设置_NT_SYMBOL_PATH(windbg)

Use the Microsoft Symbol Server to obtain debug symbol files

//z 2011-09-04 16:52:44@is2120.CSDN 转载请注明出处
debug tools for windows,windbg

1. 在windbg中可以使用如下命令：

.sympath SRV*f:\localsymbols*http://msdl.microsoft.com/download/symbols

设置_NT_SYMBOL_PATH
F:\Symbol;symsrv*symsrv.dll*F:\Symbol*http://msdl.microsoft.com/download/symbols

2.如是临时使用：

Set _NT_SYMBOL_PATH = symsrv*symsrv.dll*f:\localsymbols*http://msdl.microsoft.com/download/symbols

3. 多个路径
fsymchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols:

//z 2011-09-04 16:52:44@is2120.CSDN 转载请注明出处

4. 迭代得到目录下的所有文件的symbol
symchk /r c:\windows\system32 /s SRV*c:\symbols\*http://msdl.microsoft.com/download/symbols

• /r c:\windows\system32 finds all symbols for files in the System32 folder and any subfolders.
• /s SRV*c:\symbols*http://msdl.microsoft.com/download/symbols specifies the symbol path to use for symbol resolution. In this case,c:\symbols is the local folder where the symbols will be copied from the symbol server.

//z 2011-09-04 16:52:44@is2120.CSDN 转载请注明出处

Pseudoregisters

Pseudoregister	Description
@ERR	Last error value; the same value returned by the GetLastError() API function
@TIB	Thread information block for the current thread; necessary because the debugger doesn't handle the "FS:0" format
@CLK	Undocumented clock register; usable only in the Watch window
@EAX, @EBX, @ECX, @EDX, @ESI, @EDI, @EIP, @ESP, @EBP, @EFL	Intel CPU registers
@CS, @DS, @ES, @SS, @FS, @GS	Intel CPU segment registers
@ST0, @ST1, @ST2, @ST3, @ST4, @ST5, @ST6, @ST7	Intel CPU floating-point registers

@ERR
 最后错误值; 和GetLastError() API 函数一致
 
@TIB
 当前线程信息; 在调试器无法处理”FS:0”格式的时候是必要的
 
@CLK
 未列入文档的寄存器; 只是在Watch窗口适用
 
@EAX, @EBX, @ECX, @EDX, @ESI, @EDI, @EIP, @ESP, @EBP, @EFL
 Intel CPU 寄存器
 
@CS, @DS, @ES, @SS, @FS, @GS
 Intel CPU 段寄存器
 
@ST0, @ST1, @ST2, @ST3, @ST4, @ST5, @ST6, @ST7
 Intel CPU 浮点寄存器
 
其中@TIB很有用,可以用在多线程调试的时候作为断点的条件变量.这样就可以只观察一个线程的执行情况.
另一个常用的@err,hr


(X64 Debugging With Pseudo Variables And Format Specifiers)
Pseudo Variable     Description
$handles     Number of handles to kernel objects
$vframe     Current stack frame address
$TID     Current thread identifier
$registername     Contents of specified register
$clk     Time in clock cycles
$user     Process and thread token information


Specifier     Description
D    Decimal
U    Unsigned decimal
O    Octal
X    Hexadecimal
F    Floating point
E    Scientific notation
C    Character
S    Character string
Su    Unicode string
s8    UTF-8 string
Hr    HRESULT or Win32 error code
wc    Windows class
wm    Windows message
!    Raw format