Visual Studio debugging symbolic File

In frontThe checkpoint check procedure cannot be set.AndVisual StudioBreakpoint for debugging (advanced tutorial)Mentioned the debugging symbol file and its functions.ArticleI will introduce some usage of the debugging symbol file. If you are familiar with the debugging file, skip this article.

The debug symbol file provides the debugger with a slave binary MachineCodeAddressSource codeText File code line ing.Therefore, a symbolic file is available.,Talent:

1.Set breakpoints,Because the debugger needs the ing relationship provided by the symbol File,Converts the line number of the source code line to the address of the corresponding machine code.

2.ViewProgramStack,Simply put,That is, the debugger converts the address in the stack to the function name containing the address using the ing relationship.

3.View the value of a variable. For the machine, all the variables are just a memory address. When the program reads the value of a variable, it only reads the memory of the specified size according to the type of the variable.

4.It even calls some functions of the program, such as native (NativeAfter compilation, the program actually only becomes a piece of machine code. We callC ++When using a function, the debugger must translate the function name into the starting address of the corresponding machine code. Of course, it must follow certain function call rules to call this function.

We can view the functions of symbol files one by one:

View the program Stack

SetVisual StudioWith native programs (Native) The debugging mode is appended to an opened Notepad program (Note: Because my system is in English, Chinese menus are translated directly to English, and some may be inaccurate, so I will attach the English command to the back), and then interrupt the execution of the notepad process.-ClickVSIn the menu (Debug)"-"All interruptions (Break all)".

The following describes howVSAttach to the notepad process (Sorry, the recorded video is too large to know how to transfer it ).

1. click Visual Studio tool ( tools )" - " attach to process ...... ( attach to process... )".

2. select notepad.exe , of course, you must make sure that "attach to ... (Attach ...) " native )".

3.Click OKVisual StudioAppend to the notepad process that you just opened.

In this case, open the stack (Stack) Window, you should see a result similar to the following:

I cannot understand the stack above (my machine is64BitWindows 7, So the addresses are all8Bytes ). Therefore, we need something to help us translate hard-to-understand addresses (BIRDS) into meaningful words. This work is done by symbol files.

Because notepad is a program that comes with the operating system, we certainly cannot generate its own symbol file, but fortunately, Microsoft has long considered that some people may need to debug it.WindowsKernel-For example, if a programmer writes a driver, Microsoft hasWindowsSome symbolic files are made public, and the public addresses are:

Http://msdl.microsoft.com/download/symbols

InVisual StudioIs:

1.Click "tools (Tools)"-"Option (Options)".

2.In the "option (Options) Dialog box, select "Debug (Debugging)"-"Symbol file (Symbols)".

3.If yourVisual StudioYesVisual Studio 2008 SP 1Then, click "load the symbol file from the Microsoft symbol File Server (Load symbols from Microsoft symbols Server.

4.For other versions-Of course, it is a lower version, in the "symbol file path (Symbol file (. PDB) LocationsAdd a new row in the list box and enter the above link.

Then, in "cache the symbol file to this folder (Cache symbols from symbol servers to this directory:) "Text box, enter the path to the folder where you want to cache the symbolic files downloaded from the server.-After all, the server is in the United States. As shown in:

5.Click "OK (OK)"

6.For friends who have heard that English is not difficult, refer to the following link to learn how to set it:

Http://support.microsoft.com/kb/311503/zh-cn

Wait a long time later-Because the debugger needs to download the symbolic files of all the dynamic link library files referenced by the Notepad program one by one, you should see the stack information similar to the following:

In the description of this article, I hope you can understand the importance of the debugging symbol file:

1.If no debugging symbol file exists, you cannot view the stack.-This seems redundant. But most of the time, when we analyze the memory files stored in the autopsy debugging, the first step is to check what the stack looks like when the program crashes, if there is no debugging symbol file, we can't do anything.

 

2.How is the debugging symbolic file generated? The debugging symbol file is generated by the compiler. Because the compiler is responsible for translating the source code file in the text format into a binary program, the ing between the two is not clear. Each time you re-compile, the compiler generates the corresponding debugging symbol file.

Command for generating the debugging symbol file:

Programming Language	Compiler	Command Line Parameters
C #	csc.exe	/debug [: Full]
C ++/C	Cl.exe	/Zi Or Link.exeOf/DebugOption

 

3.For example, if a customer complains that the program cannot work, a serious error occurs (Bug), But what he is running is1.0Version of the program, but your company has re-developed2.0Version of the program. Because the source code is generally not provided to the customer, if you can find the original1.0It is good to recompile the source code of the version and install it on the client to reproduce it, but why not save it directly?1.0When debugging a version of the debugging symbol file, let the debugger directly find the source code? This involves the cooperation between the symbol file server and the source code file server, which may be described in later articles.