In this episode of Defrag Tools, Andrew Richards, Chad Beeder and Larry Larsen continue looking at the Debugging Tools for Windows (in particular WinDbg). WinDbg is a debugger that supports user mode debugging of a process, or kernel mode debugging of a computer.
This installment goes over the commands used to show the state of debug session. It also shows some of the basic commands used to view process and thread information of a user mode process. We cover these commands:
version
vertarget
|
||
.sympath
.srcpath
.exepath
.extpath
.chain
!analyze -v
.bugcheck
!error
~
~NNs
~~[TID]s
~*k
~*r
!process 0 17
!threads
!findstack
!uniqstack
!peb
!teb
k=
dps
dpu
dpa
dpp
.reload /f
.reload /user
!gle
!tls
Make sure you watch Defrag Tools Episode #1 for instructions on how to get the Debugging Tools for Windows and how to set the required environment variables for symbols and source code resolution.