Sometimes the debugee is a child process, which could only be launched by its parent process.
The following two cases need to be considered.
First, the parent process could be launched directly, such as the command prompt. In that case, windbg -o processname could be used to debug its all child process. For instance, Why did DllRegisterServer return 80070006? provides an example on how to debug a specific child process launched by the command prompt.
Second, the parent process could not be launched directly, such as services. In that case, the windbg meta-command .childdbg (Debug Child Processes) could be used.
For instance, to debug aspnet_wp.exe -- an IIS worker process from its startup, the following steps could be used.
1. iisreset
It will kill the aspnet_wp.exe.
2. attach windbg to inetinfo.exe
3. .childdbg 1
It will enable child process debugging in the windbg.
4. send an asp .net request to IIS
IIS will launch aspnet_wp.exe when the first asp .net request comes in.
Friday, October 16, 2009
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment