windbg中常用的命令

最新推荐文章于 2024-07-06 18:08:58 发布

FreeWave

最新推荐文章于 2024-07-06 18:08:58 发布

阅读量558

点赞数

文章标签： command list structure thread search function

本文链接：https://blog.csdn.net/freewave/article/details/2311171

版权

windbg中常用的命令

~ - list threads in current process context
~* - list detail information of threads in current process context
lm - list all loaded modules
!sym noice/quiet - symbol prompts on/off
.srcpath - set source code path
k - display current stack
~*kb - display current stack for all threads
dv - display current local variable (ctrl + alt + v to switch mode)
.Frame - call stack
dt xxx - display data structure for xxx such as PEB
!gle/!error - display last error for current thread.
!teb - diplay current thread execution block
!peb - diplay current process execution block
r [@register] - display value of all register
ln [Address] - display the object type in Address
x [] - search address for global variable or global function, such as "x kernel32!*"
!locks - display dead lock
!handle - get current handle usage
!htrace [enable] - display and trace handles.
u - disassemble
bp [Kernel!SetLastError] [value] - set break pointer
bl - display break pointer information.
for example:
bp `mysource.cpp:143` "j (poi(MyVar)”0n20) ''; 'g' "
when MyVar is exceed 0x20, g command will be invoked. NOTE: "j" is to set conditional break pointer.
ba - data break pointer
ba w4 0x4000000 "kb;g" - list all modify 0x40000's call stack.

p,pa,t,ta - control command