Debugging
-
Lauterbach Basics
[penci_video url=”https://www.youtube.com/watch?list=PLlgTI9rjcm35NUgKufepfqgn6Fd4zBe88&v=47wPfpn-nGs” align=”center” width=”800″ /]
Read More » -
Forcing Symbols to match in WinDbg
Use the Microsoft Symbol Server to obtain debug symbol files http://support.microsoft.com/kb/311503 other useful commands: !symfix .reload !analyze -v !sym noisy…
Read More » -
Setting Symbols in WinDbg
The symbol path specifies locations where the Windows debuggers (WinDbg, KD, CDB, NTST) look for symbol files. Microsoft OS symbols are…
Read More » -
0x9F BugCheck with Param 3? Here is how you go about it
This post is for driver or kernel developers/enthusiasts who have encountered a Blue Screen of Death on Windows where the bugcheck…
Read More » -
Dumping a module’s memory space (via WinDbg)
The command .WRITEMEM allows us to save memory into a disk file. The cool thing about it is that we…
Read More » -
User profile corruption in the registry [REGISTRY_ERROR (51)]
REGISTRY_ERROR (51) Something has gone badly wrong with the registry. If a kernel debugger is available, get a stack trace.…
Read More » -
Stuck in the Apps Debug mode for a Kernal Crash dump?
!wow64exts.sw Switches between x86 and native mode. I’d like to introduce you to how to switch to a kernal…
Read More » -
Creating a memory dump along with symbols using WinDbg
We can create a dump file from a running application or active driver crash using WinDbg. After the dump file…
Read More » -
Integer Divide by Zero leading to UNEXPECTED_KERNEL_MODE_TRAP (0x7f)
It is easily recognizable in process crash dumps by the processor instruction that caused this exception type (DIV or IDIV):…
Read More »