stackoom
  简体   繁体   中英

*** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrnlmp.exe

 原文  2017-05-02 19:09:31       windows/ debugging/ windbg

Question

Hello Stackoverflow community,

I am trying to debug an application on Windows 10 and require windows debugger framework to load symbols to run certain commands in the (windows kernel debugger) kd.

Each time I load the kernel debugger (kd) on the command prompt by typing kd -kl (NOTE: you would need to enable bcdedit -debug on for it to work), I get the below stack trace: 

Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.

Connected to Windows 10 10240 x64 target at (Tue May  2 18:26:51.800 2017 (UTC - 7:00)), ptr64 TRUE
Symbol search path is: srv*
Executable search path is:
*** ERROR: Symbol file could not be found.  Defaulted to export symbols for ntkrnlmp.exe -
Windows 10 Kernel Version 10240 MP (6 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 10240.17354.amd64fre.th1_st1.170327-1827
Machine Name:
Kernel base = 0xfffff803`1da07000 PsLoadedModuleList = 0xfffff803`1dd2c070
Debug session time: Tue May  2 18:26:53.740 2017 (UTC - 7:00)
System Uptime: 0 days 0:50:43.754
lkd>
  • At first glance, it appears that my sympath is not configured.
  • I configure it to point to a path on my file system (see next point).

  • .sympath srv*C:\\symbols*https://msdl.microsoft.com/download/symbols

  • Now, I set !sym noisy and do a .reload and I get the following trace

    lkd> !sym noisy noisy mode - symbol prompts off lkd> .reload Connected to Windows 10 10240 x64 target at (Tue May 2 18:41:38.542 2017 (UTC - 7:00)), ptr64 TRUE SYMSRV: BYINDEX: 0x3 c:\\symbols*https://msdl.microsoft.com/download/symbols ntkrnlmp.pdb 30D698E116494C24A48409E2A73883CF1 SYMSRV: c:\\symbols\\ntkrnlmp.pdb\\30D698E116494C24A48409E2A73883CF1\\ntkrnlmp.pdb - file not found SYMSRV: HTTPGET: /download/symbols/ntkrnlmp.pdb/30D698E116494C24A48409E2A73883CF1/ntkrnlmp.pdb SYMSRV: HttpQueryInfo: 404 - HTTP_STATUS_NOT_FOUND SYMSRV: HTTPGET: /download/symbols/ntkrnlmp.pdb/30D698E116494C24A48409E2A73883CF1/ntkrnlmp.pd_ SYMSRV: HttpQueryInfo: 404 - HTTP_STATUS_NOT_FOUND SYMSRV: HTTPGET: /download/symbols/ntkrnlmp.pdb/30D698E116494C24A48409E2A73883CF1/file.ptr SYMSRV: HttpQueryInfo: 404 - HTTP_STATUS_NOT_FOUND SYMSRV: c:\\symbols\\ntkrnlmp.pdb\\30D698E116494C24A48409E2A73883CF1\\ntkrnlmp.pdb not found SYMSRV: https://msdl.microsoft.com/download/symbols/ntkrnlmp.pdb/30D698E116494C24A48409E2A73883CF1/ntkrnlmp.pdb not found DBGHELP: ntkrnlmp.pdb - file not found *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrnlmp.exe - DBGHELP: nt - export symbols Loading Kernel Symbols ............................................................... ................................................................ ......... Loading User Symbols

************* Symbol Loading Error Summary ************** 

Module name            Error
SharedUserData         No error - symbol load deferred
                                Symbol loading has been deferred because this symbol is not needed
                                at this time. Use reload /f to force load symbols.

ntkrnlmp               The system cannot find the file specified
                                The SYMSRV client failed to find a file in the UNC store, or there
                                is an invalid UNC store (an invalid path or the pingme.txt file is
                                not present in the root directory), or the file is present in the
                                symbol server exclusion list.

I also tried performing the steps explained in ERROR: Symbol file could not be found. windbg.exe and Error:Symbol File not found in WinDbg but no luck. I get errors that indicate several 404 errors.

It always points to this file ntkrnlmp.exe and says its missing(or not found).

Has anyone faced similar issues in the past? If so, what can I do to get this fixed?

1 answers

solution1
 2  2017-05-06 04:18:34

The sympath you configured is correct. I think it is very likely because Microsoft has not uploaded the PDB symbol to their symbol servers. Typically new symbols will be available a few days after each Patch Tuesday. (It may become faster in the future.[1]) For your situation, I suggest you to report this issue to Microsoft WinDbg team at windbgfb@microsoft.com with the trace info you posted here.

[1] https://twitter.com/aluhrs13/status/842590084952088580
[2] The email address comes from this page .

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question SymFromAddr returns “The specified module could not be found.” PHP / cURL on Windows install: "The specified module could not be found." Ruby gem 'ruby oci8' returning Error: 'OCI.DLL: 126(The specified module could not be found. ) (LoadError)' Symbols for “ntdll.dll” could not be downloaded from Microsoft Symbol Servers Error MSB3030 Could not copy the file "C:\Users\...\WebApi3\obj\Debug\netcoreapp3.0\webapi3.exe" because it was not found gammaray.exe - System Error: The code execution cannot proceed because Qt5Widgetsd.dll was not found. Reinstalling the program my fix this problem Jenkins Error: No test report files were found. Configuration error? python Windows “ImportError: DLL load failed: The specified module could not be found.” When loading compiled extension How to fix "ImportError: DLL load failed while importing _arpack: The specified procedure could not be found."? How can i solve VBoxManage.exe: error: Format autodetect failed: VERR_FILE_NOT_FOUND
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM