windbg

问题 Based on following output of !address -summary command, I think I have got a native memory leak. In order to deterine the callstack on where these allocations are happening, I am following article at http://www.codeproject.com/KB/cpp/MemoryLeak.aspx 0:000> !address -summary TEB 7efdd000 in range 7efdb000 7efde000 TEB 7efda000 in range 7efd8000 7efdb000 TEB 7efd7000 in range 7efd5000 7efd8000 TEB 7efaf000 in range 7efad000 7efb0000 TEB 7efac000 in range 7efaa000 7efad000 ProcessParametrs

问题 Looking at a crash dump in windbg, I can see that all current threads are stalled at > ~2k ChildEBP RetAddr 00d2fcc8 7d4e27dc ntdll_7d600000!ZwWaitForMultipleObjects+0x15 or SingleObject variations of the same. As a handle to the object to wait on is passed to ZwWaitForMultipleObjects, I assumed that I could work out which object it was using a variation of !do <address> with the right address -- but I don't know how to construct the right address. I'm assuming I need some offset from the

问题 I got a minidump from the Windows Store Apps submission process (sent by a reviewer) because of a crash in my app. I am having problems loading the symbols for my app, because the error occurs inside App.ni.exe , a file which I don't know where comes from. My app only has a App.exe (and some DLLs), but the dump keeps referring to .ni.dll and .ni.exe . These files are nowhere to be found in my .appx or .appxsym files. My app is built for each specific platform (x86, x64, and ARM). It is the

问题 I'm trying to get WinDbg debugging over the network to work, but it always loses connections after I break into the debugger (Debug->Break), and then try to start it again (Debug->Go). However, if I never break into the debugger, it looks like the connection is stable for an 'N' period of time. I can even see debug print statements in WinDbg as I use the target system during this grace period. Moreover, It seems like the connection is good while in debug break, because I can gather

问题 The problem : I need to make a script or an expression that that doesn't break if somewhere on callstack is a function with a specific name. Specific question : How can I get functions on callstack to a list of strings ? Example : Module!MyFunctionWithConditionalBreakpoint Module!Function1 Module!Function2 Module!Function3 Module!MyFunctionWithConditionalBreakpoint Module!Function1 Module!ClassA:MemberFunction Module!Function3 I want Module!MyFunctionWithConditionalBreakpoint to break only if

问题 I'm trying to install the Windows Debugging Tools via the Windows SDK and after two attempts I am at a loss for what to do. I start the installation and receive no errors at all but the debugging tools (windbg and kd) are nowhere to be found... The log is next to useless: 9:16:59 PM Monday, July 18, 2011: [SDKSetup:Info] Config_Products_DetermineProductState_End: Product: Windows Debugging Tools 9:16:59 PM Monday, July 18, 2011: [SDKSetup:Info] Config_Products_DetermineProductState_Begin:

问题 I work on a large application, and frequently use WinDbg to diagnose issues based on a DMP file from a customer. I have written a few small extensions for WinDbg that have proved very useful for pulling bits of information out of DMP files. In my extension code I find myself dereferencing c++ class objects in the same way, over and over, by hand. For example: Address = GetExpression("somemodule!somesymbol"); ReadMemory(Address, &addressOfPtr, sizeof(addressOfPtr), &cb); // get the actual

问题 Windbg should understand the MS exception protocol used to pass thread names to a debugger. I can't get this to work. Looking on the net there are many examples showing "~" thread lists with no thread names, and that's what I see. I'm debugging a .NET x86 process, and I've tried the WDK 8.1 x86 and x64 versions of Windbg. Does anyone know if this feature is still available? What am I missing? 回答1: For .NET threads, the following works for "normal" Thread s (manually created threads, since I

问题 How can I Save Output of a command in WinDbg to a Text File? 回答1: Start WinDbg from the command line using the -logo option: windbg.exe -logo logfile.txt That will get everything done logged to the file specified. You can find more details of the command line options here. Or, if you are already in a debugging session, you can use the .logopen command to start logging. For more info on this command see here Or you can click edit->Open/Close log file in the WinDbg GUI. More info on log files

问题 I'm trying to use windbg more, and I keep having problems with the symbol cache. It isn't clear to me what the format of the string is supposed to be. I have a few requirements: use Microsoft's server http://msdl.microsoft.com/download/symbols use symbols from our software that are archived at \\foo\Build1234 use a local cache at c:\dev\symbols The archive of symbols from our distributed build at \\foo\Build1234 are not organized as a symbol server. If I understand it correctly, I need to use