Home Uncategorised Setting Symbols in WinDbg

Setting Symbols in WinDbg

by dnaadmin

The symbol path specifies locations where the Windows debuggers (WinDbg, KD, CDB, NTST) look for symbol files. Microsoft OS symbols are located at: https://msdl.microsoft.com/download/symbols

You can set the symbols in multiple ways:

  1. If you are an active debugger, setting it up in the environment path is the best option. You can directly set the _NT_SYMBOL_PATH in the environment variable path Ex: _NT_SYMBOL_PATH=srv*C:\Symbols\MsSymbols*http://msdl.microsoft.com/download/symbols
  2. GUI via the WinDbg interface:  In WinDbg’s GUI you can access symbol settings from:–(Menu) File->Symbol File Path … (Ctrl+S)
  3. Using Command line on WinDbg prompt

Useful Commands:

–.sympath-> get/set path for symbol search

–.sympath ->+XY append XY directory to the searched symbol path

–!sym noisy ->instructs the debugger to display information about its search for symbols

–ld kernel32 ->load symbols for kernel32.dll

–ld * ->load symbols for all modules

–.reload ->reloads symbol information

–x kernel32!*->examine and list all symbols in kernel32

–x kernel32!*LoadLibrary* ->list all symbols in kernel32 which contain *LoadLibrary*

–dt ntdll!*->display all variables in ntdll

Combining cache* and srv*

If you include the string cache*; in your symbol path, symbols loaded from any element that appears to the right of this string are stored in the default symbol cache directory on the local computer. For example, the following command tells the debugger to use a symbol server to get symbols from the store at https://msdl.microsoft.com/download/symbols and cache them in the default symbol cache directory.

.sympath cache*;srv*https://msdl.microsoft.com/download/symbols

If you include the string cache*localsymbolcache; in your symbol path, symbols loaded from any element that appears to the right of this string are stored in the localsymbolcache directory.

For example, the following command tells the debugger to use a symbol server to get symbols from the store at https://msdl.microsoft.com/download/symbols and cache the symbols in the c:\MySymbols directory. .sympath cache*c:\MySymbols;srv*https://msdl.microsoft.com/download/symbols

0

You may also like

Leave a Comment