srv*c:\symbols*http://msdl.microsoft.com/download/symbols;
srv*c:\symbols*c:\temp\localsymbols;
srv*c:\symbols*\\network_share\symbols;
or
set environment variable name: _NT_SYMBOL_PATH
set environment variable value: srv*c:\symbols*http://msdl.microsoft.com/download/symbols;
srv*c:\symbols*c:\temp\localsymbols; srv*c:\symbols*\\network_share\symbols;
How to load Wow64 on x64 debugger
.load wow64exts
Other commands
lml
.ecxr
!analyze -v
How to verify if the module and pdb are a match
!itoldyouso <ModuleName> <ModulePDB>
Setup WinDbg as Postmortem Debugger
windbg -I
Setup ProcMon as Postmortem Debugger
procmon -i -ma
Redirect output to a log file
000> .logopen c:\temp\hello.txt
000> <do what ever commands> - all output is shown in windbg window and redirected to log file
000> .logclose
Find machine name (.NET dmp)
kd> x srv!SrvComputerName
fffff880`06ec4540 srv!SrvComputerName = <no type information>
kd> dq fffff880`06ec4540
fffff880`06ec4540 00000000`001a001a fffff8a0`02441df0
fffff880`06ec4550 00000000`00000000 00000000`00000000
fffff880`06ec4560 00000000`00000000 00000000`000c000a
...
kd> du fffff8a0`02441df0
fffff8a0`02441df0 "ABC"
No comments:
Post a Comment