Analyze Program Runtime Stack

Introduce:

Process Explorer is an advanced process management utility that picks up where Task Manager leaves off. It will show you detailed information about a process including its icon, command-line, full image path, memory statistics, user account, security attributes, and more. When you zoom in on a particular process you can list the DLLs it has loaded or the operating system resource handles it has open. A search capability enables you to track down a process that has a resource opened, such as a file, directory or Registry key, or to view the list of processes that have a DLL loaded.

Download:

http://download.sysinternals.com/files/ProcessExplorer.zip

 

Test:

  • view a process properties, popup a waning dialog, it means dbghelp.dll inappropriate.

    

  • configure symbols, use dbghelp.dll which Windgb attached.

  

  • view threads runtime status.

  

  • view stack of the thread.

  

  • create a dump file (mini or full) for program.

  

  • view kernel memory

  

Summery: Process Explorer is very powerfull tool. Easy use, useful for debug & analyze.

posted on 2014-01-28 15:43  偏爱省略号  阅读(264)  评论(0编辑  收藏  举报

导航