Re: [GD-Windows] Call stack
Brought to you by:
vexxed72
Menu
▾
▴
Re: [GD-Windows] Call stack
|
From: brian s. <bri...@gm...> - 2005-02-09 19:24:23
|
On Wed, 9 Feb 2005 13:49:44 -0500, Daniel Vogel <Dan...@ep...> wrote: > > the stack. I have plenty of cases in the engine where I > > capture a call stack for debugging later if something else > > IMO StackWalk64 is mostly useless for this case as you cannot call > GetThreadContext on a running thread. > > http://msdn.microsoft.com/library/default.asp?url=/library/en-us/debug/b > ase/getthreadcontext.asp > > I assume you're doing this as that's exactly what we did with our proxy > malloc and it broke with SP2 as well. When I wrote my callstack walker for my malloc routine, I took the docs at their word and assumed that calling GetThreadContext from my current thread wouldn't work. So I just filled in the relevant bits of the STACKFRAME structure myself before calling StackWalk. I haven't tested this code with SP2 yet though. The best I can promise is that it *might* not fall over :). --brian ---- begin code ----- // This function exists because EIP cannot be read directly. // What this function does is read the return address off the top of // the stack into EAX, so that the caller can get a valid EIP value in // their call frame. __declspec(naked) void LoadCallerEipIntoEax(void) { __asm { mov eax, [esp] ret } } // Init the stack frame with relevant bits of thread context. We // don't call GetThreadContext as it claims to not work for a // running thread STACKFRAME stackFrame; ZeroMemory(&stackFrame, sizeof(stackFrame)); __asm { call LoadCallerEipIntoEax mov stackFrame.AddrPC.Offset, eax mov stackFrame.AddrStack.Offset, esp mov stackFrame.AddrFrame.Offset, ebp }; stackFrame.AddrPC.Mode = AddrModeFlat; stackFrame.AddrStack.Mode = AddrModeFlat; stackFrame.AddrFrame.Mode = AddrModeFlat; ---- end code ----- --brian |
