Hello,
I’ve recently started using kd, using the ‘Using Debugging tools’ as
documentation.
I’m using kd against a .NET Server RC1 with appropriate symbols.
However, when starting kd, the only loaded module is ntoskrnl:
kd> lm
start end module name
804dc000 806dfe00 nt (pdb symbols) E:\WINDOWS\Symbols\exe\ntoskrnl.pdb
Unloaded modules:
fb3ae000 fb3c1000 Parport.SYS
fc64b000 fc655000 imapi.sys
fc9a7000 fc9aa000 Sfloppy.SYS
Using kd on another machine, I’ve noticed that there are about 15 or 20
modules loaded at startup.
I did not find any mention in the documentation of a configuration file
or parameter that would control modules loaded at startup.
I’m probably missing something but what is the rule to load modules at
startup
I’ve been using the following command to load a new module :
kd> .reload /f C:\WINDOWS\system32\drivers\afd.sys
However, when I try to load DLL like ws2_32.dll, the previous command
sometimes works and sometimes it does not. I was not able to understand
why. Is there any particular reason?
My last question is about the !sd extension command. During debugging,
I’ve identified a pointer to a SECURITY_DESCRIPTOR structure.
However, when I try to use the !sd command to display it, the command
fails:
kd> !sd e1079398
*************************************************************************
***
*** Your debugger is not using the correct symbols
***
*** In order for this command to work properly, your symbol path
***
*** must point to .pdb files that have full type information.
***
***
*** Certain .pdb files (such as the public OS symbols) do not
***
*** contain the required information. Contact the group that
***
*** provided you with these symbols if you need this command to
***
*** work.
***
*************************************************************************
e1079398: Unable to get SD contents
However, displaying the value of the security descriptor with dt,
specifying SECURITY_DESCRIPTOR as type works:
kd> dt nt!_SECURITY_DESCRIPTOR e1079398
+0x000 Revision : 0x1 ‘’
+0x001 Sbz1 : 0 ‘’
+0x002 Control : 0x8004
+0x004 Owner : 0x00000014
+0x008 Group : 0x00000024
+0x00c Sacl : (null)
+0x010 Dacl : 0x00000030
As you can see, the security descriptor is valid (0x8004 for the Control means
SE_DACL_PRESENT || SE_SELF_RELATIVE).
I don’t really understand the error message because I have the correct
symbols.
Are there any special conditions to have a working !sd command?
Thanks in advance for your help,
Jean-Baptiste Marchand
xxxxx@hsc.fr
Hervé Schauer Consultants
http://www.hsc.fr/