Crash dump - WinDbg - force PDB files to match doesn't work?

陌路散爱 提交于 2020-01-11 02:04:10

问题


I have a crash dump for a customer's application built with a very old version of our dll (release build, don't have original symbols) that I've been analyzing in WinDbg.

In order to get more information, I rebuilt the dll in release mode, with symbols this time, using the same compiler version and I believe the same settings as when the dll was originally built. I added the symbol file to my symbol path, but the WinDbg extension !itoldyouso tells me the module in the dump doesn't match the PDB file. Enabling SYMOPT_LOAD_ANYTHING doesn't help either.

!itoldyouso tells me they don't match because the module has no pdb sig (value 0), versus the recreated symbol file I made (with a valid pdb sig). How do I get them to match?


回答1:


Have you tried .reload /i foo.dll ?

For verbose output try:

!sym noisy;.reload /i foo.dll;x foo!*test*




回答2:


Try chkmatch (http://debuginfo.com/tools/chkmatch.html) - it's able to override signatures in pdb file so exe and pdb will match. Also, some time ago I wrote a post about checking pdb files "offline", maybe you will find there something useful: http://lowleveldesign.wordpress.com/2011/12/09/pdb-file-out-of-debugger/.




回答3:


Its unfortunate that you do not have the matching symbols for your DLL :(. As per my understanding, any attempt now will not be able to get you an exact matching PDB.

Recycling some old threads which should help :

Is it possible to (re)create a PDB file after a DLL is made

Tool to find if dll (or) exe and PDB file match

Your best bet would be

a. sync your code back to the time when the DLL was released

b. build and create PDB using the same tool set.

c. use .reload /i option to load symbols



来源:https://stackoverflow.com/questions/21886338/crash-dump-windbg-force-pdb-files-to-match-doesnt-work

易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!