需要帮助使用 WinDbg 调试小型转储
我读过很多类似的问题,但我似乎无法找到我的问题的确切答案。
我从在 64 位 Windows 2008 上运行的 32 位应用程序中获得了一组小型转储。我的 32 位 Vista Business 上的 32 位 Visual Studio 根本不会接触它们,所以我一直在尝试在 WinDbg 中打开它们。
我没有确切对应的 .pdb 文件(我们只是在这个特定版本之后才开始保存它们),但我有由同一台机器使用相同代码构建的 .pdbs。我还可以访问创建小型转储的确切可执行文件。
我发现了一个名为 ChkMatch 的漂亮小应用程序,它可以使 .pdbs 与可执行文件匹配...唯一的区别(根据 ChkMatch)是年龄,所以我将较新的 .pdbs 与原始可执行文件进行匹配。
然而,当我在 WinDbg 中加载它时,它仍然说它是一个“不匹配的 pdb”,因为我已经设置了 .symopts+0x40
它无论如何都会尝试加载它们。然后我收到警告:
*** WARNING: Unable to verify checksum for myexe.exe
我运行 !lmi myexe
并发现可执行文件的校验和实际上为零。经过一番探索,我发现可执行文件应该使用 /release
标志构建以具有校验和。这一切都很好,但我不能完全回到过去并重建(如果我这样做,我肯定会保存原始的 .pdbs :-P )。
我在这里可以做些什么吗?似乎有点荒谬,我不能让事情在这里匹配至少足以获得调用堆栈。
I've read a lot of similar questions, but I can't seem to find an answer to exactly what my problem is.
I've got a set of minidumps from a 32-bit application that was running on 64-bit Windows 2008. The 32-bit Visual Studio on my 32-Bit Vista Business wouldn't touch them at all, so I've been trying to open them in WinDbg.
I don't have the EXACT corresponding .pdb files (we only started saving them AFTER this particular release), but I have .pdbs built by the same machine with the same code. I also have access to the exact executable that created the minidumps.
I found a nifty little application called ChkMatch that can make .pdbs match an executable... the only difference (according to ChkMatch) was age, so I matched my newer .pdbs to the original executable.
However, when I load it in WinDbg, it still says that it is a "mismatched pdb" then, since I had set .symopts+0x40
it tries to load them anyway. I then get the warning:
*** WARNING: Unable to verify checksum for myexe.exe
I ran !lmi myexe
and saw that, indeed, the checksum of the executable was in fact zero. From poking around a bit, I've found that the executable should have been built with the /release
flag to have a checksum. That's all well and good, but I can't exactly go back in time and rebuild (if I did though, I'd definitely save the original .pdbs :-P ).
Is there anything I can do here? Seems a little ridiculous I can't make things match here at least enough to get a call stack.
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(2)
您不需要校验和来获取调用堆栈 - 可以安全地忽略此警告。
要获取堆栈,您需要发出 stack 命令(k 的任何变体)。
如果小型转储有任何好处(即描述实际故障),您应该首先尝试自动分析
!analyze -v
这将帮助您开始。当你用尽你的专业知识时再回来:o)
you don't need the checksum to get a call stack - this warning can be safely ignored.
to get the stack you need to issue the stack command (any variant of k).
if the minidumps are any good (i.e. describe an actual fault), you should first try the auto analysis
!analyze -v
which will get you started.come back when you have exhausted your expertise :o)
如果您正在使用小型转储,则必须将图像路径 (Ctrl+I) 设置为指向转储中包含图像的位置。小型转储的问题在于它们不包含目标上可执行文件的任何代码或数据,因此您必须自己提供它们。
-斯科特
If you're working with minidumps then you have to set your image path (Ctrl+I) to point to a location with the images in the dump. The trouble with minidumps is that they don't contain any code or data from the executables on the target, so you have to supply them yourself.
-scott