ªð¦^¦Cªí ¦^´_ µo©«

·L³n¤@­Ó¨u¬°¤Hª¾ªºµL¼Ä©R¥O

§@ªÌ: wen ¤é´Á: 2007-12-30 20:13 ¾\Ū: 1074 ¤H ¥´¦L ¦¬Âà ¤j ¤¤ ¤p
·L³n¤@­Ó¨u¬°¤Hª¾ªºµL¼Ä©R¥O


¡@¡@°Ý:«ç»ò¤~¯àÃö±¼¤@­Ó¥Î¥ô°ÈºÞ²z¾¹Ãö¤£¤Fªº¶iµ{¡H§Ú«e¬q®É¶¡µo²{§Úªº¾÷¤lùئh¤F¤@­Ó¶iµ{¡A¥u­n¶}¾÷´N¦b¡A§Ú¥Î¥ô°ÈºÞ²z¾¹«o«ç»òÃö¤]Ãö¤£¤F

¡@¡@µª1:±þ¶iµ{«Ü®e©ö¡AÀH«K§ä­Ó¤u¨ã³£¦æ¡C¤ñ¦pIceSword¡CÃöÁä¬O§ä¨ì³o­Ó¶iµ{ªº±Ò°Ê¤è¦¡¡A¤£µM¤U¦¸­«±Ò¥¦¤S¥X¨Ó¤F¡C¶¶«K±Ð¤j®a¤@©Û¬½ªº¡C¨ä¹ê¥ÎWindows¦Û±aªº¤u¨ã´N¯à±þ¤j³¡¤À¶iµ{¡G

¡@¡@c:\>ntsd -c q -p PID

¡@¡@¥u¦³System¡BSMSS.EXE©MCSRSS.EXE¤£¯à±þ¡C«e¨â­Ó¬O¯Â¤º®ÖºAªº¡A³Ì«á¨º­Ó¬OWin32¤l¨t²Î¡Antsd¥»¨­»Ý­n¥¦¡Cntsd±q2000¶}©l´N¬O¨t²Î¦Û±aªº¥Î¤áºA½Õ¸Õ¤u¨ã¡C³Q½Õ¸Õ¾¹ªþµÛ(attach)ªº¶iµ{·|ÀH½Õ¸Õ¾¹¤@°_°h¥X¡A©Ò¥H¥i¥H¥Î¨Ó¦b©R¥O¦æ¤U²×¤î¶iµ{¡C¨Ï¥Întsd¦Û°Ê´NÀò±o¤Fdebug³\¥iÅv¡A±q¦Ó¯à±þ±¼¤j³¡¤Àªº¶iµ{¡Cntsd·|·s¶}¤@­Ó½Õ¸Õµøµ¡¡A¥»¨Ó¦b¯Â©R¥O¦æ¤UµLªk±±¨î¡A¦ý¦pªG¥u¬O²³æªº©R¥O¡A¤ñ¦p°h¥X(q)¡A¥Î-c°Ñ¼Æ±q©R¥O¦æ¶Ç»¼´N¦æ¤F¡CNtsdNtsd «ö·ÓºD¨Ò¤]¦V³nÅéµo®i¤H­û´£¨Ñ¡C¥u¦³¨t²Î¶}µo¤H­û¨Ï¥Î¦¹©R¥O¡C¦³Ãö¸Ô²Ó¸ê°T¡A½Ð°Ñ¾\ NTSD ¤¤©ÒªþªºÀ°§UÀÉ¡C¥Îªk:¶}­Ócmd.exeµøµ¡¡A¿é¤J¡G

¡@¡@ntsd -c q -p PID

¡@¡@§â³Ì«á¨º­ÓPID¡A§ï¦¨§A­n²×¤îªº¶iµ{ªºID¡C¦pªG§A¤£ª¾¹D¶iµ{ªºID¡A¥ô°ÈºÞ²z¾¹¡Ð>¶iµ{¿ï¶µ¥d¡Ð>¬d¬Ý¡Ð>¿ï¾Ü¦C¡Ð>¤Ä¤W"PID¡]¶iµ{ÃѧO¦r¡^"¡AµM«á´N¯à¬Ý¨£¤F¡C

¡@¡@µª2¡Gxp¤UÁÙ¦³¨â­Ó¦nªFªFtasklist©Mtskill¡Ctasklist¯à¦C¥X©Ò¦³ªº¶iµ{¡A©M¬ÛÀ³ªº¸ê°T¡Ctskill¯à¬d±þ¶iµ{¡A»yªk«Ü²³æ¡Gtskill µ{¦¡¦W¡I¡I

°Ñ¦Ò¸ê®Æ¡G
NTSD ªºÀ°§UÀÉ
  1. usage: ntsd [-?] [-2] [-d] [-g] [-G] [-myob] [-lines] [-n] [-o] [-s] [-v] [-w]
  2.             [-r BreakErrorLevel]  [-t PrintErrorLevel]
  3.             [-hd] [-pd] [-pe] [-pt #] [-pv] [-x | -x{e|d|n|i} ]
  4.             [-- | -p pid | -pn name | command-line | -z CrashDmpFile]
  5.             [-zp CrashPageFile] [-premote transport] [-robp]
  6.             [-aDllName] [-c "command"] [-i ImagePath] [-y SymbolsPath]
  7.             [-clines #] [-srcpath SourcePath] [-QR \\machine] [-wake ]
  8.             [-remote transport:server=name,portid] [-server transport:portid]
  9.             [-ses] [-sfce] [-sicv] [-snul] [-noio] [-failinc] [-noshell]

  10. where: -? displays this help text
  11.        command-line is the command to run under the debugger
  12.        -- is the same as -G -g -o -p -1 -d -pd
  13.        -aDllName sets the default extension DLL
  14.        -c executes the following debugger command
  15.        -clines number of lines of output history retrieved by a remote client
  16.        -failinc causes incomplete symbol and module loads to fail
  17.        -d sends all debugger output to kernel debugger via DbgPrint
  18.           -d cannot be used with debugger remoting
  19.           -d can only be used when the kernel debugger is enabled
  20.        -g ignores initial breakpoint in debuggee
  21.        -G ignores final breakpoint at process termination
  22.        -hd specifies that the debug heap should not be used
  23.            for created processes.  This only works on Windows Whistler.
  24.        -o debugs all processes launched by debuggee
  25.        -p pid specifies the decimal process Id to attach to
  26.        -pd specifies that the debugger should automatically detach
  27.        -pe specifies that any attach should be to an existing debug port
  28.        -pn name specifies the name of the process to attach to
  29.        -pt # specifies the interrupt timeout
  30.        -pv specifies that any attach should be noninvasive
  31.        -r specifies the (0-3) error level to break on (SeeSetErrorLevel)
  32.        -robp allows breakpoints to be set in read-only memory
  33.        -t specifies the (0-3) error level to display (SeeSetErrorLevel)
  34.        -w specifies to debug 16 bit applications in a separate VDM
  35.        -x sets second-chance break on AV exceptions
  36.        -x{e|d|n|i} sets the break status for the specified event
  37.        -2 creates a separate console window for debuggee
  38.        -i ImagePath specifies the location of the executables that generated
  39.           the fault (see _NT_EXECUTABLE_IMAGE_PATH)
  40.        -lines requests that line number information be used if present
  41.        -myob ignores version mismatches in DBGHELP.DLL
  42.        -n enables verbose output from symbol handler
  43.        -noio disables all I/O for dedicated remoting servers
  44.        -noshell disables the .shell (!!) command
  45.        -QR <\\machine> queries for remote servers
  46.        -s disables lazy symbol loading
  47.        -ses enables strict symbol loading
  48.        -sfce fails critical errors encountered during file searching
  49.        -sicv ignores the CV record when symbol loading
  50.        -snul disables automatic symbol loading for unqualified names
  51.        -srcpath specifies the source search path
  52.        -v enables verbose output from debugger
  53.        -wake wakes up a sleeping debugger and exits
  54.        -y specifies the symbol search path (see _NT_SYMBOL_PATH)
  55.        -z specifies the name of a crash dump file to debug
  56.        -zp specifies the name of a page.dmp file
  57.                            to use with a crash dump
  58.        -remote lets you connect to a debugger session started with -server
  59.                must be the first argument if present
  60.                transport: tcp | npipe | ssl | spipe | 1394 | com
  61.                name: machine name on which the debug server was created
  62.                portid: id of the port the debugger server was created on
  63.                    for tcp use:  port=
  64.                    for npipe use:  pipe=
  65.                    for 1394 use:  channel=
  66.                    for com use:  port=,baud=,
  67.                                  channel=
  68.                    for ssl and spipe see the documentation
  69.                example: ... -remote npipe:server=yourmachine,pipe=foobar
  70.        -server creates a debugger session other people can connect to
  71.                must be the first argument if present
  72.                transport: tcp | npipe | ssl | spipe | 1394 | com
  73.                portid: id of the port remote users can connect to
  74.                    for tcp use:  port=
  75.                    for npipe use:  pipe=
  76.                    for 1394 use:  channel=
  77.                    for com use:  port=,baud=,
  78.                                  channel=
  79.                    for ssl and spipe see the documentation
  80.                example: ... -server npipe:pipe=foobar
  81.        -premote transport specifies the process server to connect to
  82.               transport arguments are given as with remoting

  83. Environment Variables:

  84.     _NT_SYMBOL_PATH=[Drive:][Path]
  85.         Specify symbol image path.

  86.     _NT_ALT_SYMBOL_PATH=[Drive:][Path]
  87.         Specify an alternate symbol image path.

  88.     _NT_DEBUGGER_EXTENSION_PATH=[Drive:][Path]
  89.         Specify a path which should be searched first for extensions dlls

  90.     _NT_EXECUTABLE_IMAGE_PATH=[Drive:][Path]
  91.         Specify executable image path.

  92.     _NT_SOURCE_PATH=[Drive:][Path]
  93.         Specify source file path.

  94.     _NT_DEBUG_LOG_FILE_OPEN=filename
  95.         If specified, all output will be written to this file from offset 0.

  96.     _NT_DEBUG_LOG_FILE_APPEND=filename
  97.         If specified, all output will be APPENDed to this file.

  98.     _NT_DEBUG_HISTORY_SIZE=size
  99.         Specifies the size of a server's output history in kilobytes

  100. Control Keys:

  101.      Quit debugger
  102.              Break into Target
  103.      Force a break into debuggee (same as Ctrl-C)
  104.      Debug Current debugger
  105.      Toggle Verbose mode
  106.      Print version information
  107. ntsd: exiting - press enter ---
½Æ»s¥N½X
2005.12.04¤£¹w´Á¹J¨£¤°»ò¡B¤~¥i¯à¤°»ò³£¯à¹J¨£¡C
¦pªG§A¬O·|­û¡A¦³¥ô¦ó¨Ï¥Î¤Wªº°ÝÃD¡A½Ðµoµu°Tµ¹§Ú(wen)
¦pªG§A¬O³X«Èªº¸Ü¡Aµù¥U¤§«á¥i¥H±o¨ì§¹¾ãªºÂsÄýÅv­­
ªð¦^¦Cªí