dbghelp

问题 For background, I have come across this porting a medium-sized linux codebase (compiling into a giant .so) to x64 windows (compiling into a .dll). I have had linker trouble. As a minimal testcase, if I create a Visual Studio project from just the following file: #include <Windows.h> #include <Dbghelp.h> void do_stuff(char const * s) { char buffer[4096]; long int len = UnDecorateSymbolName( s, buffer, sizeof(buffer), UNDNAME_COMPLETE); } And I set the project type to DLL and build it, I get an

问题 I am currently trying to create a C# application that will allow me to view the export table from an unmanaged DLL. My problem is, once I have all the pointers I need, I have no idea how to loop through the information that the API has provided me. Here is what I have right now: using System; using System.ComponentModel; using System.Runtime.InteropServices; namespace DLLMapper { class DLLExportViewer { #region APIs [DllImport("imagehlp.dll")] public static extern Boolean MapAndLoad(String

问题 I am trying to capture a stack trace on exceptions using the following code: #include "stdafx.h" #include <process.h> #include <iostream> #include <Windows.h> #include "dbghelp.h" using namespace std; #define TRACE_MAX_FUNCTION_NAME_LENGTH 1024 void function2() { int a = 0; int b = 0; throw new exception; } void function1() { int a = 0; function2(); } void function0() { function1(); } LONG WINAPI FatalExceptionFilter(EXCEPTION_POINTERS* exception, DWORD exceptionCode) { CONTEXT *context =

问题 I'm looking for a way (in C++/Windows) to list the exported functions of a DLL (and maybe even methods which are not exported) using dbgHelp. Does anybody know which method can do it? 回答1: There is code here to do this. I have cleaned it up a bit and it worked in the scenario shown below, retrieving function names from Kernel32.Dll . #include "imagehlp.h" void ListDLLFunctions(string sADllName, vector<string>& slListOfDllFunctions) { DWORD *dNameRVAs(0); _IMAGE_EXPORT_DIRECTORY

问题 I'm trying to walk a callstack that contains both managed and native frames on a x64 process using StackWalk64. Everything works fine until the first or second managed frame, after which StackWalk64 can't figure out the return address of the frame and fails. I'm using SymFunctionTableAccess64 for the function table access callback and the symbol handler has been initialized with SymInitialize(). Is there some magic I need to do in dbghelp to get it to walk over managed frames correctly?

问题 I would like to dump the fields and offsets of structures in the same way as windbg's dt command. Let's say for example I would like to dump the _PEB structure which is in the Microsoft Public symbols (since windbg's DT command works). From MSDN documentation I understood that the SymFromName function should be able to do this, below the is the code I've tried that fails on SymFromName with LastError 126 (The specified module could not be found). From the registered Callback I get the

问题 I am using the following code to walk the stack on an exception ( note: you must run it in release in order to properly receive the desired output of the stack trace to the console, not in debug mode or else it will only show a popup): #include "stdafx.h" #include <process.h> #include <iostream> #include <Windows.h> #include "dbghelp.h" using namespace std; #define TRACE_MAX_FUNCTION_NAME_LENGTH 1024 #define TRACE_LOG_ERRORS FALSE #define TRACE_DUMP_NAME L"Exception.dmp" void function2() {

问题 I have the following code: #include "stdafx.h" #include <process.h> #include <iostream> #include <Windows.h> #include "dbghelp.h" using namespace std; int LogStackTrace() { void *stack[1024]; HANDLE process = GetCurrentProcess(); SymInitialize(process, NULL, TRUE); WORD numberOfFrames = CaptureStackBackTrace(0, 1000, stack, NULL); SYMBOL_INFO *symbol = (SYMBOL_INFO *)malloc(sizeof(SYMBOL_INFO)); symbol->MaxNameLen = 1024; symbol->SizeOfStruct = sizeof(SYMBOL_INFO); IMAGEHLP_LINE *line =

问题 I'm attempting to enumerate symbols from a DLL that I have loaded. For those interested, this is part of the CPPCoverage project, and for some functionality I need symbol data. Breakdown of the problem When the process is started or a DLL is loaded, symbols need to be enumerated for some of the new functionality that has been planned. Basically, a process is created, and dbghelp is used to get symbol information. Next, symbols are iterated using SymEnumSymbols . There are two moments when

问题 I have some native (as in /SUBSYSTEM:NATIVE ) Windows programs that I'd like to generate minidumps for in case they crash. Normally, I'd use dbghelp.dll , but since native processes can only use functions exported from ntdll.dll , I can't. So I've implemented the dumper myself. It's almost done, but unfortunately, I've been unable to locate the list of unloaded modules in the crashed process (the list is certainly stored somewhere, since WinDbg is able to display it). Where do I find the list