Sometimes I keep a huge no. of breakpoints that span more than a page when
debugginv driver problems.
Is there a feature in windbg where I can pass|pipe the o/p of “bl” command
to grep for a particular pattern.
Sometimes the function names are long that you forget whether a bp is set
in that fn and the fn name itself.
I can also goto o/p window and ctrl+F and search for some string. But
keyboard is always comfortable and prefer to avoid moving from kb to
mouse…
If this is not possible, it would be good to have this feature where you
can pipe o/p of one command as i/p to another cmd.
you can use .shell and pipe all debugger commands to external applications
there is a grep for windows
though i havent used it
here is a sample output of grepping with findstr
kd> bl
0 e 80490eff 0001 (0001) nt!NtCreateMailslotFile
1 e 804eb855 0001 (0001) nt!NtCreateWaitablePort
2 e 804a9212 0001 (0001) nt!NtCreateProcess
3 e 804bc2a4 0001 (0001) nt!NtCreateTimer
4 e 804a89ad 0001 (0001) nt!NtCreateThread
5 e 804b2483 0001 (0001) nt!NtCreateKey
6 e 8049e429 0001 (0001) nt!NtCreatePort
7 e 804eacef 0001 (0001) nt!NtCreateChannel
8 e 80497ae3 0001 (0001) nt!NtCreateIoCompletion
9 e 804c9240 0001 (0001) nt!NtCreateEventPair
10 e 8049473d 0001 (0001) nt!NtCreateSemaphore
11 e 804ed9af 0001 (0001) nt!NtCreatePagingFile
12 e 804fd903 0001 (0001) nt!NtCreateJobObject
13 e 804c880a 0001 (0001) nt!NtCreateProfile
14 e 804f4b84 0001 (0001) nt!NtCreateDirectoryObject
15 e 804a74f0 0001 (0001) nt!NtCreateSymbolicLinkObject
16 e 804ba0f0 0001 (0001) nt!NtCreateNamedPipeFile
17 e 80494f94 0001 (0001) nt!NtCreateMutant
18 e 8049f7f1 0001 (0001) nt!NtCreateSection
19 e 80497ef9 0001 (0001) nt!NtCreateFile
kd> .shell -ci “bl” findstr “nt!NtCreateS.”
10 e 8049473d 0001 (0001) nt!NtCreateSemaphore
15 e 804a74f0 0001 (0001) nt!NtCreateSymbolicLinkObject
18 e 8049f7f1 0001 (0001) nt!NtCreateSection
.shell: Process exited
also there is a caveat Drew Bliss mentioned in some replies to my earlier
queries while in kernel debuuging only the first 32 break points will fire
even if you have n number of breakpoints
On 11/20/06, Praveen Kumar Amritaluru wrote: > > Hi, > > Sometimes I keep a huge no. of breakpoints that span more than a page when > debugginv driver problems. > > Is there a feature in windbg where I can pass|pipe the o/p of “bl” > command > to grep for a particular pattern. > Sometimes the function names are long that you forget whether a bp is set > in that fn and the fn name itself. > > I can also goto o/p window and ctrl+F and search for some string. But > keyboard is always comfortable and prefer to avoid moving from kb to > mouse… > > If this is not possible, it would be good to have this feature where you > can pipe o/p of one command as i/p to another cmd. > > Regds, > -Praveen > > > > — > You are currently subscribed to windbg as: xxxxx@gmail.com > To unsubscribe send a blank email to xxxxx@lists.osr.com >
On 11/21/06, Praveen Kumar Amritaluru wrote: > > Thanks Raj for the info. > Is there a way to view o/p of a cmd one page at a time , for eg. > !analyze -v o/p.
oh sorry for replying late you had not mailed this to the list i normally read the forum and see email only if i have to reply back i didnt see this in forum so thought nothing about it
anyway im not aware of doing display page wise
but i can suggst you to have a seperate command browser (ctrl+n) or .browse command move it to a seperate dock and perform !analyze -v operation only remove the auto refresh option it wont be cluttered with any other information except the output of analyze -v and its scrollable seperately also copy pastable to notpad or any other test editor
if you copy paste it to notepad
you can use cmd and do
type myanalyze.txt | more
or do a .shell -x from windbg prompt for a detached cmd window
Yes, I do have cygwin installed on my system.
Does .shell invoke cygwin shell?
It does not seem to be.
“JD” wrote in message news:xxxxx@windbg… > Praveen Kumar Amritaluru wrote: >> Hi, >> >> Is there a feature in windbg where I can pass|pipe the o/p of “bl” >> command to grep for a particular pattern. > >> >> > get cygwin ( freebie ) tool kit and you can .shell egrep| cut | wc -l to > your heart’s content. >
Findstr.exe is a poor-man’s grep, and it’s in the box. It’ll do basic substring searches, as well as regexes, although its regex support is not as powerful as full grep.
-----Original Message-----
From: xxxxx@lists.osr.com [mailto:xxxxx@lists.osr.com] On Behalf Of Praveen Kumar Amritaluru
Sent: Monday, November 27, 2006 5:45 AM
To: Kernel Debugging Interest List
Subject: Re:[windbg] Is there a grep option?
Yes, I do have cygwin installed on my system.
Does .shell invoke cygwin shell?
It does not seem to be.
“JD” wrote in message news:xxxxx@windbg… > Praveen Kumar Amritaluru wrote: >> Hi, >> >> Is there a feature in windbg where I can pass|pipe the o/p of “bl” >> command to grep for a particular pattern. > >> >> > get cygwin ( freebie ) tool kit and you can .shell egrep| cut | wc -l to > your heart’s content. >
sorry for dumb spelling mistakes hit the send