windbg配置符号文件

qq_44728033 2020-04-10 09:42:14

版本：windows 10
版本号：1909
操作系统版本：18363.592
（1）编辑环境变量，Path设置为windbg路径：C:\Program Files (x86)\Windows Kits\10\Debuggers\x64，新建变量_NT_SYMBOL_PATH，值设置为SRV*C:\mysymbol* http://msdl、microsoft、com/download/symbols
（2）重启计算机发现C盘并没有新建文件夹mysymbol
（3）启动windbg连接一个进程，输入!heap结果：
0:024> !heap
*************************************************************************
*** ***
*** ***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
*** ***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: ntdll!_HEAP_ENTRY ***
*** ***
*************************************************************************
Invalid type information
输入： .sympath SRV*C:\mysymbol* http://msdl、microsoft、com/download/symbols
0:024> .sympath SRV*C:\mysymbol* http://msdl、microsoft、com/download/symbols
Symbol search path is: SRV*C:\mysymbol* http://msdl、microsoft、com/download/symbols
Expanded Symbol search path is: srv*c:\mysymbol* http://msdl、microsoft、com/download/symbols

************* Path validation summary **************
Response Time (ms) Location
Deferred SRV*C:\mysymbol* http://msdl、microsoft、com/download/symbols

输入：.reload
0:024> .reload
Reloading current modules
................................................................
.................................

************* Symbol Loading Error Summary **************
Module name Error
ntdll The system cannot find the file specified

You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
You should also verify that your symbol search path (.sympath) is correct.

这里卡了我好几天了，百度上的方法都试过了，还是不行，求大佬帮忙看看

...全文

2129 6 打赏收藏转发到动态举报

写回复

用AI写文章

6 条回复

切换为时间正序

请发表友善的回复…

发表回复

qq_44728033 2020-04-14

打赏
举报

引用 5 楼 zara 的回复:

刚才试了下，也是找不到，到微软网站去也是找不到。我是 win7 32位，难道这也被停止支持了？不至于吧？
!sym noisy 命令后再加载，提示类似：
SYMSRV: m:\symbols\kernelbase.pdb\59D5EEBCB6B044C7A1572DAE49752E1D2\kernelbase.pdb not found
SYMSRV: http://msdl.microsoft.com/download/symbols/kernelbase.pdb/59D5EEBCB6B044C7A1572DAE49752E1D2/kernelbase.pdb not found
DBGHELP: C:\Windows\system32\kernelbase.pdb - file not found
DBGHELP: kernelbase.pdb - file not found
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Windows\system32\KERNELBASE.dll -
DBGHELP: KERNELBASE - export symbols
SYMSRV: 与服务器的连接被重置

系统的都是这样的。能到这样，说明设置得是没错的吧。

我设置的时候一点流量都一点流量都不走，文件目录里也什么都没有，本以为用离线包呢，结果官网前年就不提供离线符号包了。

zara 2020-04-12

打赏
举报

刚才试了下，也是找不到，到微软网站去也是找不到。我是 win7 32位，难道这也被停止支持了？不至于吧？
!sym noisy 命令后再加载，提示类似：
SYMSRV: m:\symbols\kernelbase.pdb\59D5EEBCB6B044C7A1572DAE49752E1D2\kernelbase.pdb not found
SYMSRV: http://msdl.microsoft.com/download/symbols/kernelbase.pdb/59D5EEBCB6B044C7A1572DAE49752E1D2/kernelbase.pdb not found
DBGHELP: C:\Windows\system32\kernelbase.pdb - file not found
DBGHELP: kernelbase.pdb - file not found
*** ERROR: Symbol file could not be found. Defaulted to export symbols for C:\Windows\system32\KERNELBASE.dll -
DBGHELP: KERNELBASE - export symbols
SYMSRV: 与服务器的连接被重置

系统的都是这样的。能到这样，说明设置得是没错的吧。

qq_44728033 2020-04-12