Use windbg to find the code line number for program crash

I met several friends in the Forum and said:ProgramCrash from time to time, What xxoo cannot read!

If this memory address is used, you may lose your mind ~~

So let's share some basic debugging skills. The tools that need to be prepared include windbg + vc6.0,

Below is a self-organized copy of the automatically generated dump fileSource code, You only need to add to the project, the sourceCodeAs follows:

Minidump. h
Minidump. cpp

<For details, refer to the attachment SRC. If it is too large, it will not be pasted.>

1. Add the following section to cxxdlg: oninitdialog:

2. Bool ctestdlg: oninitdialog ()
4. {
6. Cdialog: oninitdialog ();
10. //......
12. Setunhandledexceptionfilter (crashreportex );
14. Hmodule hkernel32;
18. // Try to get minidumpwritedump () address.
20. Hdbghelp = loadlibrary ("dbghelp. dll ");
22. Minidumpwritedump _ = (minidump_write_dump) getprocaddress (hdbghelp, "minidumpwritedump ");
24. // D ("hdbghelp = % x, minidumpwritedump _ = % x", hdbghelp, minidumpwritedump _);
28. // Try to get tool help library functions.
30. Hkernel32 = getmodulehandle ("Kernel32 ");
32. Createconlhelp32snapshot _ = (create_tool_help32_snapshot) getprocaddress (hkernel32, "createconlhelp32snapshot ");
34. Module32first _ = (module32_first) getprocaddress (hkernel32, "module32first ");
36. Module32next _ = (module32_nest) getprocaddress (hkernel32, "module32next ");
38. }

Copy code

The following is the test code in the project:

1. Class ctestdlg: Public cdialog
2. {
3. // Construction
4. Public:
5. Ctestdlg (cwnd * pparent = NULL); // standard Constructor
7. Void fun1 (char * pszbuffer );
8. Void fun2 (char * pszbuffer );
9. Void fun3 (char * pszbuffer );
10. };

Copy code

1. Void ctestdlg: fun1 (char * pszbuffer)
2. {
3. Fun2 (pszbuffer );
4. }
6. Void ctestdlg: fun2 (char * pszbuffer)
7. {
8. Fun3 (pszbuffer );
9. }
11. Void ctestdlg: fun3 (char * pszbuffer)
12. {
13. Pszbuffer [1] = 0x00;
14. }

Copy code

The response code when double-clicking the OK button is as follows:

1. Void ctestdlg: onok ()
2. {
3. // Todo: add extra validation here
4. Fun1 (null );
5. }

Copy code

2. Set the VC compilation option and check generate map, debug info, and progma datebase:
Upload

Download Attachment (55.12 KB)

Upload

Download Attachment (82.96 KB)

3. Save the PDB and map files in the release directory generated by compilation, which will be used for future debugging:
Upload

Download Attachment (9.85 KB)

4. Run the program and click OK to restart automatically after an exception occurs. Create a log folder to generate a dump file:
Upload

Download Attachment (8.92 KB)

5. Open windbg and set the relevant path.
A. Set the PDB path (file \ symbol file path)
Upload

Download Attachment (12.4 KB)

B. Set the source code path (file \ source file path)
Upload

Download Attachment (11.05 KB)

C. Set the EXE path (file \ image file path)
Upload

Download Attachment (12.84 KB)

6. Use wiindbg to open the dump file (file \ open crash dump)
Upload

Download Attachment (112.02 KB)

7. Enter the command! Analyze-V. After several seconds, the error message will be printed. The function call stack is shown as follows:

4. Microsoft (r) Windows debugger version 6.11.0001.404 x86
6. Copyright (c) Microsoft Corporation. All rights reserved.
12. Loading dump file [c: \ test \ release \ log \ 2012-05-29 160059.dmp]
14. User mini dump file: only registers, stack and portions of memory are available
18. Symbol search path is: C: \ test \ release
20. Executable search path is: C: \ test \ release
22. Windows XP version 2600 (Service Pack 3) MP (4 procs) Free x86 compatible
24. Product: WINNT, Suite: singleuserts
26. Machine Name:
28. Debug session time: Tue May 29 16:00:59. 0002012 (GMT + 8)
30. System uptime: not available
32. Process uptime: 0 days 0:00:01. 000
34. ...................................
36. This dump file has an exception of interest stored in it.
38. The stored exception information can be accessed via. ecxr.
40. (1710.1450): access violation-code c0000005 (first/second chance not available)
42. Eax = 00a80000 EBX = 00157ea8 ECx = 00000007 edX = 7c92e514 ESI = 00157e80 EDI = 00157ed8
44. EIP = 7c92e514 ESP = 0012e830 EBP = 0012e840 iopl = 0 NV up ei pl Zr na PE NC
46. Cs = 001b Ss = 0023 DS = 0023 es = 0023 FS = 003b GS = 0000 EFL = 00000246
48. * ** Error: Symbol file cocould not be found. defaulted to export symbols for NTDLL. dll-
50. Ntdll! Kifastsystemcallret:
52. 7c92e514 C3 RET
54. 0: 000>! Analyze-V
56. **************************************** ***************************************
58. **
60. * Exception analysis *
62. **
64. **************************************** ***************************************
68. * ** Error: Symbol file cocould not be found. defaulted to export symbols for mfc42.dll-
70. * ** Error: Symbol file cocould not be found. defaulted to export symbols for user32.dll-
72. * *** OS symbols are wrong. Please fix symbols to do analysis.
76. * ** Error: Symbol file cocould not be found. defaulted to export symbols for kernel32.dll-
78. **************************************** *********************************
80. ******
82. ******
84. * ** Your debugger is not using the correct symbols ***
86. ******
88. * ** In order for this command to work properly, your symbol path ***
90. * ** Must point to. PDB files that have full type information .***
92. ******
94. *** Certain. PDB files (such as the Public OS symbols) do not ***
96. * ** Contain the required information. Contact the group that ***
98. *** Provided you with these symbols if you need this command ***
100. * ** Work .***
102. ******
104. * ** Type referenced: image_nt_headers32 ***
106. ******
108. **************************************** *********************************
110. * ** Error: Symbol file cocould not be found. defaulted to export symbols for ole32.dll-
112. * ** Error: Symbol file cocould not be found. defaulted to export symbols for advapi32.dll-
114. **************************************** *********************************
116. ******
118. ******
120. * ** Your debugger is not using the correct symbols ***
122. ******
124. * ** In order for this command to work properly, your symbol path ***
126. * ** Must point to. PDB files that have full type information .***
128. ******
130. *** Certain. PDB files (such as the Public OS symbols) do not ***
132. * ** Contain the required information. Contact the group that ***
134. *** Provided you with these symbols if you need this command ***
136. * ** Work .***
138. ******
140. * ** Type referenced: Kernel32! Pnlsuserinfo ***
142. ******
144. **************************************** *********************************
146. **************************************** *********************************
148. ******
150. ******
152. * ** Your debugger is not using the correct symbols ***
154. ******
156. * ** In order for this command to work properly, your symbol path ***
158. * ** Must point to. PDB files that have full type information .***
160. ******
162. *** Certain. PDB files (such as the Public OS symbols) do not ***
164. * ** Contain the required information. Contact the group that ***
166. *** Provided you with these symbols if you need this command ***
168. * ** Work .***
170. ******
172. * ** Type referenced: Kernel32! Pnlsuserinfo ***
174. ******
176. **************************************** *********************************
180. Faulting_ip:
182. Test! Ctestdlg: fun3 + 6 [c: \ test \ testdlg. cpp @ 141]
184. 00401ca6 c6400100 mov byte PTR [eax + 1], 0
188. Prediction_record: ffffffff -- (. EXR 0 xffffffffffffffff)
190. Predictionaddress: 00401ca6 (test! Ctestdlg: fun3 + 0x00000006)
192. Exceptioncode: c0000005 (access violation)
194. Predictionflags: 00000000
196. Numberparameters: 2
198. Parameter [0]: 00000001
200. Parameter [1]: 00000001
202. Attempt to write to address 00000001
206. Process_name: test.exe
210. Additional_debug_text:
212. Use '! Findthebuild 'COMMAND to search for the target build information.
214. If the build information is available, run '! Findthebuild-S;. Reload 'to set symbol path and load symbols.
218. Module_name: Test
222. Faulting_module: 7c920000 NTDLL
226. Debug_flr_image_timestamp: 4fc48236
230. Error_code: (ntstatus) 0xc0000005-"0x % 08lx"
234. Prediction_code: (ntstatus) 0xc0000005-"0x % 08lx"
238. Prediction_parameter1: 00000001
242. Prediction_parameter2: 00000001
246. Write_address: 00000001
250. Followup_ip:
252. Test! Ctestdlg: fun3 + 6 [c: \ test \ testdlg. cpp @ 141]
254. 00401ca6 c6400100 mov byte PTR [eax + 1], 0
258. Faulting_thread: 00001450
262. Bugcheck_str: application_fault_null_class_ptr_dereference_invalid_pointer_write_wrong_symbols
266. Primary_problem_class: null_class_ptr_dereference
270. Default_bucket_id: null_class_ptr_dereference
274. Last_control_transfer: From 00401c9c to 00401ca6
278. Stack_text:
280. 0012f89c 00401c9c 00000000 0012f8b4 00401c8c test! Ctestdlg: fun3 + 0x6 [c: \ test \ testdlg. cpp @ 141]
282. 0012f8a8 00401c8c 00000000 0012f8cc 00401f27 test! Ctestdlg: fun2 + 0xc [c: \ test \ testdlg. cpp @ 137]
284. 0012f8b4 00401f27 00000000 73d323eb 73dcf07c test! Ctestdlg: fun1 + 0xc [c: \ test \ testdlg. cpp @ 132]
286. 0012f8bc 73d323eb 73dcf07c 00000111 0012f8fc test! Ctestdlg: onok + 0x7 [c: \ test \ testdlg. cpp @ 242]
288. Warning: Stack unwind Information not available. Following frames may be wrong.
290. 0012f8cc 73d322fd 0012fe94 00000001 00000000 mfc42! Ordinal567 + 0xa2
292. 0012f8fc 73d976e5 00000001 00000000 00000000 mfc42! Ordinal4424 + 0x108
294. 0012f920 73d33094 00000001 00000000 00000000 mfc42! Ordinal4431 + 0x1b
296. 0012f970 73d31b58 00000000 0014120e 0012fe94 mfc42! Ordinal4441 + 0x51
298. 0012f9f0 73d31b07 00000111 00000001 0014120e mfc42! Ordinal5163 + 0x2f
300. 0012fa10 73d31a78 00000111 00000001 0014120e mfc42! Ordinal6374 + 0x22
302. 0012fa70 73d319d0 0012fe94 00000000 00000111 mfc42! Ordinal1109 + 0x91
304. 0012fa90 73dbe47c 0018124c 00000111 00000001 mfc42! Ordinal1578 + 0x34
306. 0012 fabc 77d18734 0018124c 00000111 00000001 mfc42! Ordinal1579 + 0x39
308. 0012fae8 77d18816 73dbe443 0018124c 00000111 USER32! Getdc + 0x6d
310. 0012fb50 77d2927b 00000000 73dbe443 0018124c USER32! Getdc + 0x14f
312. 0012fb8c 77d292e3 006d5120 007101c8 00000001 USER32! Getparent + 0x16c
314. 0012 fbac 77d4ff7d 0018124c 00000111 00000001 USER32! Sendmessagew + 0x49
316. 0012fbc4 77d1_d2 007156c0 00000000 007156c0 USER32! Createmdistmwa + 0x1bd
318. 0012fbe0 77d25e94 001530ec 00000001 00000000 USER32! Deregistershellhookwindow + 0x6312
320. 0012fc64 77d3b082 007156c0 00000202 00000000 USER32! Isdlgbuttonchecked + 0x109a
322. 0012fc84 77d18734 0014120e 00000202 00000000 USER32! Softmodalmessagebox + 0xda3
324. 0012fcb0 77d18816 77d3b036 0014120e 00000202 USER32! Getdc + 0x6d
326. 0012fd18 77d189cd 00000000 77d3b036 0014120e USER32! Getdc + 0x14f
328. 0012fd78 77d18a10 00404314 00000000 0012 fdac USER32! Getwindowlongw + 0x127
330. 0012fd88 77d274ff 00404314 00404314 0040431c USER32! Dispatchmessagew + 0xf
332. 0012 fdac 77d3c6d3 0018124c 007156c0 00404314 USER32! Isdialogmessagew + 0xdb
334. 0012 fdcc 73d45202 0018124c 00404314 0012fe94 USER32! Isdialogmessage + 0x4a
336. 0012 fddc 73d39be0 00404314 73d451ce 00404314 mfc42! Ordinal4047 + 0x2f
338. 0012ff00 73d3c1cf 006f0072 00142373 00000000 mfc42! Ordinal5278 + 0x29
340. 004034c0 00401c20 004019f0 00401a00 00401a10 mfc42! Ordinal1576 + 0x47
342. 004034c4 004019ef 00401a00 00401a10 00402130 test! Ctestdlg: 'scalar deleting destructor'
344. 004034c8 004019ff 00401a10 00402130 0040212a test! Ctestdlg ::~ Ctestdlg + 0xf
346. 004034cc 00401a0f 00402130 0040212a 0040203a test! Cobject: serialize + 0xf
348. 004034d0 00402130 0040212a 0040203a 00402034 test! Cobject: assertvalid + 0xf
350. 004034d4 0040212a 0040203a 00402034 0040202e test! Cdialog: on1_msg
352. 004034d8 0040203a 00402034 0040202e 00402028 test! Cwnd: onfinalrelease
354. 004034dc 00402034 0040202e 00402028 00402022 test! Cve-target: isinvokeallowed
356. 004034e0 0040202e 00402028 00402022 00401c70 test! Csf-target: getdispatchiid
358. 004034e4 00402028 00402022 00401c70 0040201c test! Csf-target: gettypeinfocount
360. 004034e8 00402022 00401c70 0040201c 00402016 test! Csf-target: gettypelibcache
362. 004034ec 00401c6f 0040201c 00402016 00402010 test! Csf-target: gettypelib
364. 004034f0 0040201c 00402016 00402010 0040200a test! Ctestdlg: _ getbasemessagemap + 0xf
366. 004034f4 00402016 00402010 0040200a 00402004 test! Csf-target: getcommandmap
368. 004034f8 00402010 0040200a 00402004 00401ffe test! Csf-target: getdispatchmap
370. 004034fc 0040200a 00402004 00401ffe 00401ff8 test! Ccmdtarget: getconnectionmap
372. 00403500 00402004 00401ffe 00401ff8 00401ff2 test! Csf-target: getinterfacemap
374. 00403504 00401ffe 00401ff8 00401ff2 00401fec test! Csf-target: geteventsinkmap
376. 00403508 00401ff8 00401ff2 00401fec 00402124 test! Csf-target: oncreateaggregates
378. 00403608 004022fc 00402310 00000000 19930520 test! Csf-target: getinterfacehook
380. 0040360c 00402310 00000000 19930520 00000008 test! Winmaincrtstartup + 0x13e
382. 00403610 00000000 19930520 00000008 00403638 test! Winmaincrtstartup + 0x152
388. Stack_command :~ 0 s;. ecxr; KB
392. Faulting_source_code:
394. 137 :}
396. 138:
398. 139: void ctestdlg: fun3 (char * pszbuffer)
400. 140 :{
402. > 141: pszbuffer [1] = 0x00;
404. 142 :}
406. 143:
408. 144: bool ctestdlg: oninitdialog ()
410. 145 :{
412. 146: cdialog: oninitdialog ();
418. Symbol_stack_index: 0
422. Symbol_name: test! Ctestdlg: fun3 + 6
426. Followup_name: machineowner
430. Image_name: test.exe
434. Bucket_id: wrong_symbols
438. Failure_bucket_id: null_class_ptr_dereference_c0000005_test.exe! Ctestdlg: fun3
442. Watson_stageone_url: http://watson.microsoft.com/StageOne/Test_exe/1_0_0_1/4fc48236/Test_exe/1_0_0_1/4fc48236/c0000005/00001ca6.htm? Retriage = 1
446. Followup: machineowner
448. ---------

Copy code

OK, so that we can accurately locate which function has a problem in the released version of the program, so remember to generate the PDB and map files when releasing the program, otherwise, if the customer fails to run, you will not die!

Test Project:

Dumptest.rar

original article:
http://blog.csdn.net/wangningyu/article/details/6748138