Menu
Is there a way to get the path of the pdb file currently used by windbg? Either by a native command, or, preferably, using the plugin API.
So, ideally I want to be able to do something like:
printf(getSymbolFile("ntdll.dll"));
which would print "c:\symbols\ntdll.pdb"
247
pdb file stores all debug information for the project's .exe file, and resides in the \debug subdirectory.
The symbol path specifies locations where the Windows debuggers (WinDbg, KD, CDB, NTST) look for symbol files. For more information about symbols and symbol files, see Symbols. Some compilers (such as Microsoft Visual Studio) put symbol files in the same directory as the binary files.
PDB Path in CodeView Debug Informationpdb extension is included to ensure the debugger locates the correct PDB for the program. A partially qualified PDB path would list only the PDB file name, such as: Test.pdb.
To control the symbol path in WinDbg, do one of the following: Choose Symbol File Path from the File menu or press CTRL+S. Use the . sympath (Set Symbol Path) command.
You can use the windbg command !lmi mydll.dll
So for ntdll.dll the image name will display the path:
:004> !lmi ntdll
Loaded Module Info: [ntdll]
Module: ntdll
Base Address: 00000000776f0000
Image Name: C:\Windows\SYSTEM32\ntdll.dll
Machine Type: 34404 (X64)
Time Stamp: 51fb164a Fri Aug 02 03:15:38 2013
Size: 1a9000
CheckSum: 1a9bda
Characteristics: 2022 perf
Debug Data Dirs: Type Size VA Pointer
CODEVIEW 22, 101268, 100668 RSDS - GUID: {400F215C-54DA-4047-88F8-4F5C50491495}
Age: 2, Pdb: ntdll.pdb
CLSID 4, 101264, 100664 [Data not mapped]
Image Type: FILE - Image read successfully from debugger.
C:\Windows\SYSTEM32\ntdll.dll
Symbol Type: PDB - Symbols loaded successfully from symbol server.
C:\Program Files\Windows Kits\8.0\Debuggers\x64\sym\ntdll.pdb\400F215C54DA404788F84F5C504914952\ntdll.pdb
Load Report: public symbols , not source indexed
C:\Program Files\Windows Kits\8.0\Debuggers\x64\sym\ntdll.pdb\400F215C54DA404788F84F5C504914952\ntdll.pdb
This is a bit verbose however.
Thanks to @SeanCline who pointed out the undocumented command !itoldyouso which does the same thing as !chksym
0:030> !itoldyouso ntdll
C:\Windows\SYSTEM32\ntdll.dll
Timestamp: 51FB164A
SizeOfImage: 1A9000
pdb: ntdll.pdb
pdb sig: 400F215C-54DA-4047-88F8-4F5C50491495
age: 2
Loaded pdb is C:\Program Files\Windows Kits\8.0\Debuggers\x64\sym\ntdll.pdb\400F215C54DA404788F84F5C504914952\ntdll.pdb
ntdll.pdb
pdb sig: 400F215C-54DA-4047-88F8-4F5C50491495
age: 2
MATCH: ntdll.pdb and C:\Windows\SYSTEM32\ntdll.dll
It is still pretty verbose, you save a few lines.
173
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
