I've just discovered Sysinternal's Process Monitor and love the insights it gives on what a process is doing. However, when I try to see detail of a software call to the kernel, the stack is filled with "unknowns". How should I build my application so that function names appear at the stack trace?
How to build an application that displays more stack information in Process Monitor?
177 Views Asked by Bruno Kim At
1
There are 1 best solutions below
Related Questions in WINDOWS
- Get Maximum Log Size
- Debugging Windows Services while starting
- Possible consequences of duplicate ProgId for different classes
- How to chain BCryptEncrypt and BCryptDecrypt calls using AES in GCM mode?
- mingw-64 conflicting declarations when cross-compiling
- I run an EXE program from a Windows Service but I can't see form C#?
- Why is PowerShell "not recognized" when installing Chocolatey?
- How to check if Windows device is phone or tablet/pc?
- How to add directories to Cygwin gcc default search path
- Can't install anything with pip2 on Windows 7 due to UnicodeDecodeError
- Active directory and linux nslcd binding without extending the AD schema
- How To Prevent Over Scrolling in Scroll Viewer Windows Phone 8.1
- Unicode error from pip install
- Where is the 'EnablePinning' property in the ribbon framework's recent items?
- How can I implement the same models and data across ASP.NET and Windows Apps
Related Questions in PROCESS
- I run an EXE program from a Windows Service but I can't see form C#?
- How can launch an external process from java and still be able to interact with this process?
- Unable to start program outside Windows folder
- Check if app is already running, and if kill it C#
- How to process A direct send message to a thread of process B?
- Batch script ignores %ERRORLEVEL% or using previously set one
- How do I know the last sched time of a process
- How to close a file handle which came from a parent process C#
- Execute 'ksetup.exe' commandline command programmatically
- Process ran as different user - web service call
- Starting process from .NET app and Attachment Execution Service
- Share info between two processes - what's the safest way?
- Independent process in php
- Managing a Process inside a Thread
- erlang processes and message passing architecture
Related Questions in PROCESS-MONITOR
- "An error occurred opening snapshot" Process Monitor
- Sysinternals Process Monitor (ProcMon): Using wildcards on filter
- Sysinternals Process Monitor (ProcMon): Working with Time of Day Filter
- What happens to the file with colon in the name?
- TFS 2018 Server Web Services keeps shutting down and restarting every minute or so with message "BinDirChangeOrDirectoryRename"
- Hide ProcessMonitor from ThemIda
- How to control procmon through python?
- Procmon command line does not save filtered output
- Visual studio has gone crazy trying to create files
- How to install Sensu client without installing Sensu server?
- How to find which process deleted my file in Windows
- Process Explorer & Process Monitor: discrepancy in report of written bytes
- How to build an application that displays more stack information in Process Monitor?
- How to use Process Monitor to determine which DLL is causing a BadImageFormatException
- Prefetching information in windows XP fails and abort the launching of my application
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Often compiling it with /Zi, and linking it with /debug should be enough. You should get a PDB file which contains all the debug information of your application. As long as you don't move the executable or PDB, Process Monitor should normally find it.
If you have multiple versions of your application, or if you want to investigate the call stack on other machines, it might be better to set up a Symbol Server. You then need to store all your EXE's and PDB files into the Symbol Server (using the symstore utility), and set up your system so that Process Monitor uses the Symbol Server to find the debug information. The information at http://support.microsoft.com/kb/311503 should get your started.
One way that works normally is to set an environment variable
_NT_SYMBOL_PATH:... where
\\yourserver\symbolswould be a share that is writable and readable, but could just as well be a local path on your computer. This is where the symbols get cached for repeated use.