Use the Microsoft Symbol Server to obtain debug symbol files
//z 2011-09-04 16:52:[email protected] 转载请注明出处
debug tools for windows,windbg
1. 在windbg中可以使用如下命令:
.sympath SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols
设置_NT_SYMBOL_PATH
F:\Symbol;symsrv*symsrv.dll*F:\Symbol*http://msdl.microsoft.com/download/symbols
2.如是临时使用:
Set _NT_SYMBOL_PATH = symsrv*symsrv.dll*f:\localsymbols*http://msdl.microsoft.com/download/symbols
3. 多个路径
fsymchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols:
//z 2011-09-04 16:52:[email protected] 转载请注明出处
4. 迭代得到目录下的所有文件的symbol
symchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols
- /r c:\windows\system32 finds all symbols for files in the System32 folder and any subfolders.
- /s SRV*c:\symbols*http://msdl.microsoft.com/download/symbols specifies the symbol path to use for symbol resolution. In this case,c:\symbols is the local folder where the symbols will be copied from the symbol server.
//z 2011-09-04 16:52:[email protected] 转载请注明出处
Pseudoregisters
Pseudoregister | Description |
@ERR | Last error value; the same value returned by the |
@TIB | Thread information block for the current thread; necessary because the debugger doesn't handle the "FS:0" format |
@CLK | Undocumented clock register; usable only in the Watch window |
@EAX, @EBX, @ECX, @EDX, @ESI, @EDI, @EIP, @ESP, @EBP, @EFL | Intel CPU registers |
@CS, @DS, @ES, @SS, @FS, @GS | Intel CPU segment registers |
@ST0, @ST1, @ST2, @ST3, @ST4, @ST5, @ST6, @ST7 | Intel CPU floating-point registers |
@ERR
最后错误值; 和GetLastError() API 函数一致
@TIB
当前线程信息; 在调试器无法处理”FS:0”格式的时候是必要的
@CLK
未列入文档的寄存器; 只是在Watch窗口适用
@EAX, @EBX, @ECX, @EDX, @ESI, @EDI, @EIP, @ESP, @EBP, @EFL
Intel CPU 寄存器
@CS, @DS, @ES, @SS, @FS, @GS
Intel CPU 段寄存器
@ST0, @ST1, @ST2, @ST3, @ST4, @ST5, @ST6, @ST7
Intel CPU 浮点寄存器
其中@TIB很有用,可以用在多线程调试的时候作为断点的条件变量.这样就可以只观察一个线程的执行情况.
另一个常用的@err,hr
(X64 Debugging With Pseudo Variables And Format Specifiers)
Pseudo Variable Description
$handles Number of handles to kernel objects
$vframe Current stack frame address
$TID Current thread identifier
$registername Contents of specified register
$clk Time in clock cycles
$user Process and thread token information
Specifier Description
D Decimal
U Unsigned decimal
O Octal
X Hexadecimal
F Floating point
E Scientific notation
C Character
S Character string
Su Unicode string
s8 UTF-8 string
Hr HRESULT or Win32 error code
wc Windows class
wm Windows message
! Raw format