Home > Others

WinDbg Learning and remembering

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

6, LMF

Lists all DLL files and corresponding paths loaded in the current process

Strange didn't find my program inside loaded DLL obediently drip. Is the attach process shutting down the DLL? Try the empty dump.

11!runaway can show CPU consumption for each thread

This command is very good, directly find which thread takes a long time, if always occupy, then this thread inside must have a dead loop, or constantly operate something

Thread 6th occupancy Time 1分钟31秒

I see someone through the catch dump to see, that should be the most accurate bar, WinDbg attached to the process, the program card dropped, the resources of the DLL also stopped.

The thread that is the problem is the one that takes up several times with the dump and the same time each time.

12, ~ command is used to switch the target thread

0:018> ~ can display information about a thread
0:018> ~0s Switches the current thread to line Line 0, which is the main thread, and the prompt changes to 0:000.

13. ~* command lists details of all threads in the current process

14. ~*KB command lists all threads ' stacks

15. The k command is used to display the stack of the current thread, as follows

Go to line Line 6.

Not much information

15. The k command is used to display the stack of the current thread, as follows

0:018> K
Like the D command, K can be followed by many suffixes, such as KB KP,KN,KV,KL, which control the format and information displayed.
Stack directive k[b|p| P|V]
These four instructions show similar content, but each instruction has its own characteristics;

KB display three parameters;

KP displays all the parameters, but requires full symbols or private pdbsymbols support. KP is similar to KP, except that KP displays the parameter line;

KV is used to display FPO and calling conventions;

KD, used to display the dump of a stack, is useful when tracking stacks.
These directives are size-sensitive.

16. The u command translates the code on the specified address into the assembly output

0:018> u 7739d023
user32! Ntuserwaitmessage:
7739d023 b84a120000 mov eax,0x124a
7739d028 ba0003fe7f mov edx,0x7ffe0300
7739d02d Ff12 call DWORD ptr [EDX]
7739D02F c3 ret
If the symbol file is loaded correctly, the entire function can be disassembled directly using the UF command, such as UF user32! Ntuserwaitmessage

WinDbg Learning and remembering

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
windbg download learning and development books elasticsearch and machine learning machine learning and neural networks machine learning and neural networks learning vi and vim editors learning php and mysql pdf

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More