windbg

问题 I have an Office plug-in (native C++) which is fairly involving with Office. One of the thing I'm doing is finding the HWND of the main window, and subclass that window. On various occasions I also GetDC that window, and paint my own stuff on top of the Office document. I'm also using IAT hooking (fairly standard) of various Windows API. I've a 'Decorate' function that draw on the HDC directly. Until Office 2010, I called my method immediately after Office handled WM_PAINT, and also after WM

问题 I have built an automated crash dump analysis, but I can't get CDB to load a specific crash dump. It loads just fine in VS 2013. I'm using the Debugger Tool from the Windows Driver Kits 8.1 (6.3.9600.16384) which seems to be the latest one. When I run cdb.exe on the file, I get: C:\Users\me>"C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64\cdb.exe" -z "D:\DumpFiles\crashdump.mdmp" Microsoft (R) Windows Debugger Version 6.3.9600.16384 AMD64 Copyright (c) Microsoft Corporation. All rights

问题 I'm using Windbg to debug an error that is happening in a website that we have on a Windows Server 2008, IIS7 environment. I've set the symbol path to "SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols" Then I browse the website, which takes me to the login page. In that moment I attach Windbg to the w3wp.exe process. I then enter my credentials into the login page and submit the form, which is the process that is giving problems. I then select Windbg -> Debug -> Go Unhandled

问题 I am trying to write an extension function that will run to the next call and then print out information about the next instruction. I am using IDebugControl::Execute to run tc . As noted in the documentation, this call returns before the tracing has actually occurred. Sleeping or calling DispatchCallbacks does not see the tc trace occur before my extension returns. How can I allow the trace to happen without returning from the call? If I add my own DebugEventCallback then I can get notified

问题 I created a simple demo application (app.exe) in default projects folder under my documents. I copied the app.exe to c:\test\app folder without copying the pdb file. I run this executable with windbg (File menu > Open executable). I expect it NOT to find the symbol file but it does! I set sympath to .sympath srv*c:\test\Symbols*https://msdl.microsoft.com/download/symbols The output for lm is 0:000> lm start end module name 013b0000 013b8000 App C (private pdb symbols) c:\users\username

问题 I have an application. It's a self hosted WCF application. The application connects to an OPC server with OpcNetApi. OpcNetApi internally creates in-process COM component to communicate with an OPC server. WCF exposes methods for synchronous reading from and writing to an OPC server. Application platform target is x86, because we have no 64-bit version of the COM component. Target framework is .NET 4.0. Our application also supports asynchronous reading from an opc server. For this we ask opc

问题 After I've loaded sosex, I'm getting the following error. Any ideas? The hang dump is from a 32 bit machine, mine is 64-bit. Do I need to install something? !clrstack CLR DLL status: ERROR: Unable to load DLL mscordacwks_x86_x86_2.0.50727.3623.dll, Win32 error 0n2 回答1: The problem is the version of mscordacwks on your machine is a different version than the one from the crash dump. It's not a bitnesss issue - even though your machine is 64-bit, you have a 32-bit .NET installed. Mine is under

问题 Is it possible to get information about the host where a dump file was been created e.g., OS version, service pack, .NET framework version etc. 回答1: OS version and so forth is listed automatically when you open the dump file. You can get the .NET framework version using the !eeversion command. 0:000> !eeversion 2.0.50727.4952 free Workstation mode SOS Version: 2.0.50727.4952 retail build To get additional information for loaded modules use the verbose option for lm . E.g. 0:000> lm vm mscoree

问题 I have an application running on target machine and trying to debug it from my PC using WinDbg. Now I would like to input some value to WinDbg before hitting the conditional breakpoint and the same shall be passed in as an argument to the conditional break point as soon as it is hit. My ultimate aim is that I do not want WinDbg waiting for input for more than a second when the breakpoint is hit. As you all know, WinDbg freezes all threads when the breakpoint is hit, hence I'm getting lot

问题 While capturing Performance Monitoring metrics for one of our .NET processes we noticed that we had a large number of pinned objects. Specifically, we were monitoring the " .NET CLR Memory " counter " # of Pinned Objects " which steadily rose in value into the thousands. In general the trend is a steady 45 degree upward trend line. Since this is a reliably repeatable condition we took a memory dump with WinDbg and were surprised to find that we only had 23 pinned items which did not match