DML is a very simple markup language, which helped found based on the existing output of the command and a new command. Many WinDbg command (and command extensions) are supported DML. For example, the following command is lm D, it shows DML output:
In the above command output, when I click "SillyThreadPool" link debugger for me to perform another command lmDvmSillyThreadPool, it displays the module information. Similarly, there is a link that can help me discover the defect module symbols and functions.
the first thing. You do not have to remember a bunch of strange suffix can get DML command output. There is a global switch can be opened, .prefer_dml. 1 , which results in many built-in commands and extended commands dml display output. For example, following is the output after the command to open the switch kn:
When clicked, the link here will switch to the frame and display the source code and local variables (and the command is .frame 0nN; dv / t / v ).
The debugger scripts and extensions can also generate DML output. In the script debugger, just use .printf / D command and DML embedded links. In the debugger extension, you can use IDebugClient :: ControlledOutput function output DML. For example, the following is displayed when you click the link to perform another command:
.printf /D "<exec cmd=\"lm m ntdll\">lm ntdll</exec>\n\n"
I bet you do not know. The application itself can be output DML commands to the debugger! Just use outputDebugStringAPI, embedded therein and magic string <? DML?> . Everything after the magic token DML will be interpreted as a string, and displayed accordingly in the debugger. For example, suppose our applications have the following code:
OutputDebugString(L"Entered thread pool demo app.\n<?dml?><exec cmd=\"!uniqstack\">Dump unique stacks</exec>\n");
然后,调试器遇到此调试输出时将显示命令链接:
下一个命令是.dml_flow。此命令旨在通过将反汇编函数拆分为代码块并帮助使用DML链接在块之间导航,使其更易于读取。你自己试验这个命令比我用语言解释要容易得多,但总的来说,你提供了两个地址——一个开始地址和一个目标地址——这个命令帮助你理解从开始地址可以到达目标的代码路径。
与DML有关的最后一个命令是discovery命令,.DML_start。此命令接受一个包含许多DML链接和命令描述的文件,并将其显示在调试器窗口中(这与命令浏览器窗口结合使用非常方便)。例如,假设您有以下文件:
Load SOS according to the CLR version that is currently in the process.
<link cmd=".loadby sos clr; .loadby sos mscorwks">Load SOS</link>
Display the last event and CLR exception.
<link cmd=".lastevent">Last debugger event</link>
<link cmd="!PrintException">Last CLR exception</link>
Display the CLR call stack for a specific thread.
<b>~<i>N</i>s; !CLRStack</b>
Example: <link cmd="~0s; !CLRStack">~0s; !CLRStack</link>
执行.browse.dml_start dn.dml会产生以下结果:
这是一个方便的命令浏览器,您可以使用它开始调查。我还认为它对于解释您在dump分析会话中所采取的步骤非常有用