tags:

views:

1376

answers:

3
+3  Q: 

How do I obtain a stack trace on Windows without using dbghelp.dll?

How do I obtain a stack trace of addresses on Windows without using dbghelp.dll?

I don't need to know what the symbols or function names associated with the addresses, I just want the list of addresses -- something similar to backtrace of *nix systems.

Thanks!

+3  A: 

Check out the CaptureStackBackTrace() function, which is in Kernel32.dll. This should do all that you need.

Captures a stack back trace by walking up the stack and recording the information for each frame.

USHORT WINAPI CaptureStackBackTrace(
  __in       ULONG FramesToSkip,
  __in       ULONG FramesToCapture,
  __out      PVOID *BackTrace,
  __out_opt  PULONG BackTraceHash
);
Kris Kumler  2008-12-24 23:42:07
Looks good. But I'm using VS 2005, and CaptureStackBackTrace no RtlCaptureBackTrace isn't defined in winbase.h.I'll try manually including the function prototype for RtlCaptureBackTrace(...) and see if that will work for me. Thanks!
Uhall  2008-12-24 23:47:15
Way cool! I've written stack tracing code ateast 3 times and had no idea this exists. Thank you!
shoosh  2008-12-25 03:54:45
@Uhall: You can try installing a newer Windows SDK. The minimum supported client is listed as Windows XP although the MSDN page does list that it was included in the Windows SDK starting with Windows Vista.
Kris Kumler  2008-12-29 16:24:33
+1  A: 

If you want to do this extremely non-portably, you can just read the EBP register and walk the stack yourself. This will only work for the x86 architecture, and it also assumes that the C runtime you're using properly initializes EBP to 0 before calling the first function.

uint32_t read_ebp(void)
{
    uint32_t my_ebp;
    __asm
    {
        mov ebp, my_ebp
    }

    return my_ebp;
}

void backtrace(void)
{
    uint32_t ebp = read_ebp();

    printf("backtrace:\n");

    while(ebp != 0)
    {
        printf("0x%08x\n", ebp);
        ebp = ((uint32_t *)ebp)[1];
    }
}
Adam Rosenfield  2008-12-25 00:30:57
With release builds this will only give you the first few frames. For this to actually work reliably you need to set "Omit Frame Pointers"=No.
shoosh  2008-12-25 03:56:24
destination comes first, so you need to mov my_ebp, ebp.. other than that it's pretty cool
Daniel  2009-03-19 17:59:19
+1  A: 

Previous variant doesn't work for me(msvc 6), so:

unsigned long prev;
unsigned long addr;
__asm { mov prev, ebp }
while(addr!=0) { 
  addr = ((unsigned long *)prev)[1]; 
  printf("0x%08x\n", addr); 
  prev = ((unsigned long *)prev)[0]; 
}
Adam, thanks for highlighting the way!

 2009-03-19 17:54:51

related questions

Of Memory Management, Heap Corruption, and C++
How do I make a GUI?
Alpha blending sprites in Nintendo DS Homebrew
Thread safe lazy contruction of a singleton in C++
Interview Programming Questions - In house Exam
Link issues (VC6)
What are the barriers to understanding pointers and what can be done to overcome them?
Why are professors or schools picking Java over C++ to teach to students?
What is the best way to create a sparse array in C++
C/C++ library for reading MIDI signals from a USB MIDI device
How do you pack a visual studio c++ project for release?
How to set up unit testing for Visual Studio C++
How do I configure and communicate with a serial port?
Lightweight IDE for Linux
Mapping Stream data to data structures in C#
CPU throttling in C++
Asynchronous multi-direction server-client communication over the same open socket?
Exceptions in C++
Heap corruption under Win32; how to locate?
Build for Windows NT 4.0 using Visual Studio 2005?
C++: Should I use nested classes in this case?
BerkeleyDB Concurrency
GTK implementation of MessageBox
Is gettimeofday() guaranteed to be of microsecond resolution?
How to use the C socket API in C++ on z/OS