diff --git a/src/windows-emulator/syscall_dispatcher.cpp b/src/windows-emulator/syscall_dispatcher.cpp index 30787315..e806720c 100644 --- a/src/windows-emulator/syscall_dispatcher.cpp +++ b/src/windows-emulator/syscall_dispatcher.cpp @@ -100,13 +100,26 @@ void syscall_dispatcher::dispatch(windows_emulator& win_emu) } else { - const auto rsp = c.emu.read_stack_pointer(); - const auto return_address = c.emu.read_memory(rsp); - const auto* mod_name = context.module_manager.find_name(return_address); + const auto* previous_mod = context.module_manager.find_by_address(context.previous_ip); + if (previous_mod == mod) + { + const auto rsp = c.emu.read_stack_pointer(); + const auto return_address = c.emu.read_memory(rsp); + const auto* mod_name = context.module_manager.find_name(return_address); - win_emu.logger.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX via 0x%llX (%s)\n", - entry->second.name.c_str(), - syscall_id, address, return_address, mod_name); + win_emu.logger.print(color::dark_gray, "Executing syscall: %s (0x%X) at 0x%llX via 0x%llX (%s) %lld\n", + entry->second.name.c_str(), + syscall_id, address, return_address, mod_name, c.proc.executed_instructions); + } + else + { + win_emu.logger.print(color::blue, + "Crafted out-of-line syscall: %s (0x%X) at 0x%llX (%s) via 0x%llX (%s)\n", + entry->second.name.c_str(), + syscall_id, + address, mod ? mod->name.c_str() : "", context.previous_ip, + previous_mod ? previous_mod->name.c_str() : ""); + } } entry->second.handler(c); diff --git a/src/windows-emulator/windows_emulator.cpp b/src/windows-emulator/windows_emulator.cpp index 00499d32..1221a68e 100644 --- a/src/windows-emulator/windows_emulator.cpp +++ b/src/windows-emulator/windows_emulator.cpp @@ -820,7 +820,7 @@ void windows_emulator::setup_hooks() const auto rip = this->emu().read_instruction_pointer(); printf("Interrupt: %i 0x%llX\n", interrupt, rip); - if (this->fuzzing) + if (this->fuzzing || true) // TODO: Fix { this->process().exception_rip = rip; this->emu().stop();