編寫的windows程式,崩潰時產生crash dump檔案的辦法 .
一、引言
dump檔案是C++程式發生異常時,儲存當時程式執行狀態的檔案,是除錯異常程式重要的方法,所以程式崩潰時,除了日誌檔案,dump檔案便成了我們查詢錯誤的最後一根救命的稻草。windows程式產生dump檔案和linux程式產生dump檔案的方式不一樣,linux預設是不讓產生core dump檔案,只要在使用者自己的~/.bash_profile檔案中增加
ulimit -S -c unlimited > /dev/null 2>&1
這樣程式崩潰就可以產生可除錯的core dump檔案了。但是windows環境就得寫程式碼才能實現了。
二、原理
windows程式當遇到異常,沒有try-catch或者try-catch也無法捕獲到的異常時,程式就會自動退出,如果這時候沒有dump檔案的話,我們是沒有得到任何程式退出的資訊。在windows程式異常退出之前,會預先呼叫一個在程式中註冊的異常處理回撥函式(預設是沒有設定),只要我們在這個回撥函式中呼叫MiniDumpWriteDump函式就可以產生我們想要的dump檔案。
三、實現
1.呼叫SetUnhandledExceptionFilter註冊一個自定義的異常處理回撥函式
SetUnhandledExceptionFilter(MyUnhandledExceptionFilter);
異常處理回撥函式的原型
LONG __stdcall MyUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo);
2.CreateFile建立dump檔案,呼叫MiniDumpWriteDump函式往dump檔案寫異常資訊
[cpp] view plaincopyprint?- inlinevoid CreateMiniDump(PEXCEPTION_POINTERS pep,
- {
- HANDLE hFile = CreateFile(strFileName, GENERIC_READ | GENERIC_WRITE,
- FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
- if((hFile != NULL) && (hFile != INVALID_HANDLE_VALUE))
- {
- MINIDUMP_EXCEPTION_INFORMATION mdei;
- mdei.ThreadId = GetCurrentThreadId();
- mdei.ExceptionPointers = pep;
- mdei.ClientPointers = NULL;
- MINIDUMP_CALLBACK_INFORMATION mci;
- mci.CallbackRoutine = (MINIDUMP_CALLBACK_ROUTINE)MiniDumpCallback;
- mci.CallbackParam = 0;
- ::MiniDumpWriteDump(::GetCurrentProcess(), ::GetCurrentProcessId(), hFile, MiniDumpNormal, (pep != 0) ? &mdei : 0, NULL, &mci);
- CloseHandle(hFile);
- }
- }
inline void CreateMiniDump(PEXCEPTION_POINTERS pep, LPCTSTR strFileName)
{
HANDLE hFile = CreateFile(strFileName, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if((hFile != NULL) && (hFile != INVALID_HANDLE_VALUE))
{
MINIDUMP_EXCEPTION_INFORMATION mdei;
mdei.ThreadId = GetCurrentThreadId();
mdei.ExceptionPointers = pep;
mdei.ClientPointers = NULL;
MINIDUMP_CALLBACK_INFORMATION mci;
mci.CallbackRoutine = (MINIDUMP_CALLBACK_ROUTINE)MiniDumpCallback;
mci.CallbackParam = 0;
::MiniDumpWriteDump(::GetCurrentProcess(), ::GetCurrentProcessId(), hFile, MiniDumpNormal, (pep != 0) ? &mdei : 0, NULL, &mci);
CloseHandle(hFile);
}
}
CreateMiniDump函式是在異常處理回撥函式MyUnhandledExceptionFilter中呼叫的
[cpp] view plaincopyprint?
- LONG __stdcall MyUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo)
- {
- CreateMiniDump(pExceptionInfo, "core.dmp");
- return EXCEPTION_EXECUTE_HANDLER;
- }
LONG __stdcall MyUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo)
{
CreateMiniDump(pExceptionInfo, "core.dmp");
return EXCEPTION_EXECUTE_HANDLER;
}
3.將SetUnhandledExceptionFilter失效
vs2005中,編譯的過程中,編譯器會自動給你的程式加上一句SetUnhandledExceptionFilter(NULL),這就會導致你之前自定義的
SetUnhandledExceptionFilter(MyUnhandledExceptionFilter);
無效,就有可能不會產生dump檔案,因此我們必須在自定義的SetUnhandledExceptionFilter之後,讓之後呼叫的SetUnhandledExceptionFilter無效。增加以下程式碼:
[cpp] view plaincopyprint?- // 此函式一旦成功呼叫,之後對 SetUnhandledExceptionFilter 的呼叫將無效
- void DisableSetUnhandledExceptionFilter()
- {
- void* addr = (void*)GetProcAddress(LoadLibrary("kernel32.dll"),
- "SetUnhandledExceptionFilter");
- if (addr)
- {
- unsigned char code[16];
- int size = 0;
- code[size++] = 0x33;
- code[size++] = 0xC0;
- code[size++] = 0xC2;
- code[size++] = 0x04;
- code[size++] = 0x00;
- DWORD dwOldFlag, dwTempFlag;
- VirtualProtect(addr, size, PAGE_READWRITE, &dwOldFlag);
- WriteProcessMemory(GetCurrentProcess(), addr, code, size, NULL);
- VirtualProtect(addr, size, dwOldFlag, &dwTempFlag);
- }
- }
// 此函式一旦成功呼叫,之後對 SetUnhandledExceptionFilter 的呼叫將無效
void DisableSetUnhandledExceptionFilter()
{
void* addr = (void*)GetProcAddress(LoadLibrary("kernel32.dll"),
"SetUnhandledExceptionFilter");
if (addr)
{
unsigned char code[16];
int size = 0;
code[size++] = 0x33;
code[size++] = 0xC0;
code[size++] = 0xC2;
code[size++] = 0x04;
code[size++] = 0x00;
DWORD dwOldFlag, dwTempFlag;
VirtualProtect(addr, size, PAGE_READWRITE, &dwOldFlag);
WriteProcessMemory(GetCurrentProcess(), addr, code, size, NULL);
VirtualProtect(addr, size, dwOldFlag, &dwTempFlag);
}
}
最終程式碼整理:
//minidump.h
[cpp] view plaincopyprint?- #pragma once
- #include <windows.h>
- #include <DbgHelp.h>
- #include <stdlib.h>
- #pragma comment(lib, "dbghelp.lib")
- #ifndef _M_IX86
- #error "The following code only works for x86!"
- #endif
- inlineBOOL IsDataSectionNeeded(constWCHAR* pModuleName)
- {
- if(pModuleName == 0)
- {
- return FALSE;
- }
- WCHAR szFileName[_MAX_FNAME] = L"";
- _wsplitpath(pModuleName, NULL, NULL, szFileName, NULL);
- if(wcsicmp(szFileName, L"ntdll") == 0)
- return TRUE;
- return FALSE;
- }
- inlineBOOL CALLBACK MiniDumpCallback(PVOID pParam,
- const PMINIDUMP_CALLBACK_INPUT pInput,
- PMINIDUMP_CALLBACK_OUTPUT pOutput)
- {
- if(pInput == 0 || pOutput == 0)
- return FALSE;
- switch(pInput->CallbackType)
- {
- case ModuleCallback:
- if(pOutput->ModuleWriteFlags & ModuleWriteDataSeg)
- if(!IsDataSectionNeeded(pInput->Module.FullPath))
- pOutput->ModuleWriteFlags &= (~ModuleWriteDataSeg);
- case IncludeModuleCallback:
- case IncludeThreadCallback:
- case ThreadCallback:
- case ThreadExCallback:
- return TRUE;
- default:;
- }
- return FALSE;
- }
- inlinevoid CreateMiniDump(PEXCEPTION_POINTERS pep, LPCTSTR strFileName)
- {
- HANDLE hFile = CreateFile(strFileName, GENERIC_READ | GENERIC_WRITE,
- FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
- if((hFile != NULL) && (hFile != INVALID_HANDLE_VALUE))
- {
- MINIDUMP_EXCEPTION_INFORMATION mdei;
- mdei.ThreadId = GetCurrentThreadId();
- mdei.ExceptionPointers = pep;
- mdei.ClientPointers = NULL;
- MINIDUMP_CALLBACK_INFORMATION mci;
- mci.CallbackRoutine = (MINIDUMP_CALLBACK_ROUTINE)MiniDumpCallback;
- mci.CallbackParam = 0;
- ::MiniDumpWriteDump(::GetCurrentProcess(), ::GetCurrentProcessId(), hFile, MiniDumpNormal, (pep != 0) ? &mdei : 0, NULL, &mci);
- CloseHandle(hFile);
- }
- }
- LONG __stdcall MyUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo)
- {
- CreateMiniDump(pExceptionInfo, "core.dmp");
- return EXCEPTION_EXECUTE_HANDLER;
- }
- // 此函式一旦成功呼叫,之後對 SetUnhandledExceptionFilter 的呼叫將無效
- void DisableSetUnhandledExceptionFilter()
- {
- void* addr = (void*)GetProcAddress(LoadLibrary("kernel32.dll"),
- "SetUnhandledExceptionFilter");
- if (addr)
- {
- unsigned char code[16];
- int size = 0;
- code[size++] = 0x33;
- code[size++] = 0xC0;
- code[size++] = 0xC2;
- code[size++] = 0x04;
- code[size++] = 0x00;
- DWORD dwOldFlag, dwTempFlag;
- VirtualProtect(addr, size, PAGE_READWRITE, &dwOldFlag);
- WriteProcessMemory(GetCurrentProcess(), addr, code, size, NULL);
- VirtualProtect(addr, size, dwOldFlag, &dwTempFlag);
- }
- }
- void InitMinDump()
- {
- //註冊異常處理函式
- SetUnhandledExceptionFilter(MyUnhandledExceptionFilter);
- //使SetUnhandledExceptionFilter
- DisableSetUnhandledExceptionFilter();
- }
#pragma once
#include <windows.h>
#include <DbgHelp.h>
#include <stdlib.h>
#pragma comment(lib, "dbghelp.lib")
#ifndef _M_IX86
#error "The following code only works for x86!"
#endif
inline BOOL IsDataSectionNeeded(const WCHAR* pModuleName)
{
if(pModuleName == 0)
{
return FALSE;
}
WCHAR szFileName[_MAX_FNAME] = L"";
_wsplitpath(pModuleName, NULL, NULL, szFileName, NULL);
if(wcsicmp(szFileName, L"ntdll") == 0)
return TRUE;
return FALSE;
}
inline BOOL CALLBACK MiniDumpCallback(PVOID pParam,
const PMINIDUMP_CALLBACK_INPUT pInput,
PMINIDUMP_CALLBACK_OUTPUT pOutput)
{
if(pInput == 0 || pOutput == 0)
return FALSE;
switch(pInput->CallbackType)
{
case ModuleCallback:
if(pOutput->ModuleWriteFlags & ModuleWriteDataSeg)
if(!IsDataSectionNeeded(pInput->Module.FullPath))
pOutput->ModuleWriteFlags &= (~ModuleWriteDataSeg);
case IncludeModuleCallback:
case IncludeThreadCallback:
case ThreadCallback:
case ThreadExCallback:
return TRUE;
default:;
}
return FALSE;
}
inline void CreateMiniDump(PEXCEPTION_POINTERS pep, LPCTSTR strFileName)
{
HANDLE hFile = CreateFile(strFileName, GENERIC_READ | GENERIC_WRITE,
FILE_SHARE_WRITE, NULL, CREATE_ALWAYS, FILE_ATTRIBUTE_NORMAL, NULL);
if((hFile != NULL) && (hFile != INVALID_HANDLE_VALUE))
{
MINIDUMP_EXCEPTION_INFORMATION mdei;
mdei.ThreadId = GetCurrentThreadId();
mdei.ExceptionPointers = pep;
mdei.ClientPointers = NULL;
MINIDUMP_CALLBACK_INFORMATION mci;
mci.CallbackRoutine = (MINIDUMP_CALLBACK_ROUTINE)MiniDumpCallback;
mci.CallbackParam = 0;
::MiniDumpWriteDump(::GetCurrentProcess(), ::GetCurrentProcessId(), hFile, MiniDumpNormal, (pep != 0) ? &mdei : 0, NULL, &mci);
CloseHandle(hFile);
}
}
LONG __stdcall MyUnhandledExceptionFilter(PEXCEPTION_POINTERS pExceptionInfo)
{
CreateMiniDump(pExceptionInfo, "core.dmp");
return EXCEPTION_EXECUTE_HANDLER;
}
// 此函式一旦成功呼叫,之後對 SetUnhandledExceptionFilter 的呼叫將無效
void DisableSetUnhandledExceptionFilter()
{
void* addr = (void*)GetProcAddress(LoadLibrary("kernel32.dll"),
"SetUnhandledExceptionFilter");
if (addr)
{
unsigned char code[16];
int size = 0;
code[size++] = 0x33;
code[size++] = 0xC0;
code[size++] = 0xC2;
code[size++] = 0x04;
code[size++] = 0x00;
DWORD dwOldFlag, dwTempFlag;
VirtualProtect(addr, size, PAGE_READWRITE, &dwOldFlag);
WriteProcessMemory(GetCurrentProcess(), addr, code, size, NULL);
VirtualProtect(addr, size, dwOldFlag, &dwTempFlag);
}
}
void InitMinDump()
{
//註冊異常處理函式
SetUnhandledExceptionFilter(MyUnhandledExceptionFilter);
//使SetUnhandledExceptionFilter
DisableSetUnhandledExceptionFilter();
}
4.測試程式碼
//test.cpp
[cpp] view plaincopyprint?- #include <iostream>
- #include "minidump.h"
- void test()
- {
- std::string s = "abcd";
- try{
- s[100] = 'b';
- }
- catch(std::exception& e)
- {
- std::cout << "with exception:[" << e.what() << "]" << std::endl;
- }
- catch(...)
- {
- std::cout << "with unknown exception" << std::endl;
- }
- }
- void main()
- {
- InitMinDump();
- test();
- system("pause");
- }
#include <iostream>
#include "minidump.h"
void test()
{
std::string s = "abcd";
try{
s[100] = 'b';
}
catch(std::exception& e)
{
std::cout << "with exception:[" << e.what() << "]" << std::endl;
}
catch(...)
{
std::cout << "with unknown exception" << std::endl;
}
}
void main()
{
InitMinDump();
test();
system("pause");
}
origin:http://blog.csdn.net/fhxpp_27/article/details/9701867