Jump to content
--> Place your ad text here <--
Get Free Banners - Giveaway MaxCheaters.com
We're Rebuilding – Join Our Staff Team

Better Crash Report for General Protection Fault

eressea

By eressea
in Client Development Discussion

 Share

Recommended Posts

eressea Newbie

eressea

Posted
Posted

Hi, I've found a nice way to get better GPF crash reports from the client:

crashreport1.png.2b31a2d39653d6b7d6fc2e30d5f9970c.pngcrashreport2.png.401790f57b210237725a6a1b43b91b48.png

It's simple, there are just few things that must be done to get it working.

1. Create buffer for register and modules dump and function that fills it: 

wchar_t MyExceptionBuffer[0x1000];

LONG WINAPI MyUnhandledExceptionFilter(_In_ struct _EXCEPTION_POINTERS *ExceptionInfo)
{
	if (ExceptionInfo->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) {
		wsprintf(
			MyExceptionBuffer,
			L"EAX=0x%08X CS=0x%04X EIP=0x%08X EFLGS=0x%08X\r\n"
			L"EBX=0x%08X SS=0x%04X ESP=0x%08X EBP=0x%08X\r\n"
			L"ECX=0x%08X DS=0x%04X ESI=0x%08X FS=0x%04X\r\n"
			L"EDX=0x%08X ES=0x%04X EDI=0x%08X GS=0x%04X\r\n"
			L"\r\n"
			L"l2.exe:      0x%08X\r\n"
			L"core.dll:    0x%08X\r\n"
			L"engine.dll:  0x%08X\r\n"
			L"nwindow.dll: 0x%08X\r\n",
			ExceptionInfo->ContextRecord->Eax,
			ExceptionInfo->ContextRecord->SegCs,
			ExceptionInfo->ContextRecord->Eip,
			ExceptionInfo->ContextRecord->EFlags,
			ExceptionInfo->ContextRecord->Ebx,
			ExceptionInfo->ContextRecord->SegSs,
			ExceptionInfo->ContextRecord->Esp,
			ExceptionInfo->ContextRecord->Ebp,
			ExceptionInfo->ContextRecord->Ecx,
			ExceptionInfo->ContextRecord->SegDs,
			ExceptionInfo->ContextRecord->Esi,
			ExceptionInfo->ContextRecord->SegFs,
			ExceptionInfo->ContextRecord->Edx,
			ExceptionInfo->ContextRecord->SegEs,
			ExceptionInfo->ContextRecord->Edi,
			ExceptionInfo->ContextRecord->SegGs,
			GetModuleHandleA("l2.exe"),
			GetModuleHandleA("core.dll"),
			GetModuleHandleA("engine.dll"),
			GetModuleHandleA("nwindow.dll"));
	}
	return 0;
}

2. Call AddVectoredExceptionHandler: 

AddVectoredExceptionHandler(1, MyUnhandledExceptionFilter);

3. Don't forget to initialize the buffer 

MyExceptionBuffer[0] = 0;

4. Now if it crashes, MyExceptionBuffer will be filled with register dump - now we have to hack it so it will be shown. Create function that wraps appStrncat: 

wchar_t* appStrncatWrapper(wchar_t *destination, const wchar_t *source, int maxCount)
{
	if (std::wstring(L"MainLoop") != source || !MyExceptionBuffer[0]) {
		return wcsncat(destination, source, maxCount);
	}
	std::wstring data(source);
	data += L"\r\n\r\n";
	data += MyExceptionBuffer;
	return wcsncat(destination, data.c_str(), maxCount);
}

5. Hook our appStrncatWrapper function to the right place - this example is for interlude, for other clients you have to use IDA and find the same code: 

WriteInstructionCall(reinterpret_cast<UINT32>(GetModuleHandle(L"core.dll")) + 0x52287, reinterpret_cast<UINT32>(appStrncatWrapper));

Now when the client crashes with GPF error (access violation) and the code is called from MainLoop, you'll see nice crash info with details :)

Enjoy!

  • Like 3
  • Upvote 2
  • 8 months later...
DimensionalGames Newbie

DimensionalGames

Posted
Posted
On 10/4/2017 at 6:37 PM, eressea said:

Hi, I've found a nice way to get better GPF crash reports from the client:

crashreport1.png.2b31a2d39653d6b7d6fc2e30d5f9970c.pngcrashreport2.png.401790f57b210237725a6a1b43b91b48.png

It's simple, there are just few things that must be done to get it working.

1. Create buffer for register and modules dump and function that fills it: 


wchar_t MyExceptionBuffer[0x1000];

LONG WINAPI MyUnhandledExceptionFilter(_In_ struct _EXCEPTION_POINTERS *ExceptionInfo)
{
	if (ExceptionInfo->ExceptionRecord->ExceptionCode == EXCEPTION_ACCESS_VIOLATION) {
		wsprintf(
			MyExceptionBuffer,
			L"EAX=0x%08X CS=0x%04X EIP=0x%08X EFLGS=0x%08X\r\n"
			L"EBX=0x%08X SS=0x%04X ESP=0x%08X EBP=0x%08X\r\n"
			L"ECX=0x%08X DS=0x%04X ESI=0x%08X FS=0x%04X\r\n"
			L"EDX=0x%08X ES=0x%04X EDI=0x%08X GS=0x%04X\r\n"
			L"\r\n"
			L"l2.exe:      0x%08X\r\n"
			L"core.dll:    0x%08X\r\n"
			L"engine.dll:  0x%08X\r\n"
			L"nwindow.dll: 0x%08X\r\n",
			ExceptionInfo->ContextRecord->Eax,
			ExceptionInfo->ContextRecord->SegCs,
			ExceptionInfo->ContextRecord->Eip,
			ExceptionInfo->ContextRecord->EFlags,
			ExceptionInfo->ContextRecord->Ebx,
			ExceptionInfo->ContextRecord->SegSs,
			ExceptionInfo->ContextRecord->Esp,
			ExceptionInfo->ContextRecord->Ebp,
			ExceptionInfo->ContextRecord->Ecx,
			ExceptionInfo->ContextRecord->SegDs,
			ExceptionInfo->ContextRecord->Esi,
			ExceptionInfo->ContextRecord->SegFs,
			ExceptionInfo->ContextRecord->Edx,
			ExceptionInfo->ContextRecord->SegEs,
			ExceptionInfo->ContextRecord->Edi,
			ExceptionInfo->ContextRecord->SegGs,
			GetModuleHandleA("l2.exe"),
			GetModuleHandleA("core.dll"),
			GetModuleHandleA("engine.dll"),
			GetModuleHandleA("nwindow.dll"));
	}
	return 0;
}

2. Call AddVectoredExceptionHandler: 


AddVectoredExceptionHandler(1, MyUnhandledExceptionFilter);

3. Don't forget to initialize the buffer 


MyExceptionBuffer[0] = 0;

4. Now if it crashes, MyExceptionBuffer will be filled with register dump - now we have to hack it so it will be shown. Create function that wraps appStrncat: 


wchar_t* appStrncatWrapper(wchar_t *destination, const wchar_t *source, int maxCount)
{
	if (std::wstring(L"MainLoop") != source || !MyExceptionBuffer[0]) {
		return wcsncat(destination, source, maxCount);
	}
	std::wstring data(source);
	data += L"\r\n\r\n";
	data += MyExceptionBuffer;
	return wcsncat(destination, data.c_str(), maxCount);
}

5. Hook our appStrncatWrapper function to the right place - this example is for interlude, for other clients you have to use IDA and find the same code: 


WriteInstructionCall(reinterpret_cast<UINT32>(GetModuleHandle(L"core.dll")) + 0x52287, reinterpret_cast<UINT32>(appStrncatWrapper));

Now when the client crashes with GPF error (access violation) and the code is called from MainLoop, you'll see nice crash info with details :)

Enjoy!

sorry for the dumb question, but in which file am i adding this and how?

sepultribe Newbie

sepultribe

Posted
Posted
3 hours ago, DimensionalGames said:

sorry for the dumb question, but in which file am i adding this and how?

 

should be the l2.exe you would inject with this code.

 

great stuff OP, hadn't seen this one.

eressea Newbie

eressea

Posted
  • Author
Posted
6 hours ago, DimensionalGames said:

yeah but how is it possible to do this?? ive never worked with client :/

 

Get Visual Studio (with support for Windows XP if you want to support players with this obsolete system), create new C++ Win32 project -> choose DLL. Implement those bits I've posted and build DLL. Then edit l2.exe to load this DLL.

DimensionalGames Newbie

DimensionalGames

Posted
Posted
On 6/21/2018 at 8:21 AM, eressea said:

 

Get Visual Studio (with support for Windows XP if you want to support players with this obsolete system), create new C++ Win32 project -> choose DLL. Implement those bits I've posted and build DLL. Then edit l2.exe to load this DLL.

i know about the first, but how do i edit the l2.exe? btw thx for answering. This way i can add more too? also are there any dependencies for the dll (other dlls?)

eressea Newbie

eressea

Posted
  • Author
Posted
6 hours ago, DimensionalGames said:

i know about the first, but how do i edit the l2.exe? btw thx for answering. This way i can add more too? also are there any dependencies for the dll (other dlls?)

 

There are tools like CFF Explorer etc, you just open l2.exe there and add an import to import table.

If you write your DLL, it's up to you what it will depend on. If it depends on other DLLs, it will automatically load them so you still need just to add your DLL to import table of l2.exe and system will do the rest for you.

DimensionalGames Newbie

DimensionalGames

Posted
Posted
On 6/23/2018 at 10:36 AM, eressea said:

 

There are tools like CFF Explorer etc, you just open l2.exe there and add an import to import table.

If you write your DLL, it's up to you what it will depend on. If it depends on other DLLs, it will automatically load them so you still need just to add your DLL to import table of l2.exe and system will do the rest for you.

one last question :D is it possible to write the dll in C#?

eressea Newbie

eressea

Posted
  • Author
Posted
8 hours ago, DimensionalGames said:

one last question :D is it possible to write the dll in C#?

 

Short answer: No.

Long answer: There's some chance it could be done (somehow) but it would be very very hard (and maybe you would still have to write some parts in assembly).

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing


  • Posts

    • Asuki
      Asuki Dev Client

      By Asuki · Posted

    • SephirothFx
      LineageII FULL configured servers just put ONLINE + FREE WEB

      By SephirothFx · Posted

      My official facebook profile!: https://www.facebook.com/spectrumL2 Specifications: Revamped L2JACIS revision FROM the core Private project!!! Revision that has been receiving corrections for over 3 years!!! Events already installed in the revision: TVT CTF KTB PARTY FARM SPOIL EVENT CRAZY RATES TOURNAMENT TIME ZONE (INSTANCE) All working correctly!!! SIEGE ESSENTIAL FEATURES: Walls fix Gates fix Flags fix 100% functional: OLYMPIADS: Implemented settings Hero receives enchanted Weapons with equal status PvP Weapons Optional /true/false Hero can acquire all Hero Weapons Optional true/false OTHER IMPLEMENTATIONS: Teleport fixed (directly to Giran) Teleport effect classic Vip skins vip collor name Pack NPCs with effect already configured BOSES already configured Mobs already configured CLASS BALANCE SPECIAL SYSTEM We have a SPECIAL system developed for Class Balance with only 1 digit in XML %tage of configurable debuffs Player limitation system in BOSES or PvP zones BS blocking system in FLEG zones or events Among others dozens of improvements made in the review... price: 390 USD !  OBS: WE CAN CHANGE THE BANNER AND NAME OF THE SERVICE TO THE ONE OF YOUR PREFERENCE BUT THE SETTINGS MUST BE KEPT ANY CHANGES REQUIRE ADDITION        
    • Celestine
      [L2J] L2 ROOSTERS ARGENTINA

      By Celestine · Posted

      Server is Online – 1,000+ Active Players! We’re excited to announce the addition of a Europe Proxy to improve connectivity for our EU players! Clans can now benefit from VIP Access to help you catch up faster. 🎯 If you're a clan leader with at least 9 active members, join our Discord and open a ticket to claim your VIP rewards!  
    • SocNet
      SOCNET | The Social Media acocunts at low prices!

      By SocNet · Posted

      The Telegram team is rolling out a new batch of Stars-only gifts you’ll be able to mint as NFTs. Don’t miss your chance to join the next Telegram trend and earn from it! Buy Telegram Stars cheap and KYC-free 1 Star from $0.0149 (min. 50 Stars, bulk discounts available) Promo code STARS5 — 5 % off Pay any way you like: bank cards · crypto · other popular methods How to purchase: ➡Online Store — Click ➡ Telegram bot — Click Other services: ➡ SMM panel — Click Regular buyers get extra discounts and promo codes. Support: ➡ Telegram: https://t.me/solomon_bog ➡ Telegram channel: https://t.me/accsforyou_shop ➡ Discord: https://discord.gg/y9AStFFsrh ➡ WhatsApp: https://wa.me/79051904467 ➡ Email: solomonbog@socnet.store Use these contacts to discuss wholesale orders, partnerships (current list: https://socnet.bgng.io/partners) or to become a supplier. SocNet — your shop for digital goods and premium subscriptions
    • SocNet
      SOCNET | The Social Media acocunts at low prices!

      By SocNet · Posted

      The Telegram team is rolling out a new batch of Stars-only gifts you’ll be able to mint as NFTs. Don’t miss your chance to join the next Telegram trend and earn from it! Buy Telegram Stars cheap and KYC-free 1 Star from $0.0149 (min. 50 Stars, bulk discounts available) Promo code STARS5 — 5 % off Pay any way you like: bank cards · crypto · other popular methods How to purchase: ➡Online Store — Click ➡ Telegram bot — Click Other services: ➡ SMM panel — Click Regular buyers get extra discounts and promo codes. Support: ➡ Telegram: https://t.me/solomon_bog ➡ Telegram channel: https://t.me/accsforyou_shop ➡ Discord: https://discord.gg/y9AStFFsrh ➡ WhatsApp: https://wa.me/79051904467 ➡ Email: solomonbog@socnet.store Use these contacts to discuss wholesale orders, partnerships (current list: https://socnet.bgng.io/partners) or to become a supplier. SocNet — your shop for digital goods and premium subscriptions

  • Topics

×
×
  • Create New...

AdBlock Extension Detected!

Our website is made possible by displaying online advertisements to our members.

Please disable AdBlock browser extension first, to be able to use our community.

I've Disabled AdBlock