It is nice to save some useful information at the point of application crash. The useful methods including call stack and minidump file. Call stack can be obtained by installing exception filter via  AddVectoredExceptionHandler Function, stack trace can be obtained via StackWalk64 Function, and minidump file can be created via MiniDumpWriteDump Function.

WinDbg can open the minidump file. Use .sympath+ <pdb path name> to let WinDBG search this folder before _NT_SYMBOL_PATH. Use .exepath+ command to inform windbg search for executable image file.

DevPartner failed to instrument two projects with “Error and Coverage” type, the only common fact is that there is a medium size CPP file in thos projects, one is around 40k, another is around 64k. It seems to be bug because those two projects can be instrumented successfully with “Error detection” or “Coverage or performance” type, and the debug configuration is also working, at last a colleague found a workaround with release configuration – disable optimization.

NoStepInto How to Not Step Into Functions using the Visual C++ Debugger

In the Debug library, all allocated memory blocks are bracketed with a series of "guard bytes." Diagnostic Services

PageHeap utility

Problem: Find out a fastest method sending 1000 messages of 2MB size from one process to another process.

Result table provide by Onega on XP SP2 and Vista.

From the above table, we can find out that the answer is OS dependent. On XP, we’d better choose “Remote memory access” method since it is 22% faster than windows_shared_memory; but if we are targeting Vista, we’d better choose windows_shared_memory because “Remote memory access” is mostly used for debugging purpose instead of a general purpose IPC method.

http://www.codeproject.com/KB/DLL/subhook.aspx

Cross Process Subclassing

http://forum.mess.be/index.php?showtopic=11966

Hooking MSN Messenger 7 with VC++, A tutorial on how to hook MSN Messenger

http://www.codeguru.com/cpp/w-p/dll/hooking/article.php/c3639/

Hijack Textout Calls From Notepad

http://www.codeproject.com/KB/DLL/apihijack.aspx

APIHijack - A Library for easy DLL function hooking.

http://www.codeproject.com/KB/system/hooksys.aspx

API hooking revealed

Rational Purify 7.0 can detect memory leak but does not tell me handle leak. I can watch handles of a process via Procexp.exe, but that is not very convenient to check, so I used the ListHandlers function from Examine Information on Windows NT System Level Primitives and write all the handle information and count by type into log file.

All threads created by AfxBeginThread must have its handle closed if you don't save it for later use.
CWinThread* ptmp_thread_obj = AfxBeginThread(...);
if (ptmp_thread_obj)
    CloseHandle(ptmp_thread_obj->m_hThread);
I also pass verbose name to all calls to CreateEvent for the purpose of tracking named event leakage. In this way the problem was traced to leak of File handle type, but the path is actually a directory name.

Searching fopen, _open, _fdopen gives no clue. At last it turned out to be unmatching FindFirstFile/FindClose. Note, there is some problems with SystemProcessInformation::Refresh() and some people discussed it already. For my case, I just removed the call since I don't need it for enumerating handles of current process. Keywords related to CPU usage: NtQuerySystemInformation PERF_100NSEC_TIMER_INV.