SAD and debugger extensions

Download SAD v1.3 x86|x64

After using SAD for a while, it becomes clear (thanks Olivier ;^) that a couple of small misbehaviors are limiting its real life usage.

  • Error checking has been enhanced to find out what are the issues when a dump file is loaded (if _NT_EXECUTABLE_IMAGE_PATH not set or DebugDiag is not installed for example) in order to help you figure out what is really the problem and how to fix it.
  • One of the first features is to cache the result of each debugger/extension command in order to be much faster and have a dedicated separate result window. However, in some cases such as changing the current thread with ~[ThreadID]s or see the list of loaded debugger extensions via .chain, you need to force the command to be reexecuted. This is now possible by using CTRL+RETURN instead of just RETURN.

Don’t forget that it is possible to also delete a command by selecting it and pressing the DELETE key.

  • I’ve added the support for dragging and dropping a .dmp file both on a shortcut to SAD on your desktop (by expecting a .dmp filename on the command line) and also into the UI of the main window once started.

 

To finish this post, I would like to provide some details about how to use debugger extensions other than SOS. Basically, DebugDiag has its own search path for extensions based on subfolders. Therefore, you must copy folders and files from WinDBG into DebugDiag installation folders; with differences between 32 bit/64 bit cases both for Windows and DebugDiag versions.

Here is the list of extensions in each folder:

For example, if you type .load sosex, the .chain command will show from where it has been loaded:

 

If you have found other flaws or particular needs, feel free to leave a comment.

I hope this helps

Advertisements
This entry was posted in Development. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s