Defrag Tools: #13 - WinDbg | Defrag Tools

EDN Admin

EDN Admin

Well-known member
Joined
Aug 7, 2010
Messages
12,794
Location
In the Machine
In this episode of Defrag Tools , Andrew Richards and Larry Larsen start walking you through the Debugging Tools for Windows (in particular WinDbg ). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer. This first WinDbg installment configures the system to open dumps files via an adjusted Context Menu. It shows how to set WinDbg as the (AeDebug) postmortem debugger, and how to use ProcDump v5.1 to do the same but capture the process as a dump file. It then starts to explain some basic concepts of debugging: call stacks (k), registers (r) and exception context records (.ecxr). Make sure you watch http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-Building-your-USB-thumbdrive Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution. Resources:
http://www.microsoft.com/en-us/download/details.aspx?id=8279 Microsoft Windows SDK for Windows 7 and .NET Framework 4
http://technet.microsoft.com/en-us/sysinternals/dd996900.aspx Sysinternals ProcDump <span><span> Timeline:
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=00m00s [00:00] - Windows 8 General Availability (GA)
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=02m45s [02:45] - WinDbg -IA - Register File Associations
<span><span><span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=05m45s [05:45] - Custom Context Menu
http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=10m15s [10:15] - WinDbg -I - Register Postmortem Debugger
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=11m07s [11:07] - Custom AeDebug: -c ".jdinfo %p"
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=15m00s [15:00] - ProcDump v5.1: -i <folder>
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=18m00s [18:00] - Internals of Windows Error Reporting
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=21m48s [21:48] - Registers (r)
<span><span><span><span><span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=29m50s [29:50] - Exception Context Record (.ecxr)
<span><span> http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=32m01s [32:01] - Examples - NT Debugging Blog
http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=34m02s [34:02] - MSJ Magazine - Under The Hood
http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=35m20s [35:20] - http://www.intel.com/content/www/us/en/processors/architectures-software-developer-manuals.html Intel Developers Manual
http://channel9.msdn.com/Shows/Defrag-Tools/Defrag-Tools-13-WinDbg#time=38m40s [38:40] - Next week, Call Stacks, Locals and .NET/Silverlight extensions MSJ (MSDN) Magazine: Assembly Language
 redir.aspx?C=2P0tbWIPQEGqIUUsxClMatghXOqYd88I3BJO2V4_7m_tArIwcNmUjlV55zyCRfEqEyW8-gDNZ_c.&URL=http%3a%2f%2fwww.microsoft.com%2fmsj%2f0298%2fhood0298.aspx" target="_blank http://www.microsoft.com/msj/0298/hood0298.aspx
redir.aspx?C=2P0tbWIPQEGqIUUsxClMatghXOqYd88I3BJO2V4_7m_tArIwcNmUjlV55zyCRfEqEyW8-gDNZ_c.&URL=http%3a%2f%2fwww.microsoft.com%2fmsj%2f0797%2fhood0797.aspx" target="_blank http://www.microsoft.com/msj/0797/hood0797.aspx NT Debugging Blog: http://blogs.msdn.com/b/ntdebugging/ http://blogs.msdn.com/b/ntdebugging/ Debugging Techniques
 http://blogs.msdn.com/b/ntdebugging/archive/2007/06/13/hung-window-no-source-no-problem-part-1.aspx http://blogs.msdn.com/b/ntdebugging/archive/2007/06/13/hung-window-no-source-no-problem-part-1.aspx
http://blogs.msdn.com/ntdebugging/archive/2007/06/15/hung-window-no-source-no-problem-part-2.aspx http://blogs.msdn.com/b/ntdebugging/archive/2007/06/15/hung-window-no-source-no-problem-part-2.aspx
http://blogs.msdn.com/ntdebugging/archive/2007/06/15/this-button-doesn-t-do-anything.aspx http://blogs.msdn.com/b/ntdebugging/archive/2007/06/15/this-button-doesn-t-do-anything.aspx Fundamentals
 http://blogs.msdn.com/b/ntdebugging/archive/tags/fundamentals+exercise/ http://blogs.msdn.com/b/ntdebugging/archive/tags/fundamentals+exercise/ Puzzles
 http://blogs.msdn.com/b/ntdebugging/archive/tags/puzzler/ http://blogs.msdn.com/b/ntdebugging/archive/tags/puzzler/ Custom Context Menu (WinDbg -IA): <pre class="brush: text
Windows Registry Editor Version 5.00
[HKEY_CLASSES_ROOT.dmp]
@="WinDbg.DumpFile.1"

[HKEY_CLASSES_ROOTWinDbg.DumpFile.1]
@="WinDbg Post-Mortem Dump File"
[HKEY_CLASSES_ROOTWinDbg.DumpFile.1DefaultIcon]
@=""C:\debuggers\windbg.exe",-3002"
[HKEY_CLASSES_ROOTWinDbg.DumpFile.1shell]
@="Open"

[HKEY_CLASSES_ROOTWinDbg.DumpFile.1shellOpen]
@="Open x&64"
[HKEY_CLASSES_ROOTWinDbg.DumpFile.1shellOpencommand]
@=""C:\debuggers\windbg.exe" -z "%1" -c ".prefer_dml 1""

[HKEY_CLASSES_ROOTWinDbg.DumpFile.1shellOpen_x86]
@="Open x&86"
[HKEY_CLASSES_ROOTWinDbg.DumpFile.1shellOpen_x86command]
@=""C:\debuggers_x86\windbg.exe" -z "%1" -c ".prefer_dml 1""
[/code] Custom AeDebug (WinDbg -I): <pre class="brush: text
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionAeDebug]
"Auto"="1"
"Debugger"=""C:\debuggers\windbg.exe" -p %ld -e %ld -c ".jdinfo %p""

[HKEY_LOCAL_MACHINESOFTWAREWow6432NodeMicrosoftWindows NTCurrentVersionAeDebug]
"Auto"="1"
"Debugger"=""C:\debuggers_x86\windbg.exe" -p %ld -e %ld -c ".jdinfo %p""
[/code] <img src="http://m.webtrends.com/dcs1wotjh10000w0irc493s0e_6x1g/njs.gif?dcssip=channel9.msdn.com&dcsuri=http://channel9.msdn.com/Feeds/RSS&WT.dl=0&WT.entryid=Entry:RSSView:265f33f3fd1246f58eeea0e101204051

View the full article
 
You must log in or register to reply here.
Back
Top