如何使用 Windbg 打开转储并从命令提示符启动一些 Windbg 命令?

How to use Windbg for opening a dump and launching some Windbg commands from the command prompt?

中所述,我想启动 Windbg,打开转储,并启动一些命令(.load pykd.pyd!py heap_stat.py)。

我认为这很容易,但即使开始 Windbg 并打开故障转储似乎也不是那么容易,正如您从以下不成功的示例中看到的那样:

Prompt>windbg.exe /?
Prompt>windbg.exe --help
Prompt>windbg.exe E:\Bugs\program.exe_181212_215503.dmp
Prompt>windbg.exe -D E:\Bugs\program.exe_181212_215503.dmp
Prompt>windbg.exe -zertyuiopqsdfghjklwxcvbn
Prompt>windbg.exe -help
Prompt>windbg.exe help

想法是得到类似的东西:

Prompt>windbg.exe -d <dumpfile> -c <command1;command2>

它在 windbg.chm 和命令提示符中都有记录并可用 -? 请注意,我在 cdb 上使用它,它是控制台模式,而不是在 windbg
windbg -? , -h , --help , /? , -B#llCr@p
一切都应该弹出 debugger.chm(在 17763 中损坏,但检查说 14951)

C:\>cdb -? | grep -i dump
  -openPrivateDumpByHandle <HANDLE>
    specifies the handle of a crash dump file to debug
  -z <CrashDmpFile> specifies the name of a crash dump file to debug
  -zd <CrashDmpFile> specifies the name of a crash dump file to debugand
                     deletes that crash dump after the debugger has finished
                      crash dump

C:\>

要求创建转储

C:\>cdb -c ".dump /ma dominidumpi.dmp;q" cdb

Microsoft (R) Windows Debugger Version 10.0.17763.132 X86

ntdll!LdrpDoDebuggerBreak+0x2c:
774a05a6 cc              int     3
0:000> cdb: Reading initial command '.dump /ma dominidumpi.dmp;q'
Creating dominidumpi.dmp - mini user dump
Dump successfully written
quit:

加载转储正在执行某事并退出

C:\>cdb -c "lm;q" -z dominidumpi.dmp

Microsoft (R) Windows Debugger Version 10.0.17763.132 X86


Loading Dump File [C:\dominidumpi.dmp]
User Mini Dump File with Full Memory: Only application data is available



ntdll!LdrpDoDebuggerBreak+0x2c:
774a05a6 cc              int     3
0:000> cdb: Reading initial command 'lm;q'
start    end        module name
01250000 01278000   cdb        (deferred)
5b360000 5b4ef000   dbghelp    (deferred)
5b4f0000 5b5cc000   ucrtbase   (deferred)
5b5d0000 5bbac000   dbgeng     (deferred)

77400000 7753c000   ntdll      (pdb symbols)   xxx\ntdll.pdb
775a0000 775aa000   lpk        (deferred)
quit:


C:\>