Double-click "Developer Tools".
Double-click "Microsoft Visual C++ Build Tools".
Right-click "Visual C++ 2015 x64 Native Build Tools Command Prompt" and click "Run as Administrator".
Click Yes.
mkdir c:\MyApp
cd c:\MyApp
notepad MyApp.cpp
Click Yes to create a new file.
Paste in this code, as shown below.
void MyFunction(long p1, long p2, long p3)
{
long x = p1 + p2 + p3;
long y = 0;
y = x / p2;
}
void main ()
{
long a = 2;
long b = 0;
MyFunction(a, b, 5);
}
In Notepad, save the file.
cl /EHsc MyApp.cpp
dir
As shown below,
the compilation process created
an .exe file and an .obj files,
but no .pdb file.
Navigate to:
C:\MyApp\MyApp.exe
and double-click it.
The app loads, and stops inside ntdll, as shown below.
x MyApp!*main*
x MyApp!*
There are no results,
as shown below.
To see the problem, execute this command:
lm
The "MyApp" module is loaded,
but it has no symbols,
as shown below.
This makes it difficult to find the MyApp code.
Close WinDbg. This is necessary because it locks the MyApp.exe file.
del MyApp.obj
del MyApp.exe
cl /EHsc /Zi MyApp.cpp
dir
As shown below,
the compilation process created
an .exe file and two .pdb files,
which contain debugging symbols.
Navigate to:
C:\MyApp\MyApp.exe
and double-click it.
The app loads, and stops inside ntdll, as shown below.
x MyApp!*main*
Now it finds symbols, including
MyApp!main,
as shown below.
bu MyApp!main
In WinDbg,
at the top left,
click Go.
The app runs to the start of main(), and the top left pane shows the C++ source code, with the breakpoint and current instruction highlighted, as shown below.
At the lower left, notice the "Locals" pane. This shows the local variables. Right now they contain random numbers because they are uninitialized. (When I did this project again on April 13, 2021, they contained zeroes.)
As shown below, the program proceeds to line 11 of the source code. The variable a is now set to 2.
In WinDbg, at the top left, click "Step Into" several more times, until the program executes source line 5.
The program cannot execute this instruction because of a divide-by-zero error, as shown below.
PMA 431.1 Analyzing the Crash (10 pts)
In the lower center of WinDbg, execute this command:Scroll back through the analysis to find the ExceptionCode line, as shown below.
!analyze -vThe flag is covered by a green box in the image below.
Posted 10-14-20
Project number fixed 10-15-20
Bold tag fixed 10-20-20
Minor improvements 4-13-2021