/******************************************************************
* SymGetModuleInfo (DBGHELP.@)
*
*/
BOOL WINAPI SymGetModuleInfo(HANDLE hProcess, DWORD dwAddr,
PIMAGEHLP_MODULE ModuleInfo)
{
IMAGEHLP_MODULE mi;
IMAGEHLP_MODULEW64 miw64;
if (sizeof(mi) < ModuleInfo->SizeOfStruct) FIXME("Wrong size\n");
miw64.SizeOfStruct = sizeof(miw64);
if (!SymGetModuleInfoW64(hProcess, dwAddr, &miw64)) return FALSE;
mi.SizeOfStruct = miw64.SizeOfStruct;
mi.BaseOfImage = miw64.BaseOfImage;
mi.ImageSize = miw64.ImageSize;
mi.TimeDateStamp = miw64.TimeDateStamp;
mi.CheckSum = miw64.CheckSum;
mi.NumSyms = miw64.NumSyms;
mi.SymType = miw64.SymType;
WideCharToMultiByte(CP_ACP, 0, miw64.ModuleName, -1,
mi.ModuleName, sizeof(mi.ModuleName), NULL, NULL);
WideCharToMultiByte(CP_ACP, 0, miw64.ImageName, -1,
mi.ImageName, sizeof(mi.ImageName), NULL, NULL);
WideCharToMultiByte(CP_ACP, 0, miw64.LoadedImageName, -1,
mi.LoadedImageName, sizeof(mi.LoadedImageName), NULL, NULL);
memcpy(ModuleInfo, &mi, ModuleInfo->SizeOfStruct);
return TRUE;
}
/******************************************************************
* SymGetModuleInfoW (DBGHELP.@)
*
*/
BOOL WINAPI SymGetModuleInfoW(HANDLE hProcess, DWORD dwAddr,
PIMAGEHLP_MODULEW ModuleInfo)
{
IMAGEHLP_MODULEW64 miw64;
IMAGEHLP_MODULEW miw;
if (sizeof(miw) < ModuleInfo->SizeOfStruct) FIXME("Wrong size\n");
miw64.SizeOfStruct = sizeof(miw64);
if (!SymGetModuleInfoW64(hProcess, dwAddr, &miw64)) return FALSE;
miw.SizeOfStruct = miw64.SizeOfStruct;
miw.BaseOfImage = miw64.BaseOfImage;
miw.ImageSize = miw64.ImageSize;
miw.TimeDateStamp = miw64.TimeDateStamp;
miw.CheckSum = miw64.CheckSum;
miw.NumSyms = miw64.NumSyms;
miw.SymType = miw64.SymType;
strcpyW(miw.ModuleName, miw64.ModuleName);
strcpyW(miw.ImageName, miw64.ImageName);
strcpyW(miw.LoadedImageName, miw64.LoadedImageName);
memcpy(ModuleInfo, &miw, ModuleInfo->SizeOfStruct);
return TRUE;
}
BOOL dbg_load_module(HANDLE hProc, HANDLE hFile, const WCHAR* name, DWORD_PTR base, DWORD size)
{
BOOL ret = SymLoadModuleExW(hProc, NULL, name, NULL, base, size, NULL, 0);
if (ret)
{
IMAGEHLP_MODULEW64 ihm;
ihm.SizeOfStruct = sizeof(ihm);
if (SymGetModuleInfoW64(hProc, base, &ihm) && (ihm.PdbUnmatched || ihm.DbgUnmatched))
dbg_printf("Loaded unmatched debug information for %s\n", wine_dbgstr_w(name));
}
return ret;
}
const Symbol * const SymEngine::GetSymbol(DWORD64 dwAddress)
{
if (dwAddress == 0)
return nullptr;
Symbol& symbol = cache[dwAddress];
if (symbol.address != 0)
return &symbol;
if (!isInitialized)
return nullptr;
symbol.address = dwAddress;
// Module Name
IMAGEHLP_MODULEW64 moduleInfo;
memset(&moduleInfo, 0, sizeof(IMAGEHLP_MODULEW64));
moduleInfo.SizeOfStruct = sizeof(moduleInfo);
if (SymGetModuleInfoW64(hProcess, dwAddress, &moduleInfo))
{
symbol.module = moduleInfo.ImageName;
}
// FileName and Line
IMAGEHLP_LINEW64 lineInfo;
memset(&lineInfo, 0, sizeof(IMAGEHLP_LINEW64));
lineInfo.SizeOfStruct = sizeof(lineInfo);
DWORD dwDisp;
if (SymGetLineFromAddrW64(hProcess, dwAddress, &dwDisp, &lineInfo))
{
symbol.file = lineInfo.FileName;
symbol.line = lineInfo.LineNumber;
}
const size_t length = (sizeof(SYMBOL_INFOW) + MAX_SYM_NAME*sizeof(WCHAR) + sizeof(ULONG64) - 1) / sizeof(ULONG64) + 1;
// Function Name
ULONG64 buffer[length];
PSYMBOL_INFOW dbgSymbol = (PSYMBOL_INFOW)buffer;
memset(dbgSymbol, 0, sizeof(buffer));
dbgSymbol->SizeOfStruct = sizeof(SYMBOL_INFOW);
dbgSymbol->MaxNameLen = MAX_SYM_NAME;
if (SymFromAddrW(hProcess, dwAddress, &symbol.offset, dbgSymbol))
{
symbol.function.resize(dbgSymbol->NameLen);
memcpy(&symbol.function[0], &dbgSymbol->Name[0], sizeof(WCHAR) * dbgSymbol->NameLen);
}
return &symbol;
}
/******************************************************************
* SymGetModuleInfo64 (DBGHELP.@)
*
*/
BOOL WINAPI SymGetModuleInfo64(HANDLE hProcess, DWORD64 dwAddr,
PIMAGEHLP_MODULE64 ModuleInfo)
{
IMAGEHLP_MODULE64 mi64;
IMAGEHLP_MODULEW64 miw64;
if (sizeof(mi64) < ModuleInfo->SizeOfStruct)
{
SetLastError(ERROR_MOD_NOT_FOUND); /* NOTE: native returns this error */
WARN("Wrong size %u\n", ModuleInfo->SizeOfStruct);
return FALSE;
}
miw64.SizeOfStruct = sizeof(miw64);
if (!SymGetModuleInfoW64(hProcess, dwAddr, &miw64)) return FALSE;
mi64.SizeOfStruct = miw64.SizeOfStruct;
mi64.BaseOfImage = miw64.BaseOfImage;
mi64.ImageSize = miw64.ImageSize;
mi64.TimeDateStamp = miw64.TimeDateStamp;
mi64.CheckSum = miw64.CheckSum;
mi64.NumSyms = miw64.NumSyms;
mi64.SymType = miw64.SymType;
WideCharToMultiByte(CP_ACP, 0, miw64.ModuleName, -1,
mi64.ModuleName, sizeof(mi64.ModuleName), NULL, NULL);
WideCharToMultiByte(CP_ACP, 0, miw64.ImageName, -1,
mi64.ImageName, sizeof(mi64.ImageName), NULL, NULL);
WideCharToMultiByte(CP_ACP, 0, miw64.LoadedImageName, -1,
mi64.LoadedImageName, sizeof(mi64.LoadedImageName), NULL, NULL);
WideCharToMultiByte(CP_ACP, 0, miw64.LoadedPdbName, -1,
mi64.LoadedPdbName, sizeof(mi64.LoadedPdbName), NULL, NULL);
mi64.CVSig = miw64.CVSig;
WideCharToMultiByte(CP_ACP, 0, miw64.CVData, -1,
mi64.CVData, sizeof(mi64.CVData), NULL, NULL);
mi64.PdbSig = miw64.PdbSig;
mi64.PdbSig70 = miw64.PdbSig70;
mi64.PdbAge = miw64.PdbAge;
mi64.PdbUnmatched = miw64.PdbUnmatched;
mi64.DbgUnmatched = miw64.DbgUnmatched;
mi64.LineNumbers = miw64.LineNumbers;
mi64.GlobalSymbols = miw64.GlobalSymbols;
mi64.TypeInfo = miw64.TypeInfo;
mi64.SourceIndexed = miw64.SourceIndexed;
mi64.Publics = miw64.Publics;
memcpy(ModuleInfo, &mi64, ModuleInfo->SizeOfStruct);
return TRUE;
}
void InsertInfo(DWORD dwExceptionAddr,DWORD dwThreadID,PTCHAR tcTemp)
{
if(dwLastOffset != dwExceptionAddr)
{
dwLastOffset = dwExceptionAddr;
IMAGEHLP_MODULEW64 imgMod = {0};
imgMod.SizeOfStruct = sizeof(imgMod);
SymGetModuleInfoW64(piProcInfo.hProcess,dwLastOffset,&imgMod);
DWORD dwBytesWritten;
if(bDisableNTDLLLogging)
{
if(wcsstr(imgMod.ModuleName,L"ntdll") == NULL)
{
memset(pSymbol,0,sizeof(SYMBOL_INFO) + MAX_SYM_NAME);
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
pSymbol->MaxNameLen = MAX_SYM_NAME;
SymFromAddr(piProcInfo.hProcess,dwLastOffset,NULL,pSymbol);
if(!(bCutDownLog && strstr(szTempSym,pSymbol->Name) != NULL))
{
memcpy(szTempSym,pSymbol->Name,strlen(pSymbol->Name));
swprintf_s(tcTemp,255,L"%08d\t%08X\t%08X\t%s.%S\r\n",dwStepCount,dwThreadID,dwLastOffset,imgMod.ModuleName,pSymbol->Name);
WriteFile(hLogFile,tcTemp,wcslen(tcTemp) * sizeof(TCHAR),&dwBytesWritten,NULL);
}
}
}
else
{
ZeroMemory(pSymbol,sizeof(SYMBOL_INFO) + MAX_SYM_NAME);
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFO);
pSymbol->MaxNameLen = MAX_SYM_NAME;
SymFromAddr(piProcInfo.hProcess,dwLastOffset,NULL,pSymbol);
if(!(bCutDownLog && strstr(szTempSym,pSymbol->Name) != NULL))
{
memcpy(szTempSym,pSymbol->Name,strlen(pSymbol->Name));
swprintf_s(tcTemp,255,L"%08d\t%08X\t%08X\t%s.%S\r\n",dwStepCount,dwThreadID,dwLastOffset,imgMod.ModuleName,pSymbol->Name);
WriteFile(hLogFile,tcTemp,wcslen(tcTemp) * sizeof(TCHAR),&dwBytesWritten,NULL);
}
}
}
dwStepCount++;
}
int32 FWindowsPlatformStackWalk::GetProcessModuleSignatures(FStackWalkModuleInfo *ModuleSignatures, const int32 ModuleSignaturesSize)
{
FPlatformStackWalk::InitStackWalking();
HANDLE ProcessHandle = GetCurrentProcess();
// Enumerate process modules.
HMODULE* ModuleHandlePointer = GetProcessModules(ProcessHandle);
if (!ModuleHandlePointer)
{
return 0;
}
// Find out how many modules we need to load modules for.
IMAGEHLP_MODULEW64 Img = {0};
Img.SizeOfStruct = sizeof(Img);
int32 SignatureIndex = 0;
// Load the modules.
for( int32 ModuleIndex = 0; ModuleHandlePointer[ModuleIndex] && SignatureIndex < ModuleSignaturesSize; ModuleIndex++ )
{
MODULEINFO ModuleInfo = {0};
#if WINVER > 0x502
WCHAR ModuleName[MAX_PATH] = {0};
WCHAR ImageName[MAX_PATH] = {0};
#else
ANSICHAR ModuleName[MAX_PATH] = { 0 };
ANSICHAR ImageName[MAX_PATH] = { 0 };
#endif
#if PLATFORM_64BITS
static_assert(sizeof( MODULEINFO ) == 24, "Broken alignment for 64bit Windows include.");
#else
static_assert(sizeof( MODULEINFO ) == 12, "Broken alignment for 32bit Windows include.");
#endif
FGetModuleInformation( ProcessHandle, ModuleHandlePointer[ModuleIndex], &ModuleInfo, sizeof( ModuleInfo ) );
FGetModuleFileNameEx( ProcessHandle, ModuleHandlePointer[ModuleIndex], ImageName, MAX_PATH );
FGetModuleBaseName( ProcessHandle, ModuleHandlePointer[ModuleIndex], ModuleName, MAX_PATH );
// Load module.
if(SymGetModuleInfoW64(ProcessHandle, (DWORD64)ModuleInfo.lpBaseOfDll, &Img))
{
FStackWalkModuleInfo Info = {0};
Info.BaseOfImage = Img.BaseOfImage;
FCString::Strcpy(Info.ImageName, Img.ImageName);
Info.ImageSize = Img.ImageSize;
FCString::Strcpy(Info.LoadedImageName, Img.LoadedImageName);
FCString::Strcpy(Info.ModuleName, Img.ModuleName);
Info.PdbAge = Img.PdbAge;
Info.PdbSig = Img.PdbSig;
FMemory::Memcpy(&Info.PdbSig70, &Img.PdbSig70, sizeof(GUID));
Info.TimeDateStamp = Img.TimeDateStamp;
ModuleSignatures[SignatureIndex] = Info;
++SignatureIndex;
}
}
// Free the module handle pointer allocated in case the static array was insufficient.
FMemory::Free(ModuleHandlePointer);
return SignatureIndex;
}
void qtDLGCallstack::ShowCallStack()
{
clsDebugger *pDebugger = qtDLGNanomite::GetInstance()->coreDebugger;
HANDLE hProc = pDebugger->GetCurrentProcessHandle(),
hThread = OpenThread(THREAD_GETSET_CONTEXT,false,pDebugger->GetCurrentTID());
PSYMBOL_INFOW pSymbol = (PSYMBOL_INFOW)malloc(sizeof(SYMBOL_INFOW) + MAX_PATH * 2);
DWORD dwMaschineMode = NULL;
LPVOID pContext;
STACKFRAME64 stackFr = {0};
stackFr.AddrPC.Mode = AddrModeFlat;
stackFr.AddrFrame.Mode = AddrModeFlat;
stackFr.AddrStack.Mode = AddrModeFlat;
QString sFuncName,
sFuncMod,
sReturnToFunc,
sReturnToMod;
quint64 dwStackAddr,
dwReturnTo,
dwEIP,
dwDisplacement;
IMAGEHLP_LINEW64 imgSource = {0};
IMAGEHLP_MODULEW64 imgMod = {0};
#ifdef _AMD64_
BOOL bIsWOW64 = false;
if(clsAPIImport::pIsWow64Process)
clsAPIImport::pIsWow64Process(hProc,&bIsWOW64);
if(bIsWOW64)
{
dwMaschineMode = IMAGE_FILE_MACHINE_I386;
WOW64_CONTEXT cTT = pDebugger->wowProcessContext;
pContext = &cTT;
stackFr.AddrPC.Offset = cTT.Eip;
stackFr.AddrFrame.Offset = cTT.Ebp;
stackFr.AddrStack.Offset = cTT.Esp;
}
else
{
dwMaschineMode = IMAGE_FILE_MACHINE_AMD64;
CONTEXT cTT = pDebugger->ProcessContext;
pContext = &cTT;
stackFr.AddrPC.Offset = cTT.Rip;
stackFr.AddrFrame.Offset = cTT.Rbp;
stackFr.AddrStack.Offset = cTT.Rsp;
}
#else
dwMaschineMode = IMAGE_FILE_MACHINE_I386;
CONTEXT cTT = pDebugger->ProcessContext;
pContext = &cTT;
stackFr.AddrPC.Offset = cTT.Eip;
stackFr.AddrFrame.Offset = cTT.Ebp;
stackFr.AddrStack.Offset = cTT.Esp;
#endif
tblCallstack->setRowCount(0);
do
{
if(!StackWalk64(dwMaschineMode,hProc,hThread,&stackFr,pContext,NULL,SymFunctionTableAccess64,SymGetModuleBase64,0))
break;
memset(&imgSource,0,sizeof(IMAGEHLP_LINEW64));
imgSource.SizeOfStruct = sizeof(IMAGEHLP_LINEW64);
dwStackAddr = stackFr.AddrStack.Offset;
dwEIP = stackFr.AddrPC.Offset;
dwReturnTo = stackFr.AddrReturn.Offset;
memset(&imgMod,0,sizeof(IMAGEHLP_MODULEW64));
imgMod.SizeOfStruct = sizeof(IMAGEHLP_MODULEW64);
memset(pSymbol,0,sizeof(SYMBOL_INFOW) + MAX_PATH * 2);
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFOW);
pSymbol->MaxNameLen = MAX_PATH;
SymGetModuleInfoW64(hProc,dwEIP,&imgMod);
SymFromAddrW(hProc,dwEIP,&dwDisplacement,pSymbol);
sFuncName = QString::fromWCharArray(pSymbol->Name);
sFuncMod = QString::fromWCharArray(imgMod.ModuleName);
memset(&imgMod,0,sizeof(IMAGEHLP_MODULEW64));
imgMod.SizeOfStruct = sizeof(IMAGEHLP_MODULEW64);
memset(pSymbol,0,sizeof(SYMBOL_INFOW) + MAX_PATH * 2);
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFOW);
pSymbol->MaxNameLen = MAX_PATH;
SymGetModuleInfoW64(hProc,dwReturnTo,&imgMod);
SymFromAddrW(hProc,dwReturnTo,&dwDisplacement,pSymbol);
sReturnToMod = QString::fromWCharArray(imgMod.ModuleName);
sReturnToFunc = QString::fromWCharArray(pSymbol->Name);
if(SymGetLineFromAddrW64(hProc,dwEIP,(PDWORD)&dwDisplacement,&imgSource))
{
OnCallStack(dwStackAddr,
dwReturnTo,sReturnToFunc,sReturnToMod,
dwEIP,sFuncName,sFuncMod,
QString::fromWCharArray(imgSource.FileName),imgSource.LineNumber);
}
else
{
OnCallStack(dwStackAddr,
dwReturnTo,sReturnToFunc,sReturnToMod,
dwEIP,sFuncName,sFuncMod,
QString(""),0);
}
}while(stackFr.AddrReturn.Offset != 0);
free(pSymbol);
CloseHandle(hThread);
}
void clsCallstackWorker::run()
{
HANDLE hThread = OpenThread(THREAD_GETSET_CONTEXT, false, m_processingData.threadID);
PSYMBOL_INFOW pSymbol = (PSYMBOL_INFOW)malloc(sizeof(SYMBOL_INFOW) + MAX_PATH * 2);
DWORD dwMaschineMode = NULL;
quint64 dwDisplacement = NULL;
LPVOID pContext;
QList<callstackDisplay> callstackDisplayData;
callstackDisplay newDisplayData = { 0 };
STACKFRAME64 stackFr = { 0 };
IMAGEHLP_LINEW64 imgSource = { 0 };
IMAGEHLP_MODULEW64 imgMod = { 0 };
stackFr.AddrPC.Mode = AddrModeFlat;
stackFr.AddrFrame.Mode = AddrModeFlat;
stackFr.AddrStack.Mode = AddrModeFlat;
#ifdef _AMD64_
if(m_processingData.isWOW64)
{
dwMaschineMode = IMAGE_FILE_MACHINE_I386;
WOW64_CONTEXT cTT = m_processingData.wowProcessContext;
pContext = &cTT;
stackFr.AddrPC.Offset = cTT.Eip;
stackFr.AddrFrame.Offset = cTT.Ebp;
stackFr.AddrStack.Offset = cTT.Esp;
}
else
{
dwMaschineMode = IMAGE_FILE_MACHINE_AMD64;
CONTEXT cTT = m_processingData.processContext;
pContext = &cTT;
stackFr.AddrPC.Offset = cTT.Rip;
stackFr.AddrFrame.Offset = cTT.Rbp;
stackFr.AddrStack.Offset = cTT.Rsp;
}
#else
dwMaschineMode = IMAGE_FILE_MACHINE_I386;
CONTEXT cTT = m_processingData.processContext;
pContext = &cTT;
stackFr.AddrPC.Offset = cTT.Eip;
stackFr.AddrFrame.Offset = cTT.Ebp;
stackFr.AddrStack.Offset = cTT.Esp;
#endif
do
{
if(!StackWalk64(dwMaschineMode, m_processingData.processHandle, hThread, &stackFr, pContext, NULL, SymFunctionTableAccess64, SymGetModuleBase64, 0))
break;
memset(&imgSource, 0, sizeof(IMAGEHLP_LINEW64));
imgSource.SizeOfStruct = sizeof(IMAGEHLP_LINEW64);
newDisplayData.stackAddress = stackFr.AddrStack.Offset;
newDisplayData.currentOffset = stackFr.AddrPC.Offset;
newDisplayData.returnOffset = stackFr.AddrReturn.Offset;
memset(&imgMod, 0, sizeof(IMAGEHLP_MODULEW64));
imgMod.SizeOfStruct = sizeof(IMAGEHLP_MODULEW64);
memset(pSymbol, 0, sizeof(SYMBOL_INFOW) + MAX_PATH * 2);
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFOW);
pSymbol->MaxNameLen = MAX_PATH;
SymGetModuleInfoW64(m_processingData.processHandle, newDisplayData.currentOffset, &imgMod);
SymFromAddrW(m_processingData.processHandle, newDisplayData.currentOffset, &dwDisplacement, pSymbol);
newDisplayData.currentFunctionName = QString::fromWCharArray(pSymbol->Name);
newDisplayData.currentModuleName = QString::fromWCharArray(imgMod.ModuleName);
memset(&imgMod, 0, sizeof(IMAGEHLP_MODULEW64));
imgMod.SizeOfStruct = sizeof(IMAGEHLP_MODULEW64);
memset(pSymbol, 0, sizeof(SYMBOL_INFOW) + MAX_PATH * 2);
pSymbol->SizeOfStruct = sizeof(SYMBOL_INFOW);
pSymbol->MaxNameLen = MAX_PATH;
SymGetModuleInfoW64(m_processingData.processHandle, newDisplayData.returnOffset, &imgMod);
SymFromAddrW(m_processingData.processHandle, newDisplayData.returnOffset , &dwDisplacement, pSymbol);
newDisplayData.returnModuleName = QString::fromWCharArray(imgMod.ModuleName);
newDisplayData.returnFunctionName = QString::fromWCharArray(pSymbol->Name);
if(SymGetLineFromAddrW64(m_processingData.processHandle, newDisplayData.currentOffset, (PDWORD)&dwDisplacement, &imgSource))
{
newDisplayData.sourceFilePath = QString::fromWCharArray(imgSource.FileName);
newDisplayData.sourceLineNumber = imgSource.LineNumber;
}
else
{
newDisplayData.sourceFilePath = "";
newDisplayData.sourceLineNumber = 0;
}
callstackDisplayData.append(newDisplayData);
} while(stackFr.AddrReturn.Offset != 0);
free(pSymbol);
CloseHandle(hThread);
emit OnCallstackFinished(callstackDisplayData);
}
