内核debugging：Windows 7在启动时挂起（内核启动失败）

25-03-01 17

在本文中，您将会了解到关于内核debugging：Windows7在启动时挂起的新资讯，同时我们还将为您解释内核启动失败的相关在本文中，我们将带你探索内核debugging：Windows7在启动时挂

在本文中，您将会了解到关于内核debugging：Windows 7在启动时挂起的新资讯，同时我们还将为您解释内核启动失败的相关在本文中，我们将带你探索内核debugging：Windows 7在启动时挂起的奥秘，分析内核启动失败的特点，并给出一些关于C＃挂钩Windows进程来检查debugging进程、Debugging Chromium on Windows、debugging – 是否有Windowsdebugging器的检查点function？、debugging“服务无法启动”Windows安装程序错误的实用技巧。

本文目录一览：

内核debugging：Windows 7在启动时挂起（内核启动失败）
C＃挂钩Windows进程来检查debugging进程
Debugging Chromium on Windows
debugging – 是否有Windowsdebugging器的检查点function？
debugging“服务无法启动”Windows安装程序错误

内核debugging：Windows 7在启动时挂起（内核启动失败）

有时，我有Windows在启动时等待内核debugging程序连接的情况。你看到文字“Windows开始”，但没有标识。

如果我现在连接debugging器，则会播放Windows 7的徽标animation。标志开始脉冲。在这个阶段，启动过程不再进行。 cpu使用率降至最低。我通常等几分钟，但没有任何反应。

这不会一直发生。但是，如果发生这种情况，虚拟机重置将无济于事。我需要使用启动修复来解决这个问题。不幸的是，它需要永远。

任何想法，除了运行启动修复，我可以做什么？

linux设备驱动文件操作：有可能有竞争条件吗？

找不到头<linux / kfifo.h>

如何访问我的英特尔芯片组的特定registry？

虚拟内存分配没有物理内存分配

Linux上的UDP和TCP的内核旁路 – 它涉及什么？

提前致谢！

“ __ signed”“ __ signed__”和“signed”有什么区别？

WinDbg显示一些variables，但不显示其他variables，在同一位置显示一些variables

函数的隐式声明'create_proc_entry'

当页面错误exception被引发时，操作系统如何定位尚未被加载到内存中的磁盘上的内容？

Linux内核在启动时执行的第一个操作是什么？

要解决您遇到的问题，您只需在启动过程中按F10即可。并删除/调试和相关的参数。然后按回车。

建议：不要使用/ debug参数作为默认的启动菜单选项。将您的启动配置复制到一个新条目。然后将其设置为调试模式。 Windows不知道你什么时候会使用调试器。所以它必须等待。

谢谢。

我可以在启动过程中通过留下鼠标来解决问题）不知道为什么，但它解决了我的问题。我在Win7 Enterprise x64主机上调试了VMware Workstation v9.0.2中的Win Embedded POSReady 7 SP1 x86。

C＃挂钩Windows进程来检查debugging进程

我想知道是否有一种方法，我可以钩住Windows进程来检查是否有任何可疑的程序正在运行（Wireshark，fiddler，OllyDBG等）。

我想钩住Windows进程，以便在检测到不需要的进程时实时closures客户端或popup消息。

如果你们可以给我提供任何链接，这样做会很好。

谢谢！

线程在被告知这样做的时候没有睡觉

在WCF和Windows服务中下载大文件

如何以编程方式发现系统上的映射networking驱动器及其服务器名称？

如何在Windows中以兼容模式启动应用程序会影响应用程序，我该如何检测它？

如何在C＃中获取当前用户的本地设置文件夹path？

运行ProgId动词的命令

托pipeWindows窗体中的WPF给出问题 – C＃

Metro应用程序中的故事板animation和附加属性

如何在C＃中指定非精确path

如何search列表的距离低于F到P的项目，而不search整个列表？

Process[] processlist = Process.GetProcesses();

然后走这个列表，根据需要做你不想运行的应用程序。

您可以通过使用Win32_Process WMI创建事件来检测进程创建。每个进程都会创建一个Win32_Process的实例，因此寻找新的实例会告诉您关于实时创建进程的信息。

要接收WMI创建事件请参阅此页： http : //msdn.microsoft.com/en-us/library/system.management.eventquery.aspx （编辑：不同的链接，现在在C＃中的示例）。

EnumWindows枚举所有顶级窗口。

而且你不想将C＃DLL注入到其他进程中。这需要将.net运行时加载到该进程中。这浪费了内存，如果这个进程是一个使用不同版本.net的.net应用程序，那么存在版本控制问题。特别是如果你的DLL注入之前，加载自己的.net版本。

你想通过注入这个过程来达到什么目的，你无法从外部获得？

您可能想要在CodePlex上查看EasyHook（http://easyhook.codeplex.com）。 这里有一些讨论，人们据说已经能够钩入CreateProcess。如果您设法在创建时挂接到您所了解的创建过程的API函数。

Debugging Chromium on Windows

First see get the code for checkout and build instructions.

Getting started

You can use Visual Studio''s built-in debugger or WinDBG to debug Chromium. You don''t need to use the IDE to build in order to use the debugger: Ninja is used to build Chromium and most developers invoke it from a command prompt, and then open the IDE for debugging as necessary. To start debugging an executable from the command line:

devenv /debugexe out\Debug\chrome.exe <options to Chromium can go here>

This assumes you have Visual Studio installed and have devenv.exe on your path. Note that the path to the binary must use backslashes and must include the ".exe" suffix or Visual Studio will open and do nothing.

Goma (the internal Google distributed build) defaults to symbol_level = 1 which means source-level debugging will not work. If you want full debugging with goma then you need to explicitly set symbol_level = 2, and is_win_fastlink = true, however this does tend to expose bugs in debuggers, so caveat debugger, and be sure to use the very latest versions of the debuggers.

Profiles

It''s a good idea to use a different profile for your debugging. If you are debugging Google Chrome branded builds, or use a Chromium build as your primary browser, the profiles can collide so you can''t run both at once, and your stable browser might see profile versions from the future (Google Chrome and Chromium use different profile directories by default so won''t collide). Use the command-line option:

--user-data-dir=c:\tmp\my_debug_profile (replace the path as necessary)

Using the IDE, go to the Debugging tab of the properties of the chrome project, and set the Command Arguments.

Chrome debug log

Enable Chrome debug logging to a file by passing --enable-logging --v=1 command-line flags at startup. Debug builds place the chrome_debug.log file in the out\Debug directory. Release builds place the file in the top level of the user data Chromium app directory, which is OS-version-dependent. For more information, see logging and user data directory details.

Symbol server

If you are debugging official Google Chrome release builds, use the symbol server:

https://chromium-browser-symsrv.commondatastorage.googleapis.com

In Visual Studio, this goes in Tools > Options under Debugging > Symbols. You should set up a local cache in a empty directory on your computer.

In windbg you can add this to your symbol server search path with the command below, where c:\Symbols is a local cache directory:

.sympath+ SRV*c:\Symbols*https://chromium-browser-symsrv.commondatastorage.googleapis.com

You can also set the _NT_SYMBOL_PATH environment variable to include both the Microsoft and Google symbol servers - VS and windbg should both respect this environment variable:

_NT_SYMBOL_PATH=SRV*C:\symbols*https://msdl.microsoft.com/download/symbols;SRV*C:\symbols*https://chromium-browser-symsrv.commondatastorage.googleapis.com

Note that symbol servers will let the debuggers download both the PE files (DLLs and EXEs) and the PDB files.

If you set up source indexing (.srcfix in windbg, Tools-> Options-> Debugging-> General-> Enable source server support in Visual Studio) then the correct source files will automatically be downloaded based on information in the downloaded symbols.

Multi-process issues

Chromium can be challenging to debug because of its multi-process architecture. When you select Run in the debugger, only the main browser process will be debugged. The code that actually renders web pages (the Renderer) and the plugins will be in separate processes that''s not (yet!) being debugged. The ProcessExplorer tool has a process tree view where you can see how these processes are related. You can also get the process IDs associated with each tab from the Chrome Task Manager (right-click on an empty area of the window title bar to open).

Automatically attach to child processes

There are two Visual Studio extensions that enable the debugger to automatically attach to all Chrome processes, so you can debug all of Chrome at once. Microsoft''s Child Process Debugging Power Tool is a standalone extension for this, and VsChromium is another option that bundles many other additional features. In addition to installing one of these extensions, you must run Visual Studio as Administrator, or it will silently fail to attach to some of Chrome''s child processes.

Single-process mode

One way to debug issues is to run Chromium in single-process mode. This will allow you to see the entire state of the program without extra work (although it will still have many threads). To use single-process mode, add the command-line flag

--single-process

This approach isn''t perfect because some problems won''t manifest themselves in this mode and some features don''t work and worker threads are still spawned into new processes.

Manually attaching to a child process

You can attach to the running child processes with the debugger. Select Tools > Attach to Process and click the chrome.exe process you want to attach to. Before attaching, make sure you have selected only Native code when attaching to the process This is done by clicking Select... in the Attach to Process window and only checking Native. If you forget this, it may attempt to attach in "WebKit" mode to debug JavaScript, and you''ll get an error message "An operation is not legal in the current state."

You can now debug the two processes as if they were one. When you are debugging multiple processes, open the Debug > Windows > Processes window to switch between them.

Sometimes you are debugging something that only happens on startup, and want to see the child process as soon as it starts. Use:

--renderer-startup-dialog --no-sandbox

You have to disable the sandbox or the dialog box will be prohibited from showing. When the dialog appears, visit Tools > Attach to Process and attach to the process showing the Renderer startup dialog. Now you''re debugging in the renderer and can continue execution by pressing OK in the dialog.

Startup dialogs also exist for other child process types: --gpu-startup-dialog, --ppapi-startup-dialog, --plugin-startup-dialog (for NPAPI).

You can also try the vs-chromium plug-in to attach to the right processes.

Semi-automatically attaching the debugger to child processes

The following flags cause child processes to wait for 60 seconds in a busy loop for a debugger to attach to the process. Once either condition is true, it continues on; no exception is thrown.

--wait-for-debugger-children[=filter]

The filter, if provided, will fire only if it matches the --type parameter to the process. Values include renderer, plugin (for NPAPI), ppapi, gpu-process, and utility.

When using this option, it may be helpful to limit the number of renderer processes spawned, using:

--renderer-process-limit=1

Image File Execution Options

Using Image File Execution Options (IFEO) will not work because CreateProcess() returns the handle to the debugger process instead of the intended child process. There are also issues with the sandbox.

Visual Studio hints

Debug visualizers

Chrome''s custom debug visualizers should be added to the pdb files and automatically picked up by Visual Studio. The definitions are in //tools/win/DebugVisualizers if you need to modify them (the BUILD.gn file there has additional instructions).

Don''t step into trivial functions

The debugger can be configured to automatically not step into functions based on regular expression. Edit default.natstepfilter in the following directory:

For Visual Studio 2015: C:\Program Files (x86)\Microsoft Visual Studio 14.0\Common7\Packages\Debugger\Visualizers (for all users)
or %USERPROFILE%\My Documents\Visual Studio 2015\Visualizers (for the current user only)
For Visual Studio 2017 Pro: C:\Program Files (x86)\Microsoft Visual Studio\2017\Professional\Common7\Packages\Debugger\Visualizers (for all users)
or %USERPROFILE%\My Documents\Visual Studio 2017\Visualizers (for the current user only)

Add regular expressions of functions to not step into. Remember to regex-escape and XML-escape them, e.g. < for < and \. for a literal dot. Example:

<Function><Name>operator new </Name><Action> NoStepInto </Action></Function>

<Function><Name> operator delete </Name><Action>NoStepInto </Action></Function>

<Function><Name>std::.*</Name><Action>NoStepInto </Action></Function>

<Function><Name> WTF::.*Ptr<.*>::.* </Name><Action>NoStepInto </Action></Function>

This file is read at start of a debugging session (F5), so you don''t need to restart Visual Studio after changing it.

More info: Andy Pennel''s Blog, microsoft email thread

V8 and Chromium

V8 supports many command-line flags that are useful for debugging. V8 command-line flags can be set via the Chromium command-line flag --js-flags; for instance:

chrome.exe --js-flags="--trace_exception --heap_stats"

Note that some V8 command-line flags exist only in the debug build of V8. For a list of all V8 flags try:

chrome.exe --js-flags="--help"

Graphics debugging

GPU Acceleration of rendering can be more easily debugged with tools. See:

Graphics Debugging in Visual Studio 2013
Graphical debugging with NVIDIA NSight

Debugging on another machine

Sometimes it''s useful to debug installation and execution on a machine other than your primary build box. To run the installer on said other machine, first build the mini_installer target on your main build machine (e.g., ninja -C out\Debug mini_installer). Next, on the debug machine:

Make the build machine''s build volume available on the debug machine either by mounting it locally (e.g., Z:\) or by crafting a UNC path to it (e.g., \\builder\src)
Open up a command prompt and change to a local disk
Run src\tools\win\copy-installer.bat in the remote checkout by way of the mount (e.g., Z:\PATHTOCHECKOUT\src\...) or UNC path (e.g., \\builder\src\...). This will copy the installer, DLLs, and PDBs into your debug machine''s C:\out or C:\build (depending on if you''re rocking the component=shared_library build or not)
Run C:\out\Debug\mini_installer.exe with the flags of your choice to install Chrome. This can take some time, especially on a slow machine. Watch the Task Manager and wait until mini_installer.exe exits before trying to launch Chrome (by way of the shortcut(s) created by the installer)
For extra pleasure, add C:\out\Debug to your _NT_SYMBOL_PATH environment variable

Consider reading the documentation at the top of copy-installer.bat to see how you can run it. It tries to be smart and copy the right things, but you may need to be explicit (e.g., "copy-installer.bat out Debug"). It is safe to re-run the script to copy only modified files (after a rebuild, for example).

Find memory leaks

The Windows heap manager has a really useful debug flag, where it can be asked to capture and store a stack trace with every allocation. The tool to scrape these stack traces out of processes is UMDH, which comes with WinDbg.

UMDH is great. It will capture a snapshot of the heap state as many times as you like, and it''ll do it fairly quickly. You then run it again against either a single snapshot, or a pair of snapshots, at which time it''ll symbolize the stack traces and aggregate usage up to unique stack traces.

Turning on the user stack trace database for chrome.exe with gflags.exe makes it run unbearably slowly; however, turning on the user stack trace database on for the browser alone is just fine.

While it''s possible to turn on the user stack database with the "!gflag" debugging extension, it''s too late to do this by the time the initial debugger breakpoint hits. The only reasonable way to do this is to

Launch GFlags.exe,
Enable the user stack trace database (per image below),
Launch Chrome under the debugger.
Set a breakpont when chrome.dll loads with "sxe ld chrome.dll".
Step up, to allow Chrome.dll to initialize.
Disable the stack trace database in GFlags.exe.
Continue chrome, optionally detaching the debugger.

GFlags.exe settings for user mode stack trace database.

If you then ever suffer a browser memory leak, you can snarf a dump of the process with

umdh -p:<my browser pid> > chrome-browser-leak-umdh-dump.txt

which can then typically be "trivially" analyzed to find the culprit.

Miscellaneous

Application Verifier is a free tool from Microsoft (available as part of the Windows SDK) that can be used to flush out programming errors. Starting with M68 Application Verifier can be enabled for chrome.exe without needing to disable the sandbox. After adding chrome.exe to the list of applications to be stressed you need to expand the list of Basics checks and disable the Leak checks. You may also need to disable Handles and Locks checks depending on your graphics driver and specific Chrome version, but the eventual goal is to have Chrome run with Handles and Locks checks enabled. When bugs are found Chrome will trigger a breakpoint so running all Chrome processes under a debugger is recommended. Chrome will run much more slowly because Application Verifier puts every allocation on a separate page.
You can check the undocumented ''Cuzz'' checkbox in Application Verifier to get the Windows thread scheduler to add some extra randomness in order to help expose race conditions in your code.
Putting every allocation on a separate page will dramatically affect performance so you may want to only do this for some applications. If you right-click on the Heaps checkbox and select Properties you can edit things like the size range for what allocations go into PageHeap (the page-per-allocation system) and you can set a RandRate percentage to randomly put allocations in PageHeap.

To put a breakpoint on CreateFile(), add this break point:

{,,kernel32.dll}_CreateFileW@28

{,,kernel32.dll}specifies the DLL (context operator).
_ prefix means extern "C".
@28 postfix means _stdcall with the stack pop at the end of the function. i.e. the number of arguments in BYTES.

You can use DebugView from SysInternals or sawbuck to view LOG() messages that normally goes to stderr on POSIX.

debugging – 是否有Windowsdebugging器的检查点function？

有一个窗口（win32，.net）debugging器可以做一些像gdb检查点？

http://sourceware.org/gdb/current/onlinedocs/gdb/Checkpoint_002fRestart.html

在我的新窗口安装Image.FromStream不以相同的方式工作

什么是控件的“On_Load”等效表单？

当窗体位于主监视器的上方和左方时，光标变为对angular线resize

.Net Windows服务和FileSystemWatcher问题

获取当前在Windows任务栏中可见的应用程序（或窗口）列表

我在Windows上听到的最接近的功能是IntelliTrace 。另一个文档在这里： http : //msdn.microsoft.com/en-us/library/dd264915%28VS.100%29.aspx

该功能有很多限制 – 没有64位本地代码，脚本或sql CLR支持

debugging“服务无法启动”Windows安装程序错误

我有一个用WiX编写的简单的msi来安装一个本地的NT服务。在msi中进行了一些更改后，它在StartServices标准操作中失败，出现错误“服务启动失败，请确认您有足够的权限”。如果按“忽略”并手动启动服务，则会成功启动。问题绝对不是没有足够的权限。我如何诊断/debugging这些问题？ Windows安装程序的详细日志似乎不包含任何有用的信息。

Java计划任务（在Windows中）

C＃Windows服务不会显示为已启动

Windows服务和Windows进程有什么区别？

在C＃服务应用程序中configurationlog4net的步骤

.NET Windows服务 – 一个项目中的多个服务

安装程序将没有任何有用的信息，因为错误只是由安装程序浮出水面。这是我如何处理这个。

注释掉ServiceControl元素，这样安装程序不会尝试启动服务。运行安装程序，并完成。手动启动服务。

如果服务启动，则表示某种竞争条件。一种常见的情况是服务依赖于安装到GAC或WinSXS的文件。安装程序使用PublishAssemblies标准操作将这些文件放在那里。但是由于GAC和WinSXS API不支持跨越式安装，PublishAssemblies会一直等到提交阶段执行工作。这是安装程序尝试启动服务之后。另一种常见的情况是，如果您有一些自定义操作正在安装或配置服务所需的某些内容，并且您在安装过程中所做的操作较晚。

如果服务仍然无法启动，这通常会排除竞争条件。你必须分析服务本身。使用诸如依赖，ildasm（如.net）和processexplorer（filemon / regmon）等工具来尝试发现缺少的依赖关系。更新安装程序，然后冲洗并重复。

如您所见，Windows Installer在启动服务失败时不提供有用的信息。但是，当显示对话框时，机器处于完美状态以确定发生了什么问题。所以，而不是取消安装，开始调试。尝试启动服务，看看是否给你更多的信息。如果没有，请打开调试器并去镇上。

我基本上遵循这个FireGiant知识库文章中描述的过程。这是找出服务无法启动的最直接的方法。 Windows Installer不能提供更好的信息本身就太糟糕了。

关于内核debugging：Windows 7在启动时挂起和内核启动失败的介绍已经告一段落，感谢您的耐心阅读，如果想了解更多关于C＃挂钩Windows进程来检查debugging进程、Debugging Chromium on Windows、debugging – 是否有Windowsdebugging器的检查点function？、debugging“服务无法启动”Windows安装程序错误的相关信息，请在本站寻找。

本文标签：