dump file 생성

from: http://www.digilogworld.net/entry/dump-file-%EC%83%9D%EC%84%B1

dump file 생성

1. SetUnhandledExceptionFilter l     예외 처리 handler를 설치한다. l     param: LPTOP_LEVEL_EXCEPTION_FILTER  lpTopLevelExceptionFilter l    callback function: TopLevelExceptionFilter(PEXCEPTION_POINTERS exPtrs) l     Filter chaining l     Enforcing your own filter ü        Import Address Table(IAT) hooking ü        Detours-like hooking – needs license for commercial use ü        Patch the begging of SetUnhandledExceptionFilter function l     Library:  Kernel32.lib.    2. MiniDumpWriteDump l     User-mode에서 mini dump 정보를 특정 파일에 기록 한다. l     param: hProcess, ProcessId, hFile, DumpType, ExceptionParam … l     DumpType ü        MiniDumpNormal : Include just the information necessary to capture stack traces for all existing threads in a process. ü        MiniDumpWithDataSegs : Include the data sections from all loaded modules. This results in the inclusion of global variables, which can make the minidump file significantly larger. For per-module control, use the ModuleWriteDataSeg enumeration value from MODULE_WRITE_FLAGS. ü        MiniDumpWithFullMemory : Include all accessible memory in the process. The raw memory data is included at the end, so that the initial structures can be mapped directly without the raw memory information. This option can result in a very large file. ü        … l     Library: Dbghelp.lib    3. When working with PE executables built by Microsoft tools, we usually have to deal with only a subset of types: Type Description IMAGE_DEBUG_TYPE_COFF COFF debug information (stored in the executable) IMAGE_DEBUG_TYPE_CODEVIEW CodeView debug information (stored in the executable) or Program Database debug information (stored in PDB file) IMAGE_DEBUG_TYPE_MISC CodeView debug information (stored in DBG file) IMAGE_DEBUG_TYPE_FPO Frame pointer omission information, which helps debug optimised executables   4. Compile option Option Format Storage Contents /Zd COFF .OBJ file ü         Public functions and variables ü         Source file and line information ü         FPO information /Z7 CodeView .OBJ file ü         Public functions and variables ü         Private functions and variables ü         Source file and line information ü         Type information ü         FPO information /Zi Program Database .PDB file ü         Public functions and variables ü         Private functions and variables ü         Source file and line information ü         Type information ü         FPO information /ZI Program Database .PDB file ü         Public functions and variables ü         Private functions and variables ü         Source file and line information ü         Type information ü         FPO information ü         Edit and Continue data