当提供 Windows .dmp 或 .minidmp 时,如何识别(并访问)要使用的模块/调试符号

发布于 2024-07-10 05:45:06 字数 701 浏览 13 评论 0原文

读取 Windows *.dmp 文件之后的方式

收到转储文件从随机客户那里,运行调试会话来查看崩溃,您经常会发现它位于 MS 或其他第三方库中。 下一个问题是,您可能对 PC 设置的了解程度不足以确保您拥有实际可用的模块。

例如,我目前正试图加载 ntdll.dll (5.01.2600.5512) 的符号。 在 MSVC 2005 中,模块列表窗口中的路径列在完全路径文件名之前显示一个 *,并且拒绝加载我为 XP/SP1/SP1a/SP2/SP3 下载的符号。

我有符号服务器设置可以从互联网下载并存储在本地缓存中,这对于我电脑上的模块来说似乎运行良好。 使用与方法等效的 GUI

Set _NT_SYMBOL_PATH=srv*d:\SymbolCache*\\server1\Third-Party-PDB;srv*d:\SymbolCache*\\server2\Windows\Symbols*http://msdl.microsoft.com/download/symbols

也许我有错误的符号,但由于新的符号没有下载,我下一步该去哪里? 我是否需要联系客户并询问他们安装了哪些 SP 以及其他补丁? 我是否必须安装该机器,然后使用 dmp 文件运行调试器才能获取我需要的符号?

In a way following on from reading a windows *.dmp file

Having received a dump file from random customer, running the debug session to see the crash, you often find it is in a MS or other third party library. The next issue is that you may not have knowledge of the PC setup to such an extent that you can ensure you have the actually modules available.

For instance I'm currently stuck trying to get symbols to load for ntdll.dll (5.01.2600.5512). In MSVC 2005 the path column in the modules list window shows a * before the fully pathed file name, and refuses to load symbols I have downloaded for XP/SP1/SP1a/SP2/SP3.

I have the symbol server setup to download from the internet and store in a local cache which seems to have been working fine for modules that I do have on my PC.
Using GUI equivelant to the method

Set _NT_SYMBOL_PATH=srv*d:\SymbolCache*\\server1\Third-Party-PDB;srv*d:\SymbolCache*\\server2\Windows\Symbols*http://msdl.microsoft.com/download/symbols

Perhaps I have the wrong symbols, but as new ones are not downloading where do I go to next? Do I have to contact the customer and ask what SP they have installed, and any other patches? Do I have to install that machine and then run up the debugger with the dmp file to get the symbols I need?

如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。

扫码二维码加入Web技术交流群

发布评论

需要 登录 才能够评论, 你可以免费 注册 一个本站的账号。

评论(4

恰似旧人归 2024-07-17 05:45:06

如果您使用的是 WinDbg(Windows 调试工具包的一部分),那么就可以很简单地让它自动从 Microsoft 中为您提取正确的符号。 使用“.symfix”(或“.symfix+”,简单地附加到现有符号搜索路径)命令配置符号路径。

完成此操作并将故障转储加载到 WinDbg 中后,键入“.reload /f”以使 WinDbg 重新加载符号。 它将使用转储文件本身中的信息从 Microsoft 的公共符号服务器中提取正确的符号,无论您的计算机上有什么 DLL。

如果由于某种原因在完成此操作后符号未正确加载,请在 WinDbg 的命令窗口中输入“!sym Noise”并再次重新加载符号。 当 WinDbg 尝试加载它们时,您将看到它输出在搜索/加载过程中遇到的任何错误。 这些错误消息将帮助您进一步诊断出了什么问题以及为什么没有加载正确的符号。

这篇文章包含的信息也可能有用。

If you are using WinDbg (part of the Debugging Tools for Windows package), then it's simple to have it pull the right symbols for you from Microsoft automatically. Configure the symbol path using the ".symfix" (or ".symfix+", to simply append to your existing symbol search path) command.

Once you have that done and you have the crash dump loaded in WinDbg, type ".reload /f" to cause WinDbg to reload the symbols. It will use the information within the dump file itself to pull the correct symbols from Microsoft's public symbol server, regardless of what DLLs you have on your machine.

If for some reason the symbols aren't loading properly after you have done this, enter "!sym noisy" into WinDbg's command window and reload the symbols again. As WinDbg attempts to load them, you will see it output any errors that it encounters in its search/load process. These error messages will help you further diagnose what is going wrong and why the correct symbols aren't being loaded.

This post has information that may also be of use.

逆夏时光 2024-07-17 05:45:06

如果您在命令提示符中输入“Set _NT_SYMBOL_PATH = srv...”,则需要考虑两件事:

  • cmd.exeset< /code> 命令不会忽略空格,因此它定义了一个名为“_NT_SYMBOL_PATH”的变量,而不是“_NT_SYMBOL_PATH”。
  • 您必须将调试器作为该命令提示符的子项启动。 但是,如果您使用控制面板设置持久环境变量,或者使用 setx 命令(在 Windows Vista 或 Windows 资源工具包之一中),则不必执行此操作。

如果您以其他方式设置符号路径,则这不适用。

If you're typing "Set _NT_SYMBOL_PATH = srv..." into a command prompt, there are two things to consider:

  • cmd.exe's set command does not ignore whitespace, so this defines a variable called "_NT_SYMBOL_PATH", not "_NT_SYMBOL_PATH".
  • You must start the debugger as a child of that command prompt. However, you don't have to do this if you use the Control Panel to set persistent environment variables, or if you use the setx command (in Windows Vista or one of the Windows Resource Kits).

If you're setting the symbol path some other way, then this doesn't apply.

南渊 2024-07-17 05:45:06

你用什么来调试小型转储? 即,WinDBG 还是 Visual Studio? 小型转储是如何生成的?

小型转储中应该有足够的信息来正确解析系统 dll 符号。 您是否使用本地下载的符号或http://msdl.microsoft.com/

更新:您应该能够将公共微软符号存储添加到“工具”->“选项”->“调试”->“符号”->“符号文件 (.pdb)”位置,然后通过右键单击模块来手动加载符号在模块窗口中加载它们(如果没有自动完成)。

VS 2005 也可能不会查看 _NT_SYMBOL_PATH 来解析小型转储符号。

What are you using to debug the minidump? I.e., WinDBG or Visual Studio? And how was the minidump generated?

There should be enough information in the minidump to resolve system dll symbols correctly. Are you using a local download of symbols or http://msdl.microsoft.com/?

Update: You should be able to add the public microsoft symbol store to Tools->Options->Debugging->Symbols->Symbol file (.pdb) locations, and then manually load the symbols by right clicking on the module in the Modules window and loading them if it isn't done automatically.

It's also possibly (likely) that VS 2005 doesn't look at _NT_SYMBOL_PATH to resolve minidump symbols.

与酒说心事 2024-07-17 05:45:06

尝试按照此知识库文章中的说明进行操作,并确保您的符号路径配置正确,即WinDbg 可以访问它,并且 ntdll 符号(例如)实际上会下载到您的符号缓存中。 本文还提供了有关如何通过 SymChk 工具手动下载和验证缓存中的符号的说明。

Try following the instructions at this kb article, and make sure your symbol path is configured correctly, that WinDbg has access to it, and that the ntdll symbols (for example) are actually downloaded to your symbol cache. The article also provides instructions on how to manually download and verify symbols in you cache via the SymChk tool.

~没有更多了~
我们使用 Cookies 和其他技术来定制您的体验包括您的登录状态等。通过阅读我们的 隐私政策 了解更多相关信息。 单击 接受 或继续使用网站,即表示您同意使用 Cookies 和您的相关数据。
原文