Welcome to MSDN Blogs Sign in | Join | Help

March 2008 - Posts

Special Command: Using s to Explore The Memory

Very often I found myself scanning the stack or the entire virtual memory for the process to find information that may help me. This information may be strings, DWORDS, bytes, chars, etc… To accomplish this you should use the s command. Here I exemplify Read More...
Posted Tuesday, March 11, 2008 5:58 PM by Roberto Farah | 1 Comments

Special Command: Repeating a Command Using z While a Given Condition is True

When doing live debugging, it’s not uncommon to have to repeat a set of commands until a condition becomes true or false. There are several ways to do this, and one of them is through the z command. You can create automated commands using this instruction: Read More...
Posted Monday, March 10, 2008 3:31 AM by Roberto Farah | 1 Comments
Filed under:

Special Command: Using ~, the Thread Identifier

When debugging, most of the time, you have to see all stacks for all threads or to set the context for a specific thread in order to analyze it. To do that you use the ~ command. According to the WinDbg documentation we have: Thread identifier Description Read More...
Posted Wednesday, March 05, 2008 8:57 AM by Roberto Farah | 1 Comments

Special Command: Using ??, @@c++() and poi() with C/C++ Expressions

I really like using C/C++ expressions from WinDbg. It’s a natural way to extract information from C and C++ applications if you know these programming languages; therefore, I think it’s useful to share how to do this. First, let’s talk about poi(). poi() Read More...
Posted Tuesday, March 04, 2008 8:26 AM by Roberto Farah | 6 Comments

Special Command: Advanced Symbol Searching Using x.

This is yet another command that has powerful capabilities. It’s very flexible, too. You can use different parameter s combinations; though, I recommend you look at or check the WinDbg documentation if you want to explore other variations. Again I’m going Read More...
Posted Sunday, March 02, 2008 6:58 PM by Roberto Farah | 2 Comments
 
Page view tracker