windbg command notes

Others 2019-07-05 12:20:31 views: null

The basic command yuan command extensions Command

g go running
vertarget show Windows version on the target computer system
lm (List Loaded Modules) command to display the module is loaded, you can verify that you are using the correct kernel mode processes.
Details of a particular module lm vm tcpip request, v use shown (in detail) option.


.dump / ma FileName create a dump file

.cls clear screen
.hh get help
 
! cpuinfo show information CPU
! running thread information displayed on all CPU running
! devobj viewing device object
! lmi extension displays detailed information about a module. The! LMI echo
! DH expanded to show header information. The! DH echo
! 0. 1 See the devnode all device nodes in the tree Plug and Play device! 0 the devnode. 1
! 0. 1 the devnode echo Echo loading device driver, plug and play information to display Echo associated device driver

bu command is a symbol for the breakpoint. For example, bu MyApp! SomeFunction set a breakpoint, the breakpoint can not be resolved when the module is unloaded, re-enable the breakpoint re-loadable module.
bp command in an address at a breakpoint, you can bp 0x7783FEB can also bp MyApp! SomeFunction set breakpoints, unload it when the module will activate the breakpoint.
bm ECHO! EchoEvtDeviceAdd // bm command to set a breakpoint, the command uses the driver name, followed by the name of the function to be provided in which the breakpoint (e.g. AddDevice), separated by an exclamation point.
bm symbol set breakpoints. This command will use an appropriate bu or BP, and allows the use of wildcard * to set a breakpoint on all matches (e.g., all the methods of a class) of each symbol.
bl List all breakpoints
bc clear the breakpoint. bc *, clear all breakpoints. bc 1, clean up the No. 1 breakpoint.
bd disable a breakpoint
breakpoint be started to be used by the command bd

X APP! show all the symbol information of APP
x APP! Echo * Show all symbols APP driver beginning Echo associated information
x / D Echo! Echo * with AZ hot links displayed in APP driver beginning Echo Related All symbols associated information

lm m echo * v display information about the driver Echo

Guess you like

Origin blog.csdn.net/u012308586/article/details/94717424
Recommended
NetBSD bans submission of code generated by AI
Ranking
Talk dubbo of LRUCache
Chapter 1 Learning Summary
Introduction to Virtualization
pytorch 调用lstm
Six modules
[8086] The natural number of 1 to 36 into a 6x6 two-dimensional array of line-sequentially, and then print out the lower left half of the triangular array
mybatis mapper mapping file $ # {} {} understanding and
C language input and output buffer
c language floating-point input and output
andorid P version compatible, refer to Huawei
Daily
More
2024-05-18(31)
2024-05-17(6)
2024-05-16(23)
2024-05-15(5)
2024-05-14(9)
2024-05-13(8)
2024-05-12(28)
2024-05-11(32)
2024-05-10(34)
2024-05-09(32)

Code World

© 2018 codetd.com