I am currently using the dbghelp library to go through the thread stack of some process (using GetThreadContext () and StackWalk64 () ). and collect only the return addresses contained in each frame.
However, the overhead for this is too high for system requirements - the total time is apx. 5 ms per stack stroke (with 10-15 frames). This time includes GetThreadContext () and a loop that calls StackWalk64 () to get all the frames.
Anyway, I have to find a way to do this much faster. Does anyone know how I can do this?
Edit:
Does anyone know the ETW mechanism (event tracing for Windows)?
If so, how can I keep track of all the context switches that occurred over a given period of time? Is there an event provider that publishes an event for each context switch?
source share