|
| Re: Using z command in Windbg |
 |
Fri, 4 Apr 2008 08:23:07 -0700 |
AFAIK t command does not (cannot) work "reliable" in a multithreaded
application. Because the trace flag (TF) is thread context specific, any
new thread (or existing ones different than the current thread at the
command execution time) in the process can execute code that will not be
subject to code tracing. In the interactive session, the debugger warns
about this:
WARNING: This break is not a step/trace completion.
The last command has been cleared to prevent accidental continuation of this
unrelated event.
Check the event, location and thread before resuming.
--
Daniel
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
"Max Sushchenko" <max@gfi.com> wrote in message
news:#cQw#YjlIHA.1164@TK2MSFTNGP02.phx.gbl...
> Hi all,
>
> I am trying to debug a problem where a specific error code is being
> returned from a 3rd party code. In order to be able to determine what
> happens around the time the error is returned I decided to use the
> following syntax "tr; z(@eax != 0x1234567)" to trace trough the
code until
> the eax register is set to this particular error code.
>
> For some reason however the loop never stops and the execution continues
> to the very end, the program terminates and Windbg reports "no
runnable
> debuggees...". I am using Windbg 6.8.4.0.
>
> Could it be that the syntax is not correct or there are limitations in how
> the z command works ?
>
> Thanks,
>
> Max
|
| Post Reply
|
| Re: Using z command in Windbg |
 |
Fri, 04 Apr 2008 10:07:06 GMT |
Max Sushchenko <max@gfi.com> wrote:
> Could it be that the syntax is not correct or there are limitations in how
> the z command works ?
>
It might be a problem with sign extension in the comparison:
http://msdn2.microsoft.com/en-us/library/cc266549.aspx
|
| Post Reply
|
| Using z command in Windbg |
 |
Fri, 4 Apr 2008 11:28:27 +0200 |
Hi all,
I am trying to debug a problem where a specific error code is being returned
from a 3rd party code. In order to be able to determine what happens around
the time the error is returned I decided to use the following syntax "tr;
z(@eax != 0x1234567)" to trace trough the code until the eax register is
set
to this particular error code.
For some reason however the loop never stops and the execution continues to
the very end, the program terminates and Windbg reports "no runnable
debuggees...". I am using Windbg 6.8.4.0.
Could it be that the syntax is not correct or there are limitations in how
the z command works ?
Thanks,
Max
|
| Post Reply
|
| Re: Using z command in Windbg |
 |
Fri, 4 Apr 2008 17:02:23 +0200 |
Hi,
Thanks a lot. That seems to have been indeed the case. I tried it using a
small test application ( which I used before ) and it hit the place where
the regaister got the value straight away.
I am just wondering now, are there any other ways of performing this kind of
functionality ? Let's imagine there was a ability to set a breakpoint when a
register is set to a particular value.
Any ideas ?
Thanks,
Max.
"David Welch" <welch@localhost.localdomain.invalid> wrote in
message
news:e5nJj.42435$jH5.11983@newsfe3-win.ntli.net...
> Max Sushchenko <max@gfi.com> wrote:
>> Could it be that the syntax is not correct or there are limitations in
>> how
>> the z command works ?
>>
> It might be a problem with sign extension in the comparison:
> http://msdn2.microsoft.com/en-us/library/cc266549.aspx
> http://msdn2.microsoft.com/en-us/library/cc267482.aspx
|
| Post Reply
|
| Re: Using z command in Windbg |
 |
Fri, 4 Apr 2008 23:07:02 -0700 |
A realistic solution to this problem requires hardware assistance. For
example the debug registers used by breakpoint on access functionality can
contain the match values and the test conditions. The operating
system/debugger can do the rest if this option will ever become available
from Intel or AMD.
In software only one option is running in emulation mode and search the
emulation results for the registry change. This option is however not
available, besides the presence of some references to this techniques
(iDNA):
http://www.cs.wisc.edu/areas/pl/seminar/fall05/Bhansali.ppt
http://blogs.msdn.com/cse/attachment/1077668.ashx
--
Daniel
--
This posting is provided "AS IS" with no warranties, and confers no
rights.
Use of included script samples are subject to the terms specified at
http://www.microsoft.com/info/cpyright.htm
Blog: www.advancedwindowsdebugging.com/forums/blogs/daniel/
"Max Sushchenko" <max@gfi.com> wrote in message
news:eoXckTmlIHA.1280@TK2MSFTNGP05.phx.gbl...
> Hi,
>
> Thanks a lot. That seems to have been indeed the case. I tried it using a
> small test application ( which I used before ) and it hit the place where
> the regaister got the value straight away.
>
> I am just wondering now, are there any other ways of performing this kind
> of functionality ? Let's imagine there was a ability to set a breakpoint
> when a register is set to a particular value.
>
> Any ideas ?
>
> Thanks,
>
> Max.
>
> "David Welch" <welch@localhost.localdomain.invalid> wrote
in message
> news:e5nJj.42435$jH5.11983@newsfe3-win.ntli.net...
>> Max Sushchenko <max@gfi.com> wrote:
>>> Could it be that the syntax is not correct or there are limitations
in
>>> how
>>> the z command works ?
>>>
>> It might be a problem with sign extension in the comparison:
>> http://msdn2.microsoft.com/en-us/library/cc266549.aspx
>> http://msdn2.microsoft.com/en-us/library/cc267482.aspx
>
|
| Post Reply
|
|
|
|
|
|
|
|
|
|