MSDN上关于WinDbg的手册
参考:http://msdn.microsoft.com/en-us/library/windows/hardware/ff540507(v=vs.85).aspx
这是最靠谱的参考了,比.hh要直观。
在Linux上稍作编辑
daniel@daniel-mint ~/windbg $ awk 'BEGIN{maxIndex=0}{idx = index($0, "("); if (idx > maxIndex) maxIndex = idx;}END{print maxIndex}' commands
57
daniel@daniel-mint ~/windbg $ awk 'FS="[()]"{printf("%60s\t%s\n", $1, $2)}' commands > commands_formated
Basic Commands
daniel@daniel-mint ~/windbg $ awk 'FS="[()]"{printf("%60s\t%s\n", $1, $2)}' commands
ENTER (Repeat
$<, $><, $$<, $$><, $$>a< Run Script File
? Command Help
? Evaluate Expression
?? Evaluate C++ Expression
# Search for Disassembly Pattern
|| System Status
||s Set Current System
| Process Status
|s Set Current Process
~ Thread Status
~e Thread-Specific Command
~f Freeze Thread
~u Unfreeze Thread
~n Suspend Thread
~m Resume Thread
~s Set Current Thread
~s Change Current Processor
a Assemble
ad Delete Alias
ah Assertion Handling
al List Aliases
as, aS Set Alias
ba Break on Access
bc Breakpoint Clear
bd Breakpoint Disable
be Breakpoint Enable
bl Breakpoint List
bp, bu, bm Set Breakpoint
br Breakpoint Renumber
bs Update Breakpoint Command
bsc Update Conditional Breakpoint
c Compare Memory
d, da, db, dc, dd, dD, df, dp, dq, du, dw, dW, dyb, dyd Display Memory
dda, ddp, ddu, dpa, dpp, dpu, dqa, dqp, dqu Display Referenced Memory
dds, dps, dqs Display Words and Symbols
dg Display Selector
dl Display Linked List
ds, dS Display String
dt Display Type
dv Display Local Variables
e, ea, eb, ed, eD, ef, ep, eq, eu, ew, eza, ezu Enter Values
f, fp Fill Memory
g Go
gc Go from Conditional Breakpoint
gh Go with Exception Handled
gn, gN Go with Exception Not Handled
gu Go Up
ib, iw, id Input from Port
j Execute If - Else
k, kb, kc, kd, kp, kP, kv Display Stack Backtrace
l+, l- Set Source Options
ld Load Symbols
lm List Loaded Modules
ln List Nearest Symbols
ls, lsa List Source Lines
lsc List Current Source
lse Launch Source Editor
lsf, lsf- Load or Unload Source File
lsp Set Number of Source Lines
m Move Memory
n Set Number Base
ob, ow, od Output to Port
p Step
pa Step to Address
pc Step to Next Call
pct Step to Next Call or Return
ph Step to Next Branching Instruction
pt Step to Next Return
q, qq Quit
qd Quit and Detach
r Registers
rdmsr Read MSR
rm Register Mask
s Search Memory
so Set Kernel Debugging Options
sq Set Quiet Mode
ss Set Symbol Suffix
sx, sxd, sxe, sxi, sxn, sxr, sx- Set Exceptions
t Trace
ta Trace to Address
tb Trace to Next Branch
tc Trace to Next Call
tct Trace to Next Call or Return
th Trace to Next Branching Instruction
tt Trace to Next Return
u Unassemble
uf Unassemble Function
up Unassemble from Physical Memory
ur Unassemble Real Mode BIOS
ux Unassemble x86 BIOS
vercommand Show Debugger Command Line
version Show Debugger Version
vertarget Show Target Computer Version
wrmsr Write MSR
wt Trace and Watch Data
x Examine Symbols
z Execute While
meta commands
daniel@daniel-mint ~/windbg $ awk 'FS="[()]"{printf("%30s\t%s\n", $1, $2)}' meta_commands
.abandon (Abandon
.allow_exec_cmds Allow Execution Commands
.allow_image_mapping Allow Image Mapping
.apply_dbp Apply Data Breakpoint to Context
.asm Change Disassembly Options
.attach Attach to Process
.beep Speaker Beep
.bpcmds Display Breakpoint Commands
.bpsync Synchronize Threads at Breakpoint
.breakin Break to the Kernel Debugger
.browse Display Command in Browser
.bugcheck Display Bug Check Data
.cache Set Cache Size
.call Call Function
.chain List Debugger Extensions
.childdbg Debug Child Processes
.clients List Debugging Clients
.closehandle Close Handle
.cls Clear Screen
.context Set User-Mode Address Context
.copysym Copy Symbol Files
.cordll Control CLR Debugging
.crash Force System Crash
.create Create Process
.createdir Set Created Process Directory
.cxr Display Context Record
.dbgdbg Debug Current Debugger
.detach Detach from Process
.dml_flow Unassemble with Links
.dml_start Display DML Starting Point
.dump Create Dump File
.dumpcab Create Dump File CAB
.dvalloc Allocate Memory
.dvfree Free Memory
.echo Echo Comment
.echocpunum Show CPU Number
.echotime Show Current Time
.echotimestamps Show Time Stamps
.ecxr Display Exception Context Record
.effmach Effective Machine
.enable_long_status Enable Long Integer Display
.enable_unicode Enable Unicode Display
.endpsrv End Process Server
.endsrv End Debugging Server
.enumtag Enumerate Secondary Callback Data
.event_code Display Event Code
.eventlog Display Recent Events
.exepath Set Executable Path
.expr Choose Expression Evaluator
.exptr Display Exception Pointers
.exr Display Exception Record
.extmatch Display All Matching Extensions
.extpath Set Extension Path
.f+, .f- Shift Local Context
.fiber Set Fiber Context
.fiximports Fix Target Module Imports
.flash_on_break Flash on Break
.fnent Display Function Data
.fnret Display Function Return Value
.force_radix_output Use Radix for Integers
.force_tb Forcibly Allow Branch Tracing
.formats Show Number Formats
.fpo Control FPO Overrides
.frame Set Local Context
.help Meta-Command Help
.hh Open HTML Help File
.hideinjectedcode Hide Injected Code
.holdmem Hold and Compare Memory
.idle_cmd Set Idle Command
.ignore_missing_pages Suppress Missing Page Errors
.inline Toggle Inline Function Debugging
.imgscan Find Image Headers
.kdfiles Set Driver Replacement Map
.kframes Set Stack Length
.kill Kill Process
.lastevent Display Last Event
.lines Toggle Source Line Support
.load, .loadby Load Extension DLL
.locale Set Locale
.logappend Append Log File
.logclose Close Log File
.logfile Display Log File Status
.logopen Open Log File
.netuse Control Network Connections
.noshell Prohibit Shell Commands
.noversion Disable Version Checking
.ocommand Expect Commands from Target
.ofilter Filter Target Output
.open Open Source File
.opendump Open Dump File
.outmask Control Output Mask
.pagein Page In Memory
.pcmd Set Prompt Command
.pop Restore Debugger State
.prefer_dml Prefer Debugger Markup Language
.process Set Process Context
.prompt_allow Control Prompt Display
.push Save Debugger State
.quit_lock Prevent Accidental Quit
.readmem Read Memory from File
.reboot Reboot Target Computer
.record_branches Enable Branch Recording
.reload Reload Module
.remote Create Remote.exe Server
.remote_exit Exit Debugging Client
.restart Restart Target Application
.restart Restart Kernel Connection
.rrestart Register for Restart
.scroll_prefs Control Source Scrolling Preferences
.secure Activate Secure Mode
.send_file Send File
.server Create Debugging Server
.servers List Debugging Servers
.setdll Set Default Extension DLL
.shell Command Shell
.show_read_failures
.show_sym_failures
.sleep Pause Debugger
.sound_notify Use Notification Sound
.srcfix, .lsrcfix Use Source Server
.srcnoisy Noisy Source Loading
.srcpath, .lsrcpath Set Source Path
.step_filter Set Step Filter
.suspend_ui Suspend WinDbg Interface
.symfix Set Symbol Store Path
.symopt Set Symbol Options
.sympath Set Symbol Path
.thread Set Register Context
.time Display System Time
.tlist List Process IDs
.trap Display Trap Frame
.tss Display Task State Segment
.ttime Display Thread Times
.typeopt Set Type Options
.unload Unload Extension DLL
.unloadall Unload All Extension DLLs
.urestart Unregister for Restart
.wake Wake Debugger
.write_cmd_hist Write Command History
.writemem Write Memory to File
.wtitle Set Window Title
Kernel Mode Extensions
!ahcache
!alignmentfaults
!analyzebugcheck
!apc
!apicerr
!arbinst
!arbiter
!ate
!bcb
!blockeddrv
!bpid
!btb
!bth
!bugdump
!bushnd
!ca
!callback
!calldata
!can_write_kdump
!cbreg
!cchelp
!chklowmem
!cmreslist
!cpuinfo
!db, !dc, !dd, !dp, !dq, !du, !dw
!dbgprint
!dblink
!dcr
!dcs
!deadlock
!defwrites
!devext
!devhandles
!devnode
!devobj
!devstack
!dflink
!diskspace
!dma
!dpa
!dpcs
!driveinfo
!drivers
!drvobj
!dskheap
!eb, !ed
!ecb, !ecd, !ecw
!ecs
!errlog
!errpkt
!errrec
!exca
!filecache
!filelock
!fileobj
!filetime
!finddata
!findfilelockowner
!for_each_process
!for_each_thread
!fpsearch
!frag
!frozen
!fwver
!gbl
!gentable
!hidppd
!ib, !id, !iw
!icpleak
!idt
!ih
!ihs
!ioresdes
!ioreslist
!iovirp
!ipi
!irp
!irpfind
!irpzone
!irql
!isainfo
!isr
!ivt
!job
!kb, !kv
!loadermemorylist
!lockedpages
!locks (!kdext*.locks)
!logonsession
!lookaside
!lpc
!mca
!memlist
!memusage
!mps
!mtrr
!npx
!ob, !od, !ow
!object
!obtrace
!openmaps
!pars
!pat
!pci
!pciir
!pcitree
!pcm
!pcr
!pcrs
!pfn
!pmc
!pmssa
!pnpevent
!pocaps
!pool
!poolfind
!poolused
!poolval
!popolicy
!pplookaside
!ppmidle
!ppmidleaccounting
!ppmperf
!ppmperfpolicy
!ppmstate
!prcb
!process
!processfields
!processirps
!psp
!pte
!pte2va
!ptov
!qlocks
!ready
!reg
!regkcb
!rellist
!ruleinfo
!running
!scm
!search
!searchpte
!sel
!session
!smt
!spoolsum
!spoolused
!sprocess
!srb
!stacks
!swd
!sysinfo
!sysptes
!thread
!threadfields
!time
!timer
!tokenfields
!trap
!tss
!tz
!tzinfo
!ubc
!ubd
!ube
!ubl
!ubp
!urb
!vad
!vad_reload
!validatelist
!verifier
!vm
!vpb
!vpdd
!vtop
!walklist
!wdmaud
!whattime
!whatperftime
!whea
!wsle
!xpoolmap
!zombies
general extensions
!acl
!address
!analyze
!asd
!atom
!bitcount
!chksym
!chkimg
!cppexr
!cpuid
!cs
!cxr
!dh
!dlls
!dml_proc
!dumpfa
!elog_str
!envvar
!error
!exchain
!exr
!findxmldata
!for_each_frame
!for_each_function
!for_each_local
!for_each_module
!for_each_register
!gflag
!gle
!gs
!handle
!heap
!help
!homedir
!hstring
!hstring2
!htrace
!imggp
!imgreloc
!kuser
!list
!lmi
!mui
!net_send
!obja
!owner
!peb
!rebase
!rtlavl
!sd
!sid
!slist
!std_map
!stl
!str
!sym
!symsrv
!teb
!tls
!token
!tp
!triage
!ustr
!version
!winrterr
user mode extensions
!avrf
!critsec
!dp (!ntsdexts.dp)
!dreg
!dt
!evlog
!findstack
!gatom
!igrep
!locks (!ntsdexts.locks)
!mapped_file
!runaway
!threadtoken
!uniqstack
!vadump
!vprot
MSDN上关于WinDbg的手册的更多相关文章
- WinDbg 命令三部曲:(一)WinDbg 命令手册
本文为 Dennis Gao 原创技术文章,发表于博客园博客,未经作者本人允许禁止任何形式的转载. 系列博文 <WinDbg 命令三部曲:(一)WinDbg 命令手册> <WinDb ...
- WinDbg 命令手册
WinDbg 命令三部曲:(一)WinDbg 命令手册 本文为 Dennis Gao 原创技术文章,发表于博客园博客,未经作者本人允许禁止任何形式的转载. 系列博文 <WinDbg 命令三部 ...
- 零宽度正预测先行断言是什么呢,看msdn上的官方解释定义
最近为了对html文件进行源码处理,需要进行正则查找并替换.于是借着这个机会把正则系统地学一下,虽然以前也用过正则,但每次都是临时学一下混过关的.在学习的过程中还是遇到不少问题的,特别是零宽断言(这里 ...
- Windows10上使用windbg调试Chromium Windows。
###目的###Windows10上使用windbg调试Chromium Windows. 安装Windows 10 SDK时, 就包含了windbg.exe."C:\Program Fil ...
- MSDN上的异步socket 服务端例子
MSDN上的异步socket 服务端例子 2006-11-22 17:12:01| 分类: 代码学习 | 标签: |字号大中小 订阅 Imports SystemImports Syste ...
- Windbg实用手册
Windbg工作中用的不多,所以命令老是记不住,每次使用都要重新查命令,挺烦. 趁这次培训的机会好好测试和总结了一下,下次再用就方便多了. 在这里一起共享一下,如果有错误,请指正. 基本知识和常用命令 ...
- 「mysql优化专题」90%程序员面试都用得上的索引优化手册(5)
目录(技术文) 多关于索引,分为以下几点来讲解: 一.索引的概述(什么是索引,索引的优缺点) 二.索引的基本使用(创建索引) 三.索引的基本原理(面试重点) 四.索引的数据结构(B树,hash) 五. ...
- excel在msdn上的说明文档
Microsoft.Office.Tools.Excel.Worksheet 对象提供和 Excel 主互操作程序集中的 Microsoft.Office.Interop.Excel.Workshee ...
- MSDN上对yield关键字的示例
public class PowersOf2 { static void Main() { // Display powers of 2 up to the exponent of 8: , )) { ...
随机推荐
- 在js里的ejs模板引擎使用
1.首先需要在页面里引用ejs.min.js. 2.将你的模板使用ejs编写,并存成后缀名.stmpl;(可能需要在打包工具里做些处理) 3.在js里使用require引入xxx.stmpl: con ...
- [Codeforces722E] Research Rover (dp+组合数学)
[Codeforces722E] Research Rover (dp+组合数学) 题面 给出一个N*M的方格阵,从(1,1)出发,到(N,M)结束,从(x,y)只能走到(x+1,y)或(x,y+1) ...
- [BZOJ1901][luogu2617]Dynamic Rankings(树状数组+主席树)
题面 单点修改,区间求第k大 分析 首先,这道题卡权值线段树套treap的做法,所以只能用主席树做 对于静态的查询,root[i]对应的主席树的区间[l,r]保存的是a[1]~a[i]有多少个值落在区 ...
- jar包/class文件如何快速反编译成java文件
有时编写的java代码打包为可执行jar包后需要查看工程结构是否是且只有我们需要的包,故需要查看jar包层级. 1.windows系统可以直接在网上下载jd-gui.exe包,然后傻瓜安装: 2.Ma ...
- MVC模型的基本原理及实现原理
[转载]MVC架构在Asp.net中的应用和实现 摘要:本文主要论述了MVC架构的原理.优缺点以及MVC所能为Web应用带来的好处.并以“成都市信息化资产管理系统”框架设计为例,详细介绍其在Asp.n ...
- 手动实现一个vue的mvvm,思路解析
1.解析dom.fragment编译,初始化new watcher 2 ,数据劫持,Object.defineProperty(obj,key,{ configurable:true,// 可以配置 ...
- elasticsearch 基础 —— Mapping参数boost、coerce、copy_to、doc_values、dynamic、
boost 在查询时,各个字段可以自动提升 - 更多地依赖于相关性得分,boost参数如下: PUT my_index { "mappings": { "_doc&quo ...
- elasticsearch 基础 —— URI搜索
URI搜索 可以通过提供请求参数使用URI来执行搜索请求.使用此模式执行搜索时,并非所有搜索选项都会暴露.这是一个例子: GET twitter/_search?q=user:kimchy 示例响应: ...
- printf, fprintf, sprintf, snprintf, vprintf, vfprintf, vsprintf, vsnprintf - 输出格式转换
总览 (SYNOPSIS) #include <stdio.h> int printf(const char *format, ...); int fprintf(FILE *stream ...
- 17-正交矩阵和Gram-Schmidt正交化
一.视频链接 1)正交矩阵 定义:如果一个矩阵,其转置与自身的乘积等于单位向量,那么该矩阵就是正交矩阵,该矩阵一般用Q来表示,即$Q^TQ=QQ^T=I$,也就是$Q^T=Q^{-1}$,即转置=逆 ...