This is the mail archive of the
mailing list for the binutils project.
libbfd on Windows : problem with dll injection ?
- From: Vincent Torri <vincent dot torri at gmail dot com>
- To: binutils at sourceware dot org
- Date: Mon, 23 Apr 2012 16:50:27 +0200
- Subject: libbfd on Windows : problem with dll injection ?
I've successfully used libbfd on Windows for stack walking in a simple
test case. But my real use case is a bit more complicated:
I want to write a Windows tool (named 'examine') similar to valgrind
in its use, that is : "examine /path/to/program" (Indeed, usually, you
have to link the program against the tool to get such feature, which
is not very simple, as you have to change the build system).
So the method that I use to overload some functions is classical : I
create a DLL that redefines the functions I want to overload, and I
inject it into the program. When the program calls these functions, it
is instead the functions in the DLL that are called.
I've written a version which works with vc++. The only difference with
the gcc version is the way the stack is walked.
With vc++ and a test program (named 'examine_test.exe'), here is the
kind of ouptput I get :
process launched...
HeapAlloc !!! 00263960
[0] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\lib\examine_dll.c
(EXM_HeapAlloc) 118
[1] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\bin\examine_test.c
(main) 42
[2] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (__tmainCRTStartup) 586
[3] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (mainCRTStartup) 403
HeapFree !!! 00260000
[0] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\lib\examine_dll.c
(EXM_HeapFree) 152
[1] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\bin\examine_test.c
(main) 48
[2] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (__tmainCRTStartup) 586
[3] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (mainCRTStartup) 403
malloc !!! 003F2F10
[0] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\lib\examine_dll.c
(EXM_malloc) 186
[1] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\bin\examine_test.c
(main) 50
[2] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (__tmainCRTStartup) 586
[3] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (mainCRTStartup) 403
free !!! 003F2F10
[0] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\lib\examine_dll.c
(EXM_free) 214
[1] c:\mingw_efl\msys\1.0\home\torri\svnroot\debug\examine\src\bin\examine_test.c
(main) 56
[2] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (__tmainCRTStartup) 586
[3] f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c (mainCRTStartup) 403
process finished...
The lines are correct (in examine_test
Now, if I use gcc with the same test program :
process launched...
HeapAlloc !!! 00253758
$ frame nbr : 3
[0] /home/ruben/mingw-w64/toolchain/src/mingw-w64/trunk/mingw-w64-crt/crt/crtexe.c
(__tmainCRTStartup) 307
HeapFree !!! 00250000
$ frame nbr : 3
[0] /home/ruben/mingw-w64/toolchain/src/mingw-w64/trunk/mingw-w64-crt/crt/crtexe.c
(__tmainCRTStartup) 307
malloc !!! 00CC55B8
$ frame nbr : 3
[0] /home/ruben/mingw-w64/toolchain/src/mingw-w64/trunk/mingw-w64-crt/crt/crtexe.c
(__tmainCRTStartup) 307
$ frame nbr : 3
free !!! 00CC55B8
[0] /home/ruben/mingw-w64/toolchain/src/mingw-w64/trunk/mingw-w64-crt/crt/crtexe.c
(__tmainCRTStartup) 307
process finished...
the number of frames for each function follows '$ frame nbr'. So there
are 3 frames, but libbfd "founds" only one.
The code can be found here :
the 2 files for stack walking are examine_stacktrace.c (for gcc) and
examine_stacktrace_vc.c (for vc++). As I said, if I use the libbfd
code with the test example (that is, if I compile it that way : "gcc
-o examine_test.exe examine_test.c examine_stacktrace.c") , it works
perfectly. But it's only in my tool and the DLL injection that it does
not work.
I hope that I was clear enough :)
Has someone an idea of the problem ?
thank you
Vincent Torri