我知道当 IDA pro 想要反汇编二进制并标记函数时，使用导入地址表和 IDA 调情来区分本地函数和外部函数！

现在我有动态跟踪并想区分本地和外部函数调用，但我不知道如何执行此过程。你能帮我做这个过程吗？

我的跟踪是这样的：（这是跟踪的一小部分）

(1) 7c90e430: lea 0x10(%esp),%edi   A@0x0022fd30[0x00000000][4](R) T_begin (0x0) T_end (0x0)    R@edi[0x00310031][4](W) T_begin (0x0) T_end (0x0)   
(2) 7c90e434: pop %eax  M@0x0022fd20[0x7c901166][4](R) T_begin (0x0) T_end (0x0)    R@eax[0x00401130][4](W) T_begin (0x0) T_end (0x0)   
(3) 7c90e435: call %eax R@eax[0x7c901166][4](R) T_begin (0x0) T_end (0x0)   M@0x0022fd20[0x7c901166][4](W) T_begin (0x0) T_end (0x0)    
(4) 7c901166: lea 0x10(%esp),%eax   A@0x0022fd30[0x00000000][4](R) T_begin (0x0) T_end (0x0)    R@eax[0x7c901166][4](W) T_begin (0x0) T_end (0x0)   
(5) 7c90116a: mov %eax,0x4(%esp)    R@eax[0x0022fd30][4](R) T_begin (0x0) T_end (0x0)   M@0x0022fd24[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(6) 7c90116e: xor %ebp,%ebp R@ebp[0x00350037][4](R) T_begin (0x0) T_end (0x0)   R@ebp[0x00350037][4](RW) T_begin (0x0) T_end (0x0)  
(7) 7c901170: jmp 0x7c91b057    J@0x00000000[0x00019ee7][4](R) T_begin (0x0) T_end (0x0)    
(8) 7c91b057: mov %edi,%edi R@edi[0x0022fd30][4](R) T_begin (0x0) T_end (0x0)   R@edi[0x0022fd30][4](W) T_begin (0x0) T_end (0x0)   
(9) 7c91b059: push %ebp R@ebp[0x00000000][4](R) T_
(33) 7c9222f9: pushl $0x7c97b0c8    I@0x00000000[0x7c97b0c8][4](R) T_begin (0x0) T_end (0x0)    M@0x0022fd04[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(34) 7c9222fe: call 0x7c9199d7  J@0x00000000[0xffff76d9][4](R) T_begin (0x0) T_end begin (0x0) T_end (0x0)  M@0x0022fd1c[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(10) 7c91b05a: mov %esp,%ebp    R@esp[0x0022fd1c][4](R) T_begin (0x0) T_end (0x0)   R@ebp[0x00000000][4](W) T_begin (0x0) T_end (0x0)   
(11) 7c91b05c: cmpb $0x0,0x7c97b20c I@0x00000000[0x00000000][1](R) T_begin (0x0) T_end (0x0)    M@0x7c97b20c[0x00000000][1](R) T_begin (0x0) T_end (0x0)    
(12) 7c91b063: jz 0x7c9226ed    J@0x00000000[0x0000768a][4](R) T_begin (0x0) T_end (0x0)    
(13) 7c9226ed: call 0x7c9226fc  J@0x00000000[0x0000000f][4](R) T_begin (0x0) T_end (0x0)    M@0x0022fd18[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(14) 7c9226fc: mov %edi,%edi    R@edi[0x0022fd30][4](R) T_begin (0x0) T_end (0x0)   R@edi[0x0022fd30][4](W) T_begin (0x0) T_end (0x0)   
(15) 7c9226fe: push %ebp    R@ebp[0x0022fd1c][4](R) T_begin (0x0) T_end (0x0)   M@0x0022fd14[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(16) 7c9226ff: mov %esp,%ebp    R@esp[0x0022fd14][4](R) T_begin (0x0) T_end (0x0)   R@ebp[0x0022fd1c][4](W) T_begin (0x0) T_end (0x0)   
(17) 7c922701: push %ecx    R@ecx[0x00310038][4](R) T_begin (0x0) T_end (0x0)   M@0x0022fd10[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(18) 7c922702: push %ecx    R@ecx[0x00310038][4](R) T_begin (0x0) T_end (0x0)   M@0x0022fd0c[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(19) 7c922703: xor %ecx,%ecx    R@ecx[0x00310038][4](R) T_begin (0x0) T_end (0x0)   R@ecx[0x00310038][4](RW) T_begin (0x0) T_end (0x0)  
(20) 7c922705: mov $0x7c97d394,%eax I@0x00000000[0x7c97d394][4](R) T_begin (0x0) T_end (0x0)    R@eax[0x0022fd30][4](W) T_begin (0x0) T_end (0x0)   
(21) 7c92270a: inc %ecx R@ecx[0x00000000][4](RW) T_begin (0x0) T_end (0x0)  
(22) 7c92270b: xadd %ecx,(%eax) R@ecx[0x00000001][4](RW) T_begin (0x0) T_end (0x0)  M@0x7c97d394[0x00000000][4](RW) T_begin (0x0) T_end (0x0)   
(23) 7c92270b: xadd %ecx,(%eax) R@ecx[0x00000001][4](RW) T_begin (0x0) T_end (0x0)  M@0x7c97d394[0x00000000][4](RW) T_begin (0x0) T_end (0x0)   
(24) 7c92270f: inc %ecx R@ecx[0x00000000][4](RW) T_begin (0x0) T_end (0x0)  
(25) 7c922710: cmp $0x1,%ecx    I@0x00000000[0x00000001][1](R) T_begin (0x0) T_end (0x0)    R@ecx[0x00000001][4](R) T_begin (0x0) T_end (0x0)   
(26) 7c922713: jnz 0x7c93d4d9   J@0x00000000[0x0001adc6][4](R) T_begin (0x0) T_end (0x0)    
(27) 7c922719: call 0x7c9222e9  J@0x00000000[0xfffffbd0][4](R) T_begin (0x0) T_end (0x0)    M@0x0022fd08[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(28) 7c9222e9: mov 0x7c97b0c8,%eax  M@0x7c97b0c8[0x0000bb40][4](R) T_begin (0x0) T_end (0x0)    R@eax[0x7c97d394][4](W) T_begin (0x0) T_end (0x0)   
(29) 7c9222ee: test %eax,%eax   R@eax[0x0000bb40][4](R) T_begin (0x0) T_end (0x0)   R@eax[0x0000bb40][4](R) T_begin (0x0) T_end (0x0)   
(30) 7c9222f0: jz 0x7c9222f9    J@0x00000000[0x00000009][4](R) T_begin (0x0) T_end (0x0)    
(31) 7c9222f2: cmp $0xbb40,%eax I@0x00000000[0x0000bb40][4](R) T_begin (0x0) T_end (0x0)    R@eax[0x0000bb40][4](R) T_begin (0x0) T_end (0x0)   
(32) 7c9222f7: jnz 0x7c922309   J@0x00000000[0x00000012][4](R) T_begin (0x0) T_end (0x0)    (0x0)   M@0x0022fd00[0x00000000][4](W) T_begin (0x0) T_end (0x0)    
(35) 7c9199d7: pushb $0xc   I@0x00000000[0x0000000c][1](R) T_begin (0x0) T_end (0x0)    M@0x0022fcfc[0x00000000][4](W) T_begin (0x0) T_end (0x0)

PS：我应该提一下，除了这个跟踪文件，我没有任何其他信息。