New tool: CmdResc / 30.08.2006
Command line version of ModuleRescue tool is now available.
Debugging the startup code of a service or an out-of-process COM server usually looks like a difficult task,
especially if the service/server is running under a non-administrative user account. But in practice,
there is a number of tools and techniques that can make this task much easier - almost as easy as debugging
an interactive application.
New tool: StartDbg / 01.08.2006
StartDbg is a small tool that simplifies debugging of the startup code of services and COM server applications,
even if they are running under non-administrative user accounts. In brief, it suspends
the service or the COM server process for a predefined period of time, and allows us to attach debugger
to the process while it is suspended. For additional information about the motivation behind creating this tool,
take a look at this article.
Tool update: ClrDump / 17.04.2006
ClrDump has been updated. New features include additional command line parameters for clrdump.exe
(they allow to control the amount of information included into the minidump) and a new API function
(SetFilterOptions). See changelog for detailed information.
New tool: ClrDump (Beta) / 26.02.2006
ClrDump is an experimental set of tools that allow to produce small minidumps of managed applications.
In the past, it was necessary to use full dumps (very large in size) if you needed to perform post-mortem
analysis of a .NET application. ClrDump can produce small minidumps that contain enough information to recover
the call stacks of all threads in the application. It supports .NET runtime versions 1.1 and 2.0.
This article introduces CDB debugger as an effective complement to Visual Studio debugger for various advanced
debugging tasks. It shows how to install and configure CDB, and how to use its command line options and commands
for retrieving useful information about the internal state of the debuggee – without interrupting the main debugging
session in Visual Studio.
These batch files accompany WinDbg the Easy Way article.
They hide the long and complicated CDB commands behind an easy to use interface, and allow the user
to perform otherwise complex tasks quickly and conveniently.
New tool: SymGetEx / 28.11.2005
SymGetEx is an addition to Visual Studio 6.0, which allows Visual C++ debugger to automatically
download symbols from symbol servers. With automatic symbol server support, it is easy to keep
system symbols up-to-date, regardless of the number of system updates and hotfixes installed
on the computer. In turn, good symbols for system DLLs help you get complete and informative
call stacks when debugging your applications.
This article shows how to debug custom filters for unhandled exceptions, and how to ensure
that our filter is always properly registered (which sometimes is not easy to do, especially
if other components of the application want to register their own filters). We will also explore
how the operating system registers and calls custom filters, and what system components may want
to utilize custom filters for their own purposes (and thus interfere with our own filters).
This is a new category on DebugInfo.com site, which will be dedicated to small
but useful debugging tips. Here is the first tip:
Excluding modules from symbol server search
ModuleRescue can generate executable modules (.EXEs and .DLLs) from the module information
stored in minidumps. The modules produced by the application are enough to let debuggers download
symbols from the symbol server even if the real matching module is not available. It is useful in
the situation when, while debugging a minidump, we cannot find matching module but know that symbols
for the module are available on the symbol server.
ModuleRescue can be also used to view the list of modules loaded by the application at the time when
the minidump was created, and analyze such information as module load address, file and product version,
availability of debug information.
In the process of debugging a minidump, matching modules are as important as matching symbols.
If the debugger cannot find matching modules, it usually cannot load symbols and cannot show
good call stacks and other kinds of important information. In this article we will explore how
debuggers work with modules - where do they look for them, and what data do they use
to check whether a module is matched. We will see how to configure the most popular
debuggers to search for matching modules in correct places (module search path).
We will also discuss situations when matching modules cannot be found,
and try to find workarounds.
Dr. Watson is probably the most popular just-in-time debugger for Windows applications.
But do we have a better choice? This article discusses some limitations of Dr. Watson,
and introduces another debugger, NTSD, which is more flexible, configurable, and capable
of replacing Dr. Watson in many just-in-time debugging scenarios.
These examples demonstrate how to implement a debugger with the help of Win32 Debugging API
functions (DebugActiveProcess, WaitForDebugEvent, etc.). They show how to start debugging,
process debug events, load symbols, walk and display call stacks, and so on.
New example: HandleDump / 16.03.2005
This example demonstrates a bit curious but fully documented way to obtain
the list of handles opened by a process. Of course, using DbgHelp library.
MiniDumpView utility reads the contents of a minidump and displays detailed information
about every available data stream.
MiniDump Wizard application allows to experiment with MiniDumpWriteDump and MiniDumpCallback
functions without writing code. It is possible to specify a combination of MINIDUMP_TYPE
flags that will be passed to MiniDumpWriteDump function, and it is possible to respond
to MiniDumpCallback calls in a series of dialogs.
In this article, we will try to figure out how to create the minidumps that are small
but contain enough information for successful debugging. We will discuss various configuration
options of MiniDumpWriteDump function, and explore the ways to customize the contents
of our minidumps with the help of MiniDumpCallback function.
Accompanying examples can be found here.
This article discusses the concept of matching between an executable and the corresponding
debug information file. It describes how debug information is stored in PE executables,
what kinds of data are used to refer to separate files with debug information (PDB and DBG),
and how the executables and debug information files are tied together to avoid loading
an unmatched debug information file. Various related problems are also discussed (e.g.
how to force a debugger to load an unmatched debug information file).
An accompanying example shows how to access debug information structures in PE executable.
New tool: ChkMatch / 23.11.2004
ChkMatch utility can be used to check whether an executable and debug information file match.
It can also be used to enforce matching between an executable and debug information file,
if they are compatible.
For more information about debug information matching and related issues, see this
article.
New example: DebugDir / 23.11.2004
This is an accompanying example for Matching
debug information article.
It shows how to locate debug information in a PE executable and analyze its contents.
Starting with the data directory in the executable's optional header, it proceeds to
the debug directory and obtains the list of all kinds of debug information available
in the executable. Then it displays detailed information about every debug directory
entry and the corresponding data.
This article describes how to generate debug information for Visual C++ applications.
It starts with discussing the typical contents of debug information and existing
debug information formats. Then it proceeds to the steps needed to produce debug
information for Visual C++ applications (Visual C++ 6.0, 2002 and 2003 are discussed).
Additional interesting information is also included, such as the effect of debug
information on the size of the executable, debuggers and their support for various
debug information formats, and also debug information formats used by operating
system symbol files.
New tool: SymGet / 04.10.2004
SymGet can be used to download symbol files from symbol servers.
It is easy to use and configure, and it allows to download symbol files into flat
directory structure (useful when we have to download system symbols for use with
Visual C++ 6.0 debugger; other similar tools like SymChk download symbols into
more complex directory structure that requires additional steps to make symbol files
accessible for Visual C++ 6.0).
This is an accompanying example for How
to use DbgHelp to access type information article. It reads debug information for
an executable specified by the user, and shows the exact type
of every variable or function, as well as other interesting information.
This article shows how to analyze type information using DbgHelp library.
This interesting topic is often discussed in debugger newsgroups,
but it is clear that there is no sufficient information and examples yet.
This article gives detailed description of the type information and shows
how to use DbgHelp to read and analyze it.
Complete example is included (with source code).
Complete examples of using modern DbgHelp functions.
|
