http://msdn.microsoft.com/en-us/library/5a4x27ek.aspx
Install Windows Software Development Kit (SDK) for Windows 8
http://msdn.microsoft.com/en-US/windows/hardware/hh852363
Details:
http://support.microsoft.com/kb/315263/en-us?wa=wsignin1.0
symbol search path > http://msdl.microsoft.com/download/symbols
image source path > z:
my z: is the windows folder of a windows 2003 server installation because my dump is from windows 2003 server.
| Placeholder | Explanation |
|---|---|
| SymbolPath | Either the local path where the symbol files have been downloaded or the symbol server path, including a cache folder. Because a small memory dump file contains limited information, the actual binary files must be loaded together with the symbols for the dump file to be correctly read. |
| ImagePath | The path of these files. The files are contained in the I386 folder on the Windows XP CD-ROM. For example, the path may be C:\Windows\I386. |
| DumpFilePath | The path and file name for the dump file that you are examining. |
Using command-line
- Go to C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x86 directory (in 32bits machine)
Example
- C:\Program Files (x86)\Windows Kits\8.0\Debuggers\x86> kd -y srv*c:\symbols*http://msdl.microsoft.com/download/symbols -i z:\ -z E:\my_dump_files\MEMORY.DMP
After the first info you can go deep writing:
- !analyze -v
To exit
- q
Using win app:
Start > all programs > windows kits > debugging tools for windows > windbg
File > symbol search path > http://msdl.microsoft.com/download/symbols
File > image source path > z:
click !analyze -v for deep analysis
No comments:
Post a Comment