Suppose you have 100 - 200 user dumps from various user processes in the system and you want to quickly check their thread stacks, locks, etc. to see something suspicious related to your product or its environment your customers complaining about.It is much easier to collect such information into text files and browse them quickly than open every dump in WinDbg. I usedshell script (VBScript) to automate loading dumps into WinDbg and used WinDbg scripts to run complex commands against loaded user dumps. For example, I used the following shell script:
'
' UDumps2Txt.vbs
'
Set fso = CreateObject("Scripting.FileSystemObject")
Set Folder = fso.GetFolder(".")
Set Files = Folder.Files
Set WshShell = CreateObject("WScript.Shell")
For Each File In Files
Set oExec = WshShell.Exec("C:Program FilesDebugging Tools for WindowsWinDbg.exe -y ""srv*c:mss*http://msdl.microsoft.com/download/symbols"" -z " +File.Name +" -c ""$$>
WScript.Sleep 1000
Loop
Next
'
' UDumps2Txt.vbs: End of File
'
and the following WinDbg script:
$$
$$ UDmp2Txt: Dump information from user dump into log
$$
.logopen /d
!analyze -v
!locks
~*kv
lmv
.logclose
$$
$$ UDmp2Txt: End of File
$$
The following command launches multiple Dmp2Txt conversions:
C:UserDumps>cscript /nologo c:scriptsUDumps2Txt.vbs
You can also use CDB from Debugging Tools for Windows (console debugger) instead of WinDbg. I just use WinDbguniformly instead ofusing separately CDB for user process dumps and KD for kernel and complete memory dumps.
Now when you have text files you can search for patternsusing regular expressions.I will write more about applying themlater. There is a very good book about them from practical point of view I read 6 years agowhen I neededto understand them beyondwildcards and question marks.Since that timethe book has undergone another two editions:
Mastering Regular Expressions, 3rd edition
Or you can processtext filesfurther and feedthem into your database - part of automated crash dump analysis system.
- Dmitry Vostokov -
'Crash dump 불펌스페샬' 카테고리의 다른 글
| Crash Dumps for Dummies (Part 2) (0) | 2007.05.13 |
|---|---|
| Internet Based Crash Dump Analysis Service (0) | 2007.05.13 |
| Automated Crash Dump Analysis Part1 (0) | 2007.05.13 |
| New SystemDump tool (2) | 2007.05.13 |
| UML and Device drivers (3) | 2007.05.13 |
