Index
Abstract
There is such debugger - WinDbg. It is developed by Microsoft and can be downloaded from this location:
http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx.
In general there are 2 possible ways of debugging: with single machine and with 2 machines. When we have single machine we can store debug messages (logs) to file and if crash happens analyze automatically created memory dump (crashdump). After reboot, of course. When we use 2 machines, one of them (host) monitors another (target). The plus of two-machines way is that memory dump and latest logs can always be obtained against single machine method.
Setup
Common settings, Target machine
- install latest version of DbgPrintLog with following command line:
DbgPrintLog.exe --drv:inst B --drv:opt DoNotPassMessagesDown 1 --drv:opt BufferSize 16384
This will allow to extract debug messages preceding system crash from memory dump and significantly reduce traffic over communication channel if dual machine debugging is used. - Setup crashdump:
- Make sure that pagefile (virtual memory) is set to be greater than physical memory and is located on the same volume where running copy Windows is installed.
- Make sure if there is enough disk space on the disk on the volume where running copy of Windows is installed. Memory dump includes snapshot of entire physical memory and some additional information.
- My Computer -> Properties -> Advanced -> Startup and recovery
- Enable memory dump
- set dump type to Kernel Dump or Full Memory Dump.
Attention: do not set Minidump/Small dump option, since it is absolutely useless for saving logs.
- Setup verifier. It is Windows built-in driver validation tool, helps to detect problems early.
- run verifier.exe. Under WinXP it is built-in, under 2000 it comes with DDK.
- chose "Custom settings" - second option. Next
- chose "Select from list" - bottom radio-button. Next
- check everything, probably except "Low Resources Simulation". Next
- chose "Select Driver from list" - last option. Next
- check required driver(s). If target driver is not loaded at this moment, use "Add not loaded drivers to list" button under list. Drivers are usually located in WINDOWS/System32/drivers/ directory.
- OK, do not re boot now
- install WinDbg
- put dbgprn.dll from latest version of DbgPrintLog to 'dbgext' subdirectory of WinDbg install directory. (e.g. C:/Program Files/WinDbg/dbgext)
- reboot machine to make sure all settings are saved to disk before installing application and/or driver to be debugged.
When single machine debugging is used, no more preparation is required. You can continue reading from Debugging section.
Target machine settings for remote debugging (dual machine)
- connect machines with IEEE1394 (FireWire) or NULL-modem cable.
Note: IEEE1394 is supported since Windows XP only. Windows 95/98/ME, Windows NT4 and Windows 2000 cannot be used for remote debugging over IEEE1394. - do not forget to make common settings (see above)
- open BOOT.INI file in the root directory of your boot volume.
- find there record corresponding to your OS, smth. like this:
multi(0)disk(0)rdisk(0)partition(1)/WINDOWS="Microsoft Windows XP Professional"
- make a copy of this record in the next line
- add to he copy the following:
- if IEEE-1394 cable is used:
/debug /debugport=1394 /CHANNEL=3 - if NULL-modem cable connected to COM2 is used:
/debug /debugport=2 /baudrate=115200
multi(0)disk(0)rdisk(0)partition(1)/WINDOWS="Windows XP Pro" /noexecute=optin /fastdetect /debug /debugport=1394 /CHANNEL=3 - if IEEE-1394 cable is used:
- make sure that TIMEOUT value in BOOT.INI has non-zero value
- now BOOT.INI shall looks like this:
[Boot Loader] Timeout=5 Default=multi(0)disk(0)rdisk(0)partition(1)/WINDOWS [Operating Systems] multi(0)disk(0)rdisk(0)partition(1)/WINDOWS="Windows XP Pro" multi(0)disk(0)rdisk(0)partition(1)/WINDOWS="Windows XP Pro" /noexecute=optin /fastdetect /debug /debugport=1394 /CHANNEL=3 - disable FireWire (IEEE1394) card in Device Manager:
My Computer -> Manage -> Device Manager
Host machine
- do not forget to connect machines with cable!
- install WinDbg
- put dbgprn.dll from latest version of DbgPrintLog to 'dbgext' subdirectory of WinDbg install directory. (e.g. C:/Program Files/WinDbg/dbgext)
- Run WinDbg
- follow menu items: File -> Kernel Debug ->
- 1394, chose channel 3, OK, Answer 'Save' if prompted for workspace saving. If you run WinDbg for the 1st time, error message "Unable to open file" may appear. This means, that system didn't detect remote FireWire port on target machine yet. In this case do the following:
- keep WinDbg open
- reboot target machine and chose OS item marked with [Debug] or [Debugger Enabled] (or smth. like this) in boot menu
- host machine shall display New Hardware Found message and install drivers for Debug Port. You may be prompted for Windows installation disk.
- in some cases you may need to reboot host machine and repeat procedure once again.
- if properly connected and configured as described above machines still cannot establish debug connection, I don't know what else can help.
- COM, just tell to what port of host machine NULL-modem cable is connected and set speed to 115200.
- 1394, chose channel 3, OK, Answer 'Save' if prompted for workspace saving. If you run WinDbg for the 1st time, error message "Unable to open file" may appear. This means, that system didn't detect remote FireWire port on target machine yet. In this case do the following:
Debugging
Single machine (local) debugging
- run DbgPrintLog for capturing logs:
DbgPrintLog.exe --full --cpu -l 10
This will start console, where help message and current log file name are displayed. Do not close it. Logs will be stored in files DbgPrintXXX.log in same directory. XXX in filename is a sequential number of file. The very first file has name DbgPrint.log. Previously created files are not overwritten and numbering is continued. -l 10 instructs logger to keep only 10 latest log files. - save debug info files .PDB from the build you are about to test to some separate location. If problem happens only with Release build, please configure your project to generate debug info for your binaries. If debug info is generated, .PDB files shall appear near compiled .EXE, .SYS, .DLL. When tuning Debug Info options, do not chose 'Separate Types' option.
- mark saved .PDBs somehow. If system crashes, .PDBs generated for the binaries were installed would be required. Ideally, after each build binaries and their .PDBs should be stored together.
- run dsync.exe from freboot package to synchronize system cache with on-disk data. This improves File System consistency if crash happens. You can download it from the following address:
http://www2.alter.org.ua/soft/win/fastreboot - now install your drivers, services and application.
- make your tests until something goes wrong:
- Unexpected behavior
- switch to logger console and press 'Esc' to stop logging
- pack *.LOG files from the folder where DbgPrintLog.exe was run to archive.
- also, it would be nice to put this archive together with binaries and .PDBs used in given test session.
- System crash, BSOD
- memory dump shall be created in the directory, specified during preparation. Usually it is created in WINDOWS directory and is named MEMORY.DMP.
- after reboot put copy of MEMORY.DMP together with binaries and .PDBs for possible future use.
Note: verify creation time of this file. It may happen so, that you see dump of previous crash. In this case this file and further steps are useless. - run WinDbg
- open MEMORY.DMP:
File -> Open Crash Dump - in the command prompt on WinDbg execute the following commands:
!analyze -v !dbgprn.save -a --full --cpu -T R --file <full path to file>
if !dbgprn.save says "Cannot find DbgPrnHk!DbgPrnHk_State export", try the following command:!dbgprn.lsig !dbgprn.save -a --full --cpu -T R --file <full path to file>
- Log will be saved to file <full path to file>. Pack obtained log-file to archive.
- also, it would be nice to put this archive together with binaries and .PDBs used in given test session.
- select entire text from log window of WinDbg and copy-paste it to some file, place this file together with copy of memory dump, archived logs and snapshot of binaries and .PDBs
- Unexpected behavior
- send archive(s) with logs to developer and tell what did you do before problem appeared.
Remote debugging (two machines)
- do not forget to connect machines with cable!
- Run WinDbg on host machine
- follow menu items: File -> Kernel Debug ->
- 1394, chose channel 3, OK, Answer 'Save' if prompted for workspace saving.
- COM, just tell to what port of host machine NULL-modem cable is connected.
- reboot target machine and chose OS item marked with [Debug] or [Debugger Enabled] (or smth. like this) in boot menu.
- WinDbg on host machine shall display information about astablishing debug connection and print some information about target system.
- when target system is up, run there DbgPrintLog.exe for capturing logs:
start DbgPrintLog.exe --full --cpu -l 10
This will display console window, where help message and current log file name are displayed. Do not close it. Logs will be stored in files DbgPrintXXX.log in same directory. XXX in filename is a sequential number of file. The very first file has name DbgPrint.log. Previously created files are not overwritten and numbering is continued. -l 10 option instructs logger to keep only 10 latest log files. - save debug info files .PDB from the build you are about to test to some separate location. If problem happens only with Release build, please configure your project to generate debug info for your binaries. If debug info is generated succesfully, .PDB files shall appear near compiled .EXE, .SYS, .DLL. When tuning Debug Info options, do not chose 'Separate Types' option.
- mark saved .PDBs somehow. If system crashes, .PDBs generated for the binaries were running would be required. Ideally, after each build binaries and their .PDBs should be stored together.
- run dsync.exe from freboot package to synchonize system cache with on-disk data. This improves File System consistency if crash happens.
- now install your drivers, services and application.
- make your tests until something goes wrong:
- Unexpected behavior
- switch to logger console and press 'Esc' to stop logging
- pack *.LOG files from the folder where DbgPrintLog.exe was run to archive.
- also, it would be nice to put this archive together with binaries and .PDBs used in given test session.
- System crash, BSOD
- message about system stop shall appear in WinDbg window on host machine. Target machine will look frozen at this moment.
- in the command prompt on WinDbg execute the following commands:
.dump /f <DumpFileName> !dbgprn.save -a --full --cpu -T R --file <full path to file>
if !dbgprn.save says "Cannot find DbgPrnHk!DbgPrnHk_State export", try to close WinDbg, run it againg, open saved memory dump (with .dump command above) and run the following:!dbgprn.lsig !dbgprn.save -a --full --cpu -T R --file <full path to file>
Log will be saved to file <full path to file>. - reboot target machine, since it is unusable in curent state or execute in WinDbg console the following command:
g
- pack obtained log-file to archive.
- also, it would be nice to put this archive together with binaries and .PDBs used in given test session.
- select entire text from log window of WinDbg and copy-paste it to some file, place this file together with copy of memory dump, archived logs and snapshot of binaries and .PDBs
- also put copy of memory dump together with binaries and .PDBs for possible future use.
- Unexpected behavior
- send archive(s) with logs to developer and tell what did you do before problem appeared.
扫一扫
1077
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
