2009. 4. 29. 13:53
중요하다고 생각하는 것을 codeprojects 에서 가져 왔는데요.
앞으로 더 추가 하겠습니다.
The help file that comes with the WinDbg installation documents commands well, but the following basic commands should get you started:
Feature
|
Command
|
What Does it Do
|
Example / Comments
|
See Also Related Commands
|
Stack trace
|
K, KB x
|
Displays stack trace of current thread (x frames). Kb causes the display to include the first three parameters passed to each function.
|
KP, Kp, or KV
| |
Frame
|
.frame X
| |||
Register watch
|
R
|
Displays register set. reax � displays the eax register.
| ||
Step
|
t
|
Trace = Step into (F11)
| ||
p
|
Step over (F10)
| |||
Step out
|
Shift + F11
| |||
Disassemble
|
u
|
Unassemble next few instructions
| ||
u <start_address>
|
Unassemble instructions at start_address
| |||
u <start_address>
<end_address>
|
Unassemble instructions from start_address till end_address
| |||
Breakpoints
|
Bl
|
List breakpoints.
| ||
be, bd, bc
|
Enable / disable / clear breakpoint.
| |||
bp
|
Set a breakpoint.
| |||
bu
|
Set unresolved breakpoint. Breakpoint is resolved by symbolic name, not absolute address. Use this to set breakpoint at a function whose containing module has not yet been loaded.
|
bu foo
| ||
Comment
|
*
|
Ignores the command
|
* Hello World
| |
Continue
|
G <address_X /symbol>
|
Go. Resumes execution until address_X
| ||
GH
|
Go, exception handled
| |||
GN
|
Go, exception not handled
| |||
Quit
|
Q
| |||
Dumping data
|
dv
|
Display local variables.
|
You need private symbols.
| |
Dd <address>
|
Display dword values at specified address.
|
To see value of anint, DD <addr> L1
| ||
Ds, da (ASCII), du (Unicode)
|
Dump string
| |||
Dt [dt module!typedefadr]
|
Dump type. Will dump the contents of the memory using typedef as a template.
| |||
Change / Edit Values
|
Eb (byte), ed (dword), ea (ASCII), eu (Unicode)
|
Edit value of a variable
| ||
List modules
|
lm
|
List loaded modules
|
Lmi, lml, !dlls
| |
Threads
|
~
|
Lists all threads
| ||
Command on thread n
|
~n<command>
|
Switch to a specific thread by thread-id and execute a command on the thread.
|
~2kb (second thread�s stack)
| |
Search for a symbol in a module
|
X module!<pattern>
|
X blah!*foo*
| ||
Dump
|
.dump
| |||
Source line display
|
.lines
|
Turns on source code display
| ||
ln adr
|
Will show the symbol nearest to that location.
|
- There is no �step out� (Shift+F11). You have to find the return address on the stack manually and use �g adr�. You can find this address by using �k�. If you know the function uses ebp frames you can use �g poi(ebp+4)� to step out.
- To inspect local variables:
- Use the �dv� command.
- Then use the �dt <variablename>� command.
- Note: you may not see correct values if values are stored in registers or due to FPO.
Feature
|
Command
|
What Does it Do
|
Example / Comments
|
See Also Related Commands
|
Vertarget
|
Shows information about the system on which you are debugging.
| |||
Data breakpoint (hardware bp)
|
Ba
[ba r/w/e size adr]
|
Sets a data breakpoint. You can break on read/ write/ execute attempt of a memory location.
|
ba w4 adr
| |
Exceptions
|
.lastevent
|
Displays last exception record
| ||
Exceptions
|
Sx, Sxe, sxd, sxn, sxiexception_X
|
Enable/ disable/ notify-only/ ignore first chance exception /event exception_X.Example of event: module unload/ thread creation.
| ||
Display type
|
Dt
|
Shows struct and field values.
|
Dt x; // x: int
Dt myStruct; // struct myStruct Dt myStruct myVar1; // shows myStruct.myVar1 | |
Reload symbols
|
.reload
|
Reloads symbols using the symbol path you would have set.
| ||
Source lines
|
l+l, l+o, l+s, l+t
|
Source line options
| ||
.ecxr
|
If you had an exception, switches context to faulting context.
| |||
.quit_lock
| ||||
;
|
Command separator
| |||
?
|
Evaluate expression
| |||
|
|
Display process information
| |||
.chain
|
Lists all loaded debugger extensions.
| |||
.echo <string>
|
Echo/ print any string
|
Echo xyz
| ||
.exr <address_x>
|
Display exception record at x.
| |||
.cxr <address_x>
|
Display context record at x.
| |||
.trap
|
Dump a trap frame.
| |||
!locks
|
Thread에서 lock된 개체 확인
| |||
!analyze -v
|
dmp 파일의 오류 분석
|
- !help � help for WinDbg extension commands.
- !load, !unload � to load and unload debugger extension DLLs.
- !handle � displays information about handles owned by processes.
- !peb - shows the PEB (process environment block) including DLL information.
- How can I list all symbols exported by a module?
x <module>!*
- How can I find help for a specific command?
.hh <command>, or <command> /?
- I want a certain application x.exe to run always under WinDbg. How can I configure this?
Create a key named x.exe under �HKLM\Software\Microsoft\Windows NT\currentversion\image file execution options� and add a new string value �Debugger� to it; set its value to the path of windbg.exe.
- I want to do something every time a breakpoint is hit. How can I do that?
The bp command accepts a list of commands as argument that you can execute every time a breakpoint is hit. Example:
bp WindbgEx1!Example3+0x3d "dd [ebp-0x14] L1; .echo hello world;g"
(ref. attached code)
prints the value of a local variable in each iteration of function Example3.
- Can I put a breakpoint that is triggered only once?
Yes:bp /1
- Can I set a breakpoint such that it will start hitting only after k-1 passes?
Yes, bp <address> k
댓글 없음:
댓글 쓰기