WinDbg支持自动伪寄存器和用户定义伪寄存器。
所有的伪寄存器都是使用美元符号开始(添加一个@符号。这个@符号告诉调试器接下来的标识是一个寄存器或者伪寄存器,不是一个符号。如果忽略@符号,调试器将搜索符号表。
r寄存器命令是一个例外,调试器总是解释他的第一个参数作为寄存器和伪寄存器。第二个参数就按照正常语法来解释
0:000> r $t1 = @$t2
自动伪寄存器
| 伪寄存器 | 描述 |
|---|---|
| $ea | 最后一条被执行的有效地址,如果不是有效地址,将显示“Bad register error” |
| $ea | 第二个有效地址 |
| $exp | 最后一个表达式的值 |
| $ra | 当前在栈上的返回地址 |
| $ip | 指令寄存器 x86:eip Itanium:iip x64 rip |
| $eventip | The instruction pointer at the time of the current event. This pointer typically matches $ip, unless you switched threads or manually changed the value of the instruction pointer. |
| $previp | The instruction pointer at the time of the previous event. (Breaking into the debugger counts as an event.) |
| $relip | An instruction pointer that is related to the current event. When you are branch tracing, this pointer is the pointer to the branch source. |
| $scopeip | The instruction pointer for the current local context (also known as the scope). |
| $exentry | The address of the entry point of the first executable of the current process. |
| $retreg | The primary return value register.x86-based processors: The same as eax.Itanium-based processors: The same as ret0.x64-based processors: The same as rax. |
| $retreg64 | The primary return value register, in 64-bit format.x86 processor: The same as the edx:eax pair. |
| $csp | The current call stack pointer. This pointer is the register that is most representative of call stack depth.x86-based processors: The same as esp.Itanium-based processors: The same as bsp.x64-based processors: The same as rsp. |
| $p | The value that the last d (Display Memory)* command printed. |
| $proc | The address of the current process (that is, the address of the EPROCESS block). |
| $thread | The address of the current thread. In kernel-mode debugging, this address is the address of the ETHREAD block. In user-mode debugging, this address is the address of the thread environment block (TEB). |
| $peb | The address of the process environment block (PEB) of the current process. |
| $teb | The address of the thread environment block (TEB) of the current thread. |
| $tpid | The process ID (PID) for the process that owns the current thread. |
| $tid | The thread ID for the current thread. |
| $dtid | |
| $dpid | |
| $dsid | |
| $bpNumber | The address of the corresponding breakpoint. For example, |
| $frame | The current frame index. This index is the same frame number that the .frame (Set Local Context) command uses. |
| $dbgtime | The current time, according to the computer that the debugger is running on. |
| $callret | The return value of the last function that .call (Call Function) called or that is used in an .fnret /s command. The data type of $callret is the data type of this return value. |
| $extret | |
| $extin | |
| $clrex | |
| $lastclrex | Managed debugging only: The address of the last-encountered common language runtime (CLR) exception object. |
| $ptrsize | 指针的长度. In kernel mode, this size is the pointer size on the target computer. |
| $pagesize | The number of bytes in one page of memory. In kernel mode, this size is the page size on the target computer. |
| $pcr | |
| $pcrb | |
| $argreg | |
| $exr_chance | The chance of the current exception record. |
| $exr_code | The exception code for the current exception record. |
| $exr_numparams | The number of parameters in the current exception record. |
| $exr_param0 | The value of Parameter 0 in the current exception record. |
| $exr_param1 | The value of Parameter 1 in the current exception record. |
| $exr_param2 | The value of Parameter 2 in the current exception record. |
| $exr_param3 | The value of Parameter 3 in the current exception record. |
| $exr_param4 | The value of Parameter 4 in the current exception record. |
| $exr_param5 | The value of Parameter 5 in the current exception record. |
| $exr_param6 | The value of Parameter 6 in the current exception record. |
| $exr_param7 | The value of Parameter 7 in the current exception record. |
| $exr_param8 | The value of Parameter 8 in the current exception record. |
| $exr_param9 | The value of Parameter 9 in the current exception record. |
| $exr_param10 | The value of Parameter 10 in the current exception record. |
| $exr_param11 | The value of Parameter 11 in the current exception record. |
| $exr_param12 | The value of Parameter 12 in the current exception record. |
| $exr_param13 | The value of Parameter 13 in the current exception record. |
| $exr_param14 | The value of Parameter 14 in the current exception record. |
| $bug_code | If a bug check has occurred, this is the bug code. Applies to live kernel-mode debugging and kernel crash dumps. |
| $bug_param1 | If a bug check has occurred, this is the value of Parameter 1. Applies to live kernel-mode debugging and kernel crash dumps. |
| $bug_param2 | If a bug check has occurred, this is the value of Parameter 2. Applies to live kernel-mode debugging and kernel crash dumps. |
| $bug_param3 | If a bug check has occurred, this is the value of Parameter 3. Applies to live kernel-mode debugging and kernel crash dumps. |
| $bug_param4 | If a bug check has occurred, this is the value of Parameter 4. Applies to live kernel-mode debugging and kernel crash dumps. |
网友评论