?

前言：既然Drwtsn32存在若干缺陷，需要尋找新的技術(shù)替代Drwtsn32。NTSD是一個(gè)不錯(cuò)的選擇。本文將從Drwtsn32的幾個(gè)缺點(diǎn)，分別介紹NTSD中?的解決方法。主要介紹以下三個(gè)方面的內(nèi)容：

1、NTSD配置

2、NTSD優(yōu)點(diǎn)

3、NTSD缺點(diǎn)

一、 NTSD配置

There are two options to deploy NTSD!

Option 1-Share Model

所有的應(yīng)用程序異常崩潰都用調(diào)用的方式，drwtsn32一樣，修改注冊(cè)表中Debugger的值為：

C:/WINDOWS/system32/ntsd.exe -p %ld -e %ld -g -c ".dump D:/Dump/jit.dmp;q"

其中第一個(gè)路徑為ntsd.exe程序目錄，最后一個(gè)路徑為生成的dmp文件存儲(chǔ)路徑，該目錄必須存在，否則文件將生成失敗。

圖1.1 Share Model 參數(shù)設(shè)置

?

Option 2-Unshared Model

為特定某個(gè)應(yīng)用程序崩潰指定調(diào)試程序，在鍵

HKEY_LOCAL_MACHINE/SOFTWARE/Microsoft/WindowsNT/CurrentVersion/Image File Execution Options下建一個(gè)項(xiàng)；比如為GPTLog進(jìn)行特殊設(shè)置，取名為GPTLog.EXE,而后增加Debugger鍵，類型為string，鍵值為：

C:/WINDOWS/system32/ntsd.exe -g -c ".dump D:/Dump/jit.dmp;q"

圖1.2 UnShared Mode 參數(shù)設(shè)置

Note: If value name Debugger doesn’t exist under the new key, create it; if path of NTSD contains space, a quote is needed.

二、NTSD優(yōu)點(diǎn)

??? NTSD可以解決 drwtsn32中的所有缺陷！

1、? JIT debugging under any user account（在任何帳戶下可以使用）

-noio 命令行參數(shù)，允許任何用戶訪問(wèn)WinSta0，使其可以使用ntsd，修改后命令：

C:/WINDOWS/system32/ntsd.exe -p %ld -e %ld -g -noio -c ".dump D:/Dump/jit.dmp;q"

????????

2、? Crash dump files with unique names（生成唯一的dmp文件名）

If we use /u option with .dump command, the command will create a crash dump with unique name (based on the specified file name, current date and time, and some additional information; for example, jit_0648_2005-06-13_23-42-49-834_0638.dmp). Here is the new command line:

C:/WINDOWS/system32/ntsd.exe -p %ld -e %ld -g -noio -c ".dump –u D:/Dump/jit.dmp;q"

?

3、? Customizing the minidump format（定制minidump格式）

Other options of .dump command allow to customize the format and contents of the minidump. Complete list can be found in Debugging Tools' documentation (search for .dump command), and here I will show the most popular ones:

/f

Full user dump (old format, not recommended)

/m

Standard minidump (equivalent of MiniDumpNormal minidump type; this option is used by default)

/ma

Minidump with all possible options (memory, handles, unloaded modules, etc.)

/mFhutwd

Minidump with data sections, non-shared read/write memory pages and other useful information (my personal favorite when size of the minidump is important)

?

You can Find more information about contents of minidumps in this article:

http://www.debuginfo.com/articles/ntsdwatson.html#jitregister

and here is the new command line that creates a minidump with as much information as possible:

c:/dbgtools/ntsd.exe -p %ld -e %ld -g -noio -c ".dump /ma /u D:/dumps/jit.dmp;q"

????????

4、? Sending notifications（發(fā)送告示）

Finally, let's notify ourselves when an application crashes on another system in the network (e.g. in test lab). NTSD makes it possible with the help of !net_send command, which allows to send a message to another computer over the network. This command line takes the following parameters:

!net_send SenderMachine TargetMachine SenderMachine MessageText

Assuming that NTSD is running on the computer called TestPc, and we want to send a message to the computer called DevPc, the command would look like this:

c:/dbgtools/ntsd.exe -p %ld -e %ld -g -noio -c ".dump /ma /u D:/dumps/jit.dmp;!net_send TestPc DevPc TestPc Crash dump created;q"

;q 表示退出Dos窗口

三、NTSD缺點(diǎn)

這也是drwtsn32（Dr. Watson）的一個(gè)優(yōu)點(diǎn)，drwtsn32被安裝于到現(xiàn)在為止的所有操作系統(tǒng)。NTSD也存在于以Windows NT為內(nèi)核的操作系統(tǒng)中，但在大多數(shù)操作系統(tǒng)中存在的是她的老版本，不支持此處討論的絕大部分參數(shù)。然而，NTSD仍是JIT(Just In Time) Debugger的強(qiáng)有力的競(jìng)爭(zhēng)者之一。

?

參考文章：

http://blog.csdn.net/yeming81/archive/2008/05/03/2370803.aspx

http://www.debuginfo.com/articles/ntsdwatson.html

?

總結(jié)

以上是生活随笔為你收集整理的NTSD简介的全部?jī)?nèi)容，希望文章能夠幫你解決所遇到的問(wèn)題。

如果覺(jué)得生活随笔網(wǎng)站內(nèi)容還不錯(cuò)，歡迎將生活随笔推薦給好友。