How to find line numbers matching offsets in stack trace using windbg?

Question

How to find line numbers matching offsets in stack trace using windbg?

I have a crash dump of unmanaged C ++ code.

I opened it with Windbg, set the symbol path and source path. Ran! Parse -v and get the next stack trace

STACK_TEXT: 094efec0 7439fdc8 8b6ac787 00000000 00000000 WINSPAMCATCHER!_invalid_parameter_noinfo+0xc [f:\dd\vctools\crt_bld\self_x86\crt\src\invarg.c @ 125] 094eff3c 743a005e 085c37d8 74547d66 085c37d8 WINSPAMCATCHER!SpamCatcher::SCEngine::ruleUpdateLoop+0x338 094eff44 74547d66 085c37d8 8b6ac637 00000000 WINSPAMCATCHER!SpamCatcher::SCEngine::ruleUpdateLoopWrapperWin+0xe 094eff7c 74547e0e 00000000 094eff94 771df13c WINSPAMCATCHER!_callthreadstartex+0x1b [f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c @ 348] 094eff88 771df13c 091707c8 094effd4 7769d80d WINSPAMCATCHER!_threadstartex+0x82 [f:\dd\vctools\crt_bld\self_x86\crt\src\threadex.c @ 326] WARNING: Stack unwind information not available. Following frames may be wrong. 094eff94 7769d80d 091707c8 7e3e52db 00000000 kernel32+0x8f13c 094effd4 7769da1f 74547d8c 091707c8 00000000 ntdll+0x7d80d 094effec 00000000 74547d8c 091707c8 00000000 ntdll+0x7da1f

From the previous stack trace, I don't see the line number SCEngine :: ruleUpdateLoop + 0x338. Instead, I see an offset of 0x338. I guess this is some kind of assembly offset. Is it possible to find the line number corresponding to this offset using windbg?

+4

stack-trace offset offset windbg

chitti Aug 1 '11 at 10:01

source share

4 answers

This usually happens when module characters cannot be found. Use the lm command to display all modules.

lm

Look for SpamCatcher and see if it found your personal characters (good), or if they use export characters (bad).

The itoldyouso extension should also tell you if your PDBs match or not.

 !itoldyouso SpamCatcher

If you need to further resolve the character problem, try enabling verbose character loading, and then reload the characters:

 !symnoisy .reload /f

+1

pepsi Aug 1 '11 at 23:09

source share

Open the call stack window (available on the toolbar of the main window), then switch the Source button in the toolbar of the Call Stack window to activate it. Next, in the main window, type

 .excr

Then, in the call stack window, the entries will have the file path and line number.

Finally, if you have loaded the source file (s), you can simply double-click on the entry and a pop-up window will appear with a highlighted line. :)

0

sergiol Jun 14 '16 at 17:50

source share

using ".lines" will turn line numbers on or off

Enable
```
 .lines -e 
```
Disable
```
 .lines -d 
```
Toggle
```
 .lines -t 
```

-1

Sriram subramanian Aug 1 '11 at 16:39

source share

John · Accepted Answer · 2011-08-02T00:29:43+0000

The characters for your program (or is it a DLL?) Were loaded correctly, as can be seen from the line numbers for the CRT functions. Make sure you specify / Zi in the compiler.

You can also try to figure out the line number by looking at the disassembly u WINSPAMCATCHER!SpamCatcher::SCEngine::ruleUpdateLoop WINSPAMCATCHER!SpamCatcher::SCEngine::ruleUpdateLoop+0x338 and decompilation in your head. It is not as difficult as you think. I recommend this document at the beginning.

How to find line numbers matching offsets in stack trace using windbg?

More articles: