使用 PDB 解码 StackWalker 的输出
Decoding output of StackWalker with PDB
我按照网上很多人的建议为我的 C++ 应用程序使用了 StackWalker 库 (https://github.com/JochenKalmbach/StackWalker)。出于安全目的,我们部署了一个没有 PDB 的可执行文件。可执行文件崩溃了,现在我们有了一个堆栈跟踪,我需要用 PDB 对其进行解码。有谁知道该怎么做?我无法想象每个人都推广了一个无法使用提供的 PDB 解码堆栈跟踪中的符号的库。但如果是这样的话……我感到羞耻:(。它至少在调试设置中肯定是有帮助的。
是否有更好的替代方法来捕获可由 PDB 稍后及时解码的崩溃堆栈跟踪?
堆栈中的狙击手:
C:\IceNeurosystems\bin\ice-engine\mkl_core.dll:mkl_core.dll (00007FFA42130000), size: 69988352 (result: 0), SymType: '-exported-', PDB: 'C:\IceNeurosystems\bin\ice-engine\mkl_core.dll', fileVersion: 2019.0.1.1
C:\IceNeurosystems\bin\ice-engine\mkl_avx2.dll:mkl_avx2.dll (00007FFA3EE90000), size: 53043200 (result: 0), SymType: '-exported-', PDB: 'C:\IceNeurosystems\bin\ice-engine\mkl_avx2.dll', fileVersion: 2019.0.1.1
C:\IceNeurosystems\bin\ice-engine\mkl_vml_avx2.dll:mkl_vml_avx2.dll (00007FFA3E220000), size: 12984320 (result: 0), SymType: '-exported-', PDB: 'C:\IceNeurosystems\bin\ice-engine\mkl_vml_avx2.dll', fileVersion: 2019.0.1.1
C:\Windows\system32\napinsp.dll:napinsp.dll (00007FFA604A0000), size: 90112 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\napinsp.dll', fileVersion: 6.2.17763.1
C:\Windows\system32\pnrpnsp.dll:pnrpnsp.dll (00007FFA60480000), size: 106496 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\pnrpnsp.dll', fileVersion: 6.2.17763.1
C:\Windows\System32\winrnr.dll:winrnr.dll (00007FFA60470000), size: 57344 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\System32\winrnr.dll', fileVersion: 6.2.17763.1
C:\Windows\system32\NLAapi.dll:NLAapi.dll (00007FFA602A0000), size: 110592 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\NLAapi.dll', fileVersion: 6.2.17763.134
C:\Windows\system32\wshbth.dll:wshbth.dll (00007FFA52100000), size: 86016 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\wshbth.dll', fileVersion: 6.2.17763.1
C:\Windows\SYSTEM32\dbghelp.dll:dbghelp.dll (00007FFA52960000), size: 2019328 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\SYSTEM32\dbghelp.dll', fileVersion: 6.2.17763.1432
C:\Windows\SYSTEM32\SspiCli.dll:SspiCli.dll (00007FFA63B20000), size: 192512 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\SYSTEM32\SspiCli.dll', fileVersion: 6.2.17763.1490
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670BA4305)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670BA4305)
00007FF670BA4305 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670B99865)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670B99865)
00007FF670B99865 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA64D2CE03)
00007FFA64D2CE03 (ucrtbase): (filename not available): seh_filter_exe
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670F2E6F5)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670F2E6F5)
00007FF670F2E6F5 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA48C6E3E0)
00007FFA48C6E3E0 (VCRUNTIME140): (filename not available): _C_specific_handler
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA67CD4A2F)
00007FFA67CD4A2F (ntdll): (filename not available): _chkstk
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA67C34CEF)
00007FFA67C34CEF (ntdll): (filename not available): RtlWalkFrameChain
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA67CD379E)
00007FFA67CD379E (ntdll): (filename not available): KiUserExceptionDispatcher
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670BB3D33)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670BB3D33)
00007FF670BB3D33 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670BB3A67)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670BB3A67)
谢谢!
如果 StackWalker 可以在事后符号化堆栈跟踪,我会感到惊讶。查看 API,它仅在首先创建堆栈跟踪时读取 PDB。
当我的软件崩溃时,我采用了不同的方法。我使用 MiniDumpWriteDump
to create a 'minidump' file which can then be read by Visual Studio or WinDbg。 Visual Studio(可能还有 WinDbg)然后可以应用本地存储的 PDB 来提供完全注释的堆栈跟踪(以及更多)。
你也应该知道Windows Error Reporting (WER)。我自己不使用它,但我听到了一些关于它的好消息。
我按照网上很多人的建议为我的 C++ 应用程序使用了 StackWalker 库 (https://github.com/JochenKalmbach/StackWalker)。出于安全目的,我们部署了一个没有 PDB 的可执行文件。可执行文件崩溃了,现在我们有了一个堆栈跟踪,我需要用 PDB 对其进行解码。有谁知道该怎么做?我无法想象每个人都推广了一个无法使用提供的 PDB 解码堆栈跟踪中的符号的库。但如果是这样的话……我感到羞耻:(。它至少在调试设置中肯定是有帮助的。
是否有更好的替代方法来捕获可由 PDB 稍后及时解码的崩溃堆栈跟踪?
堆栈中的狙击手:
C:\IceNeurosystems\bin\ice-engine\mkl_core.dll:mkl_core.dll (00007FFA42130000), size: 69988352 (result: 0), SymType: '-exported-', PDB: 'C:\IceNeurosystems\bin\ice-engine\mkl_core.dll', fileVersion: 2019.0.1.1
C:\IceNeurosystems\bin\ice-engine\mkl_avx2.dll:mkl_avx2.dll (00007FFA3EE90000), size: 53043200 (result: 0), SymType: '-exported-', PDB: 'C:\IceNeurosystems\bin\ice-engine\mkl_avx2.dll', fileVersion: 2019.0.1.1
C:\IceNeurosystems\bin\ice-engine\mkl_vml_avx2.dll:mkl_vml_avx2.dll (00007FFA3E220000), size: 12984320 (result: 0), SymType: '-exported-', PDB: 'C:\IceNeurosystems\bin\ice-engine\mkl_vml_avx2.dll', fileVersion: 2019.0.1.1
C:\Windows\system32\napinsp.dll:napinsp.dll (00007FFA604A0000), size: 90112 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\napinsp.dll', fileVersion: 6.2.17763.1
C:\Windows\system32\pnrpnsp.dll:pnrpnsp.dll (00007FFA60480000), size: 106496 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\pnrpnsp.dll', fileVersion: 6.2.17763.1
C:\Windows\System32\winrnr.dll:winrnr.dll (00007FFA60470000), size: 57344 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\System32\winrnr.dll', fileVersion: 6.2.17763.1
C:\Windows\system32\NLAapi.dll:NLAapi.dll (00007FFA602A0000), size: 110592 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\NLAapi.dll', fileVersion: 6.2.17763.134
C:\Windows\system32\wshbth.dll:wshbth.dll (00007FFA52100000), size: 86016 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\system32\wshbth.dll', fileVersion: 6.2.17763.1
C:\Windows\SYSTEM32\dbghelp.dll:dbghelp.dll (00007FFA52960000), size: 2019328 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\SYSTEM32\dbghelp.dll', fileVersion: 6.2.17763.1432
C:\Windows\SYSTEM32\SspiCli.dll:SspiCli.dll (00007FFA63B20000), size: 192512 (result: 0), SymType: '-exported-', PDB: 'C:\Windows\SYSTEM32\SspiCli.dll', fileVersion: 6.2.17763.1490
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670BA4305)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670BA4305)
00007FF670BA4305 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670B99865)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670B99865)
00007FF670B99865 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA64D2CE03)
00007FFA64D2CE03 (ucrtbase): (filename not available): seh_filter_exe
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670F2E6F5)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670F2E6F5)
00007FF670F2E6F5 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA48C6E3E0)
00007FFA48C6E3E0 (VCRUNTIME140): (filename not available): _C_specific_handler
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA67CD4A2F)
00007FFA67CD4A2F (ntdll): (filename not available): _chkstk
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA67C34CEF)
00007FFA67C34CEF (ntdll): (filename not available): RtlWalkFrameChain
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FFA67CD379E)
00007FFA67CD379E (ntdll): (filename not available): KiUserExceptionDispatcher
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670BB3D33)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670BB3D33)
00007FF670BB3D33 (MyProgram): (filename not available): (function-name not available)
ERROR: SymGetSymFromAddr64, GetLastError: 487 (Address: 00007FF670BB3A67)
ERROR: SymGetLineFromAddr64, GetLastError: 487 (Address: 00007FF670BB3A67)
谢谢!
如果 StackWalker 可以在事后符号化堆栈跟踪,我会感到惊讶。查看 API,它仅在首先创建堆栈跟踪时读取 PDB。
当我的软件崩溃时,我采用了不同的方法。我使用 MiniDumpWriteDump
to create a 'minidump' file which can then be read by Visual Studio or WinDbg。 Visual Studio(可能还有 WinDbg)然后可以应用本地存储的 PDB 来提供完全注释的堆栈跟踪(以及更多)。
你也应该知道Windows Error Reporting (WER)。我自己不使用它,但我听到了一些关于它的好消息。