📄 stackwalker.cpp
字号:
/**********************************************************************
*
* StackWalker.cpp
*
*
* History:
* 2005-07-27 v1 - First public release on http://www.codeproject.com/
* http://www.codeproject.com/threads/StackWalker.asp
* 2005-07-28 v2 - Changed the params of the constructor and ShowCallstack
* (to simplify the usage)
* 2005-08-01 v3 - Changed to use 'CONTEXT_FULL' instead of CONTEXT_ALL
* (should also be enough)
* - Changed to compile correctly with the PSDK of VC7.0
* (GetFileVersionInfoSizeA and GetFileVersionInfoA is wrongly defined:
* it uses LPSTR instead of LPCSTR as first paremeter)
* - Added declarations to support VC5/6 without using 'dbghelp.h'
* - Added a 'pUserData' member to the ShowCallstack function and the
* PReadProcessMemoryRoutine declaration (to pass some user-defined data,
* which can be used in the readMemoryFunction-callback)
* 2005-08-02 v4 - OnSymInit now also outputs the OS-Version by default
* - Added example for doing an exception-callstack-walking in main.cpp
* (thanks to owillebo: http://www.codeproject.com/script/profile/whos_who.asp?id=536268)
* 2005-08-05 v5 - Removed most Lint (http://www.gimpel.com/) errors... thanks to Okko Willeboordse!
* 2006-09-21 - JM: @@@@ XMEM: small changes for XMEM use to avoid constantly memory allocations by using arrays
* 2007-01-29 - JM: merged with enhanced version from CodeProject
* 2008-04-30 - JM: included xmem.h
*
**********************************************************************/
#include <windows.h>
#include <tchar.h>
#include <stdio.h>
#pragma comment(lib, "version.lib") // for "VerQueryValue"
#define STACK_WALKER_EXPORT // This makes header export biased
#include "StackWalker.h"
// If VC7 and later, then use the shipped 'dbghelp.h'-file
#if _MSC_VER >= 1300
#include <dbghelp.h>
#else
// inline the important dbghelp.h-declarations...
typedef enum {
SymNone = 0,
SymCoff,
SymCv,
SymPdb,
SymExport,
SymDeferred,
SymSym,
SymDia,
SymVirtual,
NumSymTypes
} SYM_TYPE;
typedef struct _IMAGEHLP_LINE64 {
DWORD SizeOfStruct; // set to sizeof(IMAGEHLP_LINE64)
PVOID Key; // internal
DWORD LineNumber; // line number in file
PCHAR FileName; // full filename
DWORD64 Address; // first instruction of line
} IMAGEHLP_LINE64, *PIMAGEHLP_LINE64;
typedef struct _IMAGEHLP_MODULE64 {
DWORD SizeOfStruct; // set to sizeof(IMAGEHLP_MODULE64)
DWORD64 BaseOfImage; // base load address of module
DWORD ImageSize; // virtual size of the loaded module
DWORD TimeDateStamp; // date/time stamp from pe header
DWORD CheckSum; // checksum from the pe header
DWORD NumSyms; // number of symbols in the symbol table
SYM_TYPE SymType; // type of symbols loaded
CHAR ModuleName[32]; // module name
CHAR ImageName[256]; // image name
CHAR LoadedImageName[256]; // symbol file name
} IMAGEHLP_MODULE64, *PIMAGEHLP_MODULE64;
typedef struct _IMAGEHLP_SYMBOL64 {
DWORD SizeOfStruct; // set to sizeof(IMAGEHLP_SYMBOL64)
DWORD64 Address; // virtual address including dll base address
DWORD Size; // estimated size of symbol, can be zero
DWORD Flags; // info about the symbols, see the SYMF defines
DWORD MaxNameLength; // maximum size of symbol name in 'Name'
CHAR Name[1]; // symbol name (null terminated string)
} IMAGEHLP_SYMBOL64, *PIMAGEHLP_SYMBOL64;
typedef enum {
AddrMode1616,
AddrMode1632,
AddrModeReal,
AddrModeFlat
} ADDRESS_MODE;
typedef struct _tagADDRESS64 {
DWORD64 Offset;
WORD Segment;
ADDRESS_MODE Mode;
} ADDRESS64, *LPADDRESS64;
typedef struct _KDHELP64 {
DWORD64 Thread;
DWORD ThCallbackStack;
DWORD ThCallbackBStore;
DWORD NextCallback;
DWORD FramePointer;
DWORD64 KiCallUserMode;
DWORD64 KeUserCallbackDispatcher;
DWORD64 SystemRangeStart;
DWORD64 Reserved[8];
} KDHELP64, *PKDHELP64;
typedef struct _tagSTACKFRAME64 {
ADDRESS64 AddrPC; // program counter
ADDRESS64 AddrReturn; // return address
ADDRESS64 AddrFrame; // frame pointer
ADDRESS64 AddrStack; // stack pointer
ADDRESS64 AddrBStore; // backing store pointer
PVOID FuncTableEntry; // pointer to pdata/fpo or NULL
DWORD64 Params[4]; // possible arguments to the function
BOOL Far; // WOW far call
BOOL Virtual; // is this a virtual frame?
DWORD64 Reserved[3];
KDHELP64 KdHelp;
} STACKFRAME64, *LPSTACKFRAME64;
typedef
BOOL
(__stdcall *PREAD_PROCESS_MEMORY_ROUTINE64)(
HANDLE hProcess,
DWORD64 qwBaseAddress,
PVOID lpBuffer,
DWORD nSize,
LPDWORD lpNumberOfBytesRead
);
typedef
PVOID
(__stdcall *PFUNCTION_TABLE_ACCESS_ROUTINE64)(
HANDLE hProcess,
DWORD64 AddrBase
);
typedef
DWORD64
(__stdcall *PGET_MODULE_BASE_ROUTINE64)(
HANDLE hProcess,
DWORD64 Address
);
typedef
DWORD64
(__stdcall *PTRANSLATE_ADDRESS_ROUTINE64)(
HANDLE hProcess,
HANDLE hThread,
LPADDRESS64 lpaddr
);
#define SYMOPT_CASE_INSENSITIVE 0x00000001
#define SYMOPT_UNDNAME 0x00000002
#define SYMOPT_DEFERRED_LOADS 0x00000004
#define SYMOPT_NO_CPP 0x00000008
#define SYMOPT_LOAD_LINES 0x00000010
#define SYMOPT_OMAP_FIND_NEAREST 0x00000020
#define SYMOPT_LOAD_ANYTHING 0x00000040
#define SYMOPT_IGNORE_CVREC 0x00000080
#define SYMOPT_NO_UNQUALIFIED_LOADS 0x00000100
#define SYMOPT_FAIL_CRITICAL_ERRORS 0x00000200
#define SYMOPT_EXACT_SYMBOLS 0x00000400
#define SYMOPT_ALLOW_ABSOLUTE_SYMBOLS 0x00000800
#define SYMOPT_IGNORE_NT_SYMPATH 0x00001000
#define SYMOPT_INCLUDE_32BIT_MODULES 0x00002000
#define SYMOPT_PUBLICS_ONLY 0x00004000
#define SYMOPT_NO_PUBLICS 0x00008000
#define SYMOPT_AUTO_PUBLICS 0x00010000
#define SYMOPT_NO_IMAGE_SEARCH 0x00020000
#define SYMOPT_SECURE 0x00040000
#define SYMOPT_DEBUG 0x80000000
#define UNDNAME_COMPLETE (0x0000) // Enable full undecoration
#define UNDNAME_NAME_ONLY (0x1000) // Crack only the name for primary declaration;
#endif // _MSC_VER < 1300
// Some missing defines (for VC5/6):
#ifndef INVALID_FILE_ATTRIBUTES
#define INVALID_FILE_ATTRIBUTES ((DWORD)-1)
#endif
// secure-CRT_functions are only available starting with VC8
#if _MSC_VER < 1400
#define strcpy_s strcpy
#define strcat_s(dst, len, src) strcat(dst, src)
#define _snprintf_s _snprintf
#define _tcscat_s _tcscat
#endif
// Normally it should be enough to use 'CONTEXT_FULL' (better would be 'CONTEXT_ALL')
#define USED_CONTEXT_FLAGS CONTEXT_FULL
// @@@@ XMEM
#if XMEM
#include "xmem.h"
#endif
class StackWalkerInternal
{
public:
StackWalkerInternal(StackWalker *parent, HANDLE hProcess)
{
m_parent = parent;
m_hDbhHelp = NULL;
pSC = NULL;
m_hProcess = hProcess;
m_szSymPath = NULL;
pSFTA = NULL;
pSGLFA = NULL;
pSGMB = NULL;
pSGMI = NULL;
pSGO = NULL;
pSGSFA = NULL;
pSI = NULL;
pSLM = NULL;
pSSO = NULL;
pSW = NULL;
pUDSN = NULL;
pSGSP = NULL;
}
~StackWalkerInternal()
{
if ((pSC != NULL) && (m_hProcess != NULL))
pSC(m_hProcess); // SymCleanup
m_hProcess = NULL;
if (m_hDbhHelp != NULL)
FreeLibrary(m_hDbhHelp);
m_hDbhHelp = NULL;
m_parent = NULL;
if(m_szSymPath != NULL)
free(m_szSymPath);
m_szSymPath = NULL;
}
BOOL Init(LPCSTR szSymPath)
{
if (m_parent == NULL)
return FALSE;
// Dynamically load the Entry-Points for dbghelp.dll:
// First try to load the newsest one from
TCHAR szTemp[4096];
// But before wqe do this, we first check if the ".local" file exists
if (GetModuleFileName(NULL, szTemp, 4096) > 0)
{
_tcscat_s(szTemp, _T(".local"));
if (GetFileAttributes(szTemp) == INVALID_FILE_ATTRIBUTES)
{
// ".local" file does not exist, so we can try to load the dbghelp.dll from the "Debugging Tools for Windows"
if (GetEnvironmentVariable(_T("ProgramFiles"), szTemp, 4096) > 0)
{
_tcscat_s(szTemp, _T("\\Debugging Tools for Windows\\dbghelp.dll"));
// now check if the file exists:
if (GetFileAttributes(szTemp) != INVALID_FILE_ATTRIBUTES)
{
m_hDbhHelp = LoadLibrary(szTemp);
}
}
// Still not found? Then try to load the 64-Bit version:
if ( (m_hDbhHelp == NULL) && (GetEnvironmentVariable(_T("ProgramFiles"), szTemp, 4096) > 0) )
{
_tcscat_s(szTemp, _T("\\Debugging Tools for Windows 64-Bit\\dbghelp.dll"));
if (GetFileAttributes(szTemp) != INVALID_FILE_ATTRIBUTES)
{
m_hDbhHelp = LoadLibrary(szTemp);
}
}
}
}
if (m_hDbhHelp == NULL) // if not already loaded, try to load a default-one
m_hDbhHelp = LoadLibrary( _T("dbghelp.dll") );
if (m_hDbhHelp == NULL)
return FALSE;
pSI = (tSI) GetProcAddress(m_hDbhHelp, "SymInitialize" );
pSC = (tSC) GetProcAddress(m_hDbhHelp, "SymCleanup" );
pSW = (tSW) GetProcAddress(m_hDbhHelp, "StackWalk64" );
pSGO = (tSGO) GetProcAddress(m_hDbhHelp, "SymGetOptions" );
pSSO = (tSSO) GetProcAddress(m_hDbhHelp, "SymSetOptions" );
pSFTA = (tSFTA) GetProcAddress(m_hDbhHelp, "SymFunctionTableAccess64" );
pSGLFA = (tSGLFA) GetProcAddress(m_hDbhHelp, "SymGetLineFromAddr64" );
pSGMB = (tSGMB) GetProcAddress(m_hDbhHelp, "SymGetModuleBase64" );
pSGMI = (tSGMI) GetProcAddress(m_hDbhHelp, "SymGetModuleInfo64" );
//pSGMI_V3 = (tSGMI_V3) GetProcAddress(m_hDbhHelp, "SymGetModuleInfo64" );
pSGSFA = (tSGSFA) GetProcAddress(m_hDbhHelp, "SymGetSymFromAddr64" );
pUDSN = (tUDSN) GetProcAddress(m_hDbhHelp, "UnDecorateSymbolName" );
pSLM = (tSLM) GetProcAddress(m_hDbhHelp, "SymLoadModule64" );
pSGSP =(tSGSP) GetProcAddress(m_hDbhHelp, "SymGetSearchPath" );
if ( pSC == NULL || pSFTA == NULL || pSGMB == NULL || pSGMI == NULL ||
pSGO == NULL || pSGSFA == NULL || pSI == NULL || pSSO == NULL ||
pSW == NULL || pUDSN == NULL || pSLM == NULL )
{
FreeLibrary(m_hDbhHelp);
m_hDbhHelp = NULL;
pSC = NULL;
return FALSE;
}
// SymInitialize
if (szSymPath != NULL)
m_szSymPath = _strdup(szSymPath);
if (this->pSI(m_hProcess, m_szSymPath, FALSE) == FALSE)
this->m_parent->OnDbgHelpErr("SymInitialize", GetLastError(), 0);
DWORD symOptions = this->pSGO(); // SymGetOptions
symOptions |= SYMOPT_FAIL_CRITICAL_ERRORS | SYMOPT_LOAD_ANYTHING | SYMOPT_LOAD_LINES;
//symOptions |= SYMOPT_NO_PROMPTS;
//symOptions &= ~SYMOPT_UNDNAME;
//symOptions &= ~SYMOPT_DEFERRED_LOADS;
// SymSetOptions
symOptions = this->pSSO(symOptions);
char buf[StackWalker::STACKWALK_MAX_NAMELEN] = {0};
if (this->pSGSP != NULL)
{
if (this->pSGSP(m_hProcess, buf, StackWalker::STACKWALK_MAX_NAMELEN) == FALSE)
this->m_parent->OnDbgHelpErr("SymGetSearchPath", GetLastError(), 0);
}
char szUserName[1024] = {0};
DWORD dwSize = 1024;
GetUserNameA(szUserName, &dwSize);
this->m_parent->OnSymInit(buf, symOptions, szUserName);
return TRUE;
}
StackWalker *m_parent;
HMODULE m_hDbhHelp;
HANDLE m_hProcess;
LPSTR m_szSymPath;
/*typedef struct IMAGEHLP_MODULE64_V3 {
DWORD SizeOfStruct; // set to sizeof(IMAGEHLP_MODULE64)
DWORD64 BaseOfImage; // base load address of module
DWORD ImageSize; // virtual size of the loaded module
DWORD TimeDateStamp; // date/time stamp from pe header
DWORD CheckSum; // checksum from the pe header
DWORD NumSyms; // number of symbols in the symbol table
SYM_TYPE SymType; // type of symbols loaded
CHAR ModuleName[32]; // module name
CHAR ImageName[256]; // image name
// new elements: 07-Jun-2002
CHAR LoadedImageName[256]; // symbol file name
CHAR LoadedPdbName[256]; // pdb file name
DWORD CVSig; // Signature of the CV record in the debug directories
CHAR CVData[MAX_PATH * 3]; // Contents of the CV record
DWORD PdbSig; // Signature of PDB
GUID PdbSig70; // Signature of PDB (VC 7 and up)
⌨️ 快捷键说明
复制代码
Ctrl + C
搜索代码
Ctrl + F
全屏模式
F11
切换主题
Ctrl + Shift + D
显示快捷键
?
增大字号
Ctrl + =
减小字号
Ctrl + -