// prints out specified matches formatted by their Match type // args: limit: number of entries to print IN TOTAL (default is 100) void Memscan::printMatches(size_t limit) { cout << "Printing first " << limit << " matches (" << matches.size() << " matches total)... FORMAT: [base address: offset: value: float]" << endl; ostringstream b, w, d, q; size_t num_entries = 0; for (Match* m : matches) { if (num_entries >= limit) { break; } if (1 == m->size) { // size is BYTE b << hex << uppercase << DWORD64(m->address) << nouppercase << dec << ": " << m->offset << ": " << m->value << ": " << parse_float(m->value, m->size) << endl; } else if (2 == m->size) { // size is WORD w << hex << uppercase << DWORD64(m->address) << nouppercase << dec << ": " << m->offset << ": " << m->value << ": " << parse_float(m->value, m->size) << endl; } else if (4 == m->size) { // size is DWORD d << hex << uppercase << DWORD64(m->address) << nouppercase << dec << ": " << m->offset << ": " << m->value << ": " << parse_float(m->value, m->size) << endl; } else if (8 == m->size) { // size is QUADWORD q << hex << uppercase << DWORD64(m->address) << nouppercase << dec << ": " << m->offset << ": " << m->value << ": " << parse_float(m->value, m->size) << endl; } else { cout << "Error: size not specified." << endl; exit(1); } num_entries++; } if (b.str().length() != 0) { cout << "BYTE" << endl; cout << b.str(); } if (w.str().length() != 0) { cout << "WORD" << endl; cout << w.str(); } if (d.str().length() != 0) { cout << "DWORD" << endl; cout << d.str(); } if (q.str().length() != 0) { cout << "QUADWORD" << endl; cout << q.str(); } }
static void dump_thread(void *arg) { HANDLE dbghelp; BOOL (WINAPI *pSymInitialize)(HANDLE, const char *, BOOL); BOOL (WINAPI *pSymCleanup)(HANDLE); BOOL (WINAPI *pStackWalk64)(DWORD, HANDLE, HANDLE, STACKFRAME64 *, void *, PREAD_PROCESS_MEMORY_ROUTINE64, PFUNCTION_TABLE_ACCESS_ROUTINE64, PGET_MODULE_BASE_ROUTINE64, PTRANSLATE_ADDRESS_ROUTINE64); DWORD64 (WINAPI *pSymGetModuleBase64)(HANDLE, DWORD64); BOOL (WINAPI *pSymFromAddr)(HANDLE, DWORD64, DWORD64 *, SYMBOL_INFO *); BOOL (WINAPI *pSymGetLineFromAddr64)(HANDLE, DWORD64, DWORD *, IMAGEHLP_LINE64 *); HANDLE (WINAPI *pOpenThread)(DWORD, BOOL, DWORD); DWORD tid = *(DWORD *)arg; HANDLE ph; HANDLE th; dbghelp = LoadLibrary("dbghelp.dll"); if (!dbghelp) return; pSymInitialize = (BOOL (WINAPI *)(HANDLE, const char *, BOOL))GetProcAddress(dbghelp, "SymInitialize"); pSymCleanup = (BOOL (WINAPI *)(HANDLE))GetProcAddress(dbghelp, "SymCleanup"); pStackWalk64 = (BOOL (WINAPI *)(DWORD, HANDLE, HANDLE, STACKFRAME64 *, void *, PREAD_PROCESS_MEMORY_ROUTINE64, PFUNCTION_TABLE_ACCESS_ROUTINE64, PGET_MODULE_BASE_ROUTINE64, PTRANSLATE_ADDRESS_ROUTINE64))GetProcAddress(dbghelp, "StackWalk64"); pSymGetModuleBase64 = (DWORD64 (WINAPI *)(HANDLE, DWORD64))GetProcAddress(dbghelp, "SymGetModuleBase64"); pSymFromAddr = (BOOL (WINAPI *)(HANDLE, DWORD64, DWORD64 *, SYMBOL_INFO *))GetProcAddress(dbghelp, "SymFromAddr"); pSymGetLineFromAddr64 = (BOOL (WINAPI *)(HANDLE, DWORD64, DWORD *, IMAGEHLP_LINE64 *))GetProcAddress(dbghelp, "SymGetLineFromAddr64"); pOpenThread = (HANDLE (WINAPI *)(DWORD, BOOL, DWORD))GetProcAddress(GetModuleHandle("kernel32.dll"), "OpenThread"); if (pSymInitialize && pSymCleanup && pStackWalk64 && pSymGetModuleBase64 && pSymFromAddr && pSymGetLineFromAddr64 && pOpenThread) { SymSetOptions(SYMOPT_UNDNAME | SYMOPT_DEFERRED_LOADS | SYMOPT_DEBUG | SYMOPT_LOAD_LINES); ph = GetCurrentProcess(); pSymInitialize(ph, NULL, TRUE); th = pOpenThread(THREAD_SUSPEND_RESUME|THREAD_GET_CONTEXT, FALSE, tid); if (th) { if (SuspendThread(th) != (DWORD)-1) { CONTEXT context; memset(&context, 0, sizeof(context)); context.ContextFlags = CONTEXT_FULL; if (GetThreadContext(th, &context)) { char libpath[MAX_PATH]; char buf[sizeof(SYMBOL_INFO) + MAX_SYM_NAME]; SYMBOL_INFO *info = (SYMBOL_INFO *)buf; DWORD mac; STACKFRAME64 frame; memset(&frame, 0, sizeof(frame)); #if defined(_M_AMD64) || defined(__x86_64__) mac = IMAGE_FILE_MACHINE_AMD64; frame.AddrPC.Mode = AddrModeFlat; frame.AddrPC.Offset = context.Rip; frame.AddrFrame.Mode = AddrModeFlat; frame.AddrFrame.Offset = context.Rbp; frame.AddrStack.Mode = AddrModeFlat; frame.AddrStack.Offset = context.Rsp; #elif defined(_M_IA64) || defined(__ia64__) mac = IMAGE_FILE_MACHINE_IA64; frame.AddrPC.Mode = AddrModeFlat; frame.AddrPC.Offset = context.StIIP; frame.AddrBStore.Mode = AddrModeFlat; frame.AddrBStore.Offset = context.RsBSP; frame.AddrStack.Mode = AddrModeFlat; frame.AddrStack.Offset = context.IntSp; #else /* i386 */ mac = IMAGE_FILE_MACHINE_I386; frame.AddrPC.Mode = AddrModeFlat; frame.AddrPC.Offset = context.Eip; frame.AddrFrame.Mode = AddrModeFlat; frame.AddrFrame.Offset = context.Ebp; frame.AddrStack.Mode = AddrModeFlat; frame.AddrStack.Offset = context.Esp; #endif while (pStackWalk64(mac, ph, th, &frame, &context, NULL, NULL, NULL, NULL)) { DWORD64 addr = frame.AddrPC.Offset; IMAGEHLP_LINE64 line; DWORD64 displacement; DWORD tmp; if (addr == frame.AddrReturn.Offset || addr == 0 || frame.AddrReturn.Offset == 0) break; memset(buf, 0, sizeof(buf)); info->SizeOfStruct = sizeof(SYMBOL_INFO); info->MaxNameLen = MAX_SYM_NAME; if (pSymFromAddr(ph, addr, &displacement, info)) { if (GetModuleFileName((HANDLE)(uintptr_t)pSymGetModuleBase64(ph, addr), libpath, sizeof(libpath))) fprintf(stderr, "%s", libpath); fprintf(stderr, "(%s+0x%I64x)", info->Name, displacement); } fprintf(stderr, " [0x%p]", (void *)(VALUE)addr); memset(&line, 0, sizeof(line)); line.SizeOfStruct = sizeof(line); if (pSymGetLineFromAddr64(ph, addr, &tmp, &line)) fprintf(stderr, " %s:%lu", line.FileName, line.LineNumber); fprintf(stderr, "\n"); } } ResumeThread(th); } CloseHandle(th); } pSymCleanup(ph); } FreeLibrary(dbghelp); }
// LICENSE.TXT at the root directory of the distribution. // </copyright> // // <summary> // Module: Core // // Setup chainer/bootstrapper download engine for WiX toolset. // </summary> //------------------------------------------------------------------------------------------------- #include "precomp.h" #include <wininet.h> #include <inetutil.h> #include <uriutil.h> static const DWORD64 BURN_DOWNLOAD_ENGINE_TWO_GIGABYTES = DWORD64(2) * 1024 * 1024 * 1024; static LPCWSTR BURN_DOWNLOAD_ENGINE_ACCEPT_TYPES[] = { L"*/*", NULL }; // internal function declarations static HRESULT InitializeResume( __in LPCWSTR wzDestinationPath, __out LPWSTR* psczResumePath, __out HANDLE* phResumeFile, __out DWORD64* pdw64ResumeOffset ); static HRESULT GetResourceMetadata( __in BURN_USER_EXPERIENCE* pUX, __in_z LPCWSTR wzPackageOrContainerId, __in_z LPCWSTR wzPayloadId,
DWORD CrashExceptionHandler (qboolean iswatchdog, DWORD exceptionCode, LPEXCEPTION_POINTERS exceptionInfo) { char dumpPath[1024]; HANDLE hProc = GetCurrentProcess(); DWORD procid = GetCurrentProcessId(); HANDLE dumpfile; HMODULE hDbgHelp; MINIDUMPWRITEDUMP fnMiniDumpWriteDump; HMODULE hKernel; BOOL (WINAPI *pIsDebuggerPresent)(void); DWORD (WINAPI *pSymSetOptions)(DWORD SymOptions); BOOL (WINAPI *pSymInitialize)(HANDLE hProcess, PSTR UserSearchPath, BOOL fInvadeProcess); BOOL (WINAPI *pSymFromAddr)(HANDLE hProcess, DWORD64 Address, PDWORD64 Displacement, PSYMBOL_INFO Symbol); #ifdef _WIN64 #define DBGHELP_POSTFIX "64" BOOL (WINAPI *pStackWalkX)(DWORD MachineType, HANDLE hProcess, HANDLE hThread, LPSTACKFRAME64 StackFrame, PVOID ContextRecord, PREAD_PROCESS_MEMORY_ROUTINE64 ReadMemoryRoutine, PFUNCTION_TABLE_ACCESS_ROUTINE64 FunctionTableAccessRoutine, PGET_MODULE_BASE_ROUTINE64 GetModuleBaseRoutine, PTRANSLATE_ADDRESS_ROUTINE64 TranslateAddress); PVOID (WINAPI *pSymFunctionTableAccessX)(HANDLE hProcess, DWORD64 AddrBase); DWORD64 (WINAPI *pSymGetModuleBaseX)(HANDLE hProcess, DWORD64 qwAddr); BOOL (WINAPI *pSymGetLineFromAddrX)(HANDLE hProcess, DWORD64 qwAddr, PDWORD pdwDisplacement, PIMAGEHLP_LINE64 Line64); BOOL (WINAPI *pSymGetModuleInfoX)(HANDLE hProcess, DWORD64 qwAddr, PIMAGEHLP_MODULE64 ModuleInfo); #define STACKFRAMEX STACKFRAME64 #define IMAGEHLP_LINEX IMAGEHLP_LINE64 #define IMAGEHLP_MODULEX IMAGEHLP_MODULE64 #else #define DBGHELP_POSTFIX "" BOOL (WINAPI *pStackWalkX)(DWORD MachineType, HANDLE hProcess, HANDLE hThread, LPSTACKFRAME StackFrame, PVOID ContextRecord, PREAD_PROCESS_MEMORY_ROUTINE ReadMemoryRoutine, PFUNCTION_TABLE_ACCESS_ROUTINE FunctionTableAccessRoutine, PGET_MODULE_BASE_ROUTINE GetModuleBaseRoutine, PTRANSLATE_ADDRESS_ROUTINE TranslateAddress); PVOID (WINAPI *pSymFunctionTableAccessX)(HANDLE hProcess, DWORD AddrBase); DWORD (WINAPI *pSymGetModuleBaseX)(HANDLE hProcess, DWORD dwAddr); BOOL (WINAPI *pSymGetLineFromAddrX)(HANDLE hProcess, DWORD dwAddr, PDWORD pdwDisplacement, PIMAGEHLP_LINE Line); BOOL (WINAPI *pSymGetModuleInfoX)(HANDLE hProcess, DWORD dwAddr, PIMAGEHLP_MODULE ModuleInfo); #define STACKFRAMEX STACKFRAME #define IMAGEHLP_LINEX IMAGEHLP_LINE #define IMAGEHLP_MODULEX IMAGEHLP_MODULE #endif dllfunction_t debughelpfuncs[] = { {(void*)&pSymFromAddr, "SymFromAddr"}, {(void*)&pSymSetOptions, "SymSetOptions"}, {(void*)&pSymInitialize, "SymInitialize"}, {(void*)&pStackWalkX, "StackWalk"DBGHELP_POSTFIX}, {(void*)&pSymFunctionTableAccessX, "SymFunctionTableAccess"DBGHELP_POSTFIX}, {(void*)&pSymGetModuleBaseX, "SymGetModuleBase"DBGHELP_POSTFIX}, {(void*)&pSymGetLineFromAddrX, "SymGetLineFromAddr"DBGHELP_POSTFIX}, {(void*)&pSymGetModuleInfoX, "SymGetModuleInfo"DBGHELP_POSTFIX}, {NULL, NULL} }; switch(exceptionCode) { case EXCEPTION_ACCESS_VIOLATION: case EXCEPTION_DATATYPE_MISALIGNMENT: case EXCEPTION_BREAKPOINT: case EXCEPTION_SINGLE_STEP: case EXCEPTION_ARRAY_BOUNDS_EXCEEDED: case EXCEPTION_FLT_DENORMAL_OPERAND: case EXCEPTION_FLT_DIVIDE_BY_ZERO: case EXCEPTION_FLT_INEXACT_RESULT: case EXCEPTION_FLT_INVALID_OPERATION: case EXCEPTION_FLT_OVERFLOW: case EXCEPTION_FLT_STACK_CHECK: case EXCEPTION_FLT_UNDERFLOW: case EXCEPTION_INT_DIVIDE_BY_ZERO: case EXCEPTION_INT_OVERFLOW: case EXCEPTION_PRIV_INSTRUCTION: case EXCEPTION_IN_PAGE_ERROR: case EXCEPTION_ILLEGAL_INSTRUCTION: case EXCEPTION_NONCONTINUABLE_EXCEPTION: case EXCEPTION_STACK_OVERFLOW: case EXCEPTION_INVALID_DISPOSITION: case EXCEPTION_GUARD_PAGE: case EXCEPTION_INVALID_HANDLE: // case EXCEPTION_POSSIBLE_DEADLOCK: break; default: //because windows is a steaming pile of s***e, we have to ignore any software-generated exceptions, because most of them are not in fact fatal, *EVEN IF THEY CLAIM TO BE NON-CONTINUABLE* return exceptionCode; } hKernel = LoadLibrary ("kernel32"); pIsDebuggerPresent = (void*)GetProcAddress(hKernel, "IsDebuggerPresent"); if (pIsDebuggerPresent && pIsDebuggerPresent()) return EXCEPTION_CONTINUE_SEARCH; #ifdef GLQUAKE GLVID_Crashed(); #endif #if 1//ndef _MSC_VER { if (Sys_LoadLibrary("DBGHELP", debughelpfuncs)) { STACKFRAMEX stack; CONTEXT *pcontext = exceptionInfo->ContextRecord; IMAGEHLP_LINEX line; IMAGEHLP_MODULEX module; struct { SYMBOL_INFO sym; char name[1024]; } sym; int frameno; char stacklog[8192]; int logpos, logstart; char *logline; stacklog[logpos=0] = 0; pSymInitialize(hProc, NULL, TRUE); pSymSetOptions(SYMOPT_LOAD_LINES); memset(&stack, 0, sizeof(stack)); #ifdef _WIN64 #define IMAGE_FILE_MACHINE_THIS IMAGE_FILE_MACHINE_AMD64 stack.AddrPC.Mode = AddrModeFlat; stack.AddrPC.Offset = pcontext->Rip; stack.AddrFrame.Mode = AddrModeFlat; stack.AddrFrame.Offset = pcontext->Rbp; stack.AddrStack.Mode = AddrModeFlat; stack.AddrStack.Offset = pcontext->Rsp; #else #define IMAGE_FILE_MACHINE_THIS IMAGE_FILE_MACHINE_I386 stack.AddrPC.Mode = AddrModeFlat; stack.AddrPC.Offset = pcontext->Eip; stack.AddrFrame.Mode = AddrModeFlat; stack.AddrFrame.Offset = pcontext->Ebp; stack.AddrStack.Mode = AddrModeFlat; stack.AddrStack.Offset = pcontext->Esp; #endif Q_strncpyz(stacklog+logpos, FULLENGINENAME " or dependancy has crashed. The following stack dump been copied to your windows clipboard.\n" #ifdef _MSC_VER "Would you like to generate a core dump too?\n" #endif "\n", sizeof(stacklog)-logpos); logstart = logpos += strlen(stacklog+logpos); //so I know which one it is #if defined(DEBUG) || defined(_DEBUG) #define BUILDDEBUGREL "Debug" #else #define BUILDDEBUGREL "Optimised" #endif #ifdef MINIMAL #define BUILDMINIMAL "Min" #else #define BUILDMINIMAL "" #endif #if defined(GLQUAKE) && !defined(D3DQUAKE) #define BUILDTYPE "GL" #elif !defined(GLQUAKE) && defined(D3DQUAKE) #define BUILDTYPE "D3D" #else #define BUILDTYPE "Merged" #endif Q_snprintfz(stacklog+logpos, sizeof(stacklog)-logpos, "Build: %s %s %s: %s\r\n", BUILDDEBUGREL, PLATFORM, BUILDMINIMAL BUILDTYPE, version_string()); logpos += strlen(stacklog+logpos); for(frameno = 0; ; frameno++) { DWORD64 symdisp; DWORD linedisp; DWORD_PTR symaddr; if (!pStackWalkX(IMAGE_FILE_MACHINE_THIS, hProc, GetCurrentThread(), &stack, pcontext, NULL, pSymFunctionTableAccessX, pSymGetModuleBaseX, NULL)) break; memset(&module, 0, sizeof(module)); module.SizeOfStruct = sizeof(module); pSymGetModuleInfoX(hProc, stack.AddrPC.Offset, &module); memset(&line, 0, sizeof(line)); line.SizeOfStruct = sizeof(line); symdisp = 0; memset(&sym, 0, sizeof(sym)); sym.sym.MaxNameLen = sizeof(sym.name); symaddr = stack.AddrPC.Offset; sym.sym.SizeOfStruct = sizeof(sym.sym); if (pSymFromAddr(hProc, symaddr, &symdisp, &sym.sym)) { if (pSymGetLineFromAddrX(hProc, stack.AddrPC.Offset, &linedisp, &line)) logline = va("%-20s - %s:%i (%s)\r\n", sym.sym.Name, line.FileName, (int)line.LineNumber, module.LoadedImageName); else logline = va("%-20s+%#x (%s)\r\n", sym.sym.Name, (unsigned int)symdisp, module.LoadedImageName); } else logline = va("0x%p (%s)\r\n", (void*)(DWORD_PTR)stack.AddrPC.Offset, module.LoadedImageName); Q_strncpyz(stacklog+logpos, logline, sizeof(stacklog)-logpos); logpos += strlen(stacklog+logpos); if (logpos+1 >= sizeof(stacklog)) break; } Sys_Printf("%s", stacklog+logstart); return EXCEPTION_EXECUTE_HANDLER; } else { Sys_Printf("We crashed.\nUnable to load dbghelp library. Stack info is not available\n"); return EXCEPTION_EXECUTE_HANDLER; } } #endif hDbgHelp = LoadLibrary ("DBGHELP"); if (hDbgHelp) fnMiniDumpWriteDump = (MINIDUMPWRITEDUMP)GetProcAddress (hDbgHelp, "MiniDumpWriteDump"); else fnMiniDumpWriteDump = NULL; if (fnMiniDumpWriteDump) { if (MessageBox(NULL, "KABOOM! We crashed!\nBlame the monkey in the corner.\nI hope you saved your work.\nWould you like to take a dump now?", DISTRIBUTION " Sucks", MB_ICONSTOP|MB_YESNO) != IDYES) { if (pIsDebuggerPresent ()) { //its possible someone attached a debugger while we were showing that message return EXCEPTION_CONTINUE_SEARCH; } return EXCEPTION_EXECUTE_HANDLER; } /*take a dump*/ GetTempPath (sizeof(dumpPath)-16, dumpPath); Q_strncatz(dumpPath, DISTRIBUTION"CrashDump.dmp", sizeof(dumpPath)); dumpfile = CreateFile (dumpPath, GENERIC_WRITE, 0, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL); if (dumpfile) { MINIDUMP_EXCEPTION_INFORMATION crashinfo; crashinfo.ClientPointers = TRUE; crashinfo.ExceptionPointers = exceptionInfo; crashinfo.ThreadId = GetCurrentThreadId (); if (fnMiniDumpWriteDump(hProc, procid, dumpfile, MiniDumpWithIndirectlyReferencedMemory|MiniDumpWithDataSegs, &crashinfo, NULL, NULL)) { CloseHandle(dumpfile); MessageBox(NULL, va("You can find the crashdump at\n%s\nPlease send this file to someone.\n\nWarning: sensitive information (like your current user name) might be present in the dump.\nYou will probably want to compress it.", dumpPath), DISTRIBUTION " Sucks", 0); return EXCEPTION_EXECUTE_HANDLER; } } } else MessageBox(NULL, "Kaboom! Sorry. No MiniDumpWriteDump function.", FULLENGINENAME " Sucks", 0); return EXCEPTION_EXECUTE_HANDLER; }