Use windbg to find the code line number for program crash

Source: Internet
Author: User

I met several friends in the Forum and said:ProgramCrash from time to time, What xxoo cannot read!

If this memory address is used, you may lose your mind ~~

So let's share some basic debugging skills. The tools that need to be prepared include windbg + vc6.0,

Below is a self-organized copy of the automatically generated dump fileSource code, You only need to add to the project, the sourceCodeAs follows:

Minidump. h
Minidump. cpp

<For details, refer to the attachment SRC. If it is too large, it will not be pasted.>

1. Add the following section to cxxdlg: oninitdialog:

  1. Bool ctestdlg: oninitdialog ()
  2. {
  3. Cdialog: oninitdialog ();
  4. //......
  5. Setunhandledexceptionfilter (crashreportex );
  6. Hmodule hkernel32;
  7. // Try to get minidumpwritedump () address.
  8. Hdbghelp = loadlibrary ("dbghelp. dll ");
  9. Minidumpwritedump _ = (minidump_write_dump) getprocaddress (hdbghelp, "minidumpwritedump ");
  10. // D ("hdbghelp = % x, minidumpwritedump _ = % x", hdbghelp, minidumpwritedump _);
  11. // Try to get tool help library functions.
  12. Hkernel32 = getmodulehandle ("Kernel32 ");
  13. Createconlhelp32snapshot _ = (create_tool_help32_snapshot) getprocaddress (hkernel32, "createconlhelp32snapshot ");
  14. Module32first _ = (module32_first) getprocaddress (hkernel32, "module32first ");
  15. Module32next _ = (module32_nest) getprocaddress (hkernel32, "module32next ");
  16. }

Copy code

The following is the test code in the project:

    1. Class ctestdlg: Public cdialog
    2. {
    3. // Construction
    4. Public:
    5. Ctestdlg (cwnd * pparent = NULL); // standard Constructor
    6. Void fun1 (char * pszbuffer );
    7. Void fun2 (char * pszbuffer );
    8. Void fun3 (char * pszbuffer );
    9. };

Copy code

    1. Void ctestdlg: fun1 (char * pszbuffer)
    2. {
    3. Fun2 (pszbuffer );
    4. }
    5. Void ctestdlg: fun2 (char * pszbuffer)
    6. {
    7. Fun3 (pszbuffer );
    8. }
    9. Void ctestdlg: fun3 (char * pszbuffer)
    10. {
    11. Pszbuffer [1] = 0x00;
    12. }

Copy code

The response code when double-clicking the OK button is as follows:

    1. Void ctestdlg: onok ()
    2. {
    3. // Todo: add extra validation here
    4. Fun1 (null );
    5. }

Copy code

2. Set the VC compilation option and check generate map, debug info, and progma datebase:
Upload

Download Attachment (55.12 KB)

Upload

Download Attachment (82.96 KB)

3. Save the PDB and map files in the release directory generated by compilation, which will be used for future debugging:
Upload

Download Attachment (9.85 KB)

4. Run the program and click OK to restart automatically after an exception occurs. Create a log folder to generate a dump file:
Upload

Download Attachment (8.92 KB)

5. Open windbg and set the relevant path.
A. Set the PDB path (file \ symbol file path)
Upload

Download Attachment (12.4 KB)


B. Set the source code path (file \ source file path)
Upload

Download Attachment (11.05 KB)


C. Set the EXE path (file \ image file path)
Upload

Download Attachment (12.84 KB)



6. Use wiindbg to open the dump file (file \ open crash dump)
Upload

Download Attachment (112.02 KB)

7. Enter the command! Analyze-V. After several seconds, the error message will be printed. The function call stack is shown as follows:

  1. Microsoft (r) Windows debugger version 6.11.0001.404 x86
  2. Copyright (c) Microsoft Corporation. All rights reserved.
  3. Loading dump file [c: \ test \ release \ log \ 2012-05-29 160059.dmp]
  4. User mini dump file: only registers, stack and portions of memory are available
  5. Symbol search path is: C: \ test \ release
  6. Executable search path is: C: \ test \ release
  7. Windows XP version 2600 (Service Pack 3) MP (4 procs) Free x86 compatible
  8. Product: WINNT, Suite: singleuserts
  9. Machine Name:
  10. Debug session time: Tue May 29 16:00:59. 0002012 (GMT + 8)
  11. System uptime: not available
  12. Process uptime: 0 days 0:00:01. 000
  13. ...................................
  14. This dump file has an exception of interest stored in it.
  15. The stored exception information can be accessed via. ecxr.
  16. (1710.1450): access violation-code c0000005 (first/second chance not available)
  17. Eax = 00a80000 EBX = 00157ea8 ECx = 00000007 edX = 7c92e514 ESI = 00157e80 EDI = 00157ed8
  18. EIP = 7c92e514 ESP = 0012e830 EBP = 0012e840 iopl = 0 NV up ei pl Zr na PE NC
  19. Cs = 001b Ss = 0023 DS = 0023 es = 0023 FS = 003b GS = 0000 EFL = 00000246
  20. * ** Error: Symbol file cocould not be found. defaulted to export symbols for NTDLL. dll-
  21. Ntdll! Kifastsystemcallret:
  22. 7c92e514 C3 RET
  23. 0: 000>! Analyze-V
  24. **************************************** ***************************************
  25. **
  26. * Exception analysis *
  27. **
  28. **************************************** ***************************************
  29. * ** Error: Symbol file cocould not be found. defaulted to export symbols for mfc42.dll-
  30. * ** Error: Symbol file cocould not be found. defaulted to export symbols for user32.dll-
  31. * *** OS symbols are wrong. Please fix symbols to do analysis.
  32. * ** Error: Symbol file cocould not be found. defaulted to export symbols for kernel32.dll-
  33. **************************************** *********************************
  34. ******
  35. ******
  36. * ** Your debugger is not using the correct symbols ***
  37. ******
  38. * ** In order for this command to work properly, your symbol path ***
  39. * ** Must point to. PDB files that have full type information .***
  40. ******
  41. *** Certain. PDB files (such as the Public OS symbols) do not ***
  42. * ** Contain the required information. Contact the group that ***
  43. *** Provided you with these symbols if you need this command ***
  44. * ** Work .***
  45. ******
  46. * ** Type referenced: image_nt_headers32 ***
  47. ******
  48. **************************************** *********************************
  49. * ** Error: Symbol file cocould not be found. defaulted to export symbols for ole32.dll-
  50. * ** Error: Symbol file cocould not be found. defaulted to export symbols for advapi32.dll-
  51. **************************************** *********************************
  52. ******
  53. ******
  54. * ** Your debugger is not using the correct symbols ***
  55. ******
  56. * ** In order for this command to work properly, your symbol path ***
  57. * ** Must point to. PDB files that have full type information .***
  58. ******
  59. *** Certain. PDB files (such as the Public OS symbols) do not ***
  60. * ** Contain the required information. Contact the group that ***
  61. *** Provided you with these symbols if you need this command ***
  62. * ** Work .***
  63. ******
  64. * ** Type referenced: Kernel32! Pnlsuserinfo ***
  65. ******
  66. **************************************** *********************************
  67. **************************************** *********************************
  68. ******
  69. ******
  70. * ** Your debugger is not using the correct symbols ***
  71. ******
  72. * ** In order for this command to work properly, your symbol path ***
  73. * ** Must point to. PDB files that have full type information .***
  74. ******
  75. *** Certain. PDB files (such as the Public OS symbols) do not ***
  76. * ** Contain the required information. Contact the group that ***
  77. *** Provided you with these symbols if you need this command ***
  78. * ** Work .***
  79. ******
  80. * ** Type referenced: Kernel32! Pnlsuserinfo ***
  81. ******
  82. **************************************** *********************************
  83. Faulting_ip:
  84. Test! Ctestdlg: fun3 + 6 [c: \ test \ testdlg. cpp @ 141]
  85. 00401ca6 c6400100 mov byte PTR [eax + 1], 0
  86. Prediction_record: ffffffff -- (. EXR 0 xffffffffffffffff)
  87. Predictionaddress: 00401ca6 (test! Ctestdlg: fun3 + 0x00000006)
  88. Exceptioncode: c0000005 (access violation)
  89. Predictionflags: 00000000
  90. Numberparameters: 2
  91. Parameter [0]: 00000001
  92. Parameter [1]: 00000001
  93. Attempt to write to address 00000001
  94. Process_name: test.exe
  95. Additional_debug_text:
  96. Use '! Findthebuild 'COMMAND to search for the target build information.
  97. If the build information is available, run '! Findthebuild-S;. Reload 'to set symbol path and load symbols.
  98. Module_name: Test
  99. Faulting_module: 7c920000 NTDLL
  100. Debug_flr_image_timestamp: 4fc48236
  101. Error_code: (ntstatus) 0xc0000005-"0x % 08lx"
  102. Prediction_code: (ntstatus) 0xc0000005-"0x % 08lx"
  103. Prediction_parameter1: 00000001
  104. Prediction_parameter2: 00000001
  105. Write_address: 00000001
  106. Followup_ip:
  107. Test! Ctestdlg: fun3 + 6 [c: \ test \ testdlg. cpp @ 141]
  108. 00401ca6 c6400100 mov byte PTR [eax + 1], 0
  109. Faulting_thread: 00001450
  110. Bugcheck_str: application_fault_null_class_ptr_dereference_invalid_pointer_write_wrong_symbols
  111. Primary_problem_class: null_class_ptr_dereference
  112. Default_bucket_id: null_class_ptr_dereference
  113. Last_control_transfer: From 00401c9c to 00401ca6
  114. Stack_text:
  115. 0012f89c 00401c9c 00000000 0012f8b4 00401c8c test! Ctestdlg: fun3 + 0x6 [c: \ test \ testdlg. cpp @ 141]
  116. 0012f8a8 00401c8c 00000000 0012f8cc 00401f27 test! Ctestdlg: fun2 + 0xc [c: \ test \ testdlg. cpp @ 137]
  117. 0012f8b4 00401f27 00000000 73d323eb 73dcf07c test! Ctestdlg: fun1 + 0xc [c: \ test \ testdlg. cpp @ 132]
  118. 0012f8bc 73d323eb 73dcf07c 00000111 0012f8fc test! Ctestdlg: onok + 0x7 [c: \ test \ testdlg. cpp @ 242]
  119. Warning: Stack unwind Information not available. Following frames may be wrong.
  120. 0012f8cc 73d322fd 0012fe94 00000001 00000000 mfc42! Ordinal567 + 0xa2
  121. 0012f8fc 73d976e5 00000001 00000000 00000000 mfc42! Ordinal4424 + 0x108
  122. 0012f920 73d33094 00000001 00000000 00000000 mfc42! Ordinal4431 + 0x1b
  123. 0012f970 73d31b58 00000000 0014120e 0012fe94 mfc42! Ordinal4441 + 0x51
  124. 0012f9f0 73d31b07 00000111 00000001 0014120e mfc42! Ordinal5163 + 0x2f
  125. 0012fa10 73d31a78 00000111 00000001 0014120e mfc42! Ordinal6374 + 0x22
  126. 0012fa70 73d319d0 0012fe94 00000000 00000111 mfc42! Ordinal1109 + 0x91
  127. 0012fa90 73dbe47c 0018124c 00000111 00000001 mfc42! Ordinal1578 + 0x34
  128. 0012 fabc 77d18734 0018124c 00000111 00000001 mfc42! Ordinal1579 + 0x39
  129. 0012fae8 77d18816 73dbe443 0018124c 00000111 USER32! Getdc + 0x6d
  130. 0012fb50 77d2927b 00000000 73dbe443 0018124c USER32! Getdc + 0x14f
  131. 0012fb8c 77d292e3 006d5120 007101c8 00000001 USER32! Getparent + 0x16c
  132. 0012 fbac 77d4ff7d 0018124c 00000111 00000001 USER32! Sendmessagew + 0x49
  133. 0012fbc4 77d1_d2 007156c0 00000000 007156c0 USER32! Createmdistmwa + 0x1bd
  134. 0012fbe0 77d25e94 001530ec 00000001 00000000 USER32! Deregistershellhookwindow + 0x6312
  135. 0012fc64 77d3b082 007156c0 00000202 00000000 USER32! Isdlgbuttonchecked + 0x109a
  136. 0012fc84 77d18734 0014120e 00000202 00000000 USER32! Softmodalmessagebox + 0xda3
  137. 0012fcb0 77d18816 77d3b036 0014120e 00000202 USER32! Getdc + 0x6d
  138. 0012fd18 77d189cd 00000000 77d3b036 0014120e USER32! Getdc + 0x14f
  139. 0012fd78 77d18a10 00404314 00000000 0012 fdac USER32! Getwindowlongw + 0x127
  140. 0012fd88 77d274ff 00404314 00404314 0040431c USER32! Dispatchmessagew + 0xf
  141. 0012 fdac 77d3c6d3 0018124c 007156c0 00404314 USER32! Isdialogmessagew + 0xdb
  142. 0012 fdcc 73d45202 0018124c 00404314 0012fe94 USER32! Isdialogmessage + 0x4a
  143. 0012 fddc 73d39be0 00404314 73d451ce 00404314 mfc42! Ordinal4047 + 0x2f
  144. 0012ff00 73d3c1cf 006f0072 00142373 00000000 mfc42! Ordinal5278 + 0x29
  145. 004034c0 00401c20 004019f0 00401a00 00401a10 mfc42! Ordinal1576 + 0x47
  146. 004034c4 004019ef 00401a00 00401a10 00402130 test! Ctestdlg: 'scalar deleting destructor'
  147. 004034c8 004019ff 00401a10 00402130 0040212a test! Ctestdlg ::~ Ctestdlg + 0xf
  148. 004034cc 00401a0f 00402130 0040212a 0040203a test! Cobject: serialize + 0xf
  149. 004034d0 00402130 0040212a 0040203a 00402034 test! Cobject: assertvalid + 0xf
  150. 004034d4 0040212a 0040203a 00402034 0040202e test! Cdialog: on1_msg
  151. 004034d8 0040203a 00402034 0040202e 00402028 test! Cwnd: onfinalrelease
  152. 004034dc 00402034 0040202e 00402028 00402022 test! Cve-target: isinvokeallowed
  153. 004034e0 0040202e 00402028 00402022 00401c70 test! Csf-target: getdispatchiid
  154. 004034e4 00402028 00402022 00401c70 0040201c test! Csf-target: gettypeinfocount
  155. 004034e8 00402022 00401c70 0040201c 00402016 test! Csf-target: gettypelibcache
  156. 004034ec 00401c6f 0040201c 00402016 00402010 test! Csf-target: gettypelib
  157. 004034f0 0040201c 00402016 00402010 0040200a test! Ctestdlg: _ getbasemessagemap + 0xf
  158. 004034f4 00402016 00402010 0040200a 00402004 test! Csf-target: getcommandmap
  159. 004034f8 00402010 0040200a 00402004 00401ffe test! Csf-target: getdispatchmap
  160. 004034fc 0040200a 00402004 00401ffe 00401ff8 test! Ccmdtarget: getconnectionmap
  161. 00403500 00402004 00401ffe 00401ff8 00401ff2 test! Csf-target: getinterfacemap
  162. 00403504 00401ffe 00401ff8 00401ff2 00401fec test! Csf-target: geteventsinkmap
  163. 00403508 00401ff8 00401ff2 00401fec 00402124 test! Csf-target: oncreateaggregates
  164. 00403608 004022fc 00402310 00000000 19930520 test! Csf-target: getinterfacehook
  165. 0040360c 00402310 00000000 19930520 00000008 test! Winmaincrtstartup + 0x13e
  166. 00403610 00000000 19930520 00000008 00403638 test! Winmaincrtstartup + 0x152
  167. Stack_command :~ 0 s;. ecxr; KB
  168. Faulting_source_code:
  169. 137 :}
  170. 138:
  171. 139: void ctestdlg: fun3 (char * pszbuffer)
  172. 140 :{
  173. > 141: pszbuffer [1] = 0x00;
  174. 142 :}
  175. 143:
  176. 144: bool ctestdlg: oninitdialog ()
  177. 145 :{
  178. 146: cdialog: oninitdialog ();
  179. Symbol_stack_index: 0
  180. Symbol_name: test! Ctestdlg: fun3 + 6
  181. Followup_name: machineowner
  182. Image_name: test.exe
  183. Bucket_id: wrong_symbols
  184. Failure_bucket_id: null_class_ptr_dereference_c0000005_test.exe! Ctestdlg: fun3
  185. Watson_stageone_url: http://watson.microsoft.com/StageOne/Test_exe/1_0_0_1/4fc48236/Test_exe/1_0_0_1/4fc48236/c0000005/00001ca6.htm? Retriage = 1
  186. Followup: machineowner
  187. ---------

Copy code

OK, so that we can accurately locate which function has a problem in the released version of the program, so remember to generate the PDB and map files when releasing the program, otherwise, if the customer fails to run, you will not die!

Test Project:

Dumptest.rar

original article:
http://blog.csdn.net/wangningyu/article/details/6748138

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.