Difference between revisions of "WinDBG"
AmineKhaldi (talk | contribs) |
(→Useful commands) |
||
| Line 21: | Line 21: | ||
|- | |- | ||
|!gflag +soe || catch all exceptions (first exception handling) apart from STATUS_PORT_DISCONNECTED or if the exception code is not an error code; | |!gflag +soe || catch all exceptions (first exception handling) apart from STATUS_PORT_DISCONNECTED or if the exception code is not an error code; | ||
| + | |- | ||
| + | |!gflag +hpa || enable page heap flag turns on page heap verification, which monitors dynamic heap memory operations; | ||
|- | |- | ||
|!process 0 0 || list all process with basic info; | |!process 0 0 || list all process with basic info; | ||
Revision as of 21:30, 19 September 2012
The page WinDBG is a short article on something that should have a lot more information written on it.
If you know anything else about it, you are STRONGLY encouraged to add the information in. If you are unsure of proper formatting or style, add it to the talk page or this page itself as you think best and others will help.
Online reference
http://msdn.microsoft.com/en-us/library/ff540507.aspx
http://www.osronline.com/ddkx/ddtools/gflags_7u5v.htm
Useful commands
| command | description |
|---|---|
| kp | generate a backtrace |
| ta | trace to address; |
| x *! | full modules list (atm lm is only showing basic modules); |
| !drvobj <driver_object address> 0x7 | dumps driver object details - start/unload + irp handlers |
| !gflag +soe | catch all exceptions (first exception handling) apart from STATUS_PORT_DISCONNECTED or if the exception code is not an error code; |
| !gflag +hpa | enable page heap flag turns on page heap verification, which monitors dynamic heap memory operations; |
| !process 0 0 | list all process with basic info; |
| !process <addr> 0x1e | list detailed info of attached process, with its threads; |
| .process <addr> | attach to the process of a given address; |
| .thread <addr> | attach to the thread of a given address; |
| .reload /user | reloads user symbols and enables resolving of usermode |
