Last active
October 21, 2023 01:33
-
-
Save mooware/b7aa08f18e397e179bff to your computer and use it in GitHub Desktop.
print lots of windows minidump information with CDB
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| @echo off | |
| :: used cdb commands: | |
| :: !sym noisy -> prints verbose output when searching PDBs | |
| :: .symopt+0x40 -> accept mismatching PDBs | |
| :: .lines -e -> enable source file and line information | |
| :: .kframes 100 -> set max number of display stack frames to 0x100 | |
| :: lmv -> list all loaded modules with version information | |
| :: | -> show process status | |
| :: !peb -> show process environment block (command line arguments, environment variables) | |
| :: !analyze -vp -> analyze and display exception information | |
| :: .ecxr;kp -> if there is an exception, print the callstack | |
| :: !uniqstack -vp -> print callstacks of all threads | |
| :: !gle -all -> GetLastError() and NT STATUS of all threads | |
| :: q -> quit | |
| set BINPATH=. | |
| set SYMCACHE=D:\SymbolCache | |
| cdb -i %BINPATH% -y ".;cache*%SYMCACHE%;SRV*http://msdl.microsoft.com/download/symbols" -c "!sym noisy;.symopt+0x40;.lines -e;.kframes 100;.echo ***** module info *****;lmv;.echo ***** process info *****;|;!peb;!analyze -vp;.ecxr;kp;!uniqstack -vp;!gle -all;q" -z %1 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment