SymInitialize失败,错误为2147483661

SymInitialize failed with error 2147483661

本文关键字:2147483661 错误 失败 SymInitialize      更新时间:2023-10-16

知道为什么会发生这种情况吗?该方法对当前进程完美工作,对在同一台本地机器上运行的远程进程失败,对我来说,垃圾错误代码为2147483661(0x80000000D),因为任何地方都没有关于这个特定错误代码的提示,或者我遗漏了什么?。此外,我觉得;由于SymInitialize本身发生故障,SymFromAddr也发生故障。我说得对吗?

有问题的进程以管理员身份运行,并且具有SeDebug和SeSecurity权限。

bool DbgHelpWrapper::MatchTargetSymbol( IntPtr processHandle, int procId, int threadId )
{
    DWORD dwStartAddress;
    DWORD dwInitializeError;
    DWORD dwThreadID = static_cast<DWORD>(threadId);
    DWORD dwProcessId = static_cast<DWORD>(procId);
    HANDLE hRemoteProcess = OpenProcess( PROCESS_ALL_ACCESS, FALSE, dwProcessId );
    if (GetThreadStartAddress( processHandle, dwProcessId, dwThreadID, &dwStartAddress ))
    {
        dwInitializeError = ERROR_SUCCESS;
    } else {
        dwInitializeError = Marshal::GetLastWin32Error();
        System::Console::WriteLine( String::Format("GetThreadStartAddress failed: {0}", dwInitializeError ));
    }
    try
    {
        DWORD dwSymSetOptStatus = SymSetOptions(SYMOPT_DEFERRED_LOADS | SYMOPT_UNDNAME | SYMOPT_LOAD_LINES);
        DWORD dwSymInitStatus = ERROR_SUCCESS;
        if (dwSymInitStatus = SymInitialize(hRemoteProcess, NULL, TRUE)) {
            dwInitializeError = ERROR_SUCCESS;
        } else {
            dwInitializeError = Marshal::GetLastWin32Error();
            System::Console::WriteLine( String::Format("SymInitialize failed: {0} error: {1}", dwSymInitStatus, dwInitializeError ));
            return false;
        }
        const int kMaxNameLength = 256;
        ULONG64 buffer[(sizeof(SYMBOL_INFO) + kMaxNameLength * sizeof(wchar_t) + sizeof(ULONG64) - 1) / sizeof(ULONG64)];
        memset(buffer, 0, sizeof(buffer));
        // Initialize symbol information retrieval structures.
        DWORD64 sym_displacement = 0;
        PSYMBOL_INFO symbol = reinterpret_cast<PSYMBOL_INFO>(&buffer[0]);
        symbol->SizeOfStruct = sizeof(SYMBOL_INFO);
        symbol->MaxNameLen = kMaxNameLength - 1;
        if( SymFromAddr(hRemoteProcess, (DWORD64)dwStartAddress, &sym_displacement, symbol ))
        {
            System::String^ name = gcnew System::String( symbol->Name );
            System::Console::WriteLine( String::Format("Found thread with ModuleName: {0}", name ));
            if( name->Contains( this->symbolName ))
            {
                return true;
            }
        }
        else
        {
            dwInitializeError = Marshal::GetLastWin32Error();
            System::Console::WriteLine( String::Format("SymFromAddr failed: {0}", dwInitializeError ));
        }
    }
    finally
    {
        CloseHandle(hRemoteProcess);
    }
    return false;
}

在这种情况下,另一个原因(尽管可能不是)可能是流程尚未完全启动。在我的调试器代码中,在WaitForDebugEvent返回CREATE_PROCESS_DEBUG_EVENT事件代码后,我立即调用SymInitialize。由此得到CCD_ 6。稍后调用它(就在我需要堆栈遍历之前)成功了。

Microsoft结果代码通常用十六进制表示。在这种情况下,你会在谷歌上搜索"SymInitialize错误8000000D":

  • http://msdn.microsoft.com/en-us/library/windows/desktop/ms681351%28v=vs.85%29.aspx

我两手空空地找到了错误代码"8000000D"(除了这个,但MSDN链接听起来很有趣:

传递给SymInitialize的句柄必须与传递给的值相同进程调用的所有其他符号处理程序函数。它是函数用于识别调用者和定位正确的符号信息。<=听起来你在这么做。。。

A process that calls SymInitialize should not call it again unless it calls SymCleanup first. 
  <= What about this?
All DbgHelp functions, such as this one, are single threaded. Therefore, calls from more than one thread to this function will likely result in unexpected behavior or memory corruption. To avoid this, call SymInitialize only when your process starts and SymCleanup only when your process ends. It is not necessary for each thread in the process to call these functions.
  <= Or this

Q: 您不是在从多个线程调用SymInitialize(),是吗?

如果您试图调用SymInitialize,则会得到错误2147483661,其中目标进程ID属于64位进程,但您自己的进程是32位进程。

相关文章: