一个非常有用的windbg命令.cmdtree

最新推荐文章于 2025-12-05 11:36:05 发布

原创最新推荐文章于 2025-12-05 11:36:05 发布 · 2.5k 阅读

1 ·

CC 4.0 BY-SA版权

文章标签：

#distance #command #parameters #logging #interface #thread

Windows 专栏收录该内容

22 篇文章

订阅专栏

Roberto Farah 介绍了一个非常有用的windbg命令.cmdtree，请参考他的原文

Special Command—Execute Commands from a Customized User Interface with .cmdtree。

我们可以把一些常用的命令以特定的格式写到一个文本文件中，比如cmds.txt，然后通过.cmdtree cmds.txt命令加载，一些常用的命令就不用每次都输入了。一个命令文件的例子cmds.txt：

windbg ANSI Command Tree 1.0
title {"Common Commands"}
body
{"Common Commands"}
{"Information"}
{"Time of dump"} {".time"}
{"Process being debugged"} {"|"}
{"Dump Location"} {"||"}
{"Create server on port 9999"} {".server tcp:port=9999"}
{"Show remote connections"} {".clients"}
{"Process Environment Block"} {"!peb"}
{"Logging"}
{"Open Log"} {".logopen /t /u /d"}
{"Close Log"} {".logclose"}
{"Modules"}
{"All Modules"} {"lm D sm"}
{"Loaded Modules"} {"lmo D sm"}
{"Loaded Modules (verbose)"} {"lmvo D sm"}
{"Modules w/o symbols"} {"lme D sm"}
{"Stacks"}
{"Set frame length to 2000"} {".kframes 2000"}
{"Dump current stack w/ DML"} {"kpM 1000"}
{"Dump stacks without private info"} {"knL 1000"}
{"Dump stacks with all parameters"} {"kPn 1000"}
{"Dump stacks (distance from last frame)"} {"kf 1000"}
{"Dump stacks with Frame Pointer Omission"} {"kvn 1000"}
{"Dump all stack"} {"~*kbn 1000"}
{"Dump unique stacks"} {"!uniqstack -pn"}
{"Thread environment block"} {"!teb"}
{"Move to next frame"} {".f+"}
{"Move to previous frame"} {".f-"}
{"Memory"}
{"Dump heaps"} {"!heap -a"}
{"Automated Task"}
{"!analyze"} {"!analyze -v"}
{"Locks"} {"!ntsdexts.locks"}
{"CPU time for User and Kernel Mode"} {"!runaway 7"}
{"Managed"}
{"Load sos"} {".loadby sos mscorwks"}
{"clrstack"} {"!clrstack"}
{"Threads"} {"!threads"}
{"Stack Objects"} {"!dso"}
{"Exceptions"} {"!dae"}

下面是截图：