/*
* GetRealCSIP - get the CS:IP of a stopped task, cuz microsoft only tells
* you that the task is stopped in the kernel (gee, that's
* useful!!)
*/
DWORD GetRealCSIP( HTASK htask, HMODULE *mod )
{
DWORD csip;
STACKTRACEENTRY se;
GLOBALENTRY ge;
TASKENTRY te;
te.dwSize = sizeof( te );
if( TaskFindHandle( &te, htask ) == NULL ) {
return( 0L );
}
if( mod != NULL ) {
*mod = te.hModule;
}
csip = TaskGetCSIP( htask );
if( csip == 0L ) {
return( 0L );
}
se.dwSize = sizeof( se );
if( !StackTraceFirst( &se, htask ) ) {
return( csip );
}
csip = MAKECSIP( se.wCS, se.wIP );
while( 1 ) {
se.dwSize = sizeof( se );
if( !StackTraceNext( &se ) ) {
break;
}
csip = MAKECSIP( se.wCS, se.wIP );
ge.dwSize = sizeof( ge );
if( GlobalEntryHandle( &ge, (HGLOBAL)se.wCS ) ) {
if( ge.hOwner == te.hModule ) {
break;
}
}
}
return( csip );
} /* GetRealCSIP */
BOOL MyStackTraceNext( STACKTRACEENTRY *se )
{
se->dwSize = sizeof( STACKTRACEENTRY );
return( StackTraceNext( se ) );
} /* MyStackTraceNext */
