windbg API 跟踪
!logexts.loge
!logexts.logc e *
!logexts.logo e v
!logexts.logb p
!logexts.loge
enables logging
!logexts.logc e
displays all API categories
!logexts.logo e v
debugger (d), a text file (t), or a verbose .lgv file (v).
!logexts.logb p
the output buffer to be displayed in the debugger
!logexts.logc
Categories:
1 AdvApi32 Enabled
2 AtomFunctions Enabled
3 AVIFileExports Enabled
4 Clipboard Enabled
5 ComponentObjectModel Enabled
6 DebuggingAndErrorHandling Enabled
7 DeviceFunctions Enabled
8 Direct3D Enabled
9 DirectDraw Enabled
10 DirectPlay Enabled
11 DirectSound Enabled
12 GDI Enabled
13 HandleAndObjectFunctions Enabled
14 HookingFunctions Enabled
15 IOFunctions Enabled
16 MemoryManagementFunctions Enabled
17 Multimedia Enabled
18 Printing Enabled
19 ProcessesAndThreads Enabled
20 RegistryFunctions Enabled
21 Shell Enabled
22 StringManipulation Enabled
23 ThreadLocalStorage Enabled
24 User32 Enabled
25 User32StringExports Enabled
26 Version Enabled
27 WinSock2 Enabled
0:001> !logexts.logc d 12
12 GDI Disabled
0:001> !logexts.help
Windows API Logging Extensions v3.01
Main control:
!loge [dir] Enable logging. Output directory optional.
!logi [dir] Initialize but don't enable logging.
!logd Disable logging.
Output:
!logo List output settings.
!logo [e|d] [d|t|v] Enable/disable output:
d - Debugger
t - Text file
v - Verbose log
Categories:
!logc List all categories.
!logc p # List APIs in category #.
!logc [e|d] * Enable/disable all categories.
!logc [e|d] # [#] [#] ... Enable/disable category #.
Buffer access:
!logb p Print buffer contents to debugger.
!logb f Flush buffer to log files.
Debugging Logexts:
!logs Print statistics.
!logh [i|c] Print hook info (import | com).
!logspew [e|d] Enable/disable logexts info messages.
Module inclusion/exclusion:
!logm Display module inclusion/exclusion list.
!logm [i|x] [DLL] [DLL] ... Specify module inclusion/exclusion list.
