LiveKd v3.0
By Mark Russinovich
Introduction
LiveKD, a utility I wrote for the CD included with Inside Windows 2000, 3rd Edition, is now freely available. LiveKD allows you to run the Kd and Windbg Microsoft kernel debuggers, which are part of the Debugging Tools for Windows package, locally on a live system. Execute all the debugger commands that work on crash dump files to look deep inside the system. See the Debugging Tools for Windows documentation and our book for information on how to explore a system with the kernel debuggers.
While the latest versions of Windbg and Kd have a similar capability on Windows XP and Server 2003, LiveKD works on NT 4 through Server 2003, including x64 versions of Windows, and enables more functionality, such as viewing thread stacks with the !thread command, than Windbg and Kd's own live kernel debugging facility.
Installation
First download and install the Debugging Tools for Windows package from Microsoft's web site:
http://www.microsoft.com/whdc/devtools/debugging/debugstart.mspx
If you install the tools to their default directory of /Program Files/Microsoft/Debugging Tools for Windows, you can run LiveKD from any directory; otherwise you should copy LiveKD to the directory in which the tools are installed.
If you haven't installed symbols for the system on which you run LiveKD, LiveKD will ask if you want it to automatically configure the system to use Microsoft's symbol server (see the Debugging Tools for Windows documentation for information on symbol files and the Microsoft symbol server).
NOTE: The Microsoft debugger will complain that it can't find symbols for LIVEKDD.SYS. This is expected, since I have not made symbols for LIVEKDD.SYS available, and does not affect the behavior of the debugger.
Usage
usage: livekd [-w] [-d] [-k ] [debugger options]
-w
Runs windbg instead of Kd (Kd is the default)
-d
Runs Dumpchk exam instead of Kd (Kd is the default)
-k
Specifices complete path and filename of debugger image to execute
All other options are passed through to Kd/Windbg/Dumpchk. Note: Use Ctrl-Break to terminate and restart the debugger if it hangs.
英文太费劲,来个中文版的吧
1.下载livekd.下面是它的网站:
http://www.microsoft.com/china/technet/sysinternals/utilities/LiveKd.mspx
2.下载并安装WINDBG
http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx
3.安装相应版本的SYMBOLS
http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx
4.设置环境变量:
_NT_SYMBOL_PATH=SRV*c:/symbols*http://msdl.microsoft.com/download/(其中c:/symbols就是步骤3中符号解压到的文件夹路径)
5.重启机器。
6.运行livekd.第一次运行好象要连接网络.但以后运行就不需要连接了.