Tutorial :WinDbg symbol resolution


When using WinDbg, where should the private symbol files (pdb?) be placed?

My situation is: I have a DLL which I want to debug. I have the source code and symbol files for this DLL. This DLL is called by another DLL (which I don't have symbols or source for) which, in turn, is called by an EXE (which I also don't have symbols or source for).

My problem is that I am getting a warning that says

*** WARNING: Unable to verify checksum for C:\TheProgram\SomeSubfolder\AnotherSubfolder\MyDll.dll

This warning I think is the reason why I am getting the following type of messages in the call stack:


My file structure looks something like this:

The exe: C:\TheProgram\program.exe

The calling dll: C\TheProgram\SomeSubfolder\caller.???

My DLL that I want to debug: C:\TheProgram\SomeSubfolder\AnotherSubfolder\MyDll.dll

Note: I set Symbol File path and the Source file path to where the debug DLL was generated, in my workspace on a different drive from the exe.. But I did copy the pdb + map files and put it on the dll that I wanted to debug..


Sorry for the late reply.
In your post you mention that you are seeing the following error message.

*** WARNING: Unable to verify checksum for C:\TheProgram\SomeSubfolder\AnotherSubfolder\MyDll.dll  

You also ask the question, "where do I put my symbols for my DLL in the symbol path?"

Here is a response for the first problem:

Steps to identify mismatched symbols.

  1. !sym noisy
  2. .reload
  3. x MyDll!*class*
    *This reloads your dll, alternatively you can type kb to display the call stack of the DLL which should load it as well.
  4. !sym quiet
    *Reset's back to original quiet symbol loading

Also you can run

0:001> lmv m myDll  *(and examine the Checksum)  

Note: If you have a checksum, then Windbg can match the checksum of the DLL against the checksum of the PDB. Every development environment has a different way to generate a checksum.

Here is the response for the questions about where to put the PDBs

If you have MyDll.pdb added to a symbol store then you can use the following syntax

.sympath SRV*c:\symcache*http://msdl.microsoft.com/download/symbols   

As Roger has suggested above...

However if you just have the PDB locally, you may want to put the path to the PDB first before going out to the symbol server like this

.sympath C:\TheProgram\SomeSubfolder\AnotherSubfolder\;SRV*c:\symcache*http://msdl.microsoft.com/download/symbols  

This way Windbg should look local to your SomSubFolder dir before trying to use the Symbols Server cache.

Thanks, Aaron


It does not matter where you put private symbol files as long as you're able to tell the debugger where they are.

The warning you're seeing does not have any effect on the stack trace, but the fact you're missing symbols for caller.DLL and app.EXE does.

Configuring symbols in windbg (locally) is as simple as using:

.sympath[+] path_to_pdbs
.symfix+ path_to_system_pdb_store

You seeing:

actually means nothing as long as SomeHexAddress is reasonable (and provided that MyDll.pdb has been found and loaded!) - it looks like a proper call stack entry.

Now, my question would be, what is the problem that you're stuck with?

P.S. you don't need .map file with windbg.


As part of our build process, we copy the private PDB files and the released EXE/DLL files to a symbol server. At its simplest, this is just a UNC path, but you can configure it for access using HTTP.

To copy your output files, use the SYMSTORE.EXE program.

Then, configure your debugger (we use Visual Studio and WinDbg) to look in that path. For WinDbg, the simplest way to do this is to set an environment variable:

_NT_SYMBOL_PATH=      SRV*C:\WebSymbols*http://msdl.microsoft.com/download/symbols;      \\symsvr\Symbols  

(that should all be on one line)

This configures WinDbg to look on the Microsoft Symbol Server (caching the files in C:\WebSymbols) and also to look in a local symbol store (\\symsvr\Symbols).

We also use the Source Server tools to store SVN details in the PDB file, meaning that we can get back to the exact source file used to build a particular release. Look in ...\Debugging Tools for Windows (x86)\srcsrv.


One option is to leave the symbol files where they are (i.e. in the build output folder) and then use -y WinDbg command line option to locate these files. Using this approach should guarantee that the symbol files are always be up to date.

From the Microsoft Help:

-y SymbolPath   Specifies the symbol search path. Separate multiple paths with a   semicolon (;). If the path contains spaces, it should be enclosed   in quotation marks. For details, and for other ways to change this   path, see Symbol Path.   

Note:If u also have question or solution just comment us below or mail us on toontricks1994@gmail.com
Next Post »