so the kernel was "6001.18000.amd64fre.longhorn_rtm.080118-1840".
I tried setting WinDbg to load sysmbols across the Internet
from Microsoft's symbol server. But I got errors like the following:
ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Kernel symbols are WRONG. Please fix symbols to do analysis.
Your debugger is not using the correct symbols
Type referenced: nt!_KPRCB
So I decided to download the symbols, from here:
http://www.microsoft.com/whdc/devtools/debugging/symbolpkg.mspx
I extracted them onto my hard drive, updated my symbols path,
but I still got the same errors.
I discovered that to fix this, you need to go into
the SYMBOLS\EXE folder and copy file 'ntkrnlmp.pdb'
to 'ntoskrnl.pdb'.
4 comments:
This is very helpful!
You are the man. It fixed it. Thanks.
This is old news, but it sounds like my prob. Nigel, I hate 2 sound obtuse, but since both pdb files reside in the symbols\exe folder, I'm not sure what u mean by copy ntkrnlmp to ntoskrnl. Can u elaborate? Thanks!
In my case, the 'ntoskrnl.pdb' file did not already exist, but I did have a file 'ntkrnlmp.pdb', so I created the 'ntoskrnl.pdb' by copying from file 'ntkrnlmp.pdb'. If you already have a 'ntoskrnl.pdb' it looks like you have a different problem...
Post a Comment