0

I recently came through this post which talks about how you can a get a backtrace in windows using C.

void printStack( void ) {
    unsigned int   i;
     void         * stack[ 100 ];
     unsigned short frames;
     SYMBOL_INFO  * symbol;
     HANDLE         process;

     process = GetCurrentProcess();

     SymInitialize( process, NULL, TRUE );

     frames               = CaptureStackBackTrace( 0, 100, stack, NULL );
     symbol               = ( SYMBOL_INFO * )calloc( sizeof( SYMBOL_INFO ) + 256 * sizeof( char ), 1 );
     symbol->MaxNameLen   = 255;
     symbol->SizeOfStruct = sizeof( SYMBOL_INFO );

     for( i = 0; i < frames; i++ )
     {
         SymFromAddr( process, ( DWORD64 )( stack[ i ] ), 0, symbol );

         printf( "%i: %s - 0x%0X\n", frames - i - 1, symbol->Name, symbol->Address );
     }

     free( symbol );
}

I compiled the code libdbghelp.lib successfully. But problem is when I run the program it prints six frames, Three of which is empty with 0x0 address, However the first three are okay with slight difference than output of above post (Not a big deal, right?). I don't think any of function failed!

5:  - 0x0
4:  - 0x0
3:  - 0x0
2: BaseThreadInitThunk - 0x7570FA10
1: RtlGetAppContainerNamedObjectPath - 0x772D7980
0: RtlGetAppContainerNamedObjectPath - 0x772D7980

At first, I gave a quick google search but didn't found any solution. I came to guess that I'm missing a pdb file!

Now how do I get the other three symbols? Is it possible using GCC or I'll be punished for not bowing against lord Visual Studio IDE? If no, Is it possible to generate pdb file anyway or using <dbghelp.h> functions.

vector X
  • 89
  • 7
  • 1
    Please [edit] your question and add more details. I suggest to copy&paste exactly the code you use. Create a [mre]. It is unclear what code from the linked question or its answers you actually use. Show the command(s) you use to build the program. In case you use the code from the accepted answer: Check the return value of `SymInitialize` and `SymFromAddr` and on error call `GetLastError` and maybe `FormatMessage`. – Bodo Feb 02 '22 at 20:02
  • @Bodo Edited the post. I guess none of function failed since something is printed! – vector X Feb 02 '22 at 20:27
  • `dbghelp` can't use the debug information of `gcc`. Maybe you're looking for something like [this](https://stackoverflow.com/a/29192509/1983398)? – ssbssa Feb 03 '22 at 11:29
  • @vectorX Instad of guessing you should check all results for error indications. That's the purpose of the return values. Your `printf` seems to print empty strings and a value 0, which apparently is not what you expect to see. If `SymFromAddr` fails it may leave the value of `symbol` unchanged or it may set it to undefined or specific values. I did not check the details. Read the documentation. BTW: You don't need the Visual Studio IDE, you could also use the command line compiler and linker, e.g. with `make`. – Bodo Feb 03 '22 at 19:21

0 Answers0