 |
|
|
|
|
|
|
|
Windows内核调试
帖子发起人: 小兵 发起时间: 2010-11-15 21:46 下午 回复: 3
  
|
|
帖子排序:
|
|
|
|
 2010-11-15, 21:46 下午
|
小兵
注册: 2010-03-30
发 贴: 19
|
|
|
Windbg的符号路径已经正确设置,一些系统动态链接库文件的符号文件是正确匹配的(例如:ntdll.dll); 但是还有一些系统链接库文件,例如:kernel32.dll,一直没有找到匹配的符号文件,过程如下:
0:000> !sym noisy
noisy modeindb - symbol prompts on
0:000> .reload /f
Reloading current modules
.
DBGHELP: C:\WINDOWS\system32\KERNEL32.DLL is stripped. Searching for dbg file
DBGHELP: c:\symbols\symbols\kernel32.dbg - file not found
DBGHELP: c:\symbols\symbols\dll\kernel32.dbg - mismatched timestamp
DBGHELP: c:\symbols\symbols\symbols\dll\kernel32.dbg - path not found
SYMSRV: c:\symbols\tmpsymbols\kernel32.dbg\385134FEd5000\kernel32.dbg not found
SYMSRV: http://msdl.microsoft.com/download/symbols/kernel32.dbg/385134FEd5000/kernel32.dbg not found
SYMSRV: c:\symbols\tmpsymbols\kernel32.dbg\38447095d5000\kernel32.dbg not found
SYMSRV: http://msdl.microsoft.com/download/symbols/kernel32.dbg/38447095d5000/kernel32.dbg not found
DBGHELP: C:\WINDOWS\system32\kernel32.dbg - file not found
DBGHELP: C:\WINDOWS\system32\dll\kernel32.dbg - path not found
DBGHELP: C:\WINDOWS\system32\symbols\dll\kernel32.dbg - path not found
DBGHELP: c:\symbols\symbols\kernel32.pdb - file not found
*** WARNING: symbols timestamp is wrong 0x385134fe 0x3844d034 for C:\WINDOWS\system32\KERNEL32.DLL
DBGHELP: KERNEL32 - public symbols
c:\symbols\symbols\dll\kernel32.dbg
c:\symbols\symbols\DLL\kernel32.pdb
请问该如何解决?谢谢
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2010-11-15, 23:24 下午
|
格蠹老雷
注册: 2005-12-19
发 贴: 1,303
|
Re: 部分系统动态链接库文件找不到匹配的符号文件
|
|
|
|
|
|
从PDB的ID看, kernel32是比较老的版本, 请把version命令的结果贴上来看一下.
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2010-11-16, 11:46 上午
|
小兵
注册: 2010-03-30
发 贴: 19
|
Re: 部分系统动态链接库文件找不到匹配的符号文件
|
|
|
|
|
|
谢谢Raymond老师!
version命令的结果如下:
0:000> version
-------------------------------------------------------------------------
Windows 2000 Version 2195 UP Free x86 compatible
Product: Server
Machine Name:
Debug session time:
...
Live user mode: <Local>
Microsoft (R) Windows Debugger Version 6.11.0001.404 X86
Copyright (c) Microsoft Corporation. All rights reserved.
command line: '"C:\Program Files\Debugging Tools for Windows (x86)\windbg.exe" ' Debugger Process 0x2A4
dbgeng: image 6.11.0001.404, built Thu Feb 26 09:55:43 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbgeng.dll]
dbghelp: image 6.11.0001.404, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbghelp.dll]
DIA version: 11212
Extension DLL search Path:...
Extension DLL chain:
dbghelp: image 6.11.0001.404, API 6.1.6, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\dbghelp.dll]
ext: image 6.11.0001.404, API 1.0.0, built Thu Feb 26 09:55:30 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\winext\ext.dll]
uext: image 6.11.0001.404, API 1.0.0, built Thu Feb 26 09:55:26 2009
[path: C:\Program Files\Debugging Tools for Windows (x86)\winext\uext.dll]
ntsdexts: image 5.00.2195.6618, built Tue Nov 19 08:21:06 2002
[path: C:\Program Files\Debugging Tools for Windows (x86)\W2KFre\ntsdexts.dll]
-------------------------------------------------------------------------
kernel32的版本是5.0.2191.1 (由文件的属性查得)
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
2010-11-19, 21:31 下午
|
格蠹老雷
注册: 2005-12-19
发 贴: 1,303
|
Re: 部分系统动态链接库文件找不到匹配的符号文件
|
|
|
|
|
|
如果要解决的问题一定要在这样的版本上才能重现,那么可以尝试下载符号包:
http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx
|
|
|
|
IP 地址: 已记录
|
报告
|
|
|
|
|
高端调试 » 软件调试 » Windows内核调试 » Re: 部分系统动态链接库文件找不到匹配的符号文件
|
|
|
|
|
|