Windbg Symbol path – Part 1
Windbg Symbol path configuration
This part ” Windbg Symbol path – Part 1” is dedicated to the definition, verification of Windbg tool installation ,first look of windbg and impact on analysis if windbg symbol path is not configured.
Next blog with the title “Windbg Symbol path – Part 2” will be dedicated to Symbol path configuration in Windbg , through command prompt and global configuration of Symbol path for all Windows Tools [which we will discuss later on].
What is Symbol ?
A file with extension .pdb contains symbols related to the associated program . Here we are taking about Debugging Memory Dump file of an operating System , so the pdb file will be associated with the specific dll files or exe files of an operating system . In general , Symbol files contains a footprint of the functions that are contained in an executable files and the dynamic-link libraries (DLLs). Thus ,if you want to debugg an application , you need symbol file of that application.
These symbol files not only provides footprint but also present a roadmap of the function calls which leads to the point of failure. It helps in finding the root cause of the fault happened.
What is Symbol Path ?
For Microsoft tools
http://msdl.microsoft.com/download/symbols
For application ,you may need to contact application vendor, most of the time application debugging is done by Application Vendor.
SYMBOL PATH is a location where all the relevant and important publicly available pdb files are stored. We can download it locally for debugging purpose.
Configuring Symbol Path to the application or in the environment variable enables the access of Symbol files in order to understand the stacks in the debugging tool.
Above mentioned link is not browse-able. It is intended for access by the debugging application or to the application which need it for representation of the functions and its call.
Verifying Windows Debugging Tool Installation
Before we proceed further let us check if we have followed WINDOWS DEBUGGING TOOL INSTALLATION correctly and Windows Debugger is installed in our computers.
If you have installed both version ,it doesn’t matter which version you are running. Both Windbg (x86) and Windbg (x64) will solve your purpose and both could be used for analysis of Memory dump from 32-bit or 64-bit architecture Operating System. Getting in depth regarding the difference is of no concern at the moment.
First Look of Windows debugger
Click on ” Symbol File Path… ” or press ” Ctrl+S ” , a blank pop-up windows will appear which means no symbol path is configured.
Click on “Open Crash Dump …” or press “Ctrl+D” . A browser windows will pop-up so that you can upload the memory dump file . Its necessary that the file extension must be .dmp where as doesn’t matter with the file name.
Please feel free to read article on Memory Dump, its configuration and method to do it .
As soon as you have loaded the memory.dmp file in windows debugger [windbg] without configuring Windbg symbol path. You will receive screen like mentioned below or of similar kind.
Without Symbols its worthless to debug any dump file whether its memory dump file of an operating system or dump file of an application.
In the next part ,we will be discussing more on methods of configuring Windbg Symbol path. We will be discussing which configuration will be temporary or permanent.