Mailing List Archive

Debug Symbols for the Windows version to analyze crash dumps
Hello

In one of our installed environments which is windows based we are running into clamd.exe crashing more often. To isolate the cause we are capturing the crash dump. To analyze that would require the debug symbols. Is there a place where it is made available that can be consumed?

Thanks
Sreeram

Get Outlook for Android<https://aka.ms/AAb9ysg>
Re: Debug Symbols for the Windows version to analyze crash dumps [ In reply to ]
Hi Sreeram,

The ClamAV windows builds that we publish on our website are Release builds, so there are no PDB files to share for debug symbols.
You would have to do a Debug build in order to have a clamav install that has debug symbols.

If you're up for compiling clamav on Windows yourself, have a look at the INSTALL.cmake.md file. It's easiest to use vcpkg to supply library dependencies though you could also use Mussels. See https://github.com/Cisco-Talos/clamav/blob/dev/0.104/INSTALL.cmake.md#windows-build-with-vcpkg for details. And of course, use "Debug" instead of "Release".

Tangent: There is an issue with the PE parser right now where it tries to set the endianness of the variables in a couple of structures in read-only memory which causes a crash if you're using a Debug build. The endianness for these variables is actually already correct on Windows x86/x86_64 systems so the code there doesn't _really_ do anything, but in Debug mode the compiler doesn't optimize away the call so it thinks it is changing read-only memory and this causes a crash. TL;DR is that if you do make a Windows Debug build, expect to see a crash from this when scanning PE files. It's not an actual issue that would affect Release-mode builds, but is a problem with testing Debug builds on Windows right now. It's on my to-do list to resolve this.

-Micah

From: clamav-users <clamav-users-bounces@lists.clamav.net> On Behalf Of Sreeram Nanjundan via clamav-users
Sent: Tuesday, May 18, 2021 11:13 AM
To: clamav-users@lists.clamav.net
Cc: Sreeram Nanjundan <sreeramn@yahoo.com>
Subject: [clamav-users] Debug Symbols for the Windows version to analyze crash dumps

Hello

In one of our installed environments which is windows based we are running into clamd.exe crashing more often. To isolate the cause we are capturing the crash dump. To analyze that would require the debug symbols. Is there a place where it is made available that can be consumed?

Thanks
Sreeram

Get Outlook for Android<https://aka.ms/AAb9ysg>