在堆栈中查找转储文件时，为什么windbg和cdb显示不同的输出 [英] Why is windbg and cdb show different output when looking at the stack for a dump file

问题描述

我必须使用cdb调试器，因为我从程序发送命令.
如果我仅使用WinDbg进行测试，则可以获得所需的输出，而没有使用CDB

根据文档，关于堆栈溢出的答案是
WinDbg和CDB之间的唯一区别是WinDbg具有GUI界面，CDB具有控制台界面.

WinDbg和CDB都共享相同的调试引擎，因此它们共享所有相同的命令

这是我在windbg中做的一个例子
1.启动windbg
2.从文件"菜单中打开故障转储D:\ Tony-PC \ AnalysKrash \ SelfHost \ bin \ Debug \ debugServer \ CrashDump.dmp. 3.设置符号路径.sympath srv * \\ dc02 \ shares \ Departments \ RnD \ symbols * https://msdl.microsoft.com/download/symbols
4.重新加载模块  .reload/f
5.给出k命令以查看堆栈帧.  在这里列出前五行
0:000> k
ChildEBP RetAddr 
0012f2e0 7c90d1fc ntdll！KiFastSystemCallRet
0012f2e4 7c8023f1 ntdll！ZwDelayExecution + 0xc
0012f33c 7c802455 kernel32！SleepEx + 0x61
0012f34c 00a720bf kernel32！Sleep + 0xf
0012f380 7c864031 CashIT_Retail_Application！CrashHandling :: TopLevelExceptionFilter + 0xff [d:\ buildtemp \ cash it retail \ products \ cash it retail \ source \ cashit.retail.application \ crashhandling \ crashhandling.cpp @ 153]
. . .

现在我从国开行做同样的事情
1.cmd 
2. cd C:\ Program Files(x86)\ Windows Kits \ 8.1 \ Debuggers \ x64
3.启动cdb并传递与WinDbg  cdb -z D相同的转储文件D:\ Tony-PC \ AnalysKrash \ SelfHost \ bin \ Debug \ debugServer \ CrashDump.dmp
4.设置符号路径.sympath srv * \\ dc02 \ shares \ Departments \ RnD \ symbols * https://msdl.microsoft.com/download/symbols
5.重新加载模块  .reload/f
6.给出k命令以查看堆栈帧.  在这里，我只列出前五行
0:000> k
ChildEBP RetAddr
0012f2e0 7c90d1fc ntdll！KiFastSystemCallRet
0012f2e4 7c8023f1 ntdll！ZwDelayExecution + 0xc
0012f33c 7c802455 kernel32！SleepEx + 0x61
0012f34c 00a720bf kernel32！Sleep + 0xf
0012f380 7c864031 CashIT_Retail_Application！CrashHandling :: TopLevelExceptionFilter + 0xff
. . .

如您所见，它们并不相等.此信息在下一行
[d:\ buildtemp \兑现零售\产品\兑现零售\源\ cashit.retail.application \ crashhandling \ crashhandling.cpp @ 153]
使用CDB调试器时不包括在内，我也不明白为什么.
我当然希望WinDbg和CDB之间的输出应该是相同的
因此，症状是CDB会预先查看堆栈帧行的下一个字符，如果这是一个括号[则会删除其余行. 
由于括号，在WinDbg和CDB之间存在不匹配堆栈框架的行

有人可以解释是否可以解决我的问题.

//Tony

I must use the cdb debugger because I send commands from a program.
If I just test with WinDbg I get the output that I want but not with CDB

According to the documentation and answer on stack overflow is
The only difference between WinDbg and CDB is  that WinDbg has GUI interface and CDB have a console interface.

WinDbg and CDB all share the same debugging engine, so they share all the same commands

Here an example what I do in windbg
1. start windbg
2. Open a crash dump D:\Tony-PC\AnalysKrash\SelfHost\bin\Debug\debugServer\CrashDump.dmp from the File menu
3. Set the symbol path .sympath srv*\\dc02\shares\Departments\RnD\symbols*https://msdl.microsoft.com/download/symbols
4. Reload the module  .reload /f
5. Give the k command  to look at the stack frames.  Here I list the first five rows
0:000> k
ChildEBP RetAddr  
0012f2e0 7c90d1fc ntdll!KiFastSystemCallRet
0012f2e4 7c8023f1 ntdll!ZwDelayExecution+0xc
0012f33c 7c802455 kernel32!SleepEx+0x61
0012f34c 00a720bf kernel32!Sleep+0xf
0012f380 7c864031 CashIT_Retail_Application!CrashHandling::TopLevelExceptionFilter+0xff [d:\buildtemp\cash it retail\products\cash it retail\source\cashit.retail.application\crashhandling\crashhandling.cpp @ 153]
. . .

Now I do the same from CDB
1.cmd 
2. cd C:\Program Files (x86)\Windows Kits\8.1\Debuggers\x64
3. start cdb and pass the same dumpfile that I used with WinDbg  cdb -z D:\Tony-PC\AnalysKrash\SelfHost\bin\Debug\debugServer\CrashDump.dmp
4. Set the symbol path .sympath srv*\\dc02\shares\Departments\RnD\symbols*https://msdl.microsoft.com/download/symbols
5. Reload the module  .reload /f
6.Give the k command  to look at the stack frames.  Here I just list the first five rows
0:000> k
ChildEBP RetAddr
0012f2e0 7c90d1fc ntdll!KiFastSystemCallRet
0012f2e4 7c8023f1 ntdll!ZwDelayExecution+0xc
0012f33c 7c802455 kernel32!SleepEx+0x61
0012f34c 00a720bf kernel32!Sleep+0xf
0012f380 7c864031 CashIT_Retail_Application!CrashHandling::TopLevelExceptionFilter+0xff
. . .

As you can see they are not equal. This information on the next row
[d:\buildtemp\cash it retail\products\cash it retail\source\cashit.retail.application\crashhandling\crashhandling.cpp @ 153]
is not included when I use the CDB debugger and I can't understand why.
I would certainly expect that the output should be the same between WinDbg and CDB
So the symptom is as if the CDB look in advance on the next character for a stack frame row and if this is a brackets [ then the rest of the row is removed. 
There are planty of rows that don't match for stack frame between WinDbg and CDB because of the brackets

Can somebody explain if there is a solution to my problem.

//Tony

推荐答案

您可能会在windbg中从源中获取行号信息，因为
SYMOPT_LOAD_LINES默认情况下处于打开状态，而CDB/KD中处于关闭状态，请参见

符号选项
https://msdn.microsoft.com/zh-CN/library/windows/hardware/ff558827(v = vs.85).aspx

例如，您可以使用.symopt + 0x10或.symopt-0x10
进行开/关切换

You may get line number information from source in windbg because
there SYMOPT_LOAD_LINES is on per default, whereas off in CDB/KD, see

Symbol Options
https://msdn.microsoft.com/en-us/library/windows/hardware/ff558827(v=vs.85).aspx

You can e.g toggle it on-off with .symopt+0x10 or .symopt-0x10

0:000> k
ChildEBP RetAddr  
002afdb8 01231708 HelloWorld!wmain [c:\users\xxxxx\documents\visual studio 2008\projects\helloworld\helloworld\helloworld.cpp @ 9]
002afe08 0123154f HelloWorld!__tmainCRTStartup+0x1a8 [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 579]
002afe10 769dd4d1 HelloWorld!wmainCRTStartup+0xf [f:\dd\vctools\crt_bld\self_x86\crt\src\crtexe.c @ 399]
002afe1c 77b71593 kernel32!BaseThreadInitThunk+0xe
002afe5c 77b71566 ntdll!__RtlUserThreadStart+0x23
002afe74 00000000 ntdll!_RtlUserThreadStart+0x1b
0:000> .symopt-0x10
*** WARNING: Unable to verify checksum for HelloWorld.exe
Symbol options are 0x30227:
  0x00000001 - SYMOPT_CASE_INSENSITIVE
  0x00000002 - SYMOPT_UNDNAME
  0x00000004 - SYMOPT_DEFERRED_LOADS
  0x00000020 - SYMOPT_OMAP_FIND_NEAREST
  0x00000200 - SYMOPT_FAIL_CRITICAL_ERRORS
  0x00010000 - SYMOPT_AUTO_PUBLICS
  0x00020000 - SYMOPT_NO_IMAGE_SEARCH
0:000> k
ChildEBP RetAddr  
002afdb8 01231708 HelloWorld!wmain
002afe08 0123154f HelloWorld!__tmainCRTStartup+0x1a8
002afe10 769dd4d1 HelloWorld!wmainCRTStartup+0xf
002afe1c 77b71593 kernel32!BaseThreadInitThunk+0xe
002afe5c 77b71566 ntdll!__RtlUserThreadStart+0x23
002afe74 00000000 ntdll!_RtlUserThreadStart+0x1b

亲切的问候

With kind regards

这篇关于在堆栈中查找转储文件时，为什么windbg和cdb显示不同的输出的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！