All geek questions in one place

What tool can I use to catch all the inputs that cause the application to crash?

I need a Windows tool that records inputs and debugs information that causes a program to crash. I do not mean fuzzing software tool ! For example, let me describe the scenario to explain what I'm talking about.

Sometimes, when using the program, it will crash without any known reason, and when I want to debug it, I can’t find useful information to find out how the crash happened, because the data that caused the crash no longer exists.

So I need a tool that records all inputs and debugging information in order to be able to reuse the input data and reproduce the alarm under the debugger, such as the Immunity Debugger and OllyDbg , to understand how the failure occurred.

EDIT: I need to do this for a program that I did not write. Suppose I do not have access to view or modify its source code.

+4
source share
3 answers

What compiler / IDE are you using?

Most likely, it includes a debugger that can be connected to any running process (for example, to your application), regardless of whether it is running from the IDE or not. This will allow you to see the current values ​​of the variables and present you with a stack trace (or useful diagnostic information) when your program terminates unexpectedly. The debugger that comes with Visual Studio is especially good if you are developing an application in C ++ or .NET.

Another option is to implement the extensive logging features in your application. You can write detailed information about the current state of the program at regular intervals in a file or in the Windows event log, and then view this information after a crash. This is especially useful if you are trying to debug errors that occur on a client site because they can simply send you a log file for analysis.

If you are talking about recording a specific set of user input that causes your application to crash, registering is probably the best option.

There are several log libraries that you can use to simplify this work. However, knowing what language you work in, it is difficult to formulate specific recommendations. For example, if you are developing a .NET application, Log4Net is a great choice . I heard well about Log4j for Java development. log4cxx is an option for C ++ applications. Also see this question regarding best practices .

+1
source

I think stack tracing should help you debug the problem. you can use

Windbg

or

Debugdiag

to get emergency dumps. I found it really useful

0
source

You said that you need to debug code that you did not write without any code. In my experience, this is not so simple, but ... You can configure drwtsn32, if it is still present on you SO, to write output files when the program crashes.

The old-style way out is drtwsn32.log (the Windows version from NT 4.0 to the actual Windows 7 puts this file in another place on the disk, just looks at this file), which gives you a stack trace, registries and a small amount of memory dump. Essentially, you must have the .map file of the source program to identify the failed function and even the line of code that crashes (there is a convenient method that I started using a long time ago ... but you need a full MAP file).

A later version of drwtsn32 creates a set of o files. They ar

  • appcompat.txt
  • manifest.txt
  • program.exe.hdmp
  • program.exe.mdmp

This is the memory and dump of the process. Open it with Microsoft IDE / Debugger as Visual Studio 2008/2010 and see

It shows the full call stack, memory status, all registries and so on. If you also have a .pdb file for the program that crashes, you should know which one is funcion and the code line, but ... without the source file that you use in the dark, I think.

So ... A MAP file or a PDB file must be present, or I think you will encounter very hard work.

NTN

0
source

Source: https://habr.com/ru/post/1335033/

More articles:


All Articles