Bug Check 0x50: PAGE_FAULT_IN_NONPAGED_AREA - Server 2003 SP2

bendsha · Oct 27, 2014

I have a BSIO problem in Bug Check 0x50, It's make me puzzled. I suspect a double free or overwrite problem case by a minifilter driver. I have the minifilter driver source code, it‘s works normal in other machine，the machine is not mine and I can't debug it，even open verifier to reappear this BSOD.

so I have to check driver source code look forward to find some suspicious code, but it's useless.

Could you help me and give me some suggestions?

WinDbg analyze as follows:

Code:

0: kd> vertarget
Windows Server 2003 Kernel Version 3790 (Service Pack 2) MP (4 procs) Free x64
Product: Server, suite: Enterprise TerminalServer SingleUserTS
Built by: 3790.srv03_sp2_rtm.070216-1710
Machine Name:*** ERROR: Module load completed but symbols could not be loaded for srv.sys


Kernel base = 0xfffff800`01000000 PsLoadedModuleList = 0xfffff800`011d5100
Debug session time: Fri Oct 17 19:59:53.663 2014 (UTC + 8:00)
System Uptime: 0 days 0:04:33.279




0: kd> !analyze -v
*******************************************************************************
*                                                                             *
*                        Bugcheck Analysis                                    *
*                                                                             *
*******************************************************************************


PAGE_FAULT_IN_NONPAGED_AREA (50)
Invalid system memory was referenced.  This cannot be protected by try-except,
it must be protected by a Probe.  Typically the address is just plain bad or it
is pointing at freed memory.
Arguments:
Arg1: fffffadf42d8233d, memory referenced.
Arg2: 0000000000000000, value 0 = read operation, 1 = write operation.
Arg3: fffffadf2798f290, If non-zero, the instruction address which referenced the bad memory
	address.
Arg4: 0000000000000000, (reserved)


Debugging Details:
------------------




Could not read faulting driver name


READ_ADDRESS: GetUlongPtrFromAddress: unable to read from fffff800011dc380
GetUlongFromAddress: unable to read from fffff800011dc3a0
 fffffadf42d8233d 


FAULTING_IP: 
disk!memcpy+60
fffffadf`2798f290 488b040a        mov     rax,qword ptr [rdx+rcx]


MM_INTERNAL_CODE:  0


CUSTOMER_CRASH_COUNT:  8


DEFAULT_BUCKET_ID:  COMMON_SYSTEM_FAULT


BUGCHECK_STR:  0x50


PROCESS_NAME:  clienteng.exe


CURRENT_IRQL:  1


ANALYSIS_VERSION: 6.3.9600.17029 (debuggers(dbg).140219-1702) amd64fre


TRAP_FRAME:  fffffadf243d34c0 -- (.trap 0xfffffadf243d34c0)
NOTE: The trap frame does not contain all registers.
Some register values may be zeroed or incorrect.
rax=fffffadf31e054a0 rbx=0000000000000000 rcx=fffffadf31edde10
rdx=0000000010ea452d rsi=0000000000000000 rdi=0000000000000000
rip=fffffadf2798f290 rsp=fffffadf243d3658 rbp=fffffadf39dd51b0
 r8=0000000000000018  r9=0000000000000003 r10=5be6572eacb30003
r11=fffffadf31edde10 r12=0000000000000000 r13=0000000000000000
r14=0000000000000000 r15=0000000000000000
iopl=0         nv up ei pl nz na po nc
disk!memcpy+0x60:
fffffadf`2798f290 488b040a        mov     rax,qword ptr [rdx+rcx] ds:fffffadf`42d8233d=????????????????
Resetting default scope


LAST_CONTROL_TRANSFER:  from fffff800010a58f2 to fffff8000102e950


STACK_TEXT:  
fffffadf`243d33e8 fffff800`010a58f2 : 00000000`00000050 fffffadf`42d8233d 00000000`00000000 fffffadf`243d34c0 : nt!KeBugCheckEx
fffffadf`243d33f0 fffff800`0102d519 : fffffadf`32b97560 00000000`00000000 00000000`00000000 00000000`00000080 : nt!MmAccessFault+0xa1f
fffffadf`243d34c0 fffffadf`2798f290 : fffffadf`2798c8dd 0012019f`00000000 fffffadf`32b97560 fffffa80`00000000 : nt!KiPageFault+0x119
fffffadf`243d3658 fffffadf`2798c8dd : 0012019f`00000000 fffffadf`32b97560 fffffa80`00000000 fffffadf`39dd5670 : disk!memcpy+0x60
fffffadf`243d3660 fffffadf`29a5637a : 00000000`02aed308 00000000`00000060 fffffadf`31e358c0 fffffadf`243d3cf0 : disk!DiskDeviceControl+0x7ed
fffffadf`243d38d0 fffff800`01379339 : fffffadf`31e358c0 fffffadf`243d3cf0 00000000`00000000 fffffadf`31e358c0 : PartMgr!PmDeviceControl+0x4aa
fffffadf`243d3960 fffffadf`27937922 : 00000000`00000000 00000000`00000000 fffffadf`31e358c0 fffffadf`31dda850 : nt!RawDispatch+0x159
fffffadf`243d39b0 fffffadf`27937922 : ffffffff`ffffffff fffffadf`31e358c0 fffffadf`31e358c0 fffffadf`31d7b4a0 : fltMgr!FltpDispatch+0x1c2
fffffadf`243d3a10 fffff800`01280111 : 00000000`00000000 fffffadf`243d3cf0 00000000`00000001 fffffadf`31e09050 : fltMgr!FltpDispatch+0x1c2
fffffadf`243d3a70 fffff800`0127fc16 : 00000000`00000408 00000000`00000000 00000000`00000000 00000000`00000000 : nt!IopXxxControlFile+0xa79
fffffadf`243d3b90 fffff800`0102e3fd : fffffadf`32a9bc20 fffffadf`32b2d040 fffffadf`32a9bf00 00000000`00000000 : nt!NtDeviceIoControlFile+0x56
fffffadf`243d3c00 00000000`78ee0a5a : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : nt!KiSystemServiceCopyEnd+0x3
00000000`02aed1f8 00000000`00000000 : 00000000`00000000 00000000`00000000 00000000`00000000 00000000`00000000 : 0x78ee0a5a




STACK_COMMAND:  kb


FOLLOWUP_IP: 
disk!memcpy+60
fffffadf`2798f290 488b040a        mov     rax,qword ptr [rdx+rcx]


SYMBOL_STACK_INDEX:  3


SYMBOL_NAME:  disk!memcpy+60


FOLLOWUP_NAME:  MachineOwner


MODULE_NAME: disk


IMAGE_NAME:  disk.sys


DEBUG_FLR_IMAGE_TIMESTAMP:  45d69505


IMAGE_VERSION:  5.2.3790.3959


FAILURE_BUCKET_ID:  X64_0x50_disk!memcpy+60


BUCKET_ID:  X64_0x50_disk!memcpy+60


ANALYSIS_SOURCE:  KM


FAILURE_ID_HASH_STRING:  km:x64_0x50_disk!memcpy+60


FAILURE_ID_HASH:  {c61dfbc1-fe5e-35f2-df9e-8ca950717906}


Followup: MachineOwner
---------


0: kd> .frame /r 3
03 fffffadf`243d3658 fffffadf`2798c8dd disk!memcpy+0x60
rax=fffffadf31e054a0 rbx=fffffadf31d616f0 rcx=fffffadf31edde10
rdx=0000000010ea452d rsi=0000000000000000 rdi=0000000000000018
rip=fffffadf2798f290 rsp=fffffadf243d3658 rbp=fffffadf39dd51b0
 r8=0000000000000018  r9=0000000000000003 r10=5be6572eacb30003
r11=fffffadf31edde10 r12=fffffadf31e358c0 r13=fffffadf39dd5060
r14=fffffadf3268bc40 r15=0000000000000000
iopl=0         nv up ei pl zr na po nc
cs=0010  ss=0018  ds=002b  es=002b  fs=0053  gs=002b             efl=00000246
disk!memcpy+0x60:
fffffadf`2798f290 488b040a        mov     rax,qword ptr [rdx+rcx] ds:002b:fffffadf`42d8233d=????????????????
0: kd> u disk!memcpy+0x60
disk!memcpy+0x60:
fffffadf`2798f290 488b040a        mov     rax,qword ptr [rdx+rcx]
fffffadf`2798f294 488901          mov     qword ptr [rcx],rax
fffffadf`2798f297 4883c108        add     rcx,8
fffffadf`2798f29b 49ffc9          dec     r9
fffffadf`2798f29e 75f0            jne     disk!memcpy+0x60 (fffffadf`2798f290)
fffffadf`2798f2a0 4983e007        and     r8,7
fffffadf`2798f2a4 4d85c0          test    r8,r8
fffffadf`2798f2a7 7507            jne     disk!memcpy+0x80 (fffffadf`2798f2b0)

You can download minidump file from Mini101714-08.dmp_??????|??? ??-?????.

Thanks.

x BlueRobot · Oct 27, 2014

Most -if not all- the symbols seem to be corrupt within the dump file.

Code:

0: kd> [COLOR=#008000]!sym noisy[/COLOR]
noisy mode - symbol prompts on
0: kd> [COLOR=#008000].reload[/COLOR]
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
DBGENG:  ntoskrnl.exe - Image mapping disallowed by non-local path.
Unable to load image ntoskrnl.exe, Win32 error 0n2
DBGENG:  ntoskrnl.exe - Partial symbol image load missing image info
DBGHELP: No header for ntoskrnl.exe.  Searching for dbg file
DBGHELP: .\ntoskrnl.dbg - file not found
DBGHELP: .\exe\ntoskrnl.dbg - path not found
DBGHELP: .\symbols\exe\ntoskrnl.dbg - path not found
DBGHELP: ntoskrnl.exe missing debug info.  Searching for pdb anyway
DBGHELP: Can't use symbol server for ntoskrnl.pdb - no header information available
DBGHELP: ntoskrnl.pdb - file not found
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
DBGHELP: nt - no symbols loaded
Loading Kernel Symbols
.
SYMSRV:  C:\ProgramData\dbg\sym\halaacpi.dll\45D6936F5e000\halaacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halaacpi.dll\45D6936F5e000\halaacpi.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halaacpi.dll/45D6936F5e000/halaacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halacpi.dll\45D6936F5e000\halacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halacpi.dll\45D6936F5e000\halacpi.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halacpi.dll/45D6936F5e000/halacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halapic.dll\45D6936F5e000\halapic.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halapic.dll\45D6936F5e000\halapic.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halapic.dll/45D6936F5e000/halapic.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmacpi.dll\45D6936F5e000\halmacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmacpi.dll\45D6936F5e000\halmacpi.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halmacpi.dll/45D6936F5e000/halmacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmps.dll\45D6936F5e000\halmps.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmps.dll\45D6936F5e000\halmps.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halmps.dll/45D6936F5e000/halmps.dll not found
DBGHELP: C:\ProgramData\dbg\sym\hal.dll\45D6936F5e000\hal.dll - OK
DBGENG:  C:\ProgramData\dbg\sym\hal.dll\45D6936F5e000\hal.dll - Mapped image memory
.
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
DBGENG:  kdcom.dll - Image mapping disallowed by non-local path.

Do you have any other dump files?

bendsha · Oct 27, 2014

x BlueRobot said:

Most -if not all- the symbols seem to be corrupt within the dump file.

Code:

0: kd> [COLOR=#008000]!sym noisy[/COLOR]
noisy mode - symbol prompts on
0: kd> [COLOR=#008000].reload[/COLOR]
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntoskrnl.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlup.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlpa.exe - mismatched timestamp
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrnlmp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\ntkrpamp.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
DBGHELP: C:\Windows\system32\xboxkrnlc.exe - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntoskrnl.exe/45D69A89490000/ntoskrnl.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntoskrnl.exe\45D69A89490000\ntoskrnl.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlup.exe/45D69A89490000/ntkrnlup.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlup.exe\45D69A89490000\ntkrnlup.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlpa.exe/45D69A89490000/ntkrnlpa.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlpa.exe\45D69A89490000\ntkrnlpa.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrnlmp.exe/45D69A89490000/ntkrnlmp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrnlmp.exe\45D69A89490000\ntkrnlmp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/45D69A89490000/ntkrpamp.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\ntkrpamp.exe\45D69A89490000\ntkrpamp.exe not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/xboxkrnlc.exe/45D69A89490000/xboxkrnlc.exe not found
SYMSRV:  C:\ProgramData\dbg\sym\xboxkrnlc.exe\45D69A89490000\xboxkrnlc.exe not found
DBGENG:  ntoskrnl.exe - Image mapping disallowed by non-local path.
Unable to load image ntoskrnl.exe, Win32 error 0n2
DBGENG:  ntoskrnl.exe - Partial symbol image load missing image info
DBGHELP: No header for ntoskrnl.exe.  Searching for dbg file
DBGHELP: .\ntoskrnl.dbg - file not found
DBGHELP: .\exe\ntoskrnl.dbg - path not found
DBGHELP: .\symbols\exe\ntoskrnl.dbg - path not found
DBGHELP: ntoskrnl.exe missing debug info.  Searching for pdb anyway
DBGHELP: Can't use symbol server for ntoskrnl.pdb - no header information available
DBGHELP: ntoskrnl.pdb - file not found
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
DBGHELP: nt - no symbols loaded
Loading Kernel Symbols
.
SYMSRV:  C:\ProgramData\dbg\sym\halaacpi.dll\45D6936F5e000\halaacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halaacpi.dll\45D6936F5e000\halaacpi.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halaacpi.dll/45D6936F5e000/halaacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halacpi.dll\45D6936F5e000\halacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halacpi.dll\45D6936F5e000\halacpi.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halacpi.dll/45D6936F5e000/halacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halapic.dll\45D6936F5e000\halapic.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halapic.dll\45D6936F5e000\halapic.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halapic.dll/45D6936F5e000/halapic.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmacpi.dll\45D6936F5e000\halmacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmacpi.dll\45D6936F5e000\halmacpi.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halmacpi.dll/45D6936F5e000/halmacpi.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmps.dll\45D6936F5e000\halmps.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\halmps.dll\45D6936F5e000\halmps.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/halmps.dll/45D6936F5e000/halmps.dll not found
DBGHELP: C:\ProgramData\dbg\sym\hal.dll\45D6936F5e000\hal.dll - OK
DBGENG:  C:\ProgramData\dbg\sym\hal.dll\45D6936F5e000\hal.dll - Mapped image memory
.
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdcom.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdusb.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kd1394.dll - mismatched timestamp
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
DBGHELP: C:\Windows\system32\kdnet.dll - file not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdcom.dll/45D72A6Da000/kdcom.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdcom.dll\45D72A6Da000\kdcom.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdusb.dll/45D72A6Da000/kdusb.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdusb.dll\45D72A6Da000\kdusb.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kd1394.dll/45D72A6Da000/kd1394.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kd1394.dll\45D72A6Da000\kd1394.dll not found
SYMSRV:  http://msdl.microsoft.com/download/symbols/kdnet.dll/45D72A6Da000/kdnet.dll not found
SYMSRV:  C:\ProgramData\dbg\sym\kdnet.dll\45D72A6Da000\kdnet.dll not found
DBGENG:  kdcom.dll - Image mapping disallowed by non-local path.

Do you have any other dump files?

I have other minidump files, you can download from Minidump-emr2.rar_??????|??? ??-????? , but I don't think other minidump file can solve this problem.

This problem is perplex me for a while, I found out a solution later.

You can create a sub directory name 45D69A89490000 in C:\ProgramData\dbg\sym\ntoskrnl.exe and download ntoskrnl.exe from ntoskrnl.exe_??????|??? ??-????? and copy it to 45D69A89490000.

After do this, you can reload symbols again and it will reload normally.

Thanks.

Patrick · Oct 29, 2014

Hi,

I set up a quick 2003 Enterprise VM w/ SP2 symbols to try and get a good output, but it threw wrong_symbols. I then followed your noted solution regarding the renamed MP/disabled PAE kernel executable and that failed as well. I can still try and take a look even with the symbol issues if you'd like, unless you have any other ideas.

Regards,

Patric

blueelvis · Oct 30, 2014

Patrick, how come the symbols be bad? There shouldn't be more than couple of different types of executable versions for a single executable say NTOSKRNL.exe since Microsoft would provide only few different versions.

Does this imply that the Executables have been modified by a 3rd party other than Microsoft?

bendsha · Oct 30, 2014

Hi, Patrick,

I'm not sure how did symbols wrong happen, it's realy strange![FONT=Tahoma, Arial] I can loading symbols for some critical system [/FONT]component and[FONT=Tahoma, Arial] see the call stack and look over the invaild PTE problem, The suspect provided by windbg is a process named clienteng, which commulicate with the minifilter driver, but I am uncertaintiesbecause it' s lace of evidence supporting. Open verifier and debug on this critical machine seens to be a good idea, I will try it on a appropriate time.
[/FONT][FONT=Tahoma, Arial]
Forgive me for my poor English expression, I have see some post which you [/FONT]even[FONT=Tahoma, Arial] reply, It's give me a lot of help,

Thank you.

[/FONT][FONT=Tahoma, Arial]
[/FONT]

Bug Check 0x50: PAGE_FAULT_IN_NONPAGED_AREA - Server 2003 SP2

bendsha

Member

x BlueRobot

Administrator

bendsha

Member

Patrick

Sysnative Staff

blueelvis

BSOD Kernel Dump Senior Analyst

bendsha

Member