VC++给软件添加异常捕获模块生成dump文件(附源码)
软件在运行过程中会时常发生内存越界、内存访问为例、stack overflow线程栈溢出、空指针与野指针等异常崩溃,仅仅是依靠Debug和Release下的调试是远远不够的,因为有些崩溃不是必现的,或者是Debug下很难出现的。所以我们需要在软件中添加异常捕获的模块,在捕获到异常时生成包含异常上下文的dump文件,以供事后使用windbg进行分析。本文我们就来简单介绍一下如何设置异常回调函数,如何生成保存异常信息的dump文件。
1、API函数SetUnhandledExceptionFilter介绍
Windows系统提供设置异常处理函数的API函数SetUnhandledExceptionFilter,其声明如下:
LPTOP_LEVEL_EXCEPTION_FILTER SetUnhandledExceptionFilter(
[in] LPTOP_LEVEL_EXCEPTION_FILTER lpTopLevelExceptionFilter
);该函数的参数就是设置的异常处理函数,该API返回的是系统默认的异常处理函数的地址。当软件发生异常时,会回调之前设置的异常处理函数,异常处理函数的原型如下:
LONG WINAPI SEHUnhandledExceptionFilter(PEXCEPTION_POINTERS pExInfo)该函数的参数是存放异常信息的结构体EXCEPTION_POINTERS指针,如下:
//
// Typedef for pointer returned by exception_info()
//
typedef struct _EXCEPTION_POINTERS {
PEXCEPTION_RECORD ExceptionRecord;
PCONTEXT ContextRecord;
} EXCEPTION_POINTERS, *PEXCEPTION_POINTERS;其中,EXCEPTION_RECORD结构体定义如下:
//
// Exception record definition.
//
typedef struct _EXCEPTION_RECORD {
DWORD ExceptionCode;
DWORD ExceptionFlags;
struct _EXCEPTION_RECORD *ExceptionRecord;
PVOID ExceptionAddress;
DWORD NumberParameters;
ULONG_PTR ExceptionInformation[EXCEPTION_MAXIMUM_PARAMETERS];
} EXCEPTION_RECORD;
typedef EXCEPTION_RECORD *PEXCEPTION_RECORD;上述结构体中的ExceptionCode字段对应异常类型的异常码,常见的异常码有:
#define STATUS_ACCESS_VIOLATION ((DWORD )0xC0000005L) // 内存访问违例
#define STATUS_IN_PAGE_ERROR ((DWORD )0xC0000006L)
#define STATUS_INVALID_HANDLE ((DWORD )0xC0000008L)
#define STATUS_INVALID_PARAMETER ((DWORD )0xC000000DL) // 无效参数
#define STATUS_NO_MEMORY ((DWORD )0xC0000017L)
#define STATUS_ILLEGAL_INSTRUCTION ((DWORD )0xC000001DL)
#define STATUS_NONCONTINUABLE_EXCEPTION ((DWORD )0xC0000025L)
#define STATUS_INVALID_DISPOSITION ((DWORD )0xC0000026L)
#define STATUS_ARRAY_BOUNDS_EXCEEDED ((DWORD )0xC000008CL) // 数组越界
#define STATUS_FLOAT_DENORMAL_OPERAND ((DWORD )0xC000008DL)
#define STATUS_FLOAT_DIVIDE_BY_ZERO ((DWORD )0xC000008EL)
#define STATUS_FLOAT_INEXACT_RESULT ((DWORD )0xC000008FL)
#define STATUS_FLOAT_INVALID_OPERATION ((DWORD )0xC0000090L)
#define STATUS_FLOAT_OVERFLOW ((DWORD )0xC0000091L)
#define STATUS_FLOAT_STACK_CHECK ((DWORD )0xC0000092L)
#define STATUS_FLOAT_UNDERFLOW ((DWORD )0xC0000093L)
#define STATUS_INTEGER_DIVIDE_BY_ZERO ((DWORD )0xC0000094L) // 除0崩溃
#define STATUS_INTEGER_OVERFLOW ((DWORD )0xC0000095L)
#define STATUS_PRIVILEGED_INSTRUCTION ((DWORD )0xC0000096L)
#define STATUS_STACK_OVERFLOW ((DWORD )0xC00000FDL) // 线程栈溢出
#define STATUS_DLL_NOT_FOUND ((DWORD )0xC0000135L)
#define STATUS_ORDINAL_NOT_FOUND ((DWORD )0xC0000138L)
#define STATUS_ENTRYPOINT_NOT_FOUND ((DWORD )0xC0000139L)
#define STATUS_CONTROL_C_EXIT ((DWORD )0xC000013AL)
#define STATUS_DLL_INIT_FAILED ((DWORD )0xC0000142L)
#define STATUS_FLOAT_MULTIPLE_FAULTS ((DWORD )0xC00002B4L)
#define STATUS_FLOAT_MULTIPLE_TRAPS ((DWORD )0xC00002B5L)
#define STATUS_REG_NAT_CONSUMPTION ((DWORD )0xC00002C9L)
#define STATUS_STACK_BUFFER_OVERRUN ((DWORD )0xC0000409L) // 栈内存buffer越界
#define STATUS_INVALID_CRUNTIME_PARAMETER ((DWORD )0xC0000417L) 此外,存放异常上下文信息的结构体Context的定义如下:
//
// Context Frame
//
// This frame has a several purposes: 1) it is used as an argument to
// NtContinue, 2) is is used to constuct a call frame for APC delivery,
// and 3) it is used in the user level thread creation routines.
//
// The layout of the record conforms to a standard call frame.
//
typedef struct _CONTEXT {
//
// The flags values within this flag control the contents of
// a CONTEXT record.
//
// If the context record is used as an input parameter, then
// for each portion of the context record controlled by a flag
// whose value is set, it is assumed that that portion of the
// context record contains valid context. If the context record
// is being used to modify a threads context, then only that
// portion of the threads context will be modified.
//
// If the context record is used as an IN OUT parameter to capture
// the context of a thread, then only those portions of the thread's
// context corresponding to set flags will be returned.
//
// The context record is never used as an OUT only parameter.
//
DWORD ContextFlags;
//
// This section is specified/returned if CONTEXT_DEBUG_REGISTERS is
// set in ContextFlags. Note that CONTEXT_DEBUG_REGISTERS is NOT
// included in CONTEXT_FULL.
//
DWORD Dr0;
DWORD Dr1;
DWORD Dr2;
DWORD Dr3;
DWORD Dr6;
DWORD Dr7;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_FLOATING_POINT.
//
FLOATING_SAVE_AREA FloatSave;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_SEGMENTS.
//
DWORD SegGs;
DWORD SegFs;
DWORD SegEs;
DWORD SegDs;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_INTEGER.
//
DWORD Edi;
DWORD Esi;
DWORD Ebx;
DWORD Edx;
DWORD Ecx;
DWORD Eax;
//
// This section is specified/returned if the
// ContextFlags word contians the flag CONTEXT_CONTROL.
//
DWORD Ebp;
DWORD Eip;
DWORD SegCs; // MUST BE SANITIZED
DWORD EFlags; // MUST BE SANITIZED
DWORD Esp;
DWORD SegSs;
//
// This section is specified/returned if the ContextFlags word
// contains the flag CONTEXT_EXTENDED_REGISTERS.
// The format and contexts are processor specific
//
BYTE ExtendedRegisters[MAXIMUM_SUPPORTED_EXTENSION];
} CONTEXT;该结构体中主要存放各个寄存器的信息。
2、调用SetUnhandledExceptionFilter设置异常处理函数
设置异常处理函数的示例代码如下:
// 异常处理函数(回调函数)
LONG WINAPI SEHUnhandledExceptionFilter( PEXCEPTION_POINTERS pExInfo )
{
// 处理异常的代码
// ......
return EXCEPTION_EXECUTE_HANDLER;
}
// 调用SetUnhandledExceptionFilter设置异常处理函数
LPTOP_LEVEL_EXCEPTION_FILTER oldExceptionFilter = SetUnhandledExceptionFilter( SEHUnhandledExceptionFilter );调用SetUnhandledExceptionFilter设置异常处理函数,只是给所在的线程设置异常处理函数。如果有多个线程,则需要给每个线程分别设置异常处理函数。推荐大家使用开源的CrashReport库去捕获异常。
3、调用MiniDumpWriteDump函数导出包含异常上下文的dump文件
生成dump文件的代码如下:
void CreateDump(struct _EXCEPTION_POINTERS *pExceptionPointers)
{
CString strDumpFile = _T("E:\\0328.dump");
HANDLE hDumpFile;
hDumpFile = CreateFile(strDumpFile, GENERIC_READ|GENERIC_WRITE,
FILE_SHARE_WRITE|FILE_SHARE_READ, 0, CREATE_ALWAYS, 0, 0);
MINIDUMP_EXCEPTION_INFORMATION ExpParam;
ExpParam.ThreadId = GetCurrentThreadId();
ExpParam.ExceptionPointers = pExceptionPointers;
ExpParam.ClientPointers = TRUE;
// 导出minidump,文件大小在几MB左右,如果要导出全dump,则文件会比较大
MINIDUMP_TYPE MiniDumpWithDataSegs = (MINIDUMP_TYPE)(MiniDumpNormal
| MiniDumpWithHandleData
| MiniDumpWithUnloadedModules
| MiniDumpWithIndirectlyReferencedMemory
| MiniDumpScanMemory
| MiniDumpWithProcessThreadData
| MiniDumpWithThreadInfo);
BOOL bMiniDumpSuccessful = FALSE;
bMiniDumpSuccessful = MiniDumpWriteDump(GetCurrentProcess(), GetCurrentProcessId(),
hDumpFile, MiniDumpWithDataSegs, &ExpParam, NULL, NULL);
return;
}上述接口中我们设置的是导出mini dump文件,文件大小大概在几MB左右,如果要导出包含所有信息的全dump文件,则会比较大,大概在几百MB到上GB的大小。我们在自动生成dump文件时,文件不能太大,如果太大的话,会占用大量的磁盘空间。
mini dump文件和全dump文件的区别在于,全dump文件包含了所有的信息,而mini dump只包含了部分信息。在全dump文件中,使用windbg可以查看所有变量内存中的值,而mini dump中只能查看到部分变量在内存中的值。