WinDbg and file associations Explorer context menu

Others 2020-03-21 09:53:36 views: null

For a long time, I have to create a registry file context menu item WinDbg. These entries allow you to select x86 or x64 debugger. Within the company, I have another version of the registry file, which contains two additional context menu item private symbol server. You can see all four options I added internally in this screenshot.

 

Note that the registry file is assumed WinDBG installed in c: \ debuggers _x86 and c: \ Debugger (respectively for x86 and AMD64 debugger).

Symbol Path registry entry passed Microsoft public symbol server (http://msdl.Microsoft.com/download/symbols) and Microsoft dedicated symbols server. In both cases, the symbols are linked by SRV * in the local cache (for example, c: \ symbols). Entry system and structure are very similar, this technique gives you a quick way to sign between the public and private switching (in my case). Transmission symbol path, instead -NT_symbol_path environment variables, is the only way to circumvent embodied WinDBG made. If the environment variable, the variable will pass in front of the symbol path. This means you can still use the PATH environment variable rather than the transmission path. I admit that this is a problem, people need the support of two symbols shops and the vast majority of people, the environment variable is a better way to do it. If you do, simply delete the -y part of the command line.

Registry file association to dump all variables, including the reflection dump file (* .ini). Dump and reflection may be used ProcDump -r switch (e.g. ProcDump.exe-r-ma notepad.exe) performed. Currently, I'm using Visual Studio 2010 to get the key icon, and open the dump is still supported in Visual Studio by Open entry (I do not know why you want to do).
Another thing I do is load your usual debugger extension. In this (example) registry file, I just pass the -a switch (for the MSDN Magazine debugging extension API to create a series of) a contained its own extension (myext.dll). If you want to load more content, simply include multiple -a myext.dll entries in the command line. (Also note that if you perform the same operation on cdb, you can not leave spaces between -a and dll name). In my personal version, I loaded the six expansion.
One thing you might consider is to add -WX switch to override the default workspace. I personally follow their own favorite way to set the default workspace (command window is docked, maximized WinDbg on the main monitor, set the font color for each text type), and used as a template for each new debugging session. So I do not want to use the -WX switch (which is a double negative), because I want to apply workspace. However, if you want to always use "out of the box" default values, add -WX switch.

Windows Registry Editor Version 5.00

[HKEY_CLASSES_ROOT\.dmp]
@="VisualStudio.dmp.10.0"

[HKEY_CLASSES_ROOT\.hdmp]
@="VisualStudio.dmp.10.0"

[HKEY_CLASSES_ROOT\.mdmp]
@="VisualStudio.dmp.10.0"

[HKEY_CLASSES_ROOT\.kdmp]
@="VisualStudio.dmp.10.0"

[HKEY_CLASSES_ROOT\.ini]
@="VisualStudio.dmp.10.0" 

[HKEY_CLASSES_ROOT\VisualStudio.dmp.10.0\shell]
@="WinDbg_x64_public"

[HKEY_CLASSES_ROOT\VisualStudio.dmp.10.0\shell\WinDbg_x86_public]
@="Open with WinDbg x86 (Public)"

[HKEY_CLASSES_ROOT\VisualStudio.dmp.10.0\shell\WinDbg_x86_public\Command]
@="\"C:\\Debuggers_x86\\windbg.exe\" -z \"%1\" -a myext.dll -y \"SRV*C:\\Symbols*http://msdl.microsoft.com/download/symbols\\

[HKEY_CLASSES_ROOT\VisualStudio.dmp.10.0\shell\WinDbg_x64_public]
@="Open with WinDbg x64 (Public)"

[HKEY_CLASSES_ROOT\VisualStudio.dmp.10.0\shell\WinDbg_x64_public\Command]
@="\"C:\\Debuggers\\windbg.exe\" -z \"%1\" -a myext.dll -y \"SRV*C:\\Symbols*http://msdl.microsoft.com/download/symbols\\

WinDbg Support

I always knew there is a WinDbg -I (which is a capital I) switches to set it as the (automatic) after the death of the debugger. This pace with Dr.Watson, he also has the same choice. Interestingly, you can do this twice association on 64-bit versions of Windows (-I run on x86 and x64 versions of the debugger WinDbg). By providing two, x64 to x64 debugger failure (by key HKLM AeDebug), debugger for x86 x86 failure (by key HKLM WOW64 AeDebug). (Very convenient for those extensions issues unrelated to architecture.)

  • HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\AeDebug
  • HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AeDebug

Note that there is no built-in method -I will WER settings to default values.
Today, I found WinDbg can also do file associations! WinDbg.exe support -IA switch to register file associations. -I -I a list of options and the WinDbg command line file Debugger.chm theme; however brief description of -IA a bit.

In order to clarify -IA actually did what I ProcMon recorded its execution. From the c: \ Debugger upgrade WinDbg.exe-IA running generates the following screen shots and log files ProcMon (mass screening has been applied).

 

8:21:12.7253212 PM windbg.exe 7140 RegOpenKey HKCR\.dmp SUCCESS Desired Access: Read, Maximum Allowed
8:21:12.7254430 PM windbg.exe 7140 RegCreateKey HKCR\.dmp SUCCESS Desired Access: All Access
8:21:12.7255690 PM windbg.exe 7140 RegQueryKey HKCR\.dmp SUCCESS Query: Name
8:21:12.7256082 PM windbg.exe 7140 RegQueryKey HKCR\.dmp SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7257391 PM windbg.exe 7140 RegSetValue HKCR\.dmp\(Default) SUCCESS Type: REG_SZ, Length: 36, Data: WinDbg.DumpFile.1
8:21:12.7265370 PM windbg.exe 7140 RegOpenKey HKCR\.hdmp SUCCESS Desired Access: Read, Maximum Allowed
8:21:12.7266420 PM windbg.exe 7140 RegCreateKey HKCR\.hdmp SUCCESS Desired Access: All Access
8:21:12.7275875 PM windbg.exe 7140 RegQueryKey HKCR\.hdmp SUCCESS Query: Name
8:21:12.7276288 PM windbg.exe 7140 RegQueryKey HKCR\.hdmp SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7277548 PM windbg.exe 7140 RegSetValue HKCR\.hdmp\(Default) SUCCESS Type: REG_SZ, Length: 36, Data: WinDbg.DumpFile.1
8:21:12.7282217 PM windbg.exe 7140 RegOpenKey HKCR\.mdmp SUCCESS Desired Access: Read, Maximum Allowed
8:21:12.7283812 PM windbg.exe 7140 RegCreateKey HKCR\.mdmp SUCCESS Desired Access: All Access
8:21:12.7284834 PM windbg.exe 7140 RegQueryKey HKCR\.mdmp SUCCESS Query: Name
8:21:12.7285233 PM windbg.exe 7140 RegQueryKey HKCR\.mdmp SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7286521 PM windbg.exe 7140 RegSetValue HKCR\.mdmp\(Default) SUCCESS Type: REG_SZ, Length: 36, Data: WinDbg.DumpFile.1
8:21:12.7291973 PM windbg.exe 7140 RegCreateKey HKCR\.kdmp SUCCESS Desired Access: All Access
8:21:12.7307581 PM windbg.exe 7140 RegQueryKey HKCR\.kdmp SUCCESS Query: Name
8:21:12.7307980 PM windbg.exe 7140 RegQueryKey HKCR\.kdmp SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7309261 PM windbg.exe 7140 RegSetValue HKCR\.kdmp\(Default) SUCCESS Type: REG_SZ, Length: 36, Data: WinDbg.DumpFile.1
8:21:12.7332358 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.DumpFile.1 SUCCESS Desired Access: All Access
8:21:12.7349016 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1 SUCCESS Query: Name
8:21:12.7349436 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1 SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7350913 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.DumpFile.1\(Default) SUCCESS Type: REG_SZ, Length: 58, Data: WinDbg Post-Mortem Dump File
8:21:12.7373303 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1 SUCCESS Query: Name
8:21:12.7373793 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1 SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7377440 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.DumpFile.1\DefaultIcon SUCCESS Desired Access: All Access
8:21:12.7388456 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\DefaultIcon SUCCESS Query: Name
8:21:12.7388848 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\DefaultIcon SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7390150 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.DumpFile.1\DefaultIcon\(Default) SUCCESS Type: REG_SZ, Length: 64, Data: "C:\debuggers\windbg.exe",-3002
8:21:12.7467553 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1 SUCCESS Query: Name
8:21:12.7474203 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1 SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7477828 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.DumpFile.1\shell SUCCESS Desired Access: All Access
8:21:12.7511046 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell SUCCESS Query: Name
8:21:12.7511515 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7513244 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.DumpFile.1\shell\(Default) SUCCESS Type: REG_SZ, Length: 10, Data: Open
8:21:12.7540113 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell SUCCESS Query: Name
8:21:12.7540540 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7544075 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.DumpFile.1\shell\Open SUCCESS Desired Access: All Access
8:21:12.7556393 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell\Open SUCCESS Query: Name
8:21:12.7556785 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell\Open SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7558143 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.DumpFile.1\shell\Open\(Default) SUCCESS Type: REG_SZ, Length: 12, Data: &Open
8:21:12.7576306 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell\Open SUCCESS Query: Name
8:21:12.7576775 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell\Open SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7580456 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.DumpFile.1\shell\Open\command SUCCESS Desired Access: All Access
8:21:12.7592768 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell\Open\command SUCCESS Query: Name
8:21:12.7593167 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.DumpFile.1\shell\Open\command SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7594629 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.DumpFile.1\shell\Open\command\(Default) SUCCESS Type: REG_SZ, Length: 68, Data: "C:\debuggers\windbg.exe" -z "%1"
8:21:12.7630360 PM windbg.exe 7140 RegCreateKey HKCR\.wew SUCCESS Desired Access: All Access
8:21:12.7641811 PM windbg.exe 7140 RegQueryKey HKCR\.wew SUCCESS Query: Name
8:21:12.7642168 PM windbg.exe 7140 RegQueryKey HKCR\.wew SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7644407 PM windbg.exe 7140 RegSetValue HKCR\.wew\(Default) SUCCESS Type: REG_SZ, Length: 38, Data: WinDbg.Workspace.1
8:21:12.7677107 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.Workspace.1 SUCCESS Desired Access: All Access
8:21:12.7688110 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1 SUCCESS Query: Name
8:21:12.7688488 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1 SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7690853 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.Workspace.1\(Default) SUCCESS Type: REG_SZ, Length: 44, Data: WinDbg Workspace File
8:21:12.7708855 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1 SUCCESS Query: Name
8:21:12.7709275 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1 SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7712446 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.Workspace.1\DefaultIcon SUCCESS Desired Access: All Access
8:21:12.7722720 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\DefaultIcon SUCCESS Query: Name
8:21:12.7723098 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\DefaultIcon SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7724169 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.Workspace.1\DefaultIcon\(Default) SUCCESS Type: REG_SZ, Length: 64, Data: "C:\debuggers\windbg.exe",-3002
8:21:12.7742535 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1 SUCCESS Query: Name
8:21:12.7742990 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1 SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7746364 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.Workspace.1\shell SUCCESS Desired Access: All Access
8:21:12.7784159 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell SUCCESS Query: Name
8:21:12.7784565 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7785895 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.Workspace.1\shell\(Default) SUCCESS Type: REG_SZ, Length: 10, Data: Open
8:21:12.7806080 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell SUCCESS Query: Name
8:21:12.7806528 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7809825 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.Workspace.1\shell\Open SUCCESS Desired Access: All Access
8:21:12.7821576 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell\Open SUCCESS Query: Name
8:21:12.7821933 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell\Open SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7823025 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.Workspace.1\shell\Open\(Default) SUCCESS Type: REG_SZ, Length: 12, Data: &Open
8:21:12.7840075 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell\Open SUCCESS Query: Name
8:21:12.7840460 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell\Open SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7856271 PM windbg.exe 7140 RegCreateKey HKCR\WinDbg.Workspace.1\shell\Open\command SUCCESS Desired Access: All Access
8:21:12.7869639 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell\Open\command SUCCESS Query: Name
8:21:12.7870052 PM windbg.exe 7140 RegQueryKey HKCR\WinDbg.Workspace.1\shell\Open\command SUCCESS Query: HandleTags, HandleTags: 0x0
8:21:12.7871508 PM windbg.exe 7140 RegSetValue HKCR\WinDbg.Workspace.1\shell\Open\command\(Default) SUCCESS Type: REG_SZ, Length: 70, Data: "C:\debuggers\windbg.exe" -WF "%1"

I use the same technology registered regsitry file context menu - it uses the shell commands in HKCR hive. As I dump associated registry files useful because only a debugger support, and it skips * .ini files, but it does the associated workspace file. I personally never driven workplace, but if you had one, this could be a good thing.

So what I will do on my system from now? I will run on my x64 debugger WinDbg.exe-IA, and then run WinDbg.exe-I on x64 and x86 debugger, and then run the registry script, in order to provide greater flexibility in the way they load dump sex (and file types supported). By the way, if you do after you find you do not get the context menu, then it is likely your HKCU hive in a "Open With ..." file association. .Dmp find the key and delete it to restore global HKCR configuration.
Note that if you did not intend to debug AeDebug dump, it is best to WER as late debugger (ie, not running -i) and sent for analysis to the problem of Microsoft. This is the best way to solve the problem.

Guess you like

Origin www.cnblogs.com/yilang/p/12524160.html
Recommended
The number of MaxKB GitHub Stars, an open source knowledge base question and answer system based on large language models, exceeded 5,000!
Ranking
Getting the basic concepts of ROS + catkin Profile
Spring Learning (2) --- Assembling Beans in the IoC Container
js to get the src attribute of the image regularly
STM32 is based on CubeIDE and HAL library basics entry study notes: Bluetooth WIFI STM32 connects to Alibaba Cloud
Short video learning - 3, pandas simple use of pivot_table
Print directory of project configuration log, output log
Understand the difference between vi and vim in Linux in 3 minutes
1 + x certificate Web front-end development HTML5 special exercises
mangodb save and insert the difference
7-1 Family tree processing (50 points) (binary tree solution)
Daily
More
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)
2024-05-08(18)
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)

Code World

© 2018 codetd.com