#include <iostream>
#include <Windows.h>
#include <process.h>
#include <DbgHelp.h>
#pragma comment(lib, "Dbghelp.lib")
using std::cout;
using std::endl;
HANDLE g_hThread = INVALID_HANDLE_VALUE;
void StackTrack()
{
HANDLE hCurProcess = GetCurrentProcess();
if(FALSE == SymInitialize(hCurProcess, NULL, TRUE))
{
cout << "SymInitialize fail. LastError: 0x" << std::hex << GetLastError();
return;
}
if (0xFFFFFFFF == SuspendThread(g_hThread))
{
cout << "SuspendThread fail. LastError: 0x" << std::hex << GetLastError();
return;
}
CONTEXT context;
context.ContextFlags = CONTEXT_FULL;
if (FALSE == GetThreadContext(g_hThread, &context))
{
cout << "GetThreadContext fail. LastError: 0x" << std::hex << GetLastError();
return;
}
DWORD machineType = IMAGE_FILE_MACHINE_I386; // 机器Cpu类型
STACKFRAME stackFrame = { 0 };
#ifdef _M_IX86
machineType = IMAGE_FILE_MACHINE_I386;
stackFrame.AddrPC.Offset = context.Eip;
stackFrame.AddrPC.Mode = AddrModeFlat;
stackFrame.AddrStack.Offset = context.Esp;
stackFrame.AddrStack.Mode = AddrModeFlat;
stackFrame.AddrFrame.Offset = context.Ebp;
stackFrame.AddrFrame.Mode = AddrModeFlat;
#elif _M_X64
machineType = IMAGE_FILE_MACHINE_AMD64;
stackFrame.AddrPC.Offset = context->Rip;
stackFrame.AddrPC.Mode = AddrModeFlat;
stackFrame.AddrStack.Offset = context->Rsp;
stackFrame.AddrStack.Mode = AddrModeFlat;
stackFrame.AddrFrame.Offset = context->Rsp;
stackFrame.AddrFrame.Mode = AddrModeFlat;
#elif _M_IA64
machineType = IMAGE_FILE_MACHINE_IA64;
stackFrame.AddrPC.Offset = context->StIIP;
stackFrame.AddrPC.Mode = AddrModeFlat;
stackFrame.AddrStack.Offset = context->IntSp;
stackFrame.AddrStack.Mode = AddrModeFlat;
stackFrame.AddrFrame.Offset = context->IntSp;
stackFrame.AddrFrame.Mode = AddrModeFlat;
stackFrame.AddrBStore.Offset = context->RsBSP;
stackFrame.AddrBStore.Mode = AddrModeFlat;
#else
#error "platform not supported!"
#endif
typedef struct tag_SYMBOL_INFO
{
IMAGEHLP_SYMBOL symInfo;
TCHAR szBuffer[MAX_PATH];
} SYMBOL_INFO, * LPSYMBOL_INFO;
decltype(stackFrame.AddrPC.Offset) dwDisplament = 0;
DWORD dwDis32 = 0;
SYMBOL_INFO stack_info = { 0 };
PIMAGEHLP_SYMBOL pSym = (PIMAGEHLP_SYMBOL)&stack_info;
pSym->SizeOfStruct = sizeof(IMAGEHLP_SYMBOL);
pSym->MaxNameLength = sizeof(SYMBOL_INFO) - offsetof(SYMBOL_INFO, symInfo.Name);
IMAGEHLP_LINE ImageLine = { 0 };
ImageLine.SizeOfStruct = sizeof(IMAGEHLP_LINE);
while (TRUE == StackWalk(
machineType,
hCurProcess,
g_hThread,
&stackFrame,
&context,
NULL,
SymFunctionTableAccess,
SymGetModuleBase,
NULL)
)
{
if (FALSE == SymGetSymFromAddr(hCurProcess, stackFrame.AddrPC.Offset, &dwDisplament, pSym))
{
cout << "SymGetSymFromAddr fail. LastError: 0x" << std::hex << GetLastError();
//continue;
}
if (FALSE == SymGetLineFromAddr(hCurProcess, stackFrame.AddrPC.Offset, &dwDis32, &ImageLine))
{
cout << "SymGetLineFromAddr fail. LastError: 0x" << std::hex << GetLastError();
//continue;
}
printf("当前调用函数 :(FILE[%s]LINE[%d]) %08x + %s \n",
ImageLine.FileName, ImageLine.LineNumber, pSym->Address, pSym->Name);
}
if (0xFFFFFFFF == ResumeThread(g_hThread))
{
cout << "ResumeThread fail. LastError: 0x" << std::hex << GetLastError();
return;
}
if (FALSE == SymCleanup(hCurProcess))
{
cout << "SymCleanup fail. LastError: 0x" << std::hex << GetLastError();
}
return;
}
void func1()
{
Sleep(10 * 1000);
}
void func2()
{
func1();
}
void func3()
{
func2();
}
unsigned _stdcall ThreadTestStack(void* lpArgList)
{
func3();
return 0;
}
int main(int argc, char* argv[])
{
unsigned uThreadID = 0;
g_hThread = (HANDLE)_beginthreadex(NULL, 0, &ThreadTestStack, NULL, 0, &uThreadID);
if (INVALID_HANDLE_VALUE == g_hThread)
{
cout << "_beginthreadex fail." << endl;
return 0;
}
Sleep(1 * 1000);
StackTrack();
return 0;
}
View Code
标签:回溯,SYMBOL,DbgHelp,stackFrame,线程,Mode,context,Offset,AddrModeFlat From: https://www.cnblogs.com/Arthurian/p/15722991.html