我在目标中使用主机部署和调试驱动程序(win10 virtualbox,通过serialport 1,baudrate:115200),我可以将驱动程序加载到目标并使用命令“!lmi filedisk”进行检查,它已被加载。但它没有达到任何突破点。 我检查了“.reload -f”然后出现了:
kd> .sympath
Symbol search path is: http://referencesource.microsoft.com/symbols;https://msdl.microsoft.com/download/symbols;srv*
Expanded Symbol search path is: http://referencesource.microsoft.com/symbols;https://msdl.microsoft.com/download/symbols;cache*;SRV*https://msdl.microsoft.com/download/symbols
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred http://referencesource.microsoft.com/symbols
Deferred https://msdl.microsoft.com/download/symbols
Deferred srv*
kd> .reload -f
Connected to Windows 10 14393 x64 target at (Fri Apr 28 23:01:42.142 2017 (UTC + 7:00)), ptr64 TRUE
Loading Kernel Symbols
..
Press ctrl-c (cdb, kd, ntsd) or ctrl-break (windbg) to abort symbol loads that take too long.
Run !sym noisy before .reload to track down problems loading symbols.
..........*** ERROR: Symbol file could not be found. Defaulted to export symbols for clipsp.sys -
................................*** ERROR: Symbol file could not be found. Defaulted to export symbols for VBoxGuest.sys -
...................
................*** ERROR: Symbol file could not be found. Defaulted to export symbols for VBoxSF.sys -
.......*** ERROR: Module load completed but symbols could not be loaded for FileDisk.SYS
...*** ERROR: Module load completed but symbols could not be loaded for windrvr1230.sys
.......*** ERROR: Symbol file could not be found. Defaulted to export symbols for VBoxMouse.sys -
..*** ERROR: Symbol file could not be found. Defaulted to export symbols for VBoxVideoW8.sys -
....*** ERROR: Symbol file could not be found. Defaulted to export symbols for drmk.sys -
.........*** ERROR: Module load completed but symbols could not be loaded for MadBus.sys
................
..........................*** ERROR: Module load completed but symbols could not be loaded for peauth.sys
.......
Loading User Symbols
Loading unloaded module list
.......Unable to enumerate user-mode unloaded modules, Win32 error 0n30
************* Symbol Loading Error Summary **************
Module name Error
clipsp The system cannot find the file specified : http://referencesource.microsoft.com/symbols
Signature does not match : C:\Users\3aoThinh95\AppData\Local\DBG\sym\clipsp.pdb\82BF23951435468AA821A930107751181\clipsp.pdb
Signature does not match : C:\Users\3aoThinh95\AppData\Local\DBG\sym\clipsp.pdb\2B15CA722B65427FAB9EF42232CFD9BD1\clipsp.pdb
Signature does not match : C:\Users\3aoThinh95\AppData\Local\DBG\sym\clipsp.pdb\82BF23951435468AA821A930107751181\clipsp.pdb
VBoxGuest The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
VBoxSF The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
FileDisk The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
windrvr1230 The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
VBoxMouse The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
VBoxVideoW8 The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
drmk The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
MadBus The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
peauth The system cannot find the file specified : http://referencesource.microsoft.com/symbols
The system cannot find the file specified : https://msdl.microsoft.com/download/symbols
PDB not found : cache*
The system cannot find the file specified : SRV*https://msdl.microsoft.com/download/symbols
You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
You should also verify that your symbol search path (.sympath) is correct.
我该如何解决这个问题?
答案 0 :(得分:1)
这是第三方驱动程序/ DLL(一些来自Oracle VirtualBox和其他第三方DLL),这些驱动程序在Microsoft Symbol Server上不可用。
drmk.sys是Microsoft受信任的音频驱动程序,对于某些音频/ DRM相关文件,Microsoft也没有提供PDB来防止逆向工程。
对于您自己的驱动程序,您必须将自己的PDB添加到符号搜索路径中。
答案 1 :(得分:0)
似乎符号路径中的所有目录都不包含此驱动程序的符号文件。这就是为什么不能设置断点的原因。
确保在目录中有此驱动程序符号,然后通过执行命令.sympath + [符号目录的完整路径]将此目录添加为符号路径的一部分