hi all,
I am new to dump analysis , i want to check status of system timer interrupt
from the memory.dmp file, which windbg command is there to check it.
thanks in advance.
hi all,
I am new to dump analysis , i want to check status of system timer interrupt
from the memory.dmp file, which windbg command is there to check it.
thanks in advance.
xxxxx@lge.com wrote:
I am new to dump analysis , i want to check status of system timer interrupt
from the memory.dmp file, which windbg command is there to check it.
I don’t know what you mean by “check status” here. What information are
you trying to get?
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
thanks for reply tim,
i want to know the number of tick count or the time of a system timer from the dump.
System Uptime: 0 days 11:28:30.132 that is spewed on start shows tick count
Kernel base = 0x804d7000 PsLoadedModuleList = 0x80554040
Debug session time: Thu Jun 30 00:23:46.562 2011 (UTC + 5:30)
System Uptime: 0 days 11:28:30.132 <-------------
Loading Kernel Symbols
or you can check !kuser->tickcount
kd> !kuser
_KUSER_SHARED_DATA at ffdf0000
TickCount: fa00000 * 00285788 (0:11:28:30.125)
TimeZone Id: 0
kd> !whattime 00285788
2643848 Ticks in Standard Time: 11:28:30.125s
kd> !whattime fa00000000285788
-432345564224923768 Ticks in Standard Time: 11:28:30.125s
or you can use
kd> !grep -e “Elapsed” -c “!process 0 1 System”
ElapsedTime 11:28:30.132
or you can use
kd> .time
Debug session time: Thu Jun 30 00:23:46.562 2011 (UTC + 5:30)
System Uptime: 0 days 11:28:30.132
or if dump was done with /ma or /mt you can use .ttime
kd> .ttime
Thread times not available
some experts can describe about the 2ec206fd whatever that is
kd> !grep -e “Interrupt time” -c !timer
Interrupt time: 2ec206fd 00000060 [6/30/2011 00:23:46.562]
On 2/9/12, xxxxx@lge.com wrote:
> thanks for reply tim,
>
> i want to know the number of tick count or the time of a system timer from
> the dump.
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
xxxxx@lge.com wrote:
i want to know the number of tick count or the time of a system timer from the dump.
When you bring up Windbg on a memory dump, this is part of the welcome text:
Symbol search path is:
srv*i:\symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.17640.amd64fre.win7sp1_gdr.110622-1506
Machine Name:
Kernel base = 0xfffff80002a1e000 PsLoadedModuleList = 0xfffff800
02c63670
Debug session time: Tue Dec 6 15:57:17.410 2011 (GMT-8)
System Uptime: 0 days 0:32:40.971
Those last two lines tell you the wall clock time and the tick count.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
thanks tim, raj for all your guidance
I also want to hook this timer with my ISR and DPC currently i am not able to acquire resources
for this. is that possible to hook? i clamed the IRQ 8 and port no 70 is that correct ?
hello folks…
m a newbie in driver development…
my team decided to start with driver debugging a mini filter driver before
modifying one…
we have connect host n guest(VM) using windbg, both windows 7
but are not getting how to start debugging the driver code which is on the
VM
To start we are using WDK sample -> Cdo minifilter
Please if any1 cud help
Thank you!
Regards
On Thu, Feb 16, 2012 at 1:47 PM, wrote:
> thanks tim, raj for all your guidance
> I also want to hook this timer with my ISR and DPC currently i am not able
> to acquire resources
> for this. is that possible to hook? i clamed the IRQ 8 and port no 70 is
> that correct ?
>
> —
> WINDBG is sponsored by OSR
>
> For our schedule of WDF, WDM, debugging and other seminars visit:
> http://www.osr.com/seminars
>
> To unsubscribe, visit the List Server section of OSR Online at
> http://www.osronline.com/page.cfm?name=ListServer
>
xxxxx@lge.com wrote:
thanks tim, raj for all your guidance
I also want to hook this timer with my ISR and DPC currently i am not able to acquire resources
for this. is that possible to hook? i clamed the IRQ 8 and port no 70 is that correct ?
You can’t do that. Those resources are already owned by the operating
system.
What do you hope to achieve? There are better (supported) ways of doing
this.
–
Tim Roberts, xxxxx@probo.com
Providenza & Boekelheide, Inc.
This doesn’t even make any sense. The “system timer” is not something you
have direct access to, and just because you happen to know a port ID and
IRQ level doesn’t help in the slightest. Keep away from this. Really far
away.
joe
thanks tim, raj for all your guidance
I also want to hook this timer with my ISR and DPC currently i am not able
to acquire resources
for this. is that possible to hook? i clamed the IRQ 8 and port no 70 is
that correct ?
WINDBG is sponsored by OSR
For our schedule of WDF, WDM, debugging and other seminars visit:
http://www.osr.com/seminarsTo unsubscribe, visit the List Server section of OSR Online at
http://www.osronline.com/page.cfm?name=ListServer