I've just discovered Sysinternal's Process Monitor and love the insights it gives on what a process is doing. However, when I try to see detail of a software call to the kernel, the stack is filled with "unknowns". How should I build my application so that function names appear at the stack trace?
How to build an application that displays more stack information in Process Monitor?
179 views Asked by Bruno Kim At
1
There are 1 answers
Related Questions in WINDOWS
- how to play a sounds in c# forms?
- Echo behaviour of Microsoft Windows Telnet Client
- Getting error while running spark-shell on my system; pyspark is running fine
- DirectX 9 With No SDK Installed - How To Translate a D3DMATRIX?
- Gradle 8.7 cannot find installed JDK 22 in IntelliJ
- 'IOException: The cloud file provider is not running', when trying to delete 'cloud' folder
- Cannot load modules/mod_dav_svn.so into server
- Issue with launching application after updating ElectronJs to version 28.0.0 on Windows and Linux
- 32-bit applications do not display some files in Windows 10
- 'bun' is not recognized as an internal or external command
- mkssecreenshotmgr taking a screenshot
- Next js installation in windows 7 os
- Can't resize a partition using Mini Tool?
- Is there any way to set a printer as default according with Active Directory Policy Security Group and PC hostname?
- Electron Printing not working on Windows (Works on Mac)
Related Questions in PROCESS
- How to get Java running parameters from Spring Boot running inside container in pod where no ps exist
- Module not found: Error: Can't resolve 'child_process' in 'react-cerbos-demo/node_modules/cerbos'
- Launch URL from C# and detect when browser is closed
- Communicating Java and Python processes freeze after a while when using readline() but not input()
- Can someone tell me what's wrong with mi Task.await?
- Initial Fastapi request is not being processed and stays on hold
- running the ld command through rust only works 50% of the time
- Dropping duplicated rows
- Which child will execute first when you call fork() and wait() multiple times?
- How to kill number of processes in cpanel
- How is Unix signal propagated to PGID in namespaces and what is the impact of NSpgid on process signal handling?
- Why does sudo kill -15 on sh and docker-compose PIDs not stop Docker containers?
- Can Process.Exited event get fired but the process hang in the system?
- Powershell script can not run when invoke in .NET process
- How to quickly terminate child processes in Go and proceed only when killed
Related Questions in PROCESS-MONITOR
- What does the "QueryDeviceInformationVolume" operation in Process Monitor mean?
- How to find which process deleted my file in Windows
- What is Process CreateTime in the xml procmon saved?
- TFS 2018 Server Web Services keeps shutting down and restarting every minute or so with message "BinDirChangeOrDirectoryRename"
- DLL dependency from different installation folder not found in ASP.NET website
- chromedriver executable is in PATH but still getting error
- How search for dll and functions in stack of process in process monitor?
- Sysinternals Process Monitor (ProcMon): Working with Time of Day Filter
- Sysinternals Process Monitor (ProcMon): Using wildcards on filter
- Process Explorer & Process Monitor: discrepancy in report of written bytes
- How to know which Windows Process has started / stopped which service
- Pass cmd argument to running process when shutting down windows service
- how to disable logging in Process monitor while startup
- Command line options for retrieving all of the files being accessed by a particular program
- Procmon is crashing when saving the boot logs
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Often compiling it with /Zi, and linking it with /debug should be enough. You should get a PDB file which contains all the debug information of your application. As long as you don't move the executable or PDB, Process Monitor should normally find it.
If you have multiple versions of your application, or if you want to investigate the call stack on other machines, it might be better to set up a Symbol Server. You then need to store all your EXE's and PDB files into the Symbol Server (using the symstore utility), and set up your system so that Process Monitor uses the Symbol Server to find the debug information. The information at http://support.microsoft.com/kb/311503 should get your started.
One way that works normally is to set an environment variable
_NT_SYMBOL_PATH:... where
\\yourserver\symbolswould be a share that is writable and readable, but could just as well be a local path on your computer. This is where the symbols get cached for repeated use.