发表新帖
发表新帖

How to Log Stack Frames with Windows x64

前端 未结
关注
12 1004
-上瘾入骨i
-上瘾入骨i 2020-12-07 14:48

I am using Stackdumps with Win32, to write all return adresses into my logfile. I match these with a mapfile later on (see my article [Post Mortem Debugging][1]).

<

相关标签:
12条回答
  • 终归单人心
    2020-12-07 15:38

    We use minidumps exclusively here. You can generate a stripped down one that just includes stack information and dump out a stack trace from a decent debugger later.

    It doesn't solve your problem directly, but I think it will provide you a much better postmortem reporting mechanism.

    0 讨论(0)
  • 无人及你
    2020-12-07 15:41

    Watch this, I do not know if it is relevant:
    ...
    Working with Assembly Code Assembly code is straightforward to port to AMD64 and 64-bit Windows—and is worth the effort for performance reasons! For example, you can take advantage of the new 64-bit general-purpose registers (r8-r15), and new floating point and 128-bit SSE/SSE2/floating point registers (xmm8-xmm15). However, there are new 64-bit stack frames and calling conventions you should learn about in the ABI (application binary interface) specifications.
    ...

    0 讨论(0)
  • 轻奢々
    2020-12-07 15:42

    The trick is to stop calling StackWalk64 when it returns 0 in stk.AddrReturn.Offset. This means there are no more frames on the stack. If stk.AddrReturn.Offset is non-zero, you can use that value as the return address.

    If you continue calling StackWalk64 after this, my guess is that it will try to interpret whatever is in the memory locations as being a stack and will return unpredictable data.

    0 讨论(0)
  • 时光说笑
    2020-12-07 15:46

    Regarding RtlCaptureStackBackTrace, one thing I've noticed on 32-bit Windows is that it fails if you pass too large a number into it for FramesToCapture. Experimentally I've identified 61 as the maximum value, for no reason that I can fathom!

    Not sure if it's the same in x64, but that might explain why you're getting no info out.

    0 讨论(0)
  • 生来不讨喜
    2020-12-07 15:47

    Regarding the first issue: disable "Omit stack frames" in thre release version, and the "trivial" stack tracing code will work.

    0 讨论(0)
  • 梦谈多话
    2020-12-07 15:54

    Found the short version with the "CaptureStackBackTraceType" really useful!

    Then resolved function names of the "callers[]" using SymFromAddr(), SymInitialize(), which is mainly the version from Pedro Reis

    and finally demangled the function signatures according to function to mangle/demangle functions

    NOTE: GNU demangler function abi::__cxa_demangle() expects a single underscore prefix

    0 讨论(0)
 看不清?
提交回复
热议问题