Create an Account
username: password:
 
  MemeStreams Logo

Ntdebugging Blog : Uncovering How Workspaces Work in WinDbg

search

Security Reads
My Blog
My Profile
My Audience
My Sources
Send Me a Message

sponsored links

Security Reads's topics
Arts
Business
Games
Health and Wellness
Home and Garden
Miscellaneous
Current Events
Recreation
Local Information
Science
Society
Sports
Technology

support us

Get MemeStreams Stuff!


 
Ntdebugging Blog : Uncovering How Workspaces Work in WinDbg
Topic: Miscellaneous 1:48 pm EDT, May 10, 2010

Uncovering How Workspaces Work in WinDbg

Author - Jason Epperly

Workspaces have always been a little confusing to me. I knew how to bend them to do what I needed to get the job done, however they still remained a bit mysterious. Recently I decided to sort this out, just so I knew how they worked under the hood. But before I show you my investigation let's discuss the different types of workspaces. Windbg uses several built-in types including Base, User, Kernel, Remote, Processor Architecture, Per Dump, and Per Executable. It also uses named workspaces (or user defined workspaces). When you perform a particular type of debugging (e.g. live user-mode, post-mortem dump analysis etc.) these workspaces are combined into the final environment. Here's a diagram to illustrate the possible combination of workspaces.

Ntdebugging Blog : Uncovering How Workspaces Work in WinDbg



 
 
Powered By Industrial Memetics
RSS2.0