Skip to content

Windbg – How to fix symbols errors for Windows 7

20/01/2014

Symbols change by OS and Service pack.  The first step is to doublecheck the service pack you’re on.

Step 1 – Noisy symbols

Start windbag – in the command line type:

!sym noisy

noisyGet as much info as we can

.symfix

.symfix will display the curent symbol path

symfix

Add a new path to the symfix file

.symfix + new path

.symfix + c:\symbols

 

Note – if you use .symfix without a +, then it CHANGES the symbol path. Rather than multiple sources of symbol files, only a single location would exist.

symbols jan

.reload   or

.reload /f

reload

******

Step 2 – Check the symbols paths being used

.sympath

sympath

This DISPLAYS the current path.  Are there any typos? Make sure it connects to 1. Microsoft Symbols Server 2. c:\symbols 3. c:\program files\Debugging Tools for Windows (x86)\sym

symbols c drive

*****

Step 3 – Use the Microsoft Symbol Server

File > Symbol File path

.sympath SRV*c:\symbols*http://msdl.microsoft.com/download/symbols

Warning: the M$ directory has an f drive for symbols.  You probably have a c:\symbols… You’ll need to check this and edit the symbol search path.

path

Cut and paste this into the Symbol Search path to see if it helps:

.SRV*C:\sym*http://msdl.microsoft.com/download/symbols/;SRV*C:\Symbols*http://msdl.microsoft.com/download/symbols + .SRV*C:\websymbols*http://msdl.microsoft.com/download/symbols +  SRV*C:\Symbols + .SRV*C:\Program Files\Debugging Tools for Windows (x86)\sym

Reference

http://support.microsoft.com/kb/311503

Multiple paths listed:

symbols full server path

******

Step 4 – NT Path Variable

Open a cmd shell and paste this in:

Set _NT_SYMBOL_PATH = symsrv*symsrv.dll*c:\symbols*http://msdl.microsoft.com/download/symbols

nu

or, you can use the GUI for this step:

My Computer > Right click on My Computer > Last option (Properties).

Advanced Option Tab

(Look at Right hand bottom corner ) > Environment Variables Button

enviro

This is the Environment Variables screen:

NEW > User Variable

varsRemember to edit the dodgy F:\ drive that is in the M$ path.

user var

Using the cmd shell is much easier.

****

Background info:

Set _NT_SYMBOL_PATH = symsrv*symsrv.dll*f:\localsymbols*http://msdl.microsoft.com/download/symbols  (or)

Set _NT_SYMBOL_PATH = symsrv*symsrv.dll*c:\symbols*http://msdl.microsoft.com/download/symbols

You may still get errors.  If you do, then downloading the entire symbol table may be the easiest.

M$ are great at telling us how wonderful things are… and all we want is things to work first time, everytime.  The concept of FLAWLESS computing is the one ideal that we all want instead.

Plan B – Download updated symbols table (209mb download for XP Sp3)

This is the “belt and braces approach”.  You must reboot for the symbols to be available.

http://msdn.microsoft.com/en-us/windows/hardware/gg463028

http://msdn.microsoft.com/en-us/windows/hardware/gg463028#Download_windows

symbols

*****

How to use Wildcards using Symbols – Search for Tokens

Wildcards are very powerful.  The ! means the NT kernel.

x    module!symbols

x *!*some*

Search for a symbol with “some* in it.  If the symbol is an exported function, the results contains both the module implementing it, as well as the modules importing it (prefixed by _imp string).

x *!*NtOpenThreadToken*

x *!*Token*

symbols tokens

The memory address is displayed.

Advertisements
Leave a Comment

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: