# 2.1 线程 (Thread) * `Thread.backtrace([context, backtracer])`: 生成当前线程的回溯栈,返回形式为一个`NativePointer`数组。如果你想在`Interceptor`的`onEnter`或`onLeave`回调中使用该函数,你需要提供`this.contex`t给`context`参数(不是必须),这样该函数生成的回溯栈会更加准确。不提供`context`参数时,该函数会从当前栈位置自动生成一个`context`,不过由于JavaScript虚拟机栈帧的问题,结果不会很准确。另一个可选参数`backtracer`用于指明使用何种追踪器,其值只能为`Backtracer.FUZZY`或`Backtracer.ACCURATE`,后者是默认值。追踪器的准确度取决于被追踪程序对调试的友好程度以及调试信息,而fuzzy追踪器会对栈进行鉴别,并尝试猜出返回地址,也就是说你会得到一些假阳性错误,不过好处是任何二进制文件都可以使用。生成的回溯栈目前被限制在16个栈帧,如果你想调整,那你必须自己重新编译Frida。 {% code lineNumbers="true" %} ```javascript const f = Module.getExportByName('libcommonCrypto.dylib', 'CCCryptorCreate'); Interceptor.attach(f, { onEnter(args) { console.log('CCCryptorCreate called from: \n' + Thread.backtrace(this.context, Backtracer.ACCURATE) .map(DebugSymbol.fromAddress).join('\n') + '\n'); } }); ``` {% endcode %} * `Thread.sleep(delay)`: 挂起当前线程`delay`秒。比如`delay`为0.05表示休眠50毫秒。 --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://frida.ivory.cafe/2.-jin-cheng-xian-cheng-mo-kuai-he-nei-cun/2.1-xian-cheng-thread.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.