In this post I'm going to keep some useful WinDBG commands and tips. Simply and short :) I'll update it from time to time.
- .time
Shows date and time when dump was created:
- Opening a new dump. If you need to open another dump in same windbg window, choose Debug -> Stop debugging, or press Shift+F5.
- Question mark makes conversion from hexadecimal to decimal and vice versa:
0:082> ?1e74
Evaluate expression: 7796 = 00001e74
0:082> ?0n7796
Evaluate expression: 7796 = 00001e74
0n is prefix for decimal numbers
0x is prefix for hexadecimal numbers
- There is an autocompletion option in WinDBG: you may start writing !ana, then press Tab and it will be completed to !analyze
- .chain is a command to look currently loaded extensions:
- .unload is a command used to unload one of the currently loaded extensions. For example, to change it with another version of this extension. Make sure that you pass full name of the extension as a parameter - exactly in a form specified in .chain output:
- !sam c:\temp This command will export all dlls from current dump to the location you've specified as a parameter. Note, that this is a command from psscor dlls, so if you have loaded sos instead of psscor, it won't work.
- .logopen /t c:\temp\Output.txt - if you want to save your next commands output to a file.
In order to make !sam command work you need to
ReplyDelete1. download it from here http://www.microsoft.com/en-us/download/details.aspx?id=1073
2. unpack somewhere
3. load it using "load" command: .load C:\temp\psscor2.dll