Monthly Archives: March 2010

Better sos.dll for debugging in WinDbg available!

Finally MS release a *better* sos.dll extension for WinDbg (psscor2.dll), which has many more features. One of my favorite feature is “displaying callstacks with line infos”!

Also it has a good “!Analysis” command for dump-files.

The output of “!Help” is:

-------------------------------------------------------------------------------
PSSCOR is a debugger extension DLL designed to aid in the debugging of managed
programs. Functions are listed by category, then roughly in order of
importance. Shortcut names for popular functions are listed in parenthesis.
Type "!help " for detailed info on that function. 

Object Inspection                  Examining code and stacks
-----------------------------      -----------------------------
DumpObj (do)                       Threads
DumpArray (da)                     CLRStack
DumpStackObjects (dso)             IP2MD
DumpAllExceptions (dae)            BPMD
DumpHeap                           U
DumpVC                             DumpStack
GCRoot                             EEStack
ObjSize                            GCInfo
FinalizeQueue                      EHInfo
PrintException (pe)                COMState
TraverseHeap
DumpField (df)
DumpDynamicAssemblies (dda)
GCRef
DumpColumnNames (dcn)
DumpRequestQueues
DumpUMService

Examining CLR data structures      Diagnostic Utilities
-----------------------------      -----------------------------
DumpDomain                         VerifyHeap
EEHeap                             DumpLog
Name2EE                            FindAppDomain
SyncBlk                            SaveModule
DumpThreadConfig (dtc)             SaveAllModules (sam)
DumpMT                             GCHandles
DumpClass                          GCHandleLeaks
DumpMD                             VMMap
Token2EE                           VMStat
EEVersion                          ProcInfo 
DumpModule                         StopOnException (soe)
ThreadPool                         MinidumpMode 
DumpHttpRuntime                    FindDebugTrue
DumpIL                             FindDebugModules
PrintDateTime                      Analysis
DumpDataTables                     CLRUsage
DumpAssembly                       CheckCurrentException (cce)
RCWCleanupList                     CurrentExceptionName (cen)
PrintIPAddress                     VerifyObj
DumpHttpContext                    HeapStat
ASPXPages                          GCWhere
DumpASPNETCache (dac)              ListNearObj (lno)
DumpSig
DumpMethodSig                      Other
DumpRuntimeTypes                   -----------------------------
ConvertVTDateToDate (cvtdd)        FAQ
ConvertTicksToDate (ctd)
DumpRequestTable
DumpHistoryTable
DumpBuckets
GetWorkItems
DumpXmlDocument (dxd)
DumpCollection (dc)

Examining the GC history
-----------------------------
HistInit
HistStats
HistRoot
HistObj
HistObjFind
HistClear

Major bug in the new dbghelp.dll

The latest dbghelp.dll (version 6.12.2.633), which can be downloaded via the newest WDK, seems to have a major bug regarding the function SymGetModuleInfo64 (which is used in almost every project, if you want to display module-infos).

A user reported this bug in the WinDbg newsgroup.

I now build a small repro-code, which shows the problem. You can download the code here: dbghelp_bug_6.12.2.633.zip

The problem is, that the size of the struct “IMAGEHLP_MODULE64” has changed. They added two DWORDs at the end (the struct has now a size of 0x690 bytes). This is normally not a problem because the struct has a “SizeOfStruct” member, which must be set, prior to calling the “SymGetModuleInfo64” function.

But the new version does not support the older version of the struct with a size of 0x688 bytes, which is commonly used because this was the last version since 2003!!! It only supports the older versions from 2002 and before.

So I hope that this major bug will soon get fixed… but after the WinDbg-Release seems to be coupled to the WDK-release, we can wait until next year…

Forums NntpBridge and DateTime

There is a “research” project to access the msdn-web forums via a nntp-bridge. The offical version is “V1″… but I must say, that it is still Beta1 ๐Ÿ˜‰

For example, there is a bug with the DateTime-Format, which uses the current system locale… This bug was reported severaly months ago, and nothing happend… In january and february it was not a problem, because “Jan” and “Feb” are the same in english and german… but in “Mรคrz” the NntpBridge started to report all postings with “01.01.1970 01:00″… because it will report the date as “Mrz” instead of “Mar”… which is somehow bad…

So I decided to make a quick fix for this behavior. You just need to add the System.Globalization.CultureInfo.InvariantCulture as parameter to the ToString method.

Here are the steps, how you can fix this by yourself:

  1. Locale the directory of the Nntp-Bridge (normally “C:\Program Files (x86)\Microsoft Community Tools\Microsoft Forums NNTP Bridge”
  2. Copy the file “nntp.dll” to “nntp_org.dll” so you have the original version saved
  3. Copy “nntp.dll” into a temporary directory like “c:\temp\nntp_fix”
  4. Open a “Visual Studio 2005/2008 Command Prompt (x86)”
  5. Go to the temporary directory (cd /D c:\temp\nntp_fix)
  6. Disassemble the nntp.dll
    ildasm nntp.dll /out=nntp.il
  7. Now you need to change the content of the nntp.il file
  8. Find the method “GetMessageFormat” and change it from
    .method public hidebysig static string  GetMessageFormat(valuetype [mscorlib]System.DateTime dateTime) cil managed
    {
      // Code size       28 (0x1c)
      .maxstack  8
      IL_0000:  ldstr      "{0} {1}"
      IL_0005:  ldarga.s   dateTime
      IL_0007:  ldstr      "ddd, d MMM yyyy HH:mm:ss"
      IL_000c:  call       instance string [mscorlib]System.DateTime::ToString(string)
      IL_0011:  ldsfld     string Nntp.NntpTimeUtility::GmtTimeZoneOffset
      IL_0016:  call       string [mscorlib]System.String::Format(string,
                                                                  object,
                                                                  object)
      IL_001b:  ret
    } // end of method NntpTimeUtility::GetMessageFormat
    

    to

    .method public hidebysig static string  GetMessageFormat(valuetype [mscorlib]System.DateTime dateTime) cil managed
    {
      // Code size       33 (0x21)
      .maxstack  8
      IL_0000:  ldstr      "{0} {1}"
      IL_0005:  ldarga.s   dateTime
      IL_0007:  ldstr      "ddd, d MMM yyyy HH:mm:ss"
      IL_000c:  call       class [mscorlib]System.Globalization.CultureInfo [mscorlib]System.Globalization.CultureInfo::get_InvariantCulture()
      IL_0011:  call       instance string [mscorlib]System.DateTime::ToString(string,
                                                                               class [mscorlib]System.IFormatProvider)
      IL_0016:  ldsfld     string Nntp.NntpTimeUtility::GmtTimeZoneOffset
      IL_001b:  call       string [mscorlib]System.String::Format(string,
                                                                  object,
                                                                  object)
      IL_0020:  ret
    } // end of method NntpTimeUtility::GetMessageFormat
    
  9. Then compile the nntp.dll again (and delete the original dll before compiling (del nntp.dll)):
    ilasm /dll nntp.il /resource=nntp.res
  10. Now you can copy the patched nntp.dll into the original directory (be sure, the application is not running).

Now it looks better:

That’s all! Happy NntpBridging ๐Ÿ˜‰