MSDN上关于WinDbg的手册
参考:http://msdn.microsoft.com/en-us/library/windows/hardware/ff540507(v=vs.85).aspx
这是最靠谱的参考了,比.hh要直观。
在Linux上稍作编辑
daniel@daniel-mint ~/windbg $ awk 'BEGIN{maxIndex=0}{idx = index($0, "("); if (idx > maxIndex) maxIndex = idx;}END{print maxIndex}' commands
57
daniel@daniel-mint ~/windbg $ awk 'FS="[()]"{printf("%60s\t%s\n", $1, $2)}' commands > commands_formated
Basic Commands
daniel@daniel-mint ~/windbg $ awk 'FS="[()]"{printf("%60s\t%s\n", $1, $2)}' commands
ENTER (Repeat
$<, $><, $$<, $$><, $$>a< Run Script File
? Command Help
? Evaluate Expression
?? Evaluate C++ Expression
# Search for Disassembly Pattern
|| System Status
||s Set Current System
| Process Status
|s Set Current Process
~ Thread Status
~e Thread-Specific Command
~f Freeze Thread
~u Unfreeze Thread
~n Suspend Thread
~m Resume Thread
~s Set Current Thread
~s Change Current Processor
a Assemble
ad Delete Alias
ah Assertion Handling
al List Aliases
as, aS Set Alias
ba Break on Access
bc Breakpoint Clear
bd Breakpoint Disable
be Breakpoint Enable
bl Breakpoint List
bp, bu, bm Set Breakpoint
br Breakpoint Renumber
bs Update Breakpoint Command
bsc Update Conditional Breakpoint
c Compare Memory
d, da, db, dc, dd, dD, df, dp, dq, du, dw, dW, dyb, dyd Display Memory
dda, ddp, ddu, dpa, dpp, dpu, dqa, dqp, dqu Display Referenced Memory
dds, dps, dqs Display Words and Symbols
dg Display Selector
dl Display Linked List
ds, dS Display String
dt Display Type
dv Display Local Variables
e, ea, eb, ed, eD, ef, ep, eq, eu, ew, eza, ezu Enter Values
f, fp Fill Memory
g Go
gc Go from Conditional Breakpoint
gh Go with Exception Handled
gn, gN Go with Exception Not Handled
gu Go Up
ib, iw, id Input from Port
j Execute If - Else
k, kb, kc, kd, kp, kP, kv Display Stack Backtrace
l+, l- Set Source Options
ld Load Symbols
lm List Loaded Modules
ln List Nearest Symbols
ls, lsa List Source Lines
lsc List Current Source
lse Launch Source Editor
lsf, lsf- Load or Unload Source File
lsp Set Number of Source Lines
m Move Memory
n Set Number Base
ob, ow, od Output to Port
p Step
pa Step to Address
pc Step to Next Call
pct Step to Next Call or Return
ph Step to Next Branching Instruction
pt Step to Next Return
q, qq Quit
qd Quit and Detach
r Registers
rdmsr Read MSR
rm Register Mask
s Search Memory
so Set Kernel Debugging Options
sq Set Quiet Mode
ss Set Symbol Suffix
sx, sxd, sxe, sxi, sxn, sxr, sx- Set Exceptions
t Trace
ta Trace to Address
tb Trace to Next Branch
tc Trace to Next Call
tct Trace to Next Call or Return
th Trace to Next Branching Instruction
tt Trace to Next Return
u Unassemble
uf Unassemble Function
up Unassemble from Physical Memory
ur Unassemble Real Mode BIOS
ux Unassemble x86 BIOS
vercommand Show Debugger Command Line
version Show Debugger Version
vertarget Show Target Computer Version
wrmsr Write MSR
wt Trace and Watch Data
x Examine Symbols
z Execute While
meta commands
daniel@daniel-mint ~/windbg $ awk 'FS="[()]"{printf("%30s\t%s\n", $1, $2)}' meta_commands
.abandon (Abandon
.allow_exec_cmds Allow Execution Commands
.allow_image_mapping Allow Image Mapping
.apply_dbp Apply Data Breakpoint to Context
.asm Change Disassembly Options
.attach Attach to Process
.beep Speaker Beep
.bpcmds Display Breakpoint Commands
.bpsync Synchronize Threads at Breakpoint
.breakin Break to the Kernel Debugger
.browse Display Command in Browser
.bugcheck Display Bug Check Data
.cache Set Cache Size
.call Call Function
.chain List Debugger Extensions
.childdbg Debug Child Processes
.clients List Debugging Clients
.closehandle Close Handle
.cls Clear Screen
.context Set User-Mode Address Context
.copysym Copy Symbol Files
.cordll Control CLR Debugging
.crash Force System Crash
.create Create Process
.createdir Set Created Process Directory
.cxr Display Context Record
.dbgdbg Debug Current Debugger
.detach Detach from Process
.dml_flow Unassemble with Links
.dml_start Display DML Starting Point
.dump Create Dump File
.dumpcab Create Dump File CAB
.dvalloc Allocate Memory
.dvfree Free Memory
.echo Echo Comment
.echocpunum Show CPU Number
.echotime Show Current Time
.echotimestamps Show Time Stamps
.ecxr Display Exception Context Record
.effmach Effective Machine
.enable_long_status Enable Long Integer Display
.enable_unicode Enable Unicode Display
.endpsrv End Process Server
.endsrv End Debugging Server
.enumtag Enumerate Secondary Callback Data
.event_code Display Event Code
.eventlog Display Recent Events
.exepath Set Executable Path
.expr Choose Expression Evaluator
.exptr Display Exception Pointers
.exr Display Exception Record
.extmatch Display All Matching Extensions
.extpath Set Extension Path
.f+, .f- Shift Local Context
.fiber Set Fiber Context
.fiximports Fix Target Module Imports
.flash_on_break Flash on Break
.fnent Display Function Data
.fnret Display Function Return Value
.force_radix_output Use Radix for Integers
.force_tb Forcibly Allow Branch Tracing
.formats Show Number Formats
.fpo Control FPO Overrides
.frame Set Local Context
.help Meta-Command Help
.hh Open HTML Help File
.hideinjectedcode Hide Injected Code
.holdmem Hold and Compare Memory
.idle_cmd Set Idle Command
.ignore_missing_pages Suppress Missing Page Errors
.inline Toggle Inline Function Debugging
.imgscan Find Image Headers
.kdfiles Set Driver Replacement Map
.kframes Set Stack Length
.kill Kill Process
.lastevent Display Last Event
.lines Toggle Source Line Support
.load, .loadby Load Extension DLL
.locale Set Locale
.logappend Append Log File
.logclose Close Log File
.logfile Display Log File Status
.logopen Open Log File
.netuse Control Network Connections
.noshell Prohibit Shell Commands
.noversion Disable Version Checking
.ocommand Expect Commands from Target
.ofilter Filter Target Output
.open Open Source File
.opendump Open Dump File
.outmask Control Output Mask
.pagein Page In Memory
.pcmd Set Prompt Command
.pop Restore Debugger State
.prefer_dml Prefer Debugger Markup Language
.process Set Process Context
.prompt_allow Control Prompt Display
.push Save Debugger State
.quit_lock Prevent Accidental Quit
.readmem Read Memory from File
.reboot Reboot Target Computer
.record_branches Enable Branch Recording
.reload Reload Module
.remote Create Remote.exe Server
.remote_exit Exit Debugging Client
.restart Restart Target Application
.restart Restart Kernel Connection
.rrestart Register for Restart
.scroll_prefs Control Source Scrolling Preferences
.secure Activate Secure Mode
.send_file Send File
.server Create Debugging Server
.servers List Debugging Servers
.setdll Set Default Extension DLL
.shell Command Shell
.show_read_failures
.show_sym_failures
.sleep Pause Debugger
.sound_notify Use Notification Sound
.srcfix, .lsrcfix Use Source Server
.srcnoisy Noisy Source Loading
.srcpath, .lsrcpath Set Source Path
.step_filter Set Step Filter
.suspend_ui Suspend WinDbg Interface
.symfix Set Symbol Store Path
.symopt Set Symbol Options
.sympath Set Symbol Path
.thread Set Register Context
.time Display System Time
.tlist List Process IDs
.trap Display Trap Frame
.tss Display Task State Segment
.ttime Display Thread Times
.typeopt Set Type Options
.unload Unload Extension DLL
.unloadall Unload All Extension DLLs
.urestart Unregister for Restart
.wake Wake Debugger
.write_cmd_hist Write Command History
.writemem Write Memory to File
.wtitle Set Window Title
Kernel Mode Extensions
!ahcache
!alignmentfaults
!analyzebugcheck
!apc
!apicerr
!arbinst
!arbiter
!ate
!bcb
!blockeddrv
!bpid
!btb
!bth
!bugdump
!bushnd
!ca
!callback
!calldata
!can_write_kdump
!cbreg
!cchelp
!chklowmem
!cmreslist
!cpuinfo
!db, !dc, !dd, !dp, !dq, !du, !dw
!dbgprint
!dblink
!dcr
!dcs
!deadlock
!defwrites
!devext
!devhandles
!devnode
!devobj
!devstack
!dflink
!diskspace
!dma
!dpa
!dpcs
!driveinfo
!drivers
!drvobj
!dskheap
!eb, !ed
!ecb, !ecd, !ecw
!ecs
!errlog
!errpkt
!errrec
!exca
!filecache
!filelock
!fileobj
!filetime
!finddata
!findfilelockowner
!for_each_process
!for_each_thread
!fpsearch
!frag
!frozen
!fwver
!gbl
!gentable
!hidppd
!ib, !id, !iw
!icpleak
!idt
!ih
!ihs
!ioresdes
!ioreslist
!iovirp
!ipi
!irp
!irpfind
!irpzone
!irql
!isainfo
!isr
!ivt
!job
!kb, !kv
!loadermemorylist
!lockedpages
!locks (!kdext*.locks)
!logonsession
!lookaside
!lpc
!mca
!memlist
!memusage
!mps
!mtrr
!npx
!ob, !od, !ow
!object
!obtrace
!openmaps
!pars
!pat
!pci
!pciir
!pcitree
!pcm
!pcr
!pcrs
!pfn
!pmc
!pmssa
!pnpevent
!pocaps
!pool
!poolfind
!poolused
!poolval
!popolicy
!pplookaside
!ppmidle
!ppmidleaccounting
!ppmperf
!ppmperfpolicy
!ppmstate
!prcb
!process
!processfields
!processirps
!psp
!pte
!pte2va
!ptov
!qlocks
!ready
!reg
!regkcb
!rellist
!ruleinfo
!running
!scm
!search
!searchpte
!sel
!session
!smt
!spoolsum
!spoolused
!sprocess
!srb
!stacks
!swd
!sysinfo
!sysptes
!thread
!threadfields
!time
!timer
!tokenfields
!trap
!tss
!tz
!tzinfo
!ubc
!ubd
!ube
!ubl
!ubp
!urb
!vad
!vad_reload
!validatelist
!verifier
!vm
!vpb
!vpdd
!vtop
!walklist
!wdmaud
!whattime
!whatperftime
!whea
!wsle
!xpoolmap
!zombies
general extensions
!acl
!address
!analyze
!asd
!atom
!bitcount
!chksym
!chkimg
!cppexr
!cpuid
!cs
!cxr
!dh
!dlls
!dml_proc
!dumpfa
!elog_str
!envvar
!error
!exchain
!exr
!findxmldata
!for_each_frame
!for_each_function
!for_each_local
!for_each_module
!for_each_register
!gflag
!gle
!gs
!handle
!heap
!help
!homedir
!hstring
!hstring2
!htrace
!imggp
!imgreloc
!kuser
!list
!lmi
!mui
!net_send
!obja
!owner
!peb
!rebase
!rtlavl
!sd
!sid
!slist
!std_map
!stl
!str
!sym
!symsrv
!teb
!tls
!token
!tp
!triage
!ustr
!version
!winrterr
user mode extensions
!avrf
!critsec
!dp (!ntsdexts.dp)
!dreg
!dt
!evlog
!findstack
!gatom
!igrep
!locks (!ntsdexts.locks)
!mapped_file
!runaway
!threadtoken
!uniqstack
!vadump
!vprot
MSDN上关于WinDbg的手册的更多相关文章
- WinDbg 命令三部曲:(一)WinDbg 命令手册
本文为 Dennis Gao 原创技术文章,发表于博客园博客,未经作者本人允许禁止任何形式的转载. 系列博文 <WinDbg 命令三部曲:(一)WinDbg 命令手册> <WinDb ...
- WinDbg 命令手册
WinDbg 命令三部曲:(一)WinDbg 命令手册 本文为 Dennis Gao 原创技术文章,发表于博客园博客,未经作者本人允许禁止任何形式的转载. 系列博文 <WinDbg 命令三部 ...
- 零宽度正预测先行断言是什么呢,看msdn上的官方解释定义
最近为了对html文件进行源码处理,需要进行正则查找并替换.于是借着这个机会把正则系统地学一下,虽然以前也用过正则,但每次都是临时学一下混过关的.在学习的过程中还是遇到不少问题的,特别是零宽断言(这里 ...
- Windows10上使用windbg调试Chromium Windows。
###目的###Windows10上使用windbg调试Chromium Windows. 安装Windows 10 SDK时, 就包含了windbg.exe."C:\Program Fil ...
- MSDN上的异步socket 服务端例子
MSDN上的异步socket 服务端例子 2006-11-22 17:12:01| 分类: 代码学习 | 标签: |字号大中小 订阅 Imports SystemImports Syste ...
- Windbg实用手册
Windbg工作中用的不多,所以命令老是记不住,每次使用都要重新查命令,挺烦. 趁这次培训的机会好好测试和总结了一下,下次再用就方便多了. 在这里一起共享一下,如果有错误,请指正. 基本知识和常用命令 ...
- 「mysql优化专题」90%程序员面试都用得上的索引优化手册(5)
目录(技术文) 多关于索引,分为以下几点来讲解: 一.索引的概述(什么是索引,索引的优缺点) 二.索引的基本使用(创建索引) 三.索引的基本原理(面试重点) 四.索引的数据结构(B树,hash) 五. ...
- excel在msdn上的说明文档
Microsoft.Office.Tools.Excel.Worksheet 对象提供和 Excel 主互操作程序集中的 Microsoft.Office.Interop.Excel.Workshee ...
- MSDN上对yield关键字的示例
public class PowersOf2 { static void Main() { // Display powers of 2 up to the exponent of 8: , )) { ...
随机推荐
- P4929 【模板】舞蹈链(DLX)
题目背景 本题是舞蹈链模板——精确覆盖问题 题目描述 给定一个N行M列的矩阵,矩阵中每个元素要么是1,要么是0 你需要在矩阵中挑选出若干行,使得对于矩阵的每一列j,在你挑选的这些行中,有且仅有一行的第 ...
- ModbusTcp踩得坑
单元标识符在MODBUS或MODBUS+串行链路子网中对设备进行寻址时,这个域是用于路由的目的.在这种情况下,“Unit Identifier”携带一个远端设备的MODBUS从站地址:- 如果MODB ...
- js字符串相关方法
<script> // 使用索引位置来访问字符串中的每个字符: var carname = 'Volvo XC60'; var character = carname[7]; consol ...
- RestController和Controller的区别
知识点:@RestController注解相当于@ResponseBody + @Controller合在一起的作用. 1) 如果只是使用@RestController注解Controller,则Co ...
- 高级定时器-setTimeout()、setInterval()、链式setTimeout()
使用 setTimeout()和 setInterval()创建的定时器可以用于实现有趣且有用的功能.执行时机是不能保证的,因为在页面的生命周期中,不同时间可能有其他代码在控制 JavaScript ...
- 解决:Module not found: node_modules\sass-loader\package.json (directory description file)
npm uninstall node-sass npm install node-sass@latest
- 微信小程序(4)--二维码窗口
微信小程序二维码窗口: <view class="btn" bindtap="powerDrawer" data-statu="open&quo ...
- shell脚本检索所有mysql数据库中没有primary key的表
1.mkdir -p /root/scripts/ 2. cd /root/scripts/ vim query.sql,代码如下: SELECT CONCAT(t.table_schema,&quo ...
- python输出转义字符
转义字符在字符串中不代表自己,比如\n代表回车,不代表\n字符,那我想输入转义字符本身呢? 答:在字符串前面加个r 如print(“aa\nbb”) 会输出aa bb 如print(r"aa ...
- centos 6.5 查看发行版本
cat /etc/redhat-release 其他发行版 lsb_release -a