RSS

Tools

Postmortem Debugging

By Stefan Wörthmüller, April 11, 2006

Source Code Accompanies This Article. Download It Now.

This postmortem analysis approach lets you identify and resolve hidden errors, but with little impact on the program.
int FunctionC(int x, int y)
{
    char *p = (char *)0xBADC0DE; // Ummm!!, a dirty bad thing
    // Create a access violation
    char c = *p;
    return 0;
}
int FunctionB(int x)
{
    return FunctionC(x, 16);
}
int FunctionA()
{
    return FunctionB(100);
}
int main(int argc, char *argv[])
{
    InstallWin32FaultHandler();
    FunctionA();
    return 0;
}
Listing One: FaultApp, with three functions calling each other. 
LONG Win32FaultHandler(struct _EXCEPTION_POINTERS *  ExInfo)

{   char  *FaultTx = "";
    switch(ExInfo->ExceptionRecord->ExceptionCode)
    {
      case EXCEPTION_ACCESS_VIOLATION      : 
                                      FaultTx = "ACCESS VIOLATION"         ; break;
      case EXCEPTION_DATATYPE_MISALIGNMENT : 
                                       FaultTx = "DATATYPE MISALIGNMENT"    ; break;
      case EXCEPTION_FLT_DIVIDE_BY_ZERO    : 
                                      FaultTx = "FLT DIVIDE BY ZERO"       ; break;
        ...
        default: FaultTx = "(unknown)";           break;
    }
    sgLogFile = fopen("Win32Fault.log", "w");
    int    wsFault    = ExInfo->ExceptionRecord->ExceptionCode;
    PVOID  CodeAdress = ExInfo->ExceptionRecord->ExceptionAddress;
    sgLogFile = fopen("Win32Fault.log", "w");
    if(sgLogFile != NULL)
    {
       fprintf(sgLogFile, "****************************************************\n");
       fprintf(sgLogFile, "*** A Program Fault occurred:\n");
       fprintf(sgLogFile, "*** Error code %08X: %s\n", wsFault, FaultTx);
       fprintf(sgLogFile, "****************************************************\n");
       fprintf(sgLogFile, "***   Address: %08X\n", (int)CodeAdress);
       fprintf(sgLogFile, "***     Flags: %08X\n", 
                                     ExInfo->ExceptionRecord->ExceptionFlags);
       LogStackFrames(CodeAddress, (char *)ExInfo->ContextRecord->Ebp);
       fclose(sgLogFile);
    }
    /*if(want to continue)
    {
       ExInfo->ContextRecord->Eip++;
       return EXCEPTION_CONTINUE_EXECUTION;
    }
    */ 
    return EXCEPTION_EXECUTE_HANDLER;
}
Listing Two: Win32FaultHandler. 
void InstallFaultHandler()
{
    SetUnhandledExceptionFilter((LPTOP_LEVEL_EXCEPTION_FILTER) Win32FaultHandler);
}
Listing Three: InstallFaultHandler(). 
void   LogStackFrames(PVOID FaultAddress, char *eNextBP)
{      char *p, *pBP;                                     
       unsigned i, x, BpPassed;
       static int  CurrentlyInTheStackDump = 0;
   ...
       BpPassed = (eNextBP != NULL);
       if(! eNextBP)
       {
          _asm mov     eNextBP, eBp   
       }
       else 
           fprintf(sgLogFile, "\n  Fault Occurred At $ADDRESS:%08LX\n", 
                                   (int)FaultAddress);
                             // prevent infinite loops
       for(i = 0; eNextBP && i < 100; i++)
       {      
           pBP = eNextBP;           // keep current BasePointer
           eNextBP = *(char **)pBP; // dereference next BP 
           p = pBP + 8; 
           // Write 20 Bytes of potential arguments
           fprintf(sgLogFile, "         with ");        
           for(x = 0; p < eNextBP && x < 20; p++, x++)
               fprintf(sgLogFile, "%02X ", *(unsigned char *)p);
           fprintf(sgLogFile, "\n\n");          
                  if(i == 1 && ! BpPassed) 
               fprintf(sgLogFile, "*************************************\n"
                                 "         Fault Occurred Here:\n");
        // Write the backjump address
        fprintf(sgLogFile, "*** %2d called from $ADDRESS:%08LX\n", 
                                  i, *(char **)(pBP + 4));
        if(*(char **)(pBP + 4) == NULL)
            break; 
       }
    ...

}
Listing Four: LogStackFrames.



Previous 1 2 

Related Reading

News

Commentary

Most Popular

On the Web

Slideshow

Video

More Insights

White Papers

More >>

Reports

More >>

Webcasts

More >>
INFO-LINK




Currently we allow the following HTML tags in comments:

Single tags

These tags can be used alone and don't need an ending tag.

<br> Defines a single line break

<hr> Defines a horizontal line

Matching tags

These require an ending tag - e.g. <i>italic text</i>

<a> Defines an anchor

<b> Defines bold text

<big> Defines big text

<blockquote> Defines a long quotation

<caption> Defines a table caption

<cite> Defines a citation

<code> Defines computer code text

<em> Defines emphasized text

<fieldset> Defines a border around elements in a form

<h1> This is heading 1

<h2> This is heading 2

<h3> This is heading 3

<h4> This is heading 4

<h5> This is heading 5

<h6> This is heading 6

<i> Defines italic text

<p> Defines a paragraph

<pre> Defines preformatted text

<q> Defines a short quotation

<samp> Defines sample computer code text

<small> Defines small text

<span> Defines a section in a document

<s> Defines strikethrough text

<strike> Defines strikethrough text

<strong> Defines strong text

<sub> Defines subscripted text

<sup> Defines superscripted text

<u> Defines underlined text

Dr. Dobb's encourages readers to engage in spirited, healthy debate, including taking us to task. However, Dr. Dobb's moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing or spam. Dr. Dobb's further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | View the list of supported HTML tags you can use to style comments. | Please read our commenting policy.
 

Best of the Web

First C Compiler Now on Github

The earliest known C compiler by the legendary Dennis Ritchie has been published on the repository.

Quick Read

HTML5 Mobile Development: Seven Good Ideas (and Three Bad Ones)

HTML5 Mobile Development: Seven Good Ideas (and Three Bad Ones)

Quick Read

Building Bare Metal ARM Systems with GNU

All you need to know to get up and running... and programming on ARM

Quick Read

Amazon's Vogels Challenges IT: Rethink App Dev

Amazon Web Services CTO says promised land of cloud computing requires a new generation of applications that follow different principles.

Quick Read

How to Select a PaaS Partner

Eventually, the vast majority of Web applications will run on a platform-as-a-service, or PaaS, vendor's infrastructure. To help sort out the options, we sent out a matrix with more than 70 decision points to a variety of PaaS providers.

Quick Read


More "Best of the Web" >>

Tools Recent Articles

Most Popular

Stories Blogs

Video

View All Videos

Upcoming Events



Most Recent Premium Content

Digital Issues