5

Background

When working on a closed network (i.e. no internet connection), Microsoft's public symbol server isn't available during my debugging sessions. I'm most interested in the debug symbols for the Windows system libraries and the C-runtime libraries (e.g. kernel32.dll, mscvrt100.dll).

I've created a debug symbol server on the closed network and "seeded" it with the debug symbol packages from here. The problem is that as Windows updates, some binaries need to get updated symbols. I don't know of any place where these are "neatly" bundled for download. The only option I'm aware of is to use symchk to download symbols for everything in the Windows/system32 directory on the machine that will be used for debugging which is tedious and time consuming.

Question

How do you operate and update a symbol server for Microsoft Windows on a closed network? Is there any way to "mirror" say, all of the Windows debug symbols such that you get the symbols for not just the releases and service packs but also the hotfixes and rollups?

Zach Burlingame
  • 13,476
  • 14
  • 56
  • 65

2 Answers2

5

Another option to populate your 'closed network symbol' store is to use symchk this way :

  • go on the target machine (the one you want the symbols). Install windbg and run the command symchk /r c:\windows\*.dll /om c:\symbols.txt

  • on a machine connected to the internet, retreive the symbols.txt file generated and use the same symchk : symchk /im c:\temp\symbols.txt

In the first step, symchk will generate a text file with the signatures of the binaries of the target machine. In the second step, this list is read and symchk actually retreives the pdb files from the Microsoft Symbol Server.

bacar
  • 9,761
  • 11
  • 55
  • 75
Thierry Franzetti
  • 1,763
  • 12
  • 12
  • 1
    It appears there is no way to generate a mirrored subset of the Microsoft Public Symbol server. The best I could do is download all the symbol packs for the various versions of Windows to 'seed' my symbol server. Then I took several machines and ran symchk on their C:\Windows directories as you suggested and then pulled down their PDBs from an online machine. Finally I merged those into my offline symbol server. It's not ideal because there may be various versions of DLLs on different machines at different patch levels that I didn't get by using this method but it seems to be the best I can do – Zach Burlingame Oct 03 '11 at 12:31
  • 2
    I found the export (`/om`) to be incredibly slow - in addition to spitting out a manifest, it appears to be actually attempting to check the symbols for the DLLs, possibly attempting to connet to the internet for every DLL. Got orders of magnitude speedup if I explicitly told it to look for existing symbols in a non-existent directory with the `/s` option, e.g. `symchk /r C:\WINNT\*.dll /om D:\winnt_symbols.txt /s C:\temp\foo` – bacar Oct 27 '15 at 17:38
0

Microsoft used to provide symbol packages back in the previous century. Those days are over, an Internet connection is assumed.

You'll need to spike the symbol cache of a machine outside of that closet. Write a little test program that uses as many similar DLLs as possible and debug it. Then copy the symbol cache contents to the secured machine, somehow. Although the odds that you'll get a exact DLL vs PDB version match are not that great, given that this secured machine probably doesn't get Windows updates either.

Hans Passant
  • 922,412
  • 146
  • 1,693
  • 2,536
  • 1
    That last part is actually the tricky bit. The machines do receive regular updates so I can't just "freeze" the OS version (say, Win7 SP1, no further updates) and then get all the symbols for just that version. Basically every month I'd have to manually identify which symbols need to be updated as result of the latest patches, download, and ferry them over. – Zach Burlingame Sep 19 '11 at 15:04