Re: Stack walk termination / StackBase of arbitrary thread



To get a call stack for an arbitrary thread, I need to call SuspendThread
and GetThreadContext. Which means I need a thread handle. Which means I need
to call OpenThread. Which is only available on Windows 2000 or higher :( I
think I can use ZwOpenThread on Windows NT 4.0, but what about Windows 9x?

Sysinternals Process Explorer can get a call stack for all threads in a
running process on Windows 9x, I think:
http://www.sysinternals.com/Utilities/ProcessExplorer.html

Paul

"Jochen Kalmbach [MVP]" <nospam-Jochen.Kalmbach@xxxxxxxxx> wrote in message
news:ezUyPtNkFHA.2344@xxxxxxxxxxxxxxxxxxxxxxx
> Hi Paul!
>> That works well for enumerating modules, but I don't know how to
>> enumerate threads? I would like to be able to get a call stack for all
>> threads as a snapshot for an unresponsive process.
>>
>> Your TestDifferentProcess function appears to enumerate threads using
>> only Tool Help.
>
> Yes. This is the documented way...
>
> Here is an example of enumerating threads in NT:
> http://www.alexfedotov.com/samples/threads.asp
>
> It is based on the undocumented "ZwQuerySystemInformation"; but it is safe
> to use it, because NT will never change again...
>
>
>
> The documented way of doing this in NT is using the Pdh-Libs:
> http://www.codeproject.com/system/ntenumthreads.asp
>
>
>
>
> PS: PSAPI is also not redistributed with NT; you need to redistribute it
> with your app:
> http://www.microsoft.com/downloads/details.aspx?displaylang=en&FamilyID=3D1FBAED-D122-45CF-9D46-1CAE384097AC
>
>
> --
> Greetings
> Jochen
>
> My blog about Win32 and .NET
> http://blog.kalmbachnet.de/


.