RtlCaptureStackBackTrace - NtDoc

Native API online documentation, based on the System Informer (formerly Process Hacker) phnt headers 
#ifndef _NTRTL_H
// begin_msdn:"Winternl"

/**
 * The RtlCaptureStackBackTrace routine captures a stack trace by walking the stack and recording the information for each frame.
 *
 * @param FramesToSkip Number of frames to skip from the start (current call point) of the back trace.
 * @param FramesToCapture Number of frames to be captured.
 * @param BackTrace Caller-allocated array in which pointers to the return addresses captured from the current stack trace are returned.
 * @param BackTraceHash Optional value that can be used to organize hash tables. This hash value is calculated based on the values of the pointers returned in the BackTrace array. Two identical stack traces will generate identical hash values.
 * @return The number of captured frames.
 * @sa https://learn.microsoft.com/en-us/windows-hardware/drivers/ddi/ntifs/nf-ntifs-rtlcapturestackbacktrace
 */
_Success_(return != 0)
NTSYSAPI
USHORT
NTAPI
RtlCaptureStackBackTrace(
    _In_ ULONG FramesToSkip,
    _In_ ULONG FramesToCapture,
    _Out_writes_to_(FramesToCapture,return) PVOID* BackTrace,
    _Out_opt_ PULONG BackTraceHash
    );

// end_msdn
#endif

View code on GitHub

No description available.

Edit description on GitHub