StackWalk64
2024-08-26 08:15:09
#include <Windows.h> #define PULONG_PTR ULONG**
#define PULONG ULONG*
#define ULONG_PTR ULONG*
#include <DbgHelp.h>
#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h> // 添加对dbghelp.lib的编译依赖
//
#pragma comment(lib, "dbghelp.lib")
const int MAX_ADDRESS_LENGTH = ;
const int MAX_NAME_LENGTH = ;
// 崩溃信息
//
// 安全拷贝字符串函数
//
// 得到程序崩溃信息
// // 得到CallStack信息
//
#define GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS (0x04) // lpModuleName是模块中的一个地址
typedef BOOL (WINAPI* GetModuleHandleExA_T)(
DWORD dwFlags,
LPCSTR lpModuleName,
HMODULE* phModule
);
HMODULE getmodulename(char* buffer,int size,void* addri)
{
HMODULE hmodule;
char FileName[MAX_PATH] = {};
GetModuleHandleExA_T GetModuleHandleExA=(GetModuleHandleExA_T)GetProcAddress(GetModuleHandle("kernel32.dll"),"GetModuleHandleExA");
GetModuleHandleExA(GET_MODULE_HANDLE_EX_FLAG_FROM_ADDRESS, (LPCSTR)addri, &hmodule);
GetModuleFileNameA(hmodule, buffer, size);
return hmodule;
}
char* gettimestring(char* buffer)
{
SYSTEMTIME systemtime;
GetSystemTime( &systemtime);
sprintf(buffer,"[%2.2d.%2.2d]",systemtime.wHour,systemtime.wMinute,systemtime.wSecond,systemtime.wMilliseconds);
return buffer;
}
void log(const char*format,...)
{
va_list v;
char buffer[];
char tbuffer[];
va_start(v,format);
_vsnprintf(buffer,,format,v);
va_end(v);
char fname[];
sprintf(fname,"%d.txt",GetCurrentThreadId());
FILE* fd = fopen(fname,"a+b");
fprintf(fd," %s[%d.%d]%s\r\n",gettimestring(tbuffer),GetCurrentProcessId(),GetCurrentThreadId(),buffer);
fclose(fd);
//OutputDebugStringA(buffer);
}
void logthread(DWORD threadid,const char*format,...)
{
va_list v;
char buffer[];
char tbuffer[];
va_start(v,format);
_vsnprintf(buffer,,format,v);
va_end(v);
char fname[];
sprintf(fname,"%d.txt",threadid);
FILE* fd = fopen(fname,"a+b");
fprintf(fd," %s[%d.%d]%s\r\n",gettimestring(tbuffer),GetCurrentProcessId(),GetCurrentThreadId(),buffer);
fclose(fd);
//OutputDebugStringA(buffer);
}
void PrintCallStackFromContext(const CONTEXT *pContext,HANDLE hThread,DWORD dwThreadId) ;
typedef HANDLE (WINAPI * OPENTHREADFUN)(DWORD dwDesiredAccess,BOOL bInheritHandle,DWORD dwThreadId);
DWORD WINAPI __printstack(void* p)
{
DWORD dwThreadId = (DWORD)p;
DWORD error;
//1:kernel32 大部分程序都自动加载了kernel32.dll 所以再获得句柄之前不需要Loadlibray
HMODULE hKernel32 = ::GetModuleHandle("kernel32.dll");
//2获得函数指针
OPENTHREADFUN pFun = (OPENTHREADFUN)GetProcAddress(hKernel32,"OpenThread");
HANDLE hThread = pFun(THREAD_GET_CONTEXT,,dwThreadId);
if(hThread==){
error = GetLastError();
::MessageBox(,"error1",,);
return -;
}
CONTEXT tagContext;
tagContext.ContextFlags = CONTEXT_FULL;
if(GetThreadContext(hThread,&tagContext)){
PrintCallStackFromContext(&tagContext,hThread,dwThreadId);
}else{
error = GetLastError();
::MessageBox(,"error2",,);
return -;
}
return ;
}
void PrintCurrentCallStack()
{
HANDLE hThread = CreateThread(,,__printstack,(void*)GetCurrentThreadId(),,);
WaitForSingleObject(hThread,-);
}
void PrintCallStackFromContext(const CONTEXT *pContext,HANDLE hThread,DWORD dwThreadId)
{
HANDLE hProcess = GetCurrentProcess();
CONTEXT c = *pContext;
STACKFRAME64 sf;
memset(&sf, , sizeof(STACKFRAME64));
DWORD dwImageType = IMAGE_FILE_MACHINE_I386;
// 不同的CPU类型,具体信息可查询MSDN
//
#ifdef _M_IX86
sf.AddrPC.Offset = c.Eip;
sf.AddrPC.Mode = AddrModeFlat;
sf.AddrStack.Offset = c.Esp;
sf.AddrStack.Mode = AddrModeFlat;
sf.AddrFrame.Offset = c.Ebp;
sf.AddrFrame.Mode = AddrModeFlat;
#elif _M_X64
dwImageType = IMAGE_FILE_MACHINE_AMD64;
sf.AddrPC.Offset = c.Rip;
sf.AddrPC.Mode = AddrModeFlat;
sf.AddrFrame.Offset = c.Rsp;
sf.AddrFrame.Mode = AddrModeFlat;
sf.AddrStack.Offset = c.Rsp;
sf.AddrStack.Mode = AddrModeFlat;
#elif _M_IA64
dwImageType = IMAGE_FILE_MACHINE_IA64;
sf.AddrPC.Offset = c.StIIP;
sf.AddrPC.Mode = AddrModeFlat;
sf.AddrFrame.Offset = c.IntSp;
sf.AddrFrame.Mode = AddrModeFlat;
sf.AddrBStore.Offset = c.RsBSP;
sf.AddrBStore.Mode = AddrModeFlat;
sf.AddrStack.Offset = c.IntSp;
sf.AddrStack.Mode = AddrModeFlat;
#else
#error "Platform not supported!"
#endif
//HANDLE hThread = GetCurrentThread();
logthread(dwThreadId,"=====stackwalk64=====");
while (true)
{
// 该函数是实现这个功能的最重要的一个函数
// 函数的用法以及参数和返回值的具体解释可以查询MSDN
//
if (!StackWalk64(dwImageType, hProcess, hThread, &sf, &c, NULL, , , NULL))
{
break;
}
if (sf.AddrFrame.Offset == )
{
break;
}
// 得到函数名
//
DWORD retaddress = (DWORD)sf.AddrPC.Offset;
char buffer[];
HMODULE hmod = getmodulename(buffer,,(void*)retaddress);
logthread(dwThreadId,"retaddress=%s %x",buffer,retaddress-(DWORD)hmod);
}
logthread(dwThreadId,"==========");
}
最新文章
- address_add
- 002. Centos7安装mysql5.5.37
- Java重点之小白解析--浅谈数据流形式图片上载
- fzu月赛 2203 单纵大法好 二分
- jquery_事件与动画
- [cmd]linux 常用命令
- ajax取返回值的方法
- Java webservice
- MySQL多Text字段报8126错误(解决过程)
- C语言_指针和数组的几种访问形式
- mongodb系列之--mongodb 主从配置与说明
- jmeter启动报错
- 045、安装Docker Machine (2019-03-08 周五)
- RGB、YUV和HSV颜色空间模型
- 控件布局_TableLayout
- 【做题】UVA-12304——平面计算集合六合一
- python updata与深拷贝
- Docker系列之(一):10分钟玩转Docker
- 让maven使用国内镜像和archetypeCatalog
- Elasticsearch零停机时间更新索引配置或迁移索引
热门文章
- GitHub-创建仓库与本地同步
- [福大软工] Z班 团队作业——系统设计 作业成绩
- python3编写网络爬虫21-scrapy框架的使用
- UDP Health Checks
- 监听器的配置,绑定HttpSessionListener监听器的使用
- 【HNOI2016】大数
- L2-010 排座位 (并查集)
- 【转】Android中dip(dp)与px之间单位转换
- 使用Nginx实现反向代理
- Spring配置中的";classpath:";与";classpath*:";的区别研究(转)