事后崩溃转储调试,而在Symbol Server中没有Windows DLL的确切版本 [英] Post-mortem crash-dump debugging without having the exact version of a Windows DLL in the Symbol Server
问题描述
在我的应用程序中,每当我的应用程序崩溃时,我都会使用MiniDumpWriteDump函数(请参阅dbghelp.dll)写入崩溃转储文件.
Within my application, I use the MiniDumpWriteDump function (see dbghelp.dll) to write a crash dump file whenever my application crashes.
我还使用符号服务器来存储我的所有可执行文件和pdb文件,以便每当客户向我发送故障转储文件时,调试器都会自动选择正确版本的可执行文件和调试信息.
I also use a symbol server to store all my executables and pdb files, so that whenever a customer sends me a crash-dump file, the debugger automatically picks up the correct version of the executable and the debug information.
我还将Windows DLL(ntdll.dll,kernel32.dll等)及其调试信息存储在符号服务器中(使用SymChk).调试信息是从Microsoft的公共符号服务器获取的.
I also store Windows DLL's (ntdll.dll, kernel32.dll, ...) and their debug information in the symbol server (using SymChk). The debug information is fetched from Microsoft's public symbol server.
在大多数情况下,它可以完美运行,除非以下情况:
Most of the time this works perfect, except when:
- 客户在Windows DLL之一中崩溃
- 并且客户使用了我没有放入符号服务器中的DLL
这是因为将每个Windows DLL的每种形式都存储在Symbol Server中(尤其是每周修补程序)是非常不可取的.
This is because it is quite undoable to store every flavor of every Windows DLL in the Symbol Server (especially with the weekly patches).
因此,如果客户崩溃了,比如说NTDLL.DLL的版本5.2.123.456,而我没有将这个确切版本的DLL放到我的Symbol Server中,那我就陷入了困境.甚至Microsoft的公共符号服务器也无济于事,因为它仅提供调试信息,而不提供DLL本身.
So, if a customer crashes in, let's say, version 5.2.123.456 of NTDLL.DLL, and I didn't put this exact version of the DLL in my Symbol Server, then I'm stuck. Even Microsoft's public symbol server doesn't help because it only provides the debug information, not the DLL's itself.
我当前的解决方案是向客户询问其DLL,但这并不总是那么容易.因此,我正在寻找更好的解决方案.
My current solution is to ask the customer for his DLL's, but that's not always easy. Therefore I'm looking for a better solution.
即使您没有DLL的确切版本,是否有办法让调试器显示正确的调用堆栈或加载特定DLL的调试信息?
Is there a way to get the debugger showing a correct call stack, or loading the debug information of a specific DLL, even if you don't have the exact version of the DLL?
或者,是否有办法从Microsoft获得所有(或重要的)Windows DLL的所有版本?
Alternatively, is there a way to get all versions of all (or the important) Windows DLL's (from Microsoft)?
与此同时,我找到了一种解决此问题的简便方法.使用实用程序ModuleRescue(请参见 http://www.debuginfo.com/tools/modulerescue.html ),您可以从minidump文件中生成虚拟DLL.使用这些虚拟DLL,调试器就可以满足要求,并且可以正确开始从Microsoft服务器加载调试符号.
In the mean time I found a really easy way to solve this problem. With the utility ModuleRescue (see http://www.debuginfo.com/tools/modulerescue.html) you can generate dummy DLL's from a minidump file. With these dummy DLL's, the debugger is satisfied, and correctly starts loading the debug symbols from the Microsoft servers.
推荐答案
可以放松WinDbg的符号分辨率;请参阅我的答案一个类似的问题.另一方面,我在这里提出的解决方案依赖于DLL是 identical 的事实,而不是让不同的GUID标识其调试符号.不同版本的DLL可能具有不同的二进制文件,因此即使可以加载它们,这些符号也可能无法正确匹配.
It is possible to relax WinDbg's symbol resolution; see my answer to a similar question. On the other hand, the solution that I propose here relies on the fact that the DLLs are identical other than having different GUIDs identifying their debug symbols. A different version of a DLL is likely going to have a different binary, so the symbols are probably not going to match properly even if you can get them to load.
这篇关于事后崩溃转储调试,而在Symbol Server中没有Windows DLL的确切版本的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
