WARNING: Unable to verify checksum

While debugging a kernel dump, one of my user land libraries warned about
not being able to verify checksum.

How serious is this error and how should I rectify it.

======================================================================
DBGHELP: FindExecutableImageEx-> Searching c:\mydir for my.dll…
DBGHELP: FindExecutableImageEx-> Looking for c:\mydir\my.dll… OK
found
DBGHELP: LoadCodeViewSymbols:
hProcess F0F0F0F0
mi 00955A88
pCvData 0A82F280
dwSize 81924
DBGHELP: codeview symbols loaded
*** WARNING: Unable to verify checksum for my.dll

1: kd> !lmi 10000000
Loaded Module Info: [10000000]
Module: my
Base Address: 10000000
Image Name: my.dll
Machine Type: 332 (I386)
Time Stamp: 3b63cd4c Sun Jul 29 01:46:04 2001
CheckSum: 0
Characteristics: 2106
Debug Data Dirs: Type Size VA Pointer
COFF 1a970, 0, 34800 NumSyms 0x444b5354, Numlines
0xff
MISC 110, 0, 4f170 [Data not mapped]
CODEVIEW 81924, 0, 4f280 [Data not mapped] - can’t
validate symbols, if present.
Image Type: FILE - Image read successfully from symbol search path.
c:\mydir\my.dll
Symbol Type: CV - No error - symbol load deferred from image path.


You are currently subscribed to windbg as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-windbg-$subst(‘Recip.MemberIDChar’)@lists.osr.com

The message means that the debugger cannot find the data needed to
verify if the symbols match the binary. If the symbol is located in
your sympath then the debugger will load it anyway and provide you with
this message to warn you.

This can be one of 2 issues:

  1. The data may be paged out. This happens as part of normal OS
    operation. There is no workaround.
  2. You may have hit a known issue with some linkers. This issue
    places the debug information at the end of the file and but doesn’t
    adjust the image size information used by the PE loader to map the
    binary. This results in the debug information not being included in the
    mapping and therefore never making it into memory. There are 2 work
    arounds for this issue. First you can change your linker to one that
    doesn’t do this (sorry I don’t have the info as to which versions
    do/don’t do this). Second you can split your binary so the debug
    information normally in the binary is in a DBG file instead. In this
    method you wind up with a PDB and a DBG file and both are needed by the
    debugger.

Good luck

-----Original Message-----
From: Joshi, Venu [mailto:xxxxx@exchange.SanDiegoCA.NCR.COM]
Sent: Monday, July 30, 2001 9:46 PM
To: Kernel Debugging Interest List
Subject: [windbg] WARNING: Unable to verify checksum

While debugging a kernel dump, one of my user land libraries warned
about
not being able to verify checksum.

How serious is this error and how should I rectify it.

======================================================================
DBGHELP: FindExecutableImageEx-> Searching c:\mydir for my.dll…
DBGHELP: FindExecutableImageEx-> Looking for c:\mydir\my.dll… OK
found
DBGHELP: LoadCodeViewSymbols:
hProcess F0F0F0F0
mi 00955A88
pCvData 0A82F280
dwSize 81924
DBGHELP: codeview symbols loaded
*** WARNING: Unable to verify checksum for my.dll

1: kd> !lmi 10000000
Loaded Module Info: [10000000]
Module: my
Base Address: 10000000
Image Name: my.dll
Machine Type: 332 (I386)
Time Stamp: 3b63cd4c Sun Jul 29 01:46:04 2001
CheckSum: 0
Characteristics: 2106
Debug Data Dirs: Type Size VA Pointer
COFF 1a970, 0, 34800 NumSyms 0x444b5354, Numlines
0xff
MISC 110, 0, 4f170 [Data not mapped]
CODEVIEW 81924, 0, 4f280 [Data not mapped] - can’t
validate symbols, if present.
Image Type: FILE - Image read successfully from symbol search
path.
c:\mydir\my.dll
Symbol Type: CV - No error - symbol load deferred from image
path.


You are currently subscribed to windbg as: xxxxx@microsoft.com
To unsubscribe send a blank email to leave-windbg-$subst(‘Recip.MemberIDChar’)@lists.osr.com


You are currently subscribed to windbg as: $subst(‘Recip.EmailAddr’)
To unsubscribe send a blank email to leave-windbg-$subst(‘Recip.MemberIDChar’)@lists.osr.com