Re: Defrag Tools: #29 - WinDbg - ETW Logging
Why I can't debug IE activex in WOW64? do you know how to debug it with windbg?posted by land
View ArticleClik here to view.
Re: Defrag Tools: #29 - WinDbg - ETW Logging
Finally you touch my number 1 tool/topic ETW [20:35] - Disable Paging Executivethis is only needed for x64 Windows version to get CallStacks/Stackwalking (the data to walk the call chains is saved...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@land: We talked about your question in #30, but here are a few tips:Make sure the debugger arch matches the target (use the x86 debugger in this case) Make sure you are debugging the child IE ptocess,...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@s3curityConsult: I don't think you missed it - pretty sure I never pointed that out. The buffers are pool memory in the kernel, so you need a kernel (2) or complete (1) dump. Kernel is the default up...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
I may have missed something but what kind of dump does it have to be to use these commands, minidump is not supported, correct? so it has to be a full dump? I am sorry if I did not pay enough attention...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@loverboy: WPRUI works on Win7 too (not supported, but it works).@loverboy: kernel.etl is the kernel mode buffers, user.etl (not made here) would be the user mode buffers. The result.etl is the merge...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Sorry for double posting, but what is the difference between result.etl and kernel.etl (that is bigger and automatically appears in my C:\ folder)?posted by loverboy
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Wow!Thanks a lot, that's what I needed ;)Since I have Windows 7 64bit I don't think I can use WPRUI.exe (Am I right?)Thanks anyway posted by loverboy
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@loverboy: This script will capture a lot of cool data. You can get roughly the same data using the default options in WPRUI.exe.@echo off echo Press a key when ready to start... pause echo . echo...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Since I cannot create a .etl file with significant content, could you please post an example with lots of content inside?So that we can play with it using xperfview?Thanks in advanceposted by loverboy
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@loverboy: I always use the 64bit version for all traces - don't recall ever having an issue. If the stack includes CLR code, you won't get the function names regardless of archectural...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Thanks.Talking about WPA(and/or XPerfView) ... when you analyze on a 64bit PC a .etl taken on a 32bit machine, do you have to use the 32bit version (like windbg) or on a 64bit PC you have to use WPA or...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Sorry.Problem solved (I think it was just a temporary problem, since there was no result.etl file anywhere)posted by loverboy
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
The bat file doesn't work anymoreNow it gives an errorC:\Program Files\Windows Performance Toolkit>Recording_Example.batPress a key when ready to start...Premere un tasto per continuare . ....
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@loverboyerror 0xb7 occurs when you already run a tool which odes ETW tracing (ResMon,...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Debugging a BSOD due to a bug in Windows 8 64 bit (process MSSE a.k.a. Windows defender during quick scan, driver ndis.sys, error ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY, can reproduce 100% on my...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@Const: Email me (defragtools@microsoft.com) to organize a way for you to send me the dump.posted by windev
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@Const: Email me (defragtools@microsoft.com) to organize a way for you to send me the dump.posted by windev
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
@loverboyerror 0xb7 occurs when you already run a tool which odes ETW tracing (ResMon,...
View ArticleRe: Defrag Tools: #29 - WinDbg - ETW Logging
Debugging a BSOD due to a bug in Windows 8 64 bit (process MSSE a.k.a. Windows defender during quick scan, driver ndis.sys, error ATTEMPTED_EXECUTE_OF_NOEXECUTE_MEMORY, can reproduce 100% on my...
View Article