堆栈遍历已调试的进程
打开一个进程(使用 C++/Windows)
if( CreateProcessA( NULL, // No module name (use command line)
(LPSTR)path, //argv[1], // Command line
NULL, // Process handle not inheritable
NULL, // Thread handle not inheritable
FALSE, // Set handle inheritance to FALSE
creationFlags, // No creation flags
NULL, // Use parent's environment block
NULL, // Use parent's starting directory
&startInfo, // Pointer to STARTUPINFO structure
&processInfo ) // Pointer to PROCESS_INFORMATION structure
我使用where
DWORD creationFlags = DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS;
,然后我尝试使用 stackwalk 来执行它,
bool ok = StackWalk64(IMAGE_FILE_MACHINE_I386,m_ps.Handle ,m_th.Handle,
&m_stackframe, &m_threadContext,
0, NULL, NULL, 0);
但是 stackwalk 只给我顶部地址,下一个是 0,而我知道堆栈中还有更多地址。
有谁知道问题出在哪里吗?
谢谢 :)
I'm opened opening a process (with C++/Windows) using
if( CreateProcessA( NULL, // No module name (use command line)
(LPSTR)path, //argv[1], // Command line
NULL, // Process handle not inheritable
NULL, // Thread handle not inheritable
FALSE, // Set handle inheritance to FALSE
creationFlags, // No creation flags
NULL, // Use parent's environment block
NULL, // Use parent's starting directory
&startInfo, // Pointer to STARTUPINFO structure
&processInfo ) // Pointer to PROCESS_INFORMATION structure
where
DWORD creationFlags = DEBUG_PROCESS | DEBUG_ONLY_THIS_PROCESS;
and then I'm trying to stackwalk it with
bool ok = StackWalk64(IMAGE_FILE_MACHINE_I386,m_ps.Handle ,m_th.Handle,
&m_stackframe, &m_threadContext,
0, NULL, NULL, 0);
but stackwalk just gives me the top address and the next one is 0, while I know there are more addresses in the stack.
Does anybody know what's the problem?
thanks :)
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
根据这个片段无法判断。为了让它发挥作用,你必须正确设置很多东西。查看这篇详细的博客文章<的逻辑< /a>.
如果您可以发布更大但不是太大的示例,请发布更多代码。您如何设置 STACKFRAME 和 CONTEXT 结构?您是否在 StackWalk64 上循环?任何给定的调用仅返回一个堆栈帧。
It's impossible to tell based on this snippet. There's so much you have to set up correctly in order for this to work. Check out the logic at this detailed blog post.
Post more code if you can post a bigger but not too big sample. How are you setting up the STACKFRAME and CONTEXT structures? Are you looping on
StackWalk64? Any given call only returns one stack frame.哎呀...我忘记在收到来自调试进程的事件后调用“ContinueDebugEvent” - 所以它保持暂停状态并且 StackWalk 实际上是正确的。 :)
oops... I forget to call "ContinueDebugEvent" after receiving events from the debugged process - so it stayed paused and the StackWalk was infact correct. :)