SymInitialize失败，错误2147483661 [英] SymInitialize failed with error 2147483661

问题描述

任何想法为什么会发生这种情况？该方法对于当前进程是无瑕疵的，并且对于在同一本地机器上运行的远程进程无效，对于我来说有一个垃圾错误代码2147483661（0x80000000D），因为在这个特定错误代码的任何地方都没有提示，或者我是否缺少某些东西？ 。
另外，我觉得因为 SymInitialize 本身失败，所以 SymFromAddr 。我正确吗？

该过程正以admin身份运行，并具有SeDebug和SeSecurity权限。

  bool DbgHelpWrapper :: MatchTargetSymbol（IntPtr processHandle，int procId，int threadId）
 {
 DWORD dwStartAddress; 
 DWORD dwInitializeError; 
 DWORD dwThreadID = static_cast< DWORD>（threadId）; 
 DWORD dwProcessId = static_cast< DWORD>（procId）; 
 HANDLE hRemoteProcess = OpenProcess（PROCESS_ALL_ACCESS，FALSE，dwProcessId）; 
 
 if（GetThreadStartAddress（processHandle，dwProcessId，dwThreadID，& dwStartAddress））
 {
 dwInitializeError = ERROR_SUCCESS; 
} else {
 dwInitializeError = Marshal :: GetLastWin32Error（）; 
 System :: Console :: WriteLine（String :: Format（GetThreadStartAddress failed：{0}，dwInitializeError））; 
} 
 
 try 
 {
 DWORD dwSymSetOptStatus = SymSetOptions（SYMOPT_DEFERRED_LOADS | SYMOPT_UNDNAME | SYMOPT_LOAD_LINES）; 
 DWORD dwSymInitStatus = ERROR_SUCCESS; 
 if（dwSymInitStatus = SymInitialize（hRemoteProcess，NULL，TRUE））{
 dwInitializeError = ERROR_SUCCESS; 
} else {
 dwInitializeError = Marshal :: GetLastWin32Error（）; 
 System :: Console :: WriteLine（String :: Format（SymInitialize failed：{0} error：{1}，dwSymInitStatus，dwInitializeError））; 
返回false; 
} 
 const int kMaxNameLength = 256; 
 
 ULONG64缓冲区[（sizeof（SYMBOL_INFO）+ kMaxNameLength * sizeof（wchar_t）+ sizeof（ULONG64） -  1）/ sizeof（ULONG64）]; 
 memset（buffer，0，sizeof（buffer））; 
 
 //初始化符号信息检索结构。 
 DWORD64 sym_displacement = 0; 
 PSYMBOL_INFO symbol = reinterpret_cast< PSYMBOL_INFO>（& buffer [0]）; 
 symbol-> SizeOfStruct = sizeof（SYMBOL_INFO）; 
 symbol-> MaxNameLen = kMaxNameLength  -  1; 
 if（SymFromAddr（hRemoteProcess，（DWORD64）dwStartAddress，& sym_displacement，symbol））
 {
 System :: String ^ name = gcnew System :: String（symbol-> Name） ; 
 System :: Console :: WriteLine（String :: Format（Found Module with ModuleName：{0}，name））; 
 if（name-> Contains（this-> symbolName））
 {
 return true; 
} 
} 
 else 
 {
 dwInitializeError = Marshal :: GetLastWin32Error（）; 
 System :: Console :: WriteLine（String :: Format（SymFromAddr failed：{0}，dwInitializeError））; 
} 
} 
 finally 
 {
 CloseHandle（hRemoteProcess）; 
} 
返回false; 
} 
  

解决方案

在这种情况下，可能是该进程尚未完全启动。在我的调试器代码中，我在WaitForDebugEvent返回一个CREATE_PROCESS_DEBUG_EVENT事件代码后立即调用SymInitialize。这给了0x80000000D。稍后调用它（就在我需要一个堆栈步骤之前）成功了。

Any idea why this happens? The method works flawlessly for the currentprocess and fails for remote process running on the same local machine with a garbage error code 2147483661 (0x80000000D) for me, since there is no hint at all anywhere about this particular error code, or am i missing something?. Also, I feel; since SymInitialize itself failed, and so is SymFromAddr. Am I correct?

The process in question is running as admin and does have the SeDebug and SeSecurity Privileges.

bool DbgHelpWrapper::MatchTargetSymbol( IntPtr processHandle, int procId, int threadId )
{
    DWORD dwStartAddress;
    DWORD dwInitializeError;
    DWORD dwThreadID = static_cast<DWORD>(threadId);
    DWORD dwProcessId = static_cast<DWORD>(procId);
    HANDLE hRemoteProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, dwProcessId );

    if (GetThreadStartAddress( processHandle, dwProcessId, dwThreadID, &dwStartAddress ))
    {
        dwInitializeError = ERROR_SUCCESS;
    } else {
        dwInitializeError = Marshal::GetLastWin32Error();
        System::Console::WriteLine( String::Format("GetThreadStartAddress failed: {0}", dwInitializeError ));
    }

    try
    {
        DWORD dwSymSetOptStatus = SymSetOptions(SYMOPT_DEFERRED_LOADS | SYMOPT_UNDNAME | SYMOPT_LOAD_LINES);
        DWORD dwSymInitStatus = ERROR_SUCCESS;
        if (dwSymInitStatus = SymInitialize(hRemoteProcess, NULL, TRUE)) {
            dwInitializeError = ERROR_SUCCESS;
        } else {
            dwInitializeError = Marshal::GetLastWin32Error();
            System::Console::WriteLine( String::Format("SymInitialize failed: {0} error: {1}", dwSymInitStatus, dwInitializeError ));
            return false;
        }
        const int kMaxNameLength = 256;

        ULONG64 buffer[(sizeof(SYMBOL_INFO) + kMaxNameLength * sizeof(wchar_t) + sizeof(ULONG64) - 1) / sizeof(ULONG64)];
        memset(buffer, 0, sizeof(buffer));

        // Initialize symbol information retrieval structures.
        DWORD64 sym_displacement = 0;
        PSYMBOL_INFO symbol = reinterpret_cast<PSYMBOL_INFO>(&buffer[0]);
        symbol->SizeOfStruct = sizeof(SYMBOL_INFO);
        symbol->MaxNameLen = kMaxNameLength - 1;
        if( SymFromAddr(hRemoteProcess, (DWORD64)dwStartAddress, &sym_displacement, symbol ))
        {
            System::String^ name = gcnew System::String( symbol->Name );
            System::Console::WriteLine( String::Format("Found thread with ModuleName: {0}", name ));
            if( name->Contains( this->symbolName ))
            {
                return true;
            }
        }
        else
        {
            dwInitializeError = Marshal::GetLastWin32Error();
            System::Console::WriteLine( String::Format("SymFromAddr failed: {0}", dwInitializeError ));
        }
    }
    finally
    {
        CloseHandle(hRemoteProcess);
    }
    return false;
}

解决方案

Another reason, although probably not in this case, might be that the process is not fully started yet. In my debugger code I was calling SymInitialize immediately after WaitForDebugEvent returned a CREATE_PROCESS_DEBUG_EVENT event code. This gave 0x80000000D. Calling it a bit later (right before I needed a stack-walk) succeeded.

这篇关于SymInitialize失败，错误2147483661的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！