BOOL WINAPI OnTerminateThread(HANDLE hThread, DWORD dwExitCode)
{
//typedef BOOL (WINAPI* OnTerminateThread_t)(HANDLE hThread, UINT dwExitCode);
ORIGINAL_KRNL(TerminateThread);
BOOL lbRc;
#if 0
if (gbIsLessProcess)
{
_ASSERTE(FALSE && "Continue to terminate thread");
}
#endif
if (hThread == GetCurrentThread())
{
// And terminate our service threads
gnDllState |= ds_OnTerminateThread;
// Main thread is abnormally terminating?
if (GetCurrentThreadId() == gnHookMainThreadId)
{
DoDllStop(false, ds_OnTerminateThread);
}
}
lbRc = F(TerminateThread)(hThread, dwExitCode);
return lbRc;
}
// For example, mintty is terminated ‘abnormally’. It calls TerminateProcess instead of ExitProcess.
BOOL WINAPI OnTerminateProcess(HANDLE hProcess, UINT uExitCode)
{
//typedef BOOL (WINAPI* OnTerminateProcess_t)(HANDLE hProcess, UINT uExitCode);
ORIGINAL_KRNL(TerminateProcess);
BOOL lbRc;
if (hProcess == GetCurrentProcess())
{
#ifdef PRINT_ON_EXITPROCESS_CALLS
wchar_t szInfo[80]; _wsprintf(szInfo, SKIPCOUNT(szInfo) L"\n\x1B[1;31;40m::TerminateProcess(%u) called\x1B[m\n", uExitCode);
WriteProcessed2(szInfo, lstrlen(szInfo), NULL, wps_Error);
#endif
gnDllState |= ds_OnTerminateProcess;
// We don't need to do proper/full deinitialization,
// because the process is to be terminated abnormally
DoDllStop(false, ds_OnTerminateProcess);
lbRc = F(TerminateProcess)(hProcess, uExitCode);
}
else
{
lbRc = F(TerminateProcess)(hProcess, uExitCode);
}
return lbRc;
}
// May be called from "C" programs
VOID WINAPI OnExitProcess(UINT uExitCode)
{
//typedef BOOL (WINAPI* OnExitProcess_t)(UINT uExitCode);
ORIGINAL_KRNL(ExitProcess);
#if 0
if (gbIsLessProcess)
{
_ASSERTE(FALSE && "Continue to ExitProcess");
}
#endif
gnDllState |= ds_OnExitProcess;
#ifdef PRINT_ON_EXITPROCESS_CALLS
wchar_t szInfo[80]; _wsprintf(szInfo, SKIPCOUNT(szInfo) L"\n\x1B[1;31;40m::ExitProcess(%u) called\x1B[m\n", uExitCode);
WriteProcessed(szInfo, lstrlen(szInfo), NULL);
#endif
// And terminate our threads
DoDllStop(false, ds_OnExitProcess);
bool bUseForceTerminate;
// Issue 1865: Due to possible dead locks in LdrpAcquireLoaderLock() call TerminateProcess
bUseForceTerminate = gbHookServerForcedTermination;
#ifdef USE_GH_272_WORKAROUND
// gh#272: For unknown yet reason existance of nvd3d9wrap.dll (or nvd3d9wrapx.dll on 64-bit)
// caused stack overflow with following calls
//
// nvd3d9wrap!GetNVDisplayW+0x174f
// nvd3d9wrap!GetNVDisplayW+0x174f
// user32!_UserClientDllInitialize+0x2ca
// ntdll!LdrpCallInitRoutine+0x14
// ntdll!LdrShutdownProcess+0x1aa
// ntdll!RtlExitUserProcess+0x74
// kernel32!ExitProcessStub+0x12
// CallExit!main+0x47
if (!bUseForceTerminate && GetModuleHandle(WIN3264TEST(L"nvd3d9wrap.dll",L"nvd3d9wrapx.dll")))
{
bUseForceTerminate = true;
}
#endif // USE_GH_272_WORKAROUND
if (bUseForceTerminate)
{
ORIGINAL_KRNL(TerminateProcess);
F(TerminateProcess)(GetCurrentProcess(), uExitCode);
return; // Assume not to get here
}
F(ExitProcess)(uExitCode);
}
// For example, mintty is terminated ‘abnormally’. It calls TerminateProcess instead of ExitProcess.
BOOL WINAPI OnTerminateProcess(HANDLE hProcess, UINT uExitCode)
{
//typedef BOOL (WINAPI* OnTerminateProcess_t)(HANDLE hProcess, UINT uExitCode);
ORIGINAL_KRNL(TerminateProcess);
BOOL lbRc;
if (hProcess == GetCurrentProcess())
{
#ifdef PRINT_ON_EXITPROCESS_CALLS
wchar_t szInfo[80]; _wsprintf(szInfo, SKIPCOUNT(szInfo) L"\n\x1B[1;31;40m::TerminateProcess(%u) called\x1B[m\n", uExitCode);
WriteProcessed(szInfo, lstrlen(szInfo), NULL);
#endif
gnDllState |= ds_OnTerminateProcess;
// We need not to unset hooks (due to process will be force-killed below)
// And terminate our threads
DoDllStop(false, ds_OnTerminateProcess);
}
lbRc = F(TerminateProcess)(hProcess, uExitCode);
return lbRc;
}
