Quantcast
Channel: Comment Feed for Channel 9 - Defrag Tools: #29 - WinDbg - ETW Logging
Browsing all 35 articles
Browse latest View live

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Why I can't debug IE activex in WOW64? do you know how to debug it with windbg?posted by land

View Article



Image may be NSFW.
Clik here to view.

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Finally you touch my number 1 tool/topic ETW [20:35] - Disable Paging Executivethis is only needed for x64 Windows version to get CallStacks/Stackwalking (the data to walk the call chains is saved...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

@land: We talked about your question in #30, but here are a few tips:Make sure the debugger arch matches the target (use the x86 debugger in this case) Make sure you are debugging the child IE ptocess,...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

@s3curityConsult: I don't think you missed it - pretty sure I never pointed that out. The buffers are pool memory in the kernel, so you need a kernel (2) or complete (1) dump. Kernel is the default up...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

I may have missed something but what kind of dump does it have to be to use these commands, minidump is not supported, correct? so it has to be a full dump? I am sorry if I did not pay enough attention...

View Article


Re: Defrag Tools: #29 - WinDbg - ETW Logging

@loverboy: WPRUI works on Win7 too (not supported, but it works).@loverboy: kernel.etl is the kernel mode buffers, user.etl (not made here) would be the user mode buffers. The result.etl is the merge...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Sorry for double posting, but what is the difference between result.etl and kernel.etl (that is bigger and automatically appears in my C:\ folder)?posted by loverboy

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Wow!Thanks a lot, that's what I needed ;)Since I have Windows 7 64bit I don't think I can use WPRUI.exe (Am I right?)Thanks anyway posted by loverboy

View Article


Re: Defrag Tools: #29 - WinDbg - ETW Logging

@loverboy: This script will capture a lot of cool data. You can get roughly the same data using the default options in WPRUI.exe.@echo off echo Press a key when ready to start... pause echo . echo...

View Article


Re: Defrag Tools: #29 - WinDbg - ETW Logging

Since I cannot create a .etl file with significant content, could you please post an example with lots of content inside?So that we can play with it using xperfview?Thanks in advanceposted by loverboy

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

@loverboy: I always use the 64bit version for all traces - don't recall ever having an issue. If the stack includes CLR code, you won't get the function names regardless of archectural...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Thanks.Talking about WPA(and/or XPerfView) ... when you analyze on a 64bit PC a .etl taken on a 32bit machine, do you have to use the 32bit version (like windbg) or on a 64bit PC you have to use WPA or...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Sorry.Problem solved (I think it was just a temporary problem, since there was no result.etl file anywhere)posted by loverboy

View Article


Re: Defrag Tools: #29 - WinDbg - ETW Logging

The bat file doesn't work anymoreNow it gives an errorC:\Program Files\Windows Performance Toolkit>Recording_Example.batPress a key when ready to start...Premere un tasto per continuare . ....

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

@loverboyerror 0xb7 occurs when you already run a tool which odes ETW tracing (ResMon,...

View Article


Re: Defrag Tools: #29 - WinDbg - ETW Logging

Debugging a BSOD due to a bug in Windows 8 64 bit (process MSSE a.k.a. Windows defender during quick scan, driver ndis.sys, error ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY, can reproduce 100% on my...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

@Const: Email me (defragtools@microsoft.com) to organize a way for you to send me the dump.posted by windev

View Article


Re: Defrag Tools: #29 - WinDbg - ETW Logging

@Const: Email me (defragtools@microsoft.com) to organize a way for you to send me the dump.posted by windev

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

@loverboyerror 0xb7 occurs when you already run a tool which odes ETW tracing (ResMon,...

View Article

Re: Defrag Tools: #29 - WinDbg - ETW Logging

Debugging a BSOD due to a bug in Windows 8 64 bit (process MSSE a.k.a. Windows defender during quick scan, driver ndis.sys, error ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY, can reproduce 100% on my...

View Article
Browsing all 35 articles
Browse latest View live




Latest Images