开发者

Getting symbol related error despite pointing to Microsoft symbol server

开发者 https://www.devze.com 2023-04-04 07:26 出处:网络
Trying to debug a dump file in Windbg. Its a managed that interops with some Microsoft native libraries. I have setup symbol path to .sympath SRV*c:\\SymbolsCash*http://msdl.microsoft.com/download/sym

Trying to debug a dump file in Windbg. Its a managed that interops with some Microsoft native libraries. I have setup symbol path to .sympath SRV*c:\SymbolsCash*http://msdl.microsoft.com/download/symbols.

I loaded SOS without any problem. I can run sos commands without any error. I can also run most of the Windbg command fine (like ~, kb, .time etc), however for some command (e.g., !address -summary) I get following error.

Your debugger is not using the correct symbols

In order for this command to work properly, your symbol path

must point to .pdb files that have full type information.

Certain .pdb files (such as the public OS symbols) do not

contain the required information. Contact the group that

provided you with these symb开发者_开发百科ols if you need this command to

work.

Type referenced: ntdll!_NT_TIB

Any ideas what I am missing here?


From your output, we can see you don't have symbols for ntdll. Note the line (3rd in the output above) that says you are using "export symbols". This means that you don't have the symbols for this module and the debugger is only using the entries from the module's export table. The structure you need is not included in the limited info that is the export table.

Your symbol path should look like:

SRV*<local symbol cache directory>*http://msdl.microsoft.com/download/symbols

example:

SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

If you have your symbol path setup correctly, you can turn on verbose symbol loading by running:

!sym noisy

Then force a reload for ntdll.dll:

.reload /f ntdll.dll

Use the output to determine why you are not getting the symbol. Then turn off verbose symbol loading by running:

!sym quiet

Also, I prefer the !lmi <binary> (e.g. !lmi ntdll) over lmvm when troubleshoot symbol loading. The output is a little clearer about what you have. At the end of the !lmi output you will see the line "Load report".


What does lmv mntdll say?

As the output says, it's possible that the type just isn't in that version of the public PDBs. It's not uncommon to find that debugger extensions don't work with specific versions of the O/S.


@snoone: Below is the output of lmv mntdll command 0:000> lmv mntdll
start end module name
76e40000 76f7c000 ntdll (export symbols) ntdll.dll
Loaded symbol image file: ntdll.dll
Image path: C:\Windows\System32\ntdll.dll
Image name: ntdll.dll
Timestamp: Sat Nov 20 07:05:02 2010 (4CE7B96E)
CheckSum: 001490D9
ImageSize: 0013C000
File version: 6.1.7601.17514
Product version: 6.1.7601.17514
File flags: 0 (Mask 3F)
File OS: 40004 NT Win32
File type: 2.0 Dll
File date: 00000000.00000000
Translations: 0409.04b0
CompanyName: Microsoft Corporation
ProductName: Microsoft® Windows® Operating System
InternalName: ntdll.dll
OriginalFilename: ntdll.dll
ProductVersion: 6.1.7601.17514
FileVersion: 6.1.7601.17514 (win7sp1_rtm.101119-1850)
FileDescription: NT Layer DLL
LegalCopyright: © Microsoft Corporation. All rights reserved.

0

精彩评论

暂无评论...
验证码 换一张
取 消