locked
where to put debug symbols RRS feed

  • Question

  • Just getting started with windbg although I have a fair amount of experience with debugging.

    Typically, the instructions for windbg give a shell of an explanation without expanding on intricacies. I am setting up a symbol store on my Windows machine (Win 7 - x64) and I have to download both x64 and x86 symbols. I am putting them in different directories named symbols\private and symbols\private64. If I download symbols for XP later on, I suppose I'll need to create another directory too. I also have a directory under symbols for web symbol downloads.

    What is the proper way to set up a symbol store for windbg?

    I have seen an environment statement for Windows like _NT_SYMBOL_PATH and _NT_ALT_SYMBOL_PATH with the path as:

    “c:\symbols\private;srv*c:\symbols\web*http://msdl.microsoft.com/download/symbols”

    I am thinking of adding the x64 symbols directory as:

    “c:\symbols\private;c:\symbols\private64;srv*c:\symbols\web*http://msdl.microsoft.com/download/symbols”

    That is getting kind of messy, however, especially if I add another directory for XP x32.

    Is there not a way to do this from windbg in table form?

    Tuesday, October 25, 2016 10:18 AM

All replies

  • Update.

    I loaded the paths to the symbol directories using .sympath c:\symbols\private;c:\symbols\private64 and windbg seemed happy with that. I failed to mention that I am debugging remotely on VMPlayer with an XP Pro guest system. When I restarted windbg it claimed the following:

    **Error: Symbol file could not be found

    It seems to be looking for the symbols in XP Pro running in the VM. Should the symbols be on the target machine?

    Or...is it maybe looking for XP symbols for an XP Kernel?

    Tuesday, October 25, 2016 10:53 AM
  • Answering my own question, hopefully.

    I added the rest of the statement to the symbol paths:

    c:\symbols\private;c:\symbols\private64;srv*c:\symbols\web*http://msdl.microsoft.com/download/symbols

    and windbg seems to have connected to the VM. I'm not sure if it accessed the XP symbols on the web but I need to verify that by d/ling the XP symbols and adding another path to my symbol store.

    Is there a way to verify the ntoskrnl version using the PDB file or it's identifier = 47A5AC97343A4A7ABF14EFD9E99337722

    I am thinking out loud instead of just doing it in case a newbie has the same initial problem as me.

    Tuesday, October 25, 2016 11:38 AM
  • Is there a way to verify the ntoskrnl version using the PDB file or it's identifier

    Yes. Use the windbg (extension) command !itoldyouso 

    http://devcenter.wintellect.com/jrobbins/itoldyouso-an-undocumented-windbg-extension-command

    -- pa

    Wednesday, October 26, 2016 8:39 PM