关键字:
Call Native dll in managed codes
Windbg extension, windbg sdk/api
Use Marshal in .NET
Get callstack from a dump file.
本文实现:
使用windbg提供的sdk自动化提取dump文件的callstack;
实现流程思路:
Part1:Windbg sdk
Windbg 为扩展应用开发者提供了一套sdk, 安装Debugging Tools for Windows, 在%programfiles%\ Debugging Tools for Windows (x86)\sdk可以找到.
其中:
Sdk\inc: 头文件定义
Sdk\lib:静态链接库,dbghelp.lib,dbgeng.lib,engextcpp.lib,分别针对三个不同平台
Sdk\samples: samples(推荐从这里入门) 
Sdk\help:帮助文档 
另:若不想基于native/c++开发应用,可以考虑在managed codes通过dllimport的方式使用编译好的dbghelp.dll,dbgeng.dll,这两个文件在%programfiles%\ Debugging Tools for Windows (x86)下可以找到。
Part2:Create native dll to wrap windbg sdk
在VS里新建Wind32 动态链接库应用工程,
添加一个头文件dbgcallstack.h,内容如下:
#include <windows.h>
#include "dbgeng.h" // windbg header
// The following ifdef block is the standard way of creating macros which make exporting
// from a DLL simpler. All files within this DLL are compiled with the DBGCALLSTACK_EXPORTS
// symbol defined on the command line. this symbol should not be defined on any project
// that uses this DLL. This way any other project whose source files include this file see
// DBGCALLSTACK_API functions as being imported from a DLL, whereas this DLL sees symbols
// defined with this macro as being exported.
#ifdef DBGCALLSTACK_EXPORTS
#define DBGCALLSTACK_API __declspec(dllexport)
#else
#define DBGCALLSTACK_API __declspec(dllimport)
#endif
//define the max length of call stack
const UINT MAX_CALLSTACK_LINE_LENGTH = 51200;
//define the structure for call stack information
struct CallStackData
{
char stack_line[MAX_CALLSTACK_LINE_LENGTH];
};
extern "C" DBGCALLSTACK_API HRESULT GetCallStack(const char *dumpfile,const char *symbol, __out CallStackData* callstack);
extern "C" DBGCALLSTACK_API HRESULT GetCallStackEx(const char *dumpfile,const char *symbol, __out char* callstack);
class StdioOutputCallbacks : public IDebugOutputCallbacks
{
public:
// IUnknown.
STDMETHOD(QueryInterface)(
THIS_
IN REFIID InterfaceId,
OUT PVOID* Interface
);
STDMETHOD_(ULONG, AddRef)(
THIS
);
STDMETHOD_(ULONG, Release)(
THIS
);
// IDebugOutputCallbacks.
STDMETHOD(Output)(
THIS_
IN ULONG Mask,
IN PCSTR Text
);
};
extern StdioOutputCallbacks g_OutputCb;
添加对应的cpp实现dbgcallstack.cpp,代码如下:
#include <windows.h>
#include "dbgeng.h" // windbg header
#include "stdafx.h"
#include "dbgcallstack.h"
#include <stdlib.h>
#include <stdio.h>
#include <stdarg.h>
StdioOutputCallbacks g_OutputCb;
CallStackData* g_Callstack;
STDMETHODIMP
StdioOutputCallbacks::QueryInterface(
THIS_
IN REFIID InterfaceId,
OUT PVOID* Interface
)
{
*Interface = NULL;
if (IsEqualIID(InterfaceId, __uuidof(IUnknown)) ||
IsEqualIID(InterfaceId, __uuidof(IDebugOutputCallbacks)))
{
*Interface = (IDebugOutputCallbacks *)this;
AddRef();
return S_OK;
}
else
{
return E_NOINTERFACE;
}
}
STDMETHODIMP_(ULONG)
StdioOutputCallbacks::AddRef(
THIS
)
{
// This class is designed to be static so
// there's no true refcount.
return 1;
}
STDMETHODIMP_(ULONG)
StdioOutputCallbacks::Release(
THIS
)
{
// This class is designed to be static so
// there's no true refcount.
return 0;
}
STDMETHODIMP
StdioOutputCallbacks::Output(
THIS_
IN ULONG Mask,
IN PCSTR Text
)
{
UNREFERENCED_PARAMETER(Mask);
fputs(Text, stdout);
strcat(g_Callstack->stack_line,Text);
strcat(g_Callstack->stack_line,"\r\n");
return S_OK;
}
extern "C" DBGCALLSTACK_API HRESULT GetCallStack(const char *dumpfile,const char *symbol, __out CallStackData* callstack)
{
HRESULT hr = S_OK;
IDebugClient *client = NULL;
IDebugControl *control = NULL;
IDebugSymbols *symbols = NULL;
g_Callstack=callstack;
// Create the base IDebugClient object
hr = DebugCreate(__uuidof(IDebugClient), (LPVOID*)&client);
if(FAILED(hr))
{
goto cleanup;
}
// from the base, create the Control and Symbols objects
hr = client->QueryInterface(__uuidof(IDebugControl), (LPVOID*)&control);
if(FAILED(hr))
{
goto cleanup;
}
hr = client->QueryInterface(__uuidof(IDebugSymbols), (LPVOID*)&symbols);
if(FAILED(hr))
{
goto cleanup;
}
if (symbol)
{
hr = symbols->SetSymbolPath(symbol);
if(FAILED(hr))
{
fputs("set symbols error\r\n", stdout);
goto cleanup;
}
}
hr = client->SetOutputCallbacks(&g_OutputCb);
hr = client->OpenDumpFile(dumpfile);
if(FAILED(hr))
{
fputs("open dumpfile error\r\n", stdout);
goto cleanup;
}
// wait for the engine to finish processing
control->WaitForEvent(DEBUG_WAIT_DEFAULT, INFINITE);
if(FAILED(hr))
{
goto cleanup;
}
PDEBUG_STACK_FRAME stackFrames =NULL; //new DEBUG_STACK_FRAME[512];
ULONG numFrames;
fputs("output call stack", stdout);
strcpy(g_Callstack->stack_line,"get information\r\n");
control->
OutputStackTrace(DEBUG_OUTCTL_ALL_CLIENTS, stackFrames,
512, DEBUG_STACK_SOURCE_LINE |
DEBUG_STACK_FRAME_ADDRESSES |
DEBUG_STACK_COLUMN_NAMES |
DEBUG_STACK_FRAME_NUMBERS);
cleanup:
// cleanup and destroy the objects
if(symbols)
{
symbols->Release();
symbols = NULL;
}
if(control)
{
control->Release();
control = NULL;
}
if (client)
{
//
// Request a simple end to any current session.
// This may or may not do anything but it isn't
// harmful to call it.
//
// We don't want to see any output from the shutdown.
client->SetOutputCallbacks(NULL);
client->EndSession(DEBUG_END_PASSIVE);
client->Release();
}
return S_OK;
}
extern "C" DBGCALLSTACK_API HRESULT GetCallStackEx(const char *dumpfile,const char *symbol, __out char* callstack)
{
CallStackData *data=new CallStackData();
HRESULT hr=GetCallStack(dumpfile,symbol,data);
strcpy(callstack,data->stack_line);
return hr;
}
编译输出dbgcallstack.dll.
注意,编译前需要指定调试引擎动态链接库dbgeng.lib位置,在工程属性Configuration Properties->Linker->Input设置
Part3:Use native dll above in C#
第一步,添加dbgcallstack.dll到新建的C#工程,设置其Build Action->Content, Copy to output directory->always
第二步,定义结构体CallStackData,
[StructLayout(LayoutKind.Sequential, CharSet = CharSet.Ansi)]
public struct CallStackData
{
/// <summary>
/// Data
/// </summary>
[MarshalAs(UnmanagedType.ByValTStr,SizeConst = 51200)]
public string data;
}
第三步,引入:
[DllImport("dbgcallstack.dll")]
public static extern int GetCallStack(string a, string b, outCallStackData cs);
[DllImport("dbgcallstack.dll")]
public static extern int GetCallStackEx(string a, string b,
[Out][MarshalAsAttribute(UnmanagedType.LPStr, SizeConst = 512)]StringBuilder cs);
第四步,调用:
CallStackData data = new CallStackData();
int hr = GetCallStackEx(dumpfile location, symbol location, out data);
Console.WriteLine(data.data);
References:
http://blogs.msdn.com/joshpoley/archive/2008/06/23/automating-crash-dump-analysis-some-final-thoughts.aspx (automating dump file analysis)
http://msdn.microsoft.com/en-us/library/cc265826.aspx (debugger engine api overview)
http://www.pcreview.co.uk/forums/thread-1878614.php (values type marshal problem)
http://www.codeplex.com/Release/ProjectReleases.aspx?ProjectName=clrinterop&ReleaseId=14120
(a tool to help the conversion between native codes and managed signatures)