设置_NT_SYMBOL_PATH(windbg)

Use the Microsoft Symbol Server to obtain debug symbol files

//z 2011-09-04 16:52:[email protected] 转载请注明出处
debug tools for windows,windbg

1. 在windbg中可以使用如下命令:

.sympath SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols

设置_NT_SYMBOL_PATH
F:\Symbol;symsrv*symsrv.dll*F:\Symbol*http://msdl.microsoft.com/download/symbols


2.如是临时使用:

Set _NT_SYMBOL_PATH = symsrv*symsrv.dll*f:\localsymbols*http://msdl.microsoft.com/download/symbols

3. 多个路径
fsymchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols:

//z 2011-09-04 16:52:[email protected] 转载请注明出处

4. 迭代得到目录下的所有文件的symbol
symchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols

  • /r c:\windows\system32 finds all symbols for files in the System32 folder and any subfolders.
  • /s SRV*c:\symbols*http://msdl.microsoft.com/download/symbols specifies the symbol path to use for symbol resolution. In this case,c:\symbols is the local folder where the symbols will be copied from the symbol server.

//z 2011-09-04 16:52:[email protected] 转载请注明出处


Pseudoregisters

Pseudoregister

Description

@ERR

Last error value; the same value returned by the GetLastError() API function

@TIB

Thread information block for the current thread; necessary because the debugger doesn't handle the "FS:0" format

@CLK

Undocumented clock register; usable only in the Watch window

@EAX, @EBX, @ECX, @EDX, @ESI, @EDI, @EIP, @ESP, @EBP, @EFL

Intel CPU registers

@CS, @DS, @ES, @SS, @FS, @GS

Intel CPU segment registers

@ST0, @ST1, @ST2, @ST3, @ST4, @ST5, @ST6, @ST7

Intel CPU floating-point registers


@ERR
最后错误值; 和GetLastError() API 函数一致

@TIB
当前线程信息; 在调试器无法处理”FS:0”格式的时候是必要的

@CLK
未列入文档的寄存器; 只是在Watch窗口适用

@EAX, @EBX, @ECX, @EDX, @ESI, @EDI, @EIP, @ESP, @EBP, @EFL
Intel CPU 寄存器

@CS, @DS, @ES, @SS, @FS, @GS
Intel CPU 段寄存器

@ST0, @ST1, @ST2, @ST3, @ST4, @ST5, @ST6, @ST7
Intel CPU 浮点寄存器

其中@TIB很有用,可以用在多线程调试的时候作为断点的条件变量.这样就可以只观察一个线程的执行情况.
另一个常用的@err,hr


(X64 Debugging With Pseudo Variables And Format Specifiers)
Pseudo Variable Description
$handles Number of handles to kernel objects
$vframe Current stack frame address
$TID Current thread identifier
$registername Contents of specified register
$clk Time in clock cycles
$user Process and thread token information


Specifier Description
D Decimal
U Unsigned decimal
O Octal
X Hexadecimal
F Floating point
E Scientific notation
C Character
S Character string
Su Unicode string
s8 UTF-8 string
Hr HRESULT or Win32 error code
wc Windows class
wm Windows message
! Raw format

你可能感兴趣的:(Path)