Actually I have couple questions in this note -
I have a blue screen from some client ( supposedly using NT4.0 + SP6a)
When I load under 6.0.007.x version ( that is I suppose the previous
version of the present 6.0.017.x beta). It throws up quite a bit of
warning(s), can not load the context, etc, etc. Finally says most of the
command would not work etc. etc. But this gives the image version and says
something like NT 4.0 (build 1381) sp 6 (200 ) release candidate. is some
accentuated character, very likely special char. And obviously stack
commands ( k, kb … ) does not work.
When I try to load it under an old debugger(win-bag), form 1999 platform
sdk it is quite, very very quite, and gives me some stack ( two activation
records). But the problem is that it does not load sym file that are from
Visual C++ 6.0 build environment ( driver is under nt4.0 ddk build). It
always deferred this. What could possibly the problem ??
Also I know there is a handy command, I could not find it, to get the time
stamp by using the hex. , and produces string.
thanx
-prokash
Your symbols are not set up properly for NT 4.0 using the current debugger.
That’s what it means when it says “cannot load symbols for…” in the
command window and “GetContext failed” in the other windows.
Try “!sym noisy” to look at where it is searching for the symbols. Keep in
mind that the NT 4.0 symbols are NOT on the Microsoft symbol server so you
have to have them on your own system - and you should NOT keep the kernel
symbols in a symbol store because it doesn’t work on NT 4.0 for the kernel
symbols. Instead, point the crash at the right symbols.
And I have a standing offer to look at anyone’s crash dump provided they
give me permission to use the dump in my kernel debug class.
Regards,
Tony
Tony Mason
Consulting Partner
OSR Open Systems Resources, Inc.
http://www.osr.com
-----Original Message-----
From: xxxxx@garlic.com [mailto:xxxxx@garlic.com]
Sent: Tuesday, June 25, 2002 3:14 PM
To: Kernel Debugging Interest List
Subject: [windbg] Windbg versions and different behavior(s)
Actually I have couple questions in this note -
I have a blue screen from some client ( supposedly using NT4.0 + SP6a)
When I load under 6.0.007.x version ( that is I suppose the previous
version of the present 6.0.017.x beta). It throws up quite a bit of
warning(s), can not load the context, etc, etc. Finally says most of the
command would not work etc. etc. But this gives the image version and says
something like NT 4.0 (build 1381) sp 6 (200 ) release candidate.
is some
accentuated character, very likely special char. And obviously stack
commands ( k, kb … ) does not work.
When I try to load it under an old debugger(win-bag), form 1999 platform
sdk it is quite, very very quite, and gives me some stack ( two activation
records). But the problem is that it does not load sym file that are from
Visual C++ 6.0 build environment ( driver is under nt4.0 ddk build). It
always deferred this. What could possibly the problem ??
Also I know there is a handy command, I could not find it, to get the time
stamp by using the hex. , and produces string.
thanx
-prokash
—
You are currently subscribed to windbg as: xxxxx@osr.com
To unsubscribe send a blank email to %%email.unsub%%
Hey, I sent you one 2 years ago. You thought it was so interesting you sent
me a cup … which I broke … :(.
You didn’t have any T-shirts that fit us full figured folk at the time. 
I always wondered if you ever figured out why I was getting such a strange
dump. It turns out the base cause was allocating sizeof(myStruct *) and
using sizeof(myStruct). Oh Goo’ness that was nasty!
–
Gary G. Little
xxxxx@broadstor.com
xxxxx@inland.net
“Tony Mason” wrote in message news:xxxxx@windbg…
>
> Your symbols are not set up properly for NT 4.0 using the current
debugger.
> That’s what it means when it says “cannot load symbols for…” in the
> command window and “GetContext failed” in the other windows.
>
> Try “!sym noisy” to look at where it is searching for the symbols. Keep
in
> mind that the NT 4.0 symbols are NOT on the Microsoft symbol server so you
> have to have them on your own system - and you should NOT keep the kernel
> symbols in a symbol store because it doesn’t work on NT 4.0 for the kernel
> symbols. Instead, point the crash at the right symbols.
>
> And I have a standing offer to look at anyone’s crash dump provided they
> give me permission to use the dump in my kernel debug class.
>
> Regards,
>
> Tony
>
> Tony Mason
> Consulting Partner
> OSR Open Systems Resources, Inc.
> http://www.osr.com
>
>
> -----Original Message-----
> From: xxxxx@garlic.com [mailto:xxxxx@garlic.com]
> Sent: Tuesday, June 25, 2002 3:14 PM
> To: Kernel Debugging Interest List
> Subject: [windbg] Windbg versions and different behavior(s)
>
> Actually I have couple questions in this note -
>
> I have a blue screen from some client ( supposedly using NT4.0 + SP6a)
>
> When I load under 6.0.007.x version ( that is I suppose the previous
> version of the present 6.0.017.x beta). It throws up quite a bit of
> warning(s), can not load the context, etc, etc. Finally says most of the
> command would not work etc. etc. But this gives the image version and says
> something like NT 4.0 (build 1381) sp 6 (200 ) release
candidate.
> is some
> accentuated character, very likely special char. And obviously stack
> commands ( k, kb … ) does not work.
>
> When I try to load it under an old debugger(win-bag), form 1999 platform
> sdk it is quite, very very quite, and gives me some stack ( two activation
> records). But the problem is that it does not load sym file that are from
> Visual C++ 6.0 build environment ( driver is under nt4.0 ddk build). It
> always deferred this. What could possibly the problem ??
>
> Also I know there is a handy command, I could not find it, to get the time
> stamp by using the hex. , and produces string.
>
> thanx
> -prokash
>
> —
> You are currently subscribed to windbg as: xxxxx@osr.com
> To unsubscribe send a blank email to %%email.unsub%%
>
>