Symbols, in Microsoft Debugging Tools for Windows?

Question

Can anyone explain the need/use of 'symbols' in the Microsoft debugger?

I spent some time trying to figure out the debugger a while back and never was able to get it making any sense ( I was trying to debug a server hang).. Part of my problem was not having the proper 'symbols'.

So what are they.. and why would I need them.. Aren't I just looking for text.

Also, is there anyone out there who has a good grasp of the tool (Debugging Tools for Windows)? Any better links out there to using it as well would be awesome..

http://www.networkworld.com/news/2005/041105-windows-crash.html?page=2

Answer 1

If you just have the binary file, the only info you can typically get is the stack trace, and maybe the binary or IL(in .NET) instructions. Having the symbols lets you actually match that binary/IL instruction up with a corresponding line in the source code. If you have the source code, it also lets you hook up the debugger in Visual Studio and step through the source code.

Answer 2

On the Windows binary architecture, a the information needed for debugging (function names, file and line numbers, etc.) aren't present in the binary itself. Rather, they're collected into a .pdb file (Program DataBase), which the debugger uses to correlate binary instructions with the sorts of information you probably use while debugging.

So in order to debug a server hang, you need the pdb file both for the server application itself, and optionally for the Windows binaries that your server is calling into.

As a general note, my experience with windbg is that it was much, much harder to learn how to use compared to gdb, but that it has much greater power once you understood how to use it. (The opposite of the usual case with Windows/Linux tools, interestingly.)

Answer 3

You need symbols in order to translate addresses into meaningful names. For example, you have locations on your stack at every function call:

0x00003791
0x00004a42

Symbols allows the debugger to map these addresses to methods

0x00003791 myprog!methodnamea
0x00004a42 myprog!methodnameb

When you build a debug version of a program, the compiler emits symbols with the extension .PDB. It also contains line information so you can do source code debugging, etc..

You need to set your symbol search path correctly for the debugger to pick this up. IN the command window you can do

.sympath c:\symbols;c:\temp\symbols

in order to have it search for the .PDB in these directories. It will also look in the same directory that the executable is ran from.

It also might be helpful to use the Microsoft public symbols server so that you can resolve OS binaries such as NTDLL, GDI, etc.. with this path at the beginning:

.sympath SRV*c:\websymbols*http://msdl.microsoft.com/download/symbols;c:\symbols

You will need to create c:\websymbols first.