24 Jun
2006
24 Jun
'06
9:34 a.m.
On 6/24/06, James Hawkins truiken@gmail.com wrote:
Ah, didn't know about that tool. You learn something new every day.
didn't know about that tool too. sounds interesting.
usually I do something like:
// reduce log size: egrep -v 'RtlFreeHeap|RtlAllocateHeap|trace:syslevel:_Enter|trace:syslevel:_Leave|Ret kernel32.MultiByteToWideChar|Ret ntdll.RtlUpperChar' all.txt > all2.txt
// add line numbering: (to back-trace interesting things) all2.txt > all.txt grep -n ''
// filter out interesting things: (manually add more interesting finds later) egrep ':loaddll:|:ntoskrnl:|:warn:|Unable to|fixme' all.txt > all_interesting.txt
Jaap.