菜鸟新学一首，关于windbg

在用windbg调试代码的时候，以前一直很苦恼想要知道某个地址指针对应的value。。怎么看呢？其实太简单了。。。。

用dp命令
以下内容来自于windbg的help文件：
====================================================
 
Debugging Tools for Windows (Microsoft Confidential Version)
dda, ddp, ddu, dpa, dpp, dpu, dqa, dqp, dqu (Display Referenced Memory)
The dda, ddp, ddu, dpa, dpp, dpu, dqa, dqp, and dqu commands display the pointer at the specified location, dereference that pointer, and then display the memory at the resulting location in a variety of formats.

Syntax
ddp [Options] [Range]
dqp [Options] [Range]
dpp [Options] [Range]
dda [Options] [Range]
dqa [Options] [Range]
dpa [Options] [Range]
ddu [Options] [Range]
dqu [Options] [Range]
dpu [Options] [Range]



Parameters
Options
Specifies one or more display options. Any of the following options can be included, except that no more than one /p* option can be indicated:
/c Width
Specifies the number of columns to use in the display. If this is omitted, the default number of columns depends on the display type. Because of the way pointers are displayed by these commands, it is usually best to use the default of only one data column.
/p
(Kernel-mode only) Uses physical memory addresses for the display. The range specified by Range will be taken from physical memory rather than virtual memory.
/p[c]
(Kernel-mode only) Same as /p, except that cached memory will be read. The brackets around c must be included.
/p[uc]
(Kernel-mode only) Same as /p, except that uncached memory will be read. The brackets around uc must be included.
/p[wc]
(Kernel-mode only) Same as /p, except that write-combined memory will be read. The brackets around wc must be included.
Range
Specifies the memory area to display. For more syntax details, see Address and Address Range Syntax. If you omit Range, the command will display memory starting at the ending location of the last display command. If Range is omitted and no previous display command has been used, the display begins at the current instruction pointer. If a simple address is given, the default range length is 128 bytes.

Environment
Modes user mode, kernel mode
Targets live, crash dump
Platforms all 


Comments
The second and third characters of this command are case-sensitive.

The second character of this command determines the pointer size used:

Command Display
dd* 32-bit pointers used
dq* 64-bit pointers used
dp* Standard pointer sizes used: 32-bit or 64-bit, depending on the target's processor architecture


The third character of this command determines how the dereferenced memory is displayed:

Command Display
d*p Displays the contents of the memory referenced by the pointer in DWORD or QWORD format, depending on the pointer size of the target's processor architecture. If this value matches any known symbol, this symbol is displayed as well.
d*a Displays the contents of the memory referenced by the pointer in ASCII character format.
d*u Displays the contents of the memory referenced by the pointer in Unicode character format.


If line number information has been enabled, source file names and line numbers will be displayed when available.

Additional Information
For an overview of memory manipulation and a description of other memory-related commands, see Reading and Writing Memory.



© 2008 Microsoft Corporation
Debugging Tools for Windows (Internal)
June 6, 2008

Build machine: EMNET
Additional Information
For an overview of memory manipulation and a description of other memory-related commands, see Reading and Writing Memory.