前段时间有朋友问我怎么从 dump 与机器相关的信息是什么?例如:机器内存的大小,cpu核数,机器名,机器的环境变量 等等。
那么如何提取里面的信息呢?当然,我并没有说它们都可以提取。。。以你自己的机器为例:
1. 如何提取 cpu 核数
windbg 中有一个 !cpuid 可提取命令cpu的相关信息。
0:006>!cpuid CPF/M/SManufacturerMHz 06,5,2GenuineIntel2592 16,5,2GenuineIntel2592 26,5,2GenuineIntel2592 36,5,2GenuineIntel2592 46,5,2GenuineIntel2592 56,5,2GenuineIntel2592 66,5,2GenuineIntel2592 76,5,2GenuineIntel2592 86,5,2GenuineIntel2592 96,5,2GenuineIntel2592 106,5,2GenuineIntel2592 116,5,2GenuineIntel2592可见,当前cpu为12核,厂家为intel,兆赫=2592。
2. 如何提取机器名称
windbg有一个命令叫 !envvar ,可用于获取指定的环境变量,如此 COMPUTERNAME 啦。
0:006>!envvarCOMPUTERNAME COMPUTERNAME=SD-20210607OIBM3. 如何提取机器环境变量
从上面的 !envvar 在使用过程中,你应该能够感觉到,既然你可以提取环境变量,你能得到所有的环境变量吗?当然可以。 !peb,也就是 Process Environment Block。
0:006>!peb PEBat002af000 InheritedAddressSpace:No ReadImageFileExecOptions:No BeingDebugged:Yes ImageBaseAddress:00400000 NtGlobalFlag:4070 NtGlobalFlag2:0 Ldr77975d80 Ldr.Initialized:Yes Ldr.InInitializationOrderModuleList:006e4f68.0075e630 Ldr.InLoadOrderModuleList:006e5060.0075bae8 Ldr.InMemoryOrderModuleList:006e5068.0075baf0 BaseTimeStampModule 400000D:\net5\ConsoleApp4\ConsoleApp1\bin\Debug\ConsoleApp1.exe 778500005f641e44Sep1810:41:082020C:\Windows\SYSTEM32\ntdll.dll 7c570000C:\Windows\SYSTEM32\MSCOREE.DLL 75ac0000C:\Windows\System32\KERNEL32.dll 76900000197b16c5Jul2005:12:371983C:\Windows\System32\KERNELBASE.dll 76880000C:\Windows\System32\ADVAPI32.dll 757400007f567a50Sep1221:10:402037C:\Windows\System32\msvcrt.dll 7617000056a91365Jan2802:58:452016C:\Windows\System32\sechost.dll 76c20000C:\Windows\System32\RPCRT4.dll 7c5d00005e7d1df2Mar2705:26:102020C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll 758a0000C:\Windows\System32\SHLWAPI.dll 764900003d49eb55Aug0210:15:492002C:\Windows\ystem32\kernel.appcore.dll
74b60000 C:\Windows\SYSTEM32\VERSION.dll
79a40000 5f7e61bb Oct 08 08:47:55 2020 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
76650000 1e757656 Mar 12 20:28:06 1986 C:\Windows\System32\USER32.dll
764d0000 55cf9768 Aug 16 03:47:52 2015 C:\Windows\System32\win32u.dll
75480000 1baae673 Sep 16 20:15:47 1984 C:\Windows\System32\GDI32.dll
764f0000 C:\Windows\System32\gdi32full.dll
7a210000 5bac17e1 Sep 27 07:36:01 2018 C:\Windows\SYSTEM32\ucrtbase_clr0400.dll
7a1f0000 5bac17e5 Sep 27 07:36:05 2018 C:\Windows\SYSTEM32\VCRUNTIME140_CLR0400.dll
75810000 C:\Windows\System32\msvcp_win.dll
77500000 73123758 Mar 06 22:27:36 2031 C:\Windows\System32\ucrtbase.dll
764a0000 39046a45 Apr 24 23:37:41 2000 C:\Windows\System32\IMM32.DLL
7a2c0000 5f7e60f6 Oct 08 08:44:38 2020 C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\218db16dceaef380c6daf35c6a48f313\mscorlib.ni.dll
762a0000 4f8dda94 Apr 18 05:03:16 2012 C:\Windows\System32\ole32.dll
754b0000 2f680839 Mar 16 17:43:21 1995 C:\Windows\System32\combase.dll
76b80000 C:\Windows\System32\bcryptPrimitives.dll
7b6d0000 5f7e60c1 Oct 08 08:43:45 2020 C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
77750000 C:\Windows\System32\OLEAUT32.dll
SubSystemData: 00000000
ProcessHeap: 006e0000
ProcessParameters: 006e29b8
CurrentDirectory: 'C:\Windows\system32\'
WindowTitle: 'D:\net5\ConsoleApp4\ConsoleApp1\bin\Debug\ConsoleApp1.exe'
ImageFile: 'D:\net5\ConsoleApp4\ConsoleApp1\bin\Debug\ConsoleApp1.exe'
CommandLine: 'D:\net5\ConsoleApp4\ConsoleApp1\bin\Debug\ConsoleApp1.exe'
DllPath: '< Name not readable >'
Environment: 006e0b80
=::=::\
ALLUSERSPROFILE=C:\ProgramData
APPDATA=C:\Users\Administrator\AppData\Roaming
ASPNETCORE_ENVIRONMENT=Development
CLASSPATH=.;C:\Program Files\Java\jdk1.8.0_121\lib\dt.jar;C:\Program Files\Java\jdk1.8.0_121\lib\tools.jar;
CommonProgramFiles=C:\Program Files (x86)\Common Files
CommonProgramFiles(x86)=C:\Program Files (x86)\Common Files
CommonProgramW6432=C:\Program Files\Common Files
COMPUTERNAME=SD-20210607OIBM
ComSpec=C:\Windows\system32\cmd.exe
DBGENG_OVERRIDE_DBGSRV_PATH=C:\Users\Administrator\AppData\Local\Microsoft\WindowsApps\Microsoft.WinDbg_8wekyb3d8bbwe\dbgsrv32.exe
DBGHELP_HOMEDIR=C:\ProgramData\Dbg
DriverData=C:\Windows\System32\Drivers\DriverData
HOMEDRIVE=C:
HOMEPATH=\Users\Administrator
JAVA_HOME=C:\Program Files\Java\jdk1.8.0_121
LOCALAPPDATA=C:\Users\Administrator\AppData\Local
LOGONSERVER=\\SD-20210607OIBM
MOZ_PLUGIN_PATH=C:\Program Files (x86)\Foxit Software\Foxit Reader\plugins\
NUMBER_OF_PROCESSORS=12
OneDrive=C:\Users\Administrator\OneDrive
OS=Windows_NT
Path=C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2107.13001.0_neutral__8wekyb3d8bbwe\x86;C:\Program Files\WindowsApps\Microsoft.WinDbg_1.2107.13001.0_neutral__8wekyb3d8bbwe\amd64;C:\Program Files (x86)\VMware\VMware Workstation\bin\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Windows\System32\OpenSSH\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;C:\Program Files\NVIDIA Corporation\NVIDIA NvDLISR;C:\Program Files\dotnet\;C:\Program Files\Microsoft SQL Server\Client SDK\ODBC\170\Tools\Binn\;C:\Program Files\Git\cmd;C:\soft\procdump;C:\Program Files\Java\jdk1.8.0_121\bin;C:\Program Files\Java\jdk1.8.0_121\jre\bin;C:\Program Files\nodejs\;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\Tools\Binn\;C:\Program Files\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\150\DTS\Binn\;C:\Program Files\Azure Data Studio\bin;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\Tools\Binn\;C:\Program Files\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\;C:\Program Files (x86)\Microsoft Visual Studio 9.0\Common7\IDE\PrivateAssemblies\;C:\Program Files (x86)\Microsoft SQL Server\100\DTS\Binn\;C:\Program Files (x86)\Visual Leak Detector\bin\Win32;C:\Program Files (x86)\Visual Leak Detector\bin\Win64;C:\Program Files\TortoiseGit\bin;C:\Program Files\Microsoft\Web Platform Installer\;C:\soft\nginx;C:\Program Files (x86)\dotnet\;C:\Program Files (x86)\NetSarang\Xshell 7\;C:\Users\Administrator\AppData\Local\Microsoft\WindowsApps;C:\Users\Administrator\.dotnet\tools;C:\Users\Administrator\AppData\Local\Programs\Microsoft VS Code\bin;C:\Users\Administrator\AppData\Roaming\npm
PATHEXT=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH;.MSC
PROCESSOR_ARCHITECTURE=x86
PROCESSOR_ARCHITEW6432=AMD64
PROCESSOR_IDENTIFIER=Intel64 Family 6 Model 165 Stepping 2, GenuineIntel
PROCESSOR_LEVEL=6
PROCESSOR_REVISION=a502
ProgramData=C:\ProgramData
ProgramFiles=C:\Program Files (x86)
ProgramFiles(x86)=C:\Program Files (x86)
ProgramW6432=C:\Program Files
PSModulePath=C:\Program Files\WindowsPowerShell\Modules;C:\Windows\system32\WindowsPowerShell\v1.0\Modules;C:\Program Files (x86)\Microsoft SQL Server\150\Tools\PowerShell\Modules\
PUBLIC=C:\Users\Public
SRCSRV_SHOW_TF_PROMPT=1
SystemDrive=C:
SystemRoot=C:\Windows
TEMP=C:\Users\ADMINI~1\AppData\Local\Temp
TMP=C:\Users\ADMINI~1\AppData\Local\Temp
USERDOMAIN=SD-20210607OIBM
USERDOMAIN_ROAMINGPROFILE=SD-20210607OIBM
USERNAME=Administrator
USERPROFILE=C:\Users\Administrator
windir=C:\Windows
WXDRIVE_START_ARGS=--wxdrive-setting=0 --disable-gpu --disable-software-rasterizer --enable-features=NetworkServiceInProcess
ZES_ENABLE_SYSMAN=1哈哈,这信息是不是相当多。。。。
4. 其他信息
很遗憾的是,我目前还不知道从 dump 中提取出当前机器的内存大小,如果有知道的,可以聊一聊。