Defrag Tools #173 - Troubleshooting with the Windows Sysinternals Tools, 2nd Edition

Sign in to queue

The Discussion

  • User profile image
    claudiamcse

    Thank you for sharing! Great video. I look forward to reading the book!

  • User profile image
    Luke

    Hi,

    Have you ever used windgb extention cmkd.dll from http://www.codemachine.com/cmkd.html to extract the first four arguments passed to calls on x64n stacks, like so?
    0:000> !cmkd.stack -p
    Call Stack : 7 frames
    ## Stack-Pointer Return-Address Call-Site
    00 000000a408c7fb28 00007ffda95b1148 ntdll!NtWaitForSingleObject+a
    Parameter[0] = 0000000000000034
    Parameter[1] = 0000000000000000
    Parameter[2] = 0000000000000000
    Parameter[3] = (unknown)
    01 000000a408c7fb30 00007ff7e44c13f1 KERNELBASE!WaitForSingleObjectEx+98
    Parameter[0] = 0000000000000034
    Parameter[1] = 00000000ffffffff
    Parameter[2] = 0000000000000000
    Parameter[3] = 00007ff7e44cba28
    02 000000a408c7fbd0 00007ff7e44c3fed ConsoleApplication2!main+41
    Parameter[0] = (unknown)
    Parameter[1] = (unknown)
    Parameter[2] = (unknown)
    Parameter[3] = (unknown)

    Is this extention safe?

    Thx,
    Luke

  • User profile image
    ChadBeeder

    @Luke: I haven't used that debug extension, but I have met the Codemachine guys, and I have no reason to think it wouldn't work as advertised.

  • User profile image
    Maria​Hamilton

    I use it all the time @Luke. I am mainly analyzing crash dumps rather than debugging live x64 systems, though (it's unusual that a problem only turns up on x64 boxes, so if I have to debug something I tend to do it on an x86 one).

Comments closed

Comments have been closed since this content was published more than 30 days ago, but if you'd like to send us feedback you can Contact Us.