Login/Register
Error:Symbol File not found in WinDbg
Asked Answered
windbg
S

2

7

I am doing remote debugging of windows vista using VmWare , but i encounter the 

*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrpamp.exe "

also , if i give "!process 0 0 " in windbg , i get 

**** NT ACTIVE PROCESS DUMP **** NT symbols are incorrect, please fix symbols

I tried setting _NT_SYMBOL_PATH to "symsrv*symsrv.dll*c:\symbols*http://msdl.microsoft.com/download/symbols" (This was given in http://support.microsoft.com/kb/311503/) , then i changed the symbol file path of windbg to "srv*C:\Symbols\MsSymbols*http://msdl.microsoft.com/download/symbols" , but even after that i get the same errors, when i run symchk.exe to download symbols, i could get a lot of FAILED messages. when i try to reload using .reload after running !sym noisy, i get 

Connected to Windows Vista 6000 x86 compatible target at (Sat Jan 28 16:52:23.839 2012 (GMT+5)), ptr64 FALSE
SYMSRV:  The system cannot find the file specified.
SYMSRV:  The system cannot find the file specified.
SYMSRV:  The system cannot find the file specified.
SYMSRV:  c:\symbols\mssymbols\ntkrpamp.pdb\FD50D285751D4684938604B2CC1B41682\ntkrpamp.pdb not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.pdb/FD50D285751D4684938604B2CC1B41682/ntkrpamp.pdb not found
DBGHELP: ntkrpamp.pdb - file not found
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrpamp.exe - 
DBGHELP: nt - export symbols
Loading Kernel Symbols
...............................................................
................................................................
............
Loading User Symbols

Loading unloaded module list
....

But still when i try to run !process 0 0 , i get an error saying incorrect symbols

Thanks for your help and time in advance..

Sylviesylvite answered 28/1, 2012 at 11:32 Comment(8)
Why does this matter? Do you want to debug your code or do you want to debug the operating system?Hornet
debug the drivers..i am running a setup where the target OS (vista) runs in a vmware and i have a host Win7 OSSylviesylvite
It really, really matters, actually. Without symbols for the NT module (which is the Kernel and Executive Subsystems) the debugger is useless. Sure, you can debug your own module, but you can't inspect the overall state of the system (which is pretty important when doing kernel level debugging).Diviner
Can you otherwise get to the symbol server? Say attach a user-mode debugger to explorer.exe, do you get MS symbols for that? Are you running pre-release/beta/patched version of Vista?Kindig
@jcopenha:No i tried user mode debugging too, it fails..am running Windows vista home premium.Sylviesylvite
Looks like the symbols server cannot reach Microsoft repository. Can you open msdl.microsoft.com/download/symbols/error.htm in a browser ?Dorise
I have the same problem, I guess Microsoft remove that symbol from his server.Edyth
Possible duplicate of How to set up symbols in WinDbg?Strew
D
9

Your fixed symbol path looks good to me, that first path was entirely incorrect. Can you try the following commands and see if it works?

.symfix c:\websymbols
.reload /o

If that doesn't work, are you running and official version on the target? As in, it's not a Beta release or something, right? You might also want to rule out any networking issues.

Diviner answered 28/1, 2012 at 22:32 Comment(2)
I tried this too...it didnt work..am checking out for some networking issues..maybe firewall or AVSylviesylvite
Solved it for me, when debugging a Win 8.1 machine from a Win 7 one.Toland
O
0

I've encountered the same problems. It is that My IE browser cannt connect Internet(while others could) causing the windbg return ERROR_CANNOT_CONNECT_INTERNET resulting pdb-file cannot be found..

SYMSRV:  BYINDEX: 0x5
     d:\symbolslocal*http://msdl.microsoft.com/download/symbols
     ntdll.dll
     4CE7B96E13c000
SYMSRV:  d:\symbolslocal\ntdll.dll\4CE7B96E13c000\ntdll.dll - file not found
SYMSRV:  HTTPGET: /download/symbols/ntdll.dll/4CE7B96E13c000/ntdll.dll
SYMSRV:  HttpSendRequest: 12029 - ERROR_INTERNET_CANNOT_CONNECT
SYMSRV:  d:\symbolslocal\ntdll.dll\4CE7B96E13c000\ntdll.dll not found          

SYMSRV:http://msdl.microsoft.com/download/symbols/ntdll.dll/4CE7B96E13c000/ntdll.dll not found
DBGHELP: E:\Program Files (x86)\Windows Kits\10\Debuggers\x64\ntdll.dll - file not found
DBGHELP: E:\Program Files (x86)\Windows Kits\10\Debuggers\x64\ntdll.dll - file not found
DBGENG:  ntdll.dll - Image mapping disallowed by non-local path.
DBGHELP: No debug info for ntdll.dll.  Searching for dbg file
SYMSRV:  BYINDEX: 0x6
     d:\symbolslocal*http://msdl.microsoft.com/download/symbols
     ntdll.dbg
     4CE7B96E13c000
SYMSRV:  d:\symbolslocal\ntdll.dbg\4CE7B96E13c000\ntdll.dbg - file not found
SYMSRV:  HTTPGET: /download/symbols/ntdll.dbg/4CE7B96E13c000/ntdll.dbg
SYMSRV:  HttpSendRequest: 12029 - ERROR_INTERNET_CANNOT_CONNECT
SYMSRV:  d:\symbolslocal\ntdll.dbg\4CE7B96E13c000\ntdll.dbg not found
SYMSRV:       http://msdl.microsoft.com/download/symbols/ntdll.dbg/4CE7B96E13c000/ntdll.dbg not found
DBGHELP: .\ntdll.dbg - file not found
DBGHELP: .\dll\ntdll.dbg - path not found
DBGHELP: .\symbols\dll\ntdll.dbg - path not found
DBGHELP: ntdll.dll missing debug info.  Searching for pdb anyway
DBGHELP: Can't use symbol server for ntdll.pdb - no header information available
DBGHELP: ntdll.pdb - file not found
*** ERROR: Module load completed but symbols could not be loaded for ntdll.dll

So just fix IE problem, then windbg will work fine. About how to fix IE problem, open 'Internet Options' --- > 'Connection' ---> delete all connections -----> restart the IE ----> IE OK

Then windbg can access Internet now, it can download symbol files now.

IE cannot access INTERNET may cause many probs in many programs.Hope it helps.

Overlive answered 31/12, 2016 at 0:59 Comment(0)

© 2022 - 2024 — McMap. All rights reserved.