如何使用 ProcMon 检查 Win32 CreateProcess() 失败原因。 排除 GetLastError()
[英]How to check Win32 CreateProcess() failed reason using ProcMon. exclude GetLastError()
问题描述
I am having an issue with checking CreateProcess() failure reason, there was a code in production which doesn't log GetLastError() when CreateProcess() failed so i am running ProcMon to check the reason but unable to find the reason (Will procMon log the failure reason something like "C:\\dummy.exe path not found or permission denied" ?).
我在检查CreateProcess()失败原因时遇到问题,生产中有一个代码在 CreateProcess() 失败时不记录 GetLastError() 所以我正在运行 ProcMon 来检查原因但无法找到原因(会 procMon记录失败原因,例如“找不到 C:\\dummy.exe 路径或权限被拒绝”?)。
Is there a way (tools ?) to check why CreateProcess() is failing without considering GetLastError() ?有没有办法(工具?)检查为什么 CreateProcess() 失败而不考虑 GetLastError() ?
I can't debug customer environment (no access to me) but I can change the code & provide new build & it takes long time due to process.我无法调试客户环境(无法访问我),但我可以更改代码并提供新版本,并且由于流程原因需要很长时间。 i am currently looking for quick options available .我目前正在寻找可用的快速选项。 Below is the sample code not exact production code.下面是示例代码,而不是确切的生产代码。
int main()
{
STARTUPINFO info = { sizeof(info) };
PROCESS_INFORMATION processInfo;
TCHAR dymmypath[_MAX_PATH] = _T("C:\\dummy.exe");
static TCHAR TempPathString[_MAX_PATH];
STARTUPINFO si = { sizeof(si) }; //default set up
PROCESS_INFORMATION pi; //data structure for CreateProcess
si.dwFlags = STARTF_USESHOWWINDOW;
si.wShowWindow = SW_SHOWMINIMIZED;
if (!CreateProcess(dymmypath, NULL, NULL, NULL, FALSE, NORMAL_PRIORITY_CLASS, NULL, TempPathString, &si, &pi))
{
printf("Failed");
}
else {
printf("Success");
}
return 0;
}
2 个解决方案
解决方案1
1 已采纳 2020-03-17 17:41:51
i am running ProcMon to check the reason but unable to find the reason (Will procMon log the failure reason something like "C:\\dummy.exe path not found or permission denied" ?).
Only if the request reaches the filesystem, ie to look for the EXE file, which in your case it sounds like it is not doing that, likely because CreateProcess() is failing to validate your input parameters before it reaches into the filesystem.仅当请求到达文件系统时,即查找 EXE 文件,在您的情况下听起来它没有这样做,可能是因为CreateProcess()在到达文件系统之前未能验证您的输入参数。
Is there a way (tools ?) to check why CreateProcess() is failing without considering GetLastError() ?
As others said, you could try attaching a debugger to your running app, and put a breakpoint in the CreateProcess function itself.正如其他人所说,您可以尝试将调试器附加到正在运行的应用程序,并在CreateProcess函数本身中放置一个断点。
Another option is to use a tool like API Monitor , which will show you the actual API calls your program makes, what their parameter values are, reported error codes, etc.另一种选择是使用API Monitor 之类的工具,它会显示您的程序进行的实际 API 调用、它们的参数值是什么、报告的错误代码等。
I can't debug customer environment (no access to me) but I can change the code & provide new build
Then that is what you should do.那么这就是你应该做的。 Fix your code to do proper logging of error codes, don't ignore them anymore.修复您的代码以正确记录错误代码,不要再忽略它们。
it takes long time due to process.
Well, that is your own fault for not optimizing your build process better, or breaking up your app into more manageable pieces, etc.嗯,这是你自己的错,没有更好地优化你的构建过程,或者把你的应用程序分解成更易于管理的部分,等等。
解决方案2
0 2020-03-17 10:44:30
Just at first glance, I see TempPathString is initialized to "" , which is not a valid path.乍一看,我看到TempPathString被初始化为"" ,这不是有效路径。 So while you're fixing that issue, that's your chance to add proper error handling.因此,当您解决该问题时,这是您添加正确错误处理的机会。
The tool you're looking for is a debugger.您正在寻找的工具是调试器。 You should attach the debugger of your choice, set a breakpoint on the return of CreateProcess , and check the error there.您应该附加您选择的调试器,在CreateProcess返回时设置断点,并检查那里的错误。
Besides debugging and error handling (logging etc), you'll have to just get creative.除了调试和错误处理(日志记录等)之外,您还必须发挥创意。 Compare a working environment against production for example.例如,将工作环境与生产环境进行比较。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.