Ctrl-S SRV*\barney\DebugSymbols*http://msdl.microsoft.com/download/symbols

Ctrl-P c:\SourceGIT\CTArchitect\CTArchitect

Ctrl-I \barney\DATA\Versies\CTArchitect\10.0.0.31 l

.load wow64exts .effmach x86

From http://stackoverflow.com/questions/1857468/mscorjit-overlaps-mscoree-when-using-windbg

lm vm ctarchitect /==> 10.3.3.17/

git checkout CTArchitect-v10.3.3.17

.srcpath c:\SourceGIT\CTArchitect\CTArchitect .srcpath+ c:\SourceGIT\CTArchitect\CTDesign .srcpath+ c:\SourceGIT\CTArchitect\ESP .srcpath+ c:\SourceGIT\CTArchitect\HWClient .srcpath+ c:\SourceGIT\CTArchitect\CTNode .srcpath+ c:\SourceGIT\CTArchitect\ProjectCopy

.srcpath c:\SourceGIT\CTArchitect2\CTArchitect .srcpath+ c:\SourceGIT\CTArchitect2\CTDesign .srcpath+ c:\SourceGIT\CTArchitect2\ESP .srcpath+ c:\SourceGIT\CTArchitect2\HWClient .srcpath+ c:\SourceGIT\CTArchitect2\CTNode .srcpath+ c:\SourceGIT\CTArchitect2\ProjectCopy

.srcpath c:\SourceGIT\CTArchitect3\CTArchitect .srcpath+ c:\SourceGIT\CTArchitect3\CTDesign .srcpath+ c:\SourceGIT\CTArchitect3\ESP .srcpath+ c:\SourceGIT\CTArchitect3\HWClient .srcpath+ c:\SourceGIT\CTArchitect3\CTNode .srcpath+ c:\SourceGIT\CTArchitect3\ProjectCopy

.srcpath+ c:\SourceGIT\ContactCentre2\Supervisor .srcpath+ c:\SourceGIT\ContactCentre2\Cca

.sympath SRV*\greatgazoo\DebugSymbols*https://msdl.microsoft.com/download/symbols

.sympath SRV*\greatgazoo\DebugSymbols

.sympath cache\greatgazoo\DebugSymbols;srvhttps://msdl.microsoft.com/download/symbols

.sympath+ C:\Problems\20151104 Crash CTArchitect .sympath+ \compile\builds\CTArchitect\10.4.1.0-423

.exepath \compile\builds\CTArchitect\10.4.1.0-423 .exepath C:\Problems\20151104 Crash CTArchitect .exepath \greatgazoo\data\versies\CTArchitect\10.3.5.23

normally not needed: !sym noisy

.reload

#force loading of "deferred" symbols ld *

.srcpath c:\ContactCentre\CCA .sympath+ SRV*\barney\DebugSymbols*http://msdl.microsoft.com/download/symbols .exepath \barney\DATA\Versies\CCA\5.3.3.42 .reload

Load ATLMFC source code

.sympath c:\windows\symbols\dll .sympath+ SRV*\greatgazoo\DebugSymbolshttp://msdl.microsoft.com/download/symbols .srcpath C:\Program Files (x86)\Microsoft Visual Studio 10.0\VC\atlmfc .reload lm m mfc ==> should say "private pdb symbols"

http://stackoverflow.com/questions/15031271/stepping-into-mfc-source-code-with-windbg

Extral logging? .srcnoisy 3

// Software for Bram (automated build) \barney\DATA\Internal Testing .srcpath c:\SourceGIT\CTArchitect\CTArchitect .sympath SRV*\barney\DebugSymbols*http://msdl.microsoft.com/download/symbols;\\barney\DATA\Internal Testing .exepath \barney\DATA\Internal Testing

.srcpath c:\SourceGIT\CTArchitect\CTArchitect .srcpath+ c:\SourceGIT\CTArchitect\CTDesign .srcpath+ c:\SourceGIT\CTArchitect\CTNode .sympath c:\SourceGIT\CTArchitect\CTArchitect\Release .sympath+ c:\SourceGIT\CTArchitect\CTDesign\Release .sympath+ c:\SourceGIT\CTArchitect\CTNode\Release .sympath+ SRV*\barney\DebugSymbols*http://msdl.microsoft.com/download/symbols .exepath c:\SourceGIT\CTArchitect\CTArchitect\Release .exepath+ c:\SourceGIT\CTArchitect\CTDesign\Release .exepath+ c:\SourceGIT\CTArchitect\CTNode\Release

Symbol troubles: Force load: .reload /i hwclient.exe ??? .reload /f @"C:\Program Files\MI4C\HardwareClient\HWClient.exe" lm

!analyze -v

!uniqstack

From http://theartofdev.com/windbg-cheat-sheet/

Local variable inspection: dv / dt

#show variable dx (*((CTArchitect!ExtSpeechInfo *)0xa50f498))

// list nearest symbol ln

Memory usage

!address -summary

cd 'C:\SourceGIT\CTArchitect2' Import-Module PowerDbg $dump = 'C:\Problems\20150714\HWClient.exe__VINF-CTA1_2015-07-10_12-41-14.mdmp' $module='hwclient' New-DbgSession -dump $dump Invoke-DbgCommand "lm vm $module" $version = (Invoke-DbgCommand "lm vm $module" | where {$_ -match 'File version'}) -replace '.File version:\s([^\s]+).', '$1' git checkout $module-v$version $cmd = ".srcpath $(Resolve-Path .$module)"; $cmd; Invoke-DbgCommand $cmd $cmd = ".sympath SRV\barney\DebugSymbols*http://msdl.microsoft.com/download/symbols"; $cmd; Invoke-DbgCommand $cmd $cmd = ".exepath \barney\DATA\Versies$module$version"; $cmd; Invoke-DbgCommand $cmd Invoke-DbgCommand ".reload" Invoke-DbgCommand "!analyze -v"

Exit-DbgSession

ON COMPILE C:\Source10.3.5
.srcpath c:\Source10.3.5\CTArchitect .srcpath+ c:\Source10.3.5\CTDesign .srcpath+ c:\Source10.3.5\ESP .srcpath+ c:\Source10.3.5\HWClient .sympath SRV*\barney\DebugSymbols*http://msdl.microsoft.com/download/symbols .sympath+ C:\Source10.3.5\HWClient\Release .exepath C:\Source10.3.5\HWClient\Release

.reload

Exception records

https://support.microsoft.com/en-us/kb/313109 
~*kb
==> search "UnhandledExceptionFilter" e.g. thread 1

~1s
Kb

05 0b2af720 74f6f775 0b2af7dc 00000001 dd4a750c kernel32!BasepReportFault+0x19
06 0b2af7ac 7722f154 0318e7ac 771c0830 0b2affdc KERNELBASE!UnhandledExceptionFilter+0x1f4
07 0b2affdc 771dab5a ffffffff 771bfff5 00000000 ntdll!__RtlUserThreadStart+0x545f4

==> arg first param
dd <first param>

0:001> dd 0318e7ac 
0318e7ac  0318e8e8 0318e938 77b2b930 00000001
0318e7bc  77b2b920 00bd112c 0318e7e4 77b6d6c0
0318e7cc  77bd3250 77b12d20 0318e8e8 0318ffcc
0318e7dc  0318e938 0318e874 0318e808 77b10581
 
.exr 0318e8e8 
.cxr 0318e938

.load wow64exts .effmach x86 lm vm ctarchitect .srcpath c:\SourceGIT\CTArchitect2\CTArchitect .srcpath+ c:\SourceGIT\CTArchitect2\CTDesign .srcpath+ c:\SourceGIT\CTArchitect2\ESP .srcpath+ c:\SourceGIT\CTArchitect2\HWClient .srcpath+ c:\SourceGIT\CTArchitect2\CTNode .srcpath+ c:\SourceGIT\CTArchitect2\ProjectCopy .sympath SRV*\greatgazoo\DebugSymbols*https://msdl.microsoft.com/download/symbols .exepath C:\Problems\20160906 Bram CTArchitect crash .sympath+ C:\Problems\20160906 Bram CTArchitect crash !analyze -v

$dmp = 'C:\Problems\20160906 Bram CTArchitect crash\ctarchitect.exe(1).2076.dmp' . 'C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\cdb.exe' -z "$dmp" -c '$$<c:\temp\windbg.txt;Q' dir 'C:\Problems\20160906 Bram CTArchitect crash\*.dmp' | foreach { $dmp = $_; . 'C:\Program Files (x86)\Windows Kits\10\Debuggers\x64\cdb.exe' -z "$dmp" -c '$$<c:\temp\windbg.txt;Q' > "$dmp.analyze" }

WimObiwan/WinDbg.md