WINDBG NTDLL问题。 [英] WINDBG NTDLL problem.
问题描述
我目前遇到WINDBG问题。 虽然我为srv * C:\ symbols * http://msdl.microsoft.com/download/symbols设置了我的符号路径,但我从来没有收到以下错误:
I am currently having problems with WINDBG. Though I have my symbol path set for srv*C:\symbols*http://msdl.microsoft.com/download/symbols, I never the less am getting the following error:
***错误:找不到符号文件。 默认导出ntkrnlmp.exe的符号 - Windows 7内核版本7601(Service Pack 1)
*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrnlmp.exe - Windows 7 Kernel Version 7601 (Service Pack 1)
删除所有符号文件并重新下载所有内容后,我进入了WinDbg并试图在ntdll.dll上重新加载。 以下是我发布的命令:
After deleting all of my symbol files and re-downloading everything, I went into WinDbg and tried to do a reload on ntdll.dll. The following are the commands I issued:
lkd> !sym noisy
lkd> !sym noisy
lkd> .reload / f ntdll.dll
lkd> .reload /f ntdll.dll
" ntdll.dll"在图像列表中找不到。
"ntdll.dll" was not found in the image list.
调试器将尝试加载"ntdll.dll"。在给定的基数00000000'00000000。
Debugger will attempt to load "ntdll.dll" at given base 00000000'00000000.
请提供完整的图像名称,包括扩展名(即kernel32.dll)
Please provide the full image name, including the extension (i.e. kernel32.dll)
以获得更可靠的结果。基本地址和大小覆盖可以为.reload< image.ext> =< base>,size> ;.
for more reliable results. Base address and size overrides can be given as .reload <image.ext>=<base>, size>.
DBGENG:ntdll.dll - 部分符号图像加载缺少图像到。
DBGENG: ntdll.dll - Partial symbol image load missing image into.
DBGHELP:没有ntdll.dll的标题。 正在搜索dbg文件。
DBGHELP: No header for ntdll.dll. Searching for dbg file.
DBGHELP:.\\\
tdll.dbg - 找不到文件。
DBGHELP: .\ntdll.dbg - file not found.
DBGHELP:。\ dll \ ndd。 dbg - 找不到路径。
DBGHELP: .\dll\ntdll.dbg - path not found.
DBGHELP:。\ symbols\dll\\\
tdll.dbg - 找不到路径。
DBGHELP: .\symbols\dll\ntdll.dbg - path not found.
DBGHELP :. ntdll.dll缺少调试信息。 无论如何都要搜索pdb。
DBGHELP: .ntdll.dll missing debug info. Searching for pdb anyway.
DBGHELP:不能使用符号服务器来获取ntdll.pdb - 没有可用的头信息。
DBGHELP: Can't use symbol server for ntdll.pdb - no header information available.
DBGHELP:ntdll.pdb - 找不到文件
DBGHELP: ntdll.pdb - file not found
DBGHELP:ntdll - 没有加载符号
DBGHELP: ntdll - no symbols loaded
无法在00000000'00000000处添加模块
Unable to add module at 00000000'00000000
有没有人知道为什么会这样?
Does anyone out there know why this is occuring?
推荐答案
根据您的cmd-prompt,您似乎正在使用本地内核调试?
对于windbg回退到ntkrnlmp.exe的导出符号,我假设还没有加载ntkrnlmp.pdb。
当做
!sym noisy <$ em $ b .reload / f nt
windbg会查找图像文件吗?
然后可能是分页内存的问题。
你也可以尝试获取更多信息
!lmi ntkrnlmp.exe
!lmi ntdll.dll (虽然根据你的错误信息,我希望"找不到")
有时在本地内核调试期间(我不经常使用)我必须切换到用户进程加载 ntdll.dll的符号
According to your cmd-prompt, you seem to be using local-kernel debugging?
For windbg falls back to exported symbols for ntkrnlmp.exe, I assume also ntkrnlmp.pdb is not loaded.
When doing a
!sym noisy
.reload /f nt
does windbg look for image-file?
Then probably it is a matter of paged-out memory.
Also you may try for more info
!lmi ntkrnlmp.exe
!lmi ntdll.dll (though for this one I would expect 'not found' according to your error message)
Sometimes during local-kernel-debugging (which I do not use very often) I have to switch to a user process to load symbols for ntdll.dll
PROCESS 84fcf9a8 SessionId: 1 Cid: 0c5c Peb: 7ffd9000 ParentCid: 060c
DirBase: 7c2beac0 ObjectTable: 94401af8 HandleCount: 76.
Image: notepad.exe
lkd> .process /r /p 84fcf9a8
Implicit process is now 84fcf9a8
Loading User Symbols
..........................
DBGHELP: c:\windows\symbols\dll\ntdll.pdb - file not found
DBGHELP: c:\windows\symbols\dll\dll\ntdll.pdb - file not found
DBGHELP: c:\windows\symbols\dll\symbols\dll\ntdll.pdb - file not found
DBGHELP: ntdll - public symbols
c:\symbols\mssymbols\ntdll.pdb\6E883...593F26D92\ntdll.pdb此外,您是否已经尝试过Sysinternals livekd虽然使用静态快照似乎有点受限制。
Besides, have you already tried Sysinternals livekd, though it seems to be a little bit more restricted using a static snapshot.
无保修
亲切的问候
No warranty
With kind regards
这篇关于WINDBG NTDLL问题。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
