Below is the list of most frequently needed commands while debugging a program in Windbg.
Below is the list of commonly used windbg commands. You can also see the syntax of these commands.
Command | Description | Syntax |
BP | Create break point |
|
BL | List the breakpoints | Bl |
BC | Cancel break point | BC breakpoint_no (Breakpoint number can be obtained by doing bl) |
K | Show current call stack | k |
g | Continue with execution | g |
P | Execute the next statement and break in | p |
T | Same as above but steps in if it is a function call | t |
!analyze -v | Analyze the crash | !analyze -v |
Gu | Step out of the current function | gu |
R | Display the register values | r |
Db | Display the value at given address as byte | Db data_address |
DW | Display the value at given address as word | Dw data_address |
.sympath | Set the symbols path | .sympath symbols_location |
.srcpath | Set source code path | .srcpath source_code_location |
.process | Change the context to the process at the given address | .process process_address |
.thread | Change the context to the thread at the given address | .thread thread_address |
Ctrl – Break | Cancel the command currently running | When you try to load symbols sometimes it may take lot of time and try to load symbols for unnecessary modules. Then you can press Ctrl-Break and interrupt the .reload command. Ctrl-Break can be used to cancel any command in windbg. |
.effmach | Tells if the windbg is running in 32-bit mode or 64-bit mode | .effmach |