从windbg获取.pdb文件路径
有没有办法获取windbg当前使用的pdb文件的路径?通过本机命令,或者最好使用插件API 因此,理想情况下,我希望能够做到:从windbg获取.pdb文件路径,windbg,debug-symbols,pdb-files,Windbg,Debug Symbols,Pdb Files,有没有办法获取windbg当前使用的pdb文件的路径?通过本机命令,或者最好使用插件API 因此,理想情况下,我希望能够做到: printf(getSymbolFile("ntdll.dll")); 它将打印“c:\symbols\ntdll.pdb”您可以使用windbg命令!lmi mydll.dll 因此,对于ntdll.dll,图像名称将显示路径: :004> !lmi ntdll Loaded Module Info: [ntdll] Module: ntd
printf(getSymbolFile("ntdll.dll"));
它将打印“c:\symbols\ntdll.pdb”您可以使用windbg命令
!lmi mydll.dll:004> !lmi ntdll
Loaded Module Info: [ntdll]
Module: ntdll
Base Address: 00000000776f0000
Image Name: C:\Windows\SYSTEM32\ntdll.dll
Machine Type: 34404 (X64)
Time Stamp: 51fb164a Fri Aug 02 03:15:38 2013
Size: 1a9000
CheckSum: 1a9bda
Characteristics: 2022 perf
Debug Data Dirs: Type Size VA Pointer
CODEVIEW 22, 101268, 100668 RSDS - GUID: {400F215C-54DA-4047-88F8-4F5C50491495}
Age: 2, Pdb: ntdll.pdb
CLSID 4, 101264, 100664 [Data not mapped]
Image Type: FILE - Image read successfully from debugger.
C:\Windows\SYSTEM32\ntdll.dll
Symbol Type: PDB - Symbols loaded successfully from symbol server.
C:\Program Files\Windows Kits\8.0\Debuggers\x64\sym\ntdll.pdb\400F215C54DA404788F84F5C504914952\ntdll.pdb
Load Report: public symbols , not source indexed
C:\Program Files\Windows Kits\8.0\Debuggers\x64\sym\ntdll.pdb\400F215C54DA404788F84F5C504914952\ntdll.pdb
!我叫你这么做与做的事情一样!chksym
0:030> !itoldyouso ntdll
C:\Windows\SYSTEM32\ntdll.dll
Timestamp: 51FB164A
SizeOfImage: 1A9000
pdb: ntdll.pdb
pdb sig: 400F215C-54DA-4047-88F8-4F5C50491495
age: 2
Loaded pdb is C:\Program Files\Windows Kits\8.0\Debuggers\x64\sym\ntdll.pdb\400F215C54DA404788F84F5C504914952\ntdll.pdb
ntdll.pdb
pdb sig: 400F215C-54DA-4047-88F8-4F5C50491495
age: 2
MATCH: ntdll.pdb and C:\Windows\SYSTEM32\ntdll.dll
它仍然非常冗长,您只保存了几行。这可以通过lm
(列出模块)和ntdll的模块过滤器(m
)来完成:
0:017> lm m ntdll
start end module name
77aa0000 77c20000 ntdll (pdb symbols) e:\debug\symbols\wntdll.pdb\370278F5B1BA4A16B0DC8199E9623C3C2\wntdll.pdb
对于符号信息,您也可以使用undocumented命令。@SeanCline啊,是的,我忘记了,我将把输出添加到我的答案中,谢谢