postmortem-debugging

问题 Within my application, I use the MiniDumpWriteDump function (see dbghelp.dll) to write a crash dump file whenever my application crashes. I also use a symbol server to store all my executables and pdb files, so that whenever a customer sends me a crash-dump file, the debugger automatically picks up the correct version of the executable and the debug information. I also store Windows DLL's (ntdll.dll, kernel32.dll, ...) and their debug information in the symbol server (using SymChk). The debug

问题 I have a .Net application dump which captured an exception, I'm analysing using windbg and interested in the value of a String parameter on one of the methods. I've isolated the String object. My windbg working is: 0:000> .loadby sos mscorwks 0:000> !dso OS Thread Id: 0x16f0 (0) RSP/REG Object Name 00000000001fe908 000000000f011440 System.AppDomainSetup 00000000001fe918 000000000f0335f8 System.ArgumentException 00000000001fe920 000000000f011b60 System.String 0:000> !do 000000000f011b60 Name:

问题 The problem is that the script hangs up after some long time. strace returns something like this and nothing else: Process 7286 attached - interrupt to quit restart_syscall(<... resuming interrupted call ...>) = 0 poll([{fd=13, events=POLLIN|POLLPRI|POLLRDNORM|POLLRDBAND}], 1, 0) = 0 (Timeout) clock_gettime(CLOCK_MONOTONIC, {1817569, 74651533}) = 0 clock_gettime(CLOCK_MONOTONIC, {1817569, 74734744}) = 0 clock_gettime(CLOCK_MONOTONIC, {1817569, 74812047}) = 0 poll([{fd=13, events=POLLIN

问题 pg_stat_activity holds extremely useful information for post-mortem analysis of various issues, especially concurrency-related, and so augmenting errors or logging with this data (properly filtered and correlated) is invaluable. However querying it requires getting a database connection which might be in short supply at the very moment it's most needed. Is there a side-channel of some sort which would allow getting that information without the additional database connection? 回答1: Not really,

问题 I'm looking for a cross-platform crash handler. Google Breakpad looks promising, but it is sorely lacking any documentation, and requires a reasonable amount of fiddling to actually get going. What is a better alternative? All I need is the ability to reliably record crash dumps, stack traces, and CPU information at the time of a crash. Alternatively, what is the experience using Google Breakpad? Has it been great or horrible? 回答1: Well, it turns out that google-breakpad is pretty nice after

问题 How do you usually get around this problem? Imagine that a thread crashes inside libc code (which is a system shared library) on Computer1 and then generates a coredump. But the Computer2 on which this coredump will be analysed might have a different version of libc. So: How important it is to have the same shared library on the remote computer? Will the gdb correctly reconstruct stacktrace without having exact same version of libc on Conputer2? How important it is to have correct debug

问题 I am trying to avoid the situation described in this Stackoverflow entry: Debugging core files generated on a Customer's box. If I compile all the libraries statically will I avoid having to always gather the shared libraries when it core dumps? I essentially want to be in a situation where I can just load up the core file with gdb and examine the crashed application. What should I watch out for if I go down the route of statically linking all the libraries we need. I figure glib and pthreads

问题 I've got a crash in our app which I can't debug as one of our partners has seen fit to use truly horrible 'CodeMeter' to encrypt their DLL. CodeMeter licensing prevents all attempts to debug an app containing a CodeMeter encrypted DLL and even seems to cause MiniDumpWriteDump called from an unhandled exception filter to fail (this technique works without this DLL loaded). The crash only happens when the encrypted DLL is loaded into the process. I'm going mad trying to debug this and establish

问题 I asked a similar, but not identical, question here My Windows CE app won't even start up on the handheld device (an old version of it does, but not the new version). It builds, copies over, but just refuses to run; it "flashes" when I 2-click it, but that's it. No err msg, just won't budge. I added a global exception handler in hopes it would catch the problem and give me a glimpse into it with this code: public static int Main(string [] args) { try { // A home-brewed exception handler

问题 After I've loaded sosex, I'm getting the following error. Any ideas? The hang dump is from a 32 bit machine, mine is 64-bit. Do I need to install something? !clrstack CLR DLL status: ERROR: Unable to load DLL mscordacwks_x86_x86_2.0.50727.3623.dll, Win32 error 0n2 回答1: The problem is the version of mscordacwks on your machine is a different version than the one from the crash dump. It's not a bitnesss issue - even though your machine is 64-bit, you have a 32-bit .NET installed. Mine is under