Livekd documentation and tutorials
https://stackoverflow.com/questions/10243022
-
02-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianسؤال
I know LiveKd is a tool to create dumps for analysis.
Can someone help me with some links that help me learn how to use LiveKd?
المحلول
LiveKD is a sysinternals application that sits on top of WinDbg and kd so a lot of the output is the same but it provides live updating so I agree with snoone and his recommendations. You are recommended to seek out Windows Internals, Advanced Windows Debugging, Windows Debugging Notebook and the following websites: http://www.dumpanalysis.org/blog/, http://blogs.msdn.com/b/tess/, http://blogs.msdn.com/b/ntdebugging/
نصائح أخرى
The absolute best starting point is the Windows Internals book. Read it from front to back and follow the WinDBG related examples included, all of which use LiveKD in some way.
Though, in the end, working with LiveKD is (effectively) the same as analyzing a full memory dump in WinDBG. Thus, you'll find a lot of information by searching around for WinDBG tutorials. Then you can come back with more specific questions about what you're trying to analyze. As a starting point, I have a column in The NT Insider called, "Analyst's Perspective" where I cover lots of WinDBG related things:
http://www.osronline.com/section.cfm?section=17
And I try to cover a broad range of WinDBG debugging related topics on my blog (http://analyze-v.com)
