本文介绍了Windbg调试工具的一些关键命令,包括查看目标系统版本、寄存器值、处理器执行代码、调用栈信息以及如何设置断点和查看变量内存。通过示例演示了如vertarget、r、u、k、bl等命令的使用,帮助读者理解Windbg在分析dump文件时的实用操作。
1. 查看目标系统
vertarget 是version命令的一个功能子集
vertarget显示调试目标所在的操作系统版本
version则会显示调试环境的其它信息
eg:
0:000> version
Windows XP Version 2600 (Service Pack 3) MP (4 procs) Free x86 compatible
Product: WinNt, suite: SingleUserTS
kernel32.dll version: 5.1.2600.5781 (xpsp_sp3_gdr.090321-1317)
Machine Name:
Debug session time: Sat Jun 30 08:45:50.437 2012 (GMT+8)
System Uptime: 0 days 1:14:31.091
Process Uptime: 0 days 0:23:58.671
Kernel time: 0 days 0:00:00.000
User time: 0 days 0:00:00.015
Live user mode: <Local>
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
command line: '"C:\Program Files\Debugging Tools for Windows (x86)\windbg.exe" ' Debugger Process 0x12C
dbgeng: image 6.11.0001.404, built Thu Feb 26 09:55:43 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbgeng.dll]
dbghelp: image 6.11.0001.404, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbghelp.dll]
DIA version: 11212
Extension DLL search Path:
C:\Program Files\Debugging Tools for Windows (x86)\WINXP;C:\Program Files\Debugging Tools for Windows (x86)\winext;C:\Program Files\Debugging Tools for Windows (x86)\winext\arcade;C:\Program Files\Debugging Tools for Windows (x86)\pri;C:\Program Files\Debugging Tools for Windows (x86);C:\Program Files\Debugging Tools for Windows (x86)\winext\arcade;C:\WINDOWS\system32;C:\WINDOWS;C:\WINDOWS\System32\Wbem;C:\Program Files\Intel\Wirele
最低0.47元/天 解锁文章
2万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
