|
|
|
if ( hThread != GetCurrentThread() )
|
|
|
|
if ( SuspendThread( hThread ) == -1 )
|
|
|
|
{
|
|
|
|
// whaaat ?!
|
|
|
|
etfprint(file, "Call stack info failed\n");
|
|
|
|
return;
|
|
|
|
}
|
|
|
|
|
|
|
|
::ZeroMemory( &callStack, sizeof(callStack) );
|
|
|
|
callStack.AddrPC.Offset = eip;
|
|
|
|
callStack.AddrStack.Offset = esp;
|
|
|
|
callStack.AddrFrame.Offset = ebp;
|
|
|
|
callStack.AddrPC.Mode = AddrModeFlat;
|
|
|
|
callStack.AddrStack.Mode = AddrModeFlat;
|
|
|
|
callStack.AddrFrame.Mode = AddrModeFlat;
|
|
|
|
|
|
|
|
etfprint(file, "Call stack info: \n");
|
|
|
|
etfprint(file, lpszMessage);
|
|
|
|
|
|
|
|
PrintFunctionAndSourceInfo(file, callStack);
|
|
|
|
|
2014-11-19 05:49:13 -03:00
|
|
|
for( ULONG index = 0; ; index++ )
|
2014-04-01 19:20:08 -03:00
|
|
|
{
|
|
|
|
bResult = StackWalk(
|
|
|
|
IMAGE_FILE_MACHINE_I386,
|
|
|
|
hProcess,
|
|
|
|
hThread,
|
|
|
|
&callStack,
|
2014-12-03 15:57:57 -03:00
|
|
|
nullptr,
|
|
|
|
nullptr,
|
2014-04-01 19:20:08 -03:00
|
|
|
SymFunctionTableAccess,
|
|
|
|
SymGetModuleBase,
|
2014-12-03 15:57:57 -03:00
|
|
|
nullptr);
|
2014-04-01 19:20:08 -03:00
|
|
|
|
|
|
|
if ( index == 0 )
|
|
|
|
continue;
|
|
|
|
|
2014-11-19 05:49:13 -03:00
|
|
|
if( !bResult || callStack.AddrFrame.Offset == 0 )
|
2014-04-01 19:20:08 -03:00
|
|
|
break;
|
|
|
|
|
|
|
|
PrintFunctionAndSourceInfo(file, callStack);
|
|
|
|
}
|
|
|
|
|
|
|
|
if ( hThread != GetCurrentThread() )
|
|
|
|
ResumeThread( hThread );
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
char g_uefbuf[2048];
|
|
|
|
|
|
|
|
void etfprintf(FILE *file, const char *format, ...)
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
va_list ap;
|
|
|
|
va_start(ap, format);
|
|
|
|
int len = vsprintf(g_uefbuf, format, ap);
|
|
|
|
fwrite(g_uefbuf, 1, len, file);
|
|
|
|
va_end(ap);
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
void etfprint(FILE *file, const std::string &text)
|
|
|
|
{
|
2014-04-01 19:20:08 -03:00
|
|
|
size_t len = text.length();
|
|
|
|
fwrite(text.data(), 1, len, file);
|
2013-09-04 20:17:46 -04:00
|
|
|
}
|
|
|
|
|
|
|
|
#endif //WIN32
|