(ntoskrnl\kd64\kdinit.c:74) ----------------------------------------------------- (ntoskrnl\kd64\kdinit.c:75) ReactOS 0.4.11-dev (Build 20180915-0.4.11-dev-158-g0f47f27) (Commit 0f47f2782901e5a13b13b6c0177cc76c09b7ac7f) (ntoskrnl\kd64\kdinit.c:76) 1 System Processor [512 MB Memory] (ntoskrnl\kd64\kdinit.c:80) Command Line: DEBUG DEBUGPORT=COM1 BAUDRATE=115200 SOS SAFEBOOT:MINIMAL SOS BOOTLOG (ntoskrnl\kd64\kdinit.c:81) ARC Paths: multi(0)disk(0)rdisk(0)partition(1) \ multi(0)disk(0)rdisk(0)partition(1) \ReactOS\ (ntoskrnl\ke\i386\cpu.c:450) Supported CPU features : KF_V86_VIS KF_RDTSC KF_CR4 KF_CMOV KF_GLOBAL_PAGE KF_LARGE_PAGE KF_MTRR KF_CMPXCHG8B KF_MMX KF_WORKING_PTE KF_PAT KF_FXSR KF_FAST_SYSCALL KF_XMMI KF_XMMI64 KF_NX_BIT (ntoskrnl\ke\i386\cpu.c:722) Prefetch Cache: 64 bytes L2 Cache: 0 bytes L2 Cache Line: 64 bytes L2 Cache Associativity: 0 (hal\halx86\acpi\halacpi.c:782) ACPI Timer at: 4008h (EXT: 256) (hal\halx86\acpi\halacpi.c:890) ACPI 2.0 Detected. Tables: [RSDT] [FACP] (ntoskrnl\mm\ARM3\mminit.c:1452) HAL I/O Mapping at FFFE0000 is unsafe (ntoskrnl\mm\mminit.c:131) 0x80000000 - 0x83000000 Boot Loaded Image (ntoskrnl\mm\mminit.c:135) 0xB0000000 - 0xB0381000 PFN Database (ntoskrnl\mm\mminit.c:139) 0xB0381000 - 0xB1369000 ARM3 Non Paged Pool (ntoskrnl\mm\mminit.c:143) 0xB9400000 - 0xBB400000 System View Space (ntoskrnl\mm\mminit.c:147) 0xBB400000 - 0xC0000000 Session Space (ntoskrnl\mm\mminit.c:150) 0xC0000000 - 0xC03FFFFF Page Tables (ntoskrnl\mm\mminit.c:153) 0xC0300000 - 0xC0300FFF Page Directories (ntoskrnl\mm\mminit.c:156) 0xC0400000 - 0xC07FFFFF Hyperspace (ntoskrnl\mm\mminit.c:159) 0xC1000000 - 0xE0FFFFFF System Cache (ntoskrnl\mm\mminit.c:163) 0xE1000000 - 0xEDC00000 ARM3 Paged Pool (ntoskrnl\mm\mminit.c:166) 0xEDC00000 - 0xF8BC8000 System PTE Space (ntoskrnl\mm\mminit.c:169) 0xF8BC8000 - 0xFFBE0000 Non Paged Pool Expansion PTE Space (ntoskrnl\config\cmcheck.c:25) CmCheckRegistry(0xB1314008, 2) is UNIMPLEMENTED! ACPI Compatible Eisa/Isa HAL Detected (ntoskrnl\ps\apphelp.c:446) SHIMS: Safe mode detected, disabling cache. (sdk\lib\rtl\image.c:172) Invalid base address: 00000000 (ntoskrnl\io\iomgr\driver.c:1585) '\Driver\SACDRV' initialization failed, status (0xc0000037) (ntoskrnl\io\iomgr\driver.c:64) Deleting driver object '\Driver\SACDRV' (drivers\ksfilter\swenum\swenum.c:428) SWENUM loaded (drivers\storage\scsiport\scsiport.c:5859) ZwOpenKey() failed with Status=0xC0000034 (hal\halx86\legacy\bus\pcibus.c:727) WARNING: PCI Slot Resource Assignment is FOOBAR (ntoskrnl\io\iomgr\driver.c:1585) '\Driver\BUSLOGIC' initialization failed, status (0xc00000c0) (ntoskrnl\io\iomgr\driver.c:64) Deleting driver object '\Driver\BUSLOGIC' WARNING: NtNotifyChangeMultipleKeys at ntoskrnl\config\ntapi.c:1097 is UNIMPLEMENTED! Btrfs ERR : watch_registry : ZwNotifyChangeKey returned c0000002 (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\processr.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\processr.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\VBoxVideo.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\pcnet.sys' with status 0xc000003a vgdrvHeartbeatInit: Setting up heartbeat to trigger every 2000 milliseconds vgdrvNtInit: Device is ready! (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\system32\drivers\ALCXWDM.SYS' with status 0xc000003a (drivers\usb\usbohci\hardware.cpp:1395) Disabling status change interrupt (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\VBoxVideo.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\pcnet.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\system32\drivers\ALCXWDM.SYS' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\serial.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\cmbatt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\cmbatt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\processr.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\processr.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\VBoxVideo.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\pcnet.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\system32\drivers\ALCXWDM.SYS' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\i8042prt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\serial.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\cmbatt.sys' with status 0xc000003a (ntoskrnl\mm\ARM3\sysldr.c:3037) ZwOpenFile failed for '\SystemRoot\System32\drivers\cmbatt.sys' with status 0xc000003a (ntoskrnl\io\iomgr\iorsrce.c:725) Failed to open symlink \Device\Harddisk0\Partition1, Status=c0000024 (ntoskrnl\io\pnpmgr\pnproot.c:628) Failed to read the LogConf key for Root\System\0000 Btrfs ERR : get_device_pnp_name_guid : IoGetDeviceInterfaces returned c0000034 Btrfs ERR : get_device_pnp_name_guid : IoGetDeviceInterfaces returned c0000034 Btrfs ERR : get_device_pnp_name_guid : IoGetDeviceInterfaces returned c0000034 (drivers\storage\scsiport\scsiport.c:2894) unknown ioctl code: 0x2D0C14 Btrfs ERR : is_device_removable : dev_ioctl returned c0000002 (drivers\storage\scsiport\scsiport.c:2894) unknown ioctl code: 0x2D1080 (drivers\storage\scsiport\scsiport.c:2894) unknown ioctl code: 0x4D02C (drivers\storage\scsiport\scsiport.c:2894) unknown ioctl code: 0x2D1400 (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\processr.sys at F77D1000 with 7 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\VBoxVideo.sys at F77A1000 with 30 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\VIDEOPRT.SYS at F7786000 with 1b pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\pcnet.sys at F7768000 with a pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\ALCXWDM.SYS at F774D000 with 18 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\WMILIB.SYS at F7745000 with 8 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\portcls.sys at F771B000 with 2a pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\drmk.sys at F7714000 with 7 pages (drivers\wdm\audio\backpln\portcls\interrupt.cpp:258) Vector 59 Level 16 Flags 0 Affinity ffffffff (drivers\wdm\audio\backpln\portcls\interrupt.cpp:272) CInterruptSync::Connect result 0 (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\i8042prt.sys at F76FE000 with 14 pages (drivers\input\i8042prt\hwhacks.c:229) SMBiosTables HACK, see CORE-14867 (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\kbdclass.sys at F76F4000 with a pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\VBoxMouse.sys at F76C9000 with 2b pages IPRT: RTMpPoke => rtMpPokeCpuUsingDpc (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\mouclass.sys at F76BF000 with a pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\serial.sys at F76B2000 with d pages (ntoskrnl\io\pnpmgr\pnpres.c:615) Resource conflict: IRQ (0x4 0x4 vs. 0x4 0x4) (ntoskrnl\io\pnpmgr\pnpres.c:1100) Boot resources for ACPI\PNP0501\1 cause a resource conflict! (ntoskrnl\io\pnpmgr\pnpres.c:385) Failed to find an available interrupt resource (0x4 to 0x4) (ntoskrnl\io\pnpmgr\pnpres.c:513) Unable to satisfy preferred resource or alternates in list 0 (ntoskrnl\io\pnpmgr\pnpres.c:524) Out of alternate lists! (ntoskrnl\io\pnpmgr\pnpres.c:1123) Failed to fixup a resource list from supplied resources for ACPI\PNP0501\1 (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\cmbatt.sys at F76A6000 with c pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\battc.sys at F769E000 with 8 pages (drivers\bus\acpi\eval.c:169) Query method _BTP failed on B1330470 WARNING: AcpiInterfaceNotificationsRegister at drivers\bus\acpi\interface.c:80 is UNIMPLEMENTED! (ntoskrnl\io\iomgr\device.c:445) Unloading driver '\Driver\CMBATT' (automatic) (ntoskrnl\io\pnpmgr\pnpmgr.c:473) \Driver\CMBATT->AddDevice(ACPI\PNP0C0A\0) failed with status 0xc0000002 (ntoskrnl\io\iomgr\driver.c:64) Deleting driver object '\Driver\CMBATT' (ntoskrnl\mm\ARM3\sysldr.c:955) Leaking driver: cmbatt.sys (ntoskrnl\mm\ARM3\sysldr.c:428) \SystemRoot\System32\drivers\battc.sys (ntoskrnl\mm\ARM3\sysldr.c:428) \SystemRoot\system32\drivers\WMILIB.SYS (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\System32\drivers\cmbatt.sys at F7692000 with c pages WARNING: AcpiInterfaceNotificationsRegister at drivers\bus\acpi\interface.c:80 is UNIMPLEMENTED! (drivers\ksfilter\swenum\swenum.c:369) SWENUM AddDevice (drivers\ksfilter\ks\swenum.c:1532) KsCreateBusEnumObject Devices BusDeviceObject B1227858 (drivers\ksfilter\swenum\swenum.c:107) SwDispatchPnp ChildDevice 0 Request d (drivers\ksfilter\swenum\swenum.c:128) SwDispatchPnp KsServiceBusEnumPnpRequest Status c00000bb (drivers\ksfilter\swenum\swenum.c:141) SwDispatchPnp KsGetBusEnumPnpDeviceObject Status 0 (drivers\ksfilter\swenum\swenum.c:107) SwDispatchPnp ChildDevice 0 Request 0 (drivers\ksfilter\swenum\swenum.c:128) SwDispatchPnp KsServiceBusEnumPnpRequest Status 0 (drivers\ksfilter\swenum\swenum.c:107) SwDispatchPnp ChildDevice 0 Request 9 (drivers\ksfilter\swenum\swenum.c:128) SwDispatchPnp KsServiceBusEnumPnpRequest Status c00000bb (drivers\ksfilter\swenum\swenum.c:141) SwDispatchPnp KsGetBusEnumPnpDeviceObject Status 0 (drivers\ksfilter\swenum\swenum.c:107) SwDispatchPnp ChildDevice 0 Request 14 (drivers\ksfilter\swenum\swenum.c:128) SwDispatchPnp KsServiceBusEnumPnpRequest Status c00000bb (drivers\ksfilter\swenum\swenum.c:141) SwDispatchPnp KsGetBusEnumPnpDeviceObject Status 0 (drivers\ksfilter\swenum\swenum.c:107) SwDispatchPnp ChildDevice 0 Request 7 (drivers\ksfilter\swenum\swenum.c:128) SwDispatchPnp KsServiceBusEnumPnpRequest Status 0 (drivers\ksfilter\swenum\swenum.c:107) SwDispatchPnp ChildDevice 0 Request 7 (drivers\ksfilter\swenum\swenum.c:128) SwDispatchPnp KsServiceBusEnumPnpRequest Status 0 (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\floppy.sys at F767C000 with 16 pages (ntoskrnl\io\iomgr\driver.c:1585) '\Driver\FLOPPY' initialization failed, status (0xc000000e) (ntoskrnl\io\iomgr\driver.c:64) Deleting driver object '\Driver\FLOPPY' (ntoskrnl\io\iomgr\driver.c:1995) IopInitializeDriverModule() failed (Status c000000e) (ntoskrnl\mm\ARM3\sysldr.c:955) Leaking driver: floppy.sys (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\cdrom.sys at F7669000 with f pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\fs_rec.sys at F7661000 with 8 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\null.sys at F765A000 with 7 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\beep.sys at F7653000 with 7 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\vbemp.sys at F764B000 with 8 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\msfs.sys at F7643000 with 8 pages (ntoskrnl\mm\ARM3\sysldr.c:176) Loading: \SystemRoot\system32\drivers\npfs.sys at F7633000 with 10 pages WARNING: RtlCreateTagHeap at sdk\lib\rtl\heap.c:3881 is UNIMPLEMENTED! (base\system\autochk\autochk.c:422) AUTOCHK: Checking \??\C: (base\system\smss\pagefile.c:878) SMSS:PFILE: Open volume `\??\D:\' failed with status C000014F *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntoskrnl.exe - Assertion failure - code c0000420 (first chance) nt!ExFreePoolWithTag+0x36e: 8049b7be cd2c int 2Ch kd> k ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. f87ee4ec 8049b440 nt!ExFreePoolWithTag+0x36e *** ERROR: Module load completed but symbols could not be loaded for btrfs.sys f87ee4fc f8b5ad73 nt!ExFreePool+0x10 f87ee644 f8b6071e btrfs+0x94d73 f87ee6a8 f8b5e72d btrfs+0x9a71e f87ee730 f8ae7efe btrfs+0x9872d f87ee854 f8ae23cc btrfs+0x21efe f87ee8a8 8046ddad btrfs+0x1c3cc f87ee8d0 80463dab nt!IofCallDriver+0xad f87eea00 804e239a nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b nt!ObQueryNameString+0x124a f87eeaec 8046225b nt!ObOpenObjectByName+0x15b f87eeb74 80460926 nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 nt!IoCreateFile+0x46 f87eecfc 80516c0b nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 nt!KiEoiHelper+0x808 f87eee50 804e3239 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 nt!KiEoiHelper+0x808 f885fc08 8040260f nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 nt!HeadlessDispatch+0x1dee f885fdc0 80514392 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0x80088000 kd> g Continuing an assertion failure can result in the debuggee being terminated (bugchecking for kernel debuggees). If you want to ignore this assertion, use 'ahi'. If you want to force continuation, use 'gh' or 'gn'. kd> gh Break instruction exception - code 80000003 (first chance) nt!DbgBreakPoint: 80532eb2 cc int 3 kd> k ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. f87ee480 8049b8d8 nt!DbgBreakPoint f87ee4ec 8049b440 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 nt!ExFreePool+0x10 f87ee644 f8b6071e btrfs+0x94d73 f87ee6a8 f8b5e72d btrfs+0x9a71e f87ee730 f8ae7efe btrfs+0x9872d f87ee854 f8ae23cc btrfs+0x21efe f87ee8a8 8046ddad btrfs+0x1c3cc f87ee8d0 80463dab nt!IofCallDriver+0xad f87eea00 804e239a nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b nt!ObQueryNameString+0x124a f87eeaec 8046225b nt!ObOpenObjectByName+0x15b f87eeb74 80460926 nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 nt!IoCreateFile+0x46 f87eecfc 80516c0b nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 nt!KiEoiHelper+0x808 f87eee50 804e3239 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 nt!KiEoiHelper+0x808 f885fc08 8040260f nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 nt!HeadlessDispatch+0x1dee f885fdc0 80514392 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0x80088000 kd> gn *** Fatal System Error: 0x000000d1 (0x00000000,0xFFFFFFFF,0x00000000,0x00000000) Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. Debugger entered on first try; Bugcheck callbacks have not been invoked. A fatal system error has occurred. Connected to Windows Server 2003 3790 x86 compatible target at (Sat Sep 15 11:54:43.984 2018 (UTC + 2:00)), ptr64 FALSE *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntoskrnl.exe - Loading Kernel Symbols .................................................. Loading User Symbols .. *** ERROR: Module load completed but symbols could not be loaded for ntdll.dll ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {0, ffffffff, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* *** ERROR: Module load completed but symbols could not be loaded for btrfs.sys ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* Probably caused by : Pool_Corruption ( nt!ExFreePool+10 ) Followup: MachineOwner --------- nt!DbgBreakPointWithStatus+0x4: 80532eb8 cc int 3 kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: ffffffff, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: 00000000, address which referenced memory Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ADDITIONAL_DEBUG_TEXT: Use '!findthebuild' command to search for the target build information. If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols. FAULTING_MODULE: 80400000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 0 READ_ADDRESS: unable to get nt!MmSpecialPoolStart unable to get nt!MmSpecialPoolEnd unable to get nt!MmPoolCodeStart unable to get nt!MmPoolCodeEnd 00000000 CURRENT_IRQL: 0 FAULTING_IP: +70af2faf00aed8e0 00000000 ?? ??? DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0xD1 LAST_CONTROL_TRANSFER: from 80485505 to 80532eb8 FAILED_INSTRUCTION_ADDRESS: +70af2faf00aed8e0 00000000 ?? ??? STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. f87eda50 80485505 00000003 00000000 00000000 nt!DbgBreakPointWithStatus+0x4 f87eddf0 80515b7a 0000000a 00000000 ffffffff nt!KeBugCheckEx+0x655 f87ede64 804036ff f87edf00 00000000 badb0d00 nt!KiEoiHelper+0x15ea f87ededc 805295bc f87ee340 f87ee484 f87edfd4 nt!WRITE_REGISTER_BUFFER_ULONG+0xe83 f87edf00 80529590 f87ee340 f87ee484 f87edfd4 nt!RtlCaptureContext+0x115 f87edfb8 8051097a f87ee340 f87edfd4 f87eed14 nt!RtlCaptureContext+0xe9 f87ee324 80510df7 f87ee340 00000000 f87ee3e8 nt!KeRaiseUserException+0x71a f87ee394 80514535 80000003 00000000 80532eb2 nt!KeRaiseUserException+0xb97 f87ee3cc 80514f63 00000000 00000000 f87ee3e8 nt!KiCheckForSListAddress+0xc5 f87ee3e0 804030cf f87ee480 80532eb3 badb0d00 nt!KiEoiHelper+0x9d3 f87ee3f4 80514611 f87ee414 f87ee410 80288ea9 nt!WRITE_REGISTER_BUFFER_ULONG+0x853 f87ee480 8049b8d8 00000000 00000000 00000017 nt!KiEoiHelper+0x81 f87ee4ec 8049b440 b002e504 00000000 f87ee644 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 b002e504 0000000c 00000001 nt!ExFreePool+0x10 f87ee644 f8b6071e b131b0d0 00000001 00000000 btrfs+0x94d73 f87ee6a8 f8b5e72d b11c8400 28000000 00000000 btrfs+0x9a71e f87ee730 f8ae7efe b11c8400 e12641c0 2ff4d000 btrfs+0x9872d f87ee854 f8ae23cc b131b018 b131b0d0 b12083f8 btrfs+0x21efe f87ee8a8 8046ddad b131b018 b12083f8 b12f38e8 btrfs+0x1c3cc f87ee8d0 80463dab 00000018 00000000 00000000 nt!IofCallDriver+0xad f87eea00 804e239a b1333038 00000000 b1309d30 nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b 00000000 f87eeac8 00000240 nt!ObQueryNameString+0x124a f87eeaec 8046225b f87eec1c 00000000 00000000 nt!ObOpenObjectByName+0x15b f87eeb74 80460926 f87eecd0 00140003 f87eec1c nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 f87eecd0 00140003 f87eec1c nt!IoCreateFile+0x46 f87eecfc 80516c0b 00222e08 00222e28 00222e30 nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 804cf940 0021fd4c 00000010 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 0021fd60 7c92f51e badb0d00 nt!KiEoiHelper+0x808 f87eee50 804e3239 00000001 00000000 00000001 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad b12265d0 00000000 00000002 nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 e1000844 00000000 f885fa54 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc 80513d05 f885fc8c b1319b18 nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 f885fac8 f885fbb8 f885fc8c nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f 00000001 00000001 02d0bf40 nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 b1226540 00000006 00000000 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b 0000076c 00000000 f885fcb8 nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 804e5970 f885fc80 0000000c nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 f885fd80 8040260f badb0d00 nt!KiEoiHelper+0x808 f885fc08 8040260f badb0d00 f885fc80 f885fc78 nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe 00000000 f885fdc0 804f8014 nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 80088000 00007bf0 8000003b nt!HeadlessDispatch+0x1dee f885fdc0 80514392 8042e8f0 80088000 f885fdf0 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 8042e8f0 80088000 00000000 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 80088000 00000000 0000027f nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 00000000 0000027f 00000000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0000027f 00000000 00000000 0x80088000 STACK_COMMAND: kb FOLLOWUP_IP: nt!ExFreePool+10 8049b440 5d pop ebp SYMBOL_STACK_INDEX: d SYMBOL_NAME: nt!ExFreePool+10 FOLLOWUP_NAME: MachineOwner IMAGE_NAME: Pool_Corruption MODULE_NAME: Pool_Corruption BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- kd> lmvm Pool_Corruption start end module name kd> k ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. f87eda50 80485505 nt!DbgBreakPointWithStatus+0x4 f87eddf0 80515b7a nt!KeBugCheckEx+0x655 f87ede64 804036ff nt!KiEoiHelper+0x15ea f87ededc 805295bc nt!WRITE_REGISTER_BUFFER_ULONG+0xe83 f87edf00 80529590 nt!RtlCaptureContext+0x115 f87edfb8 8051097a nt!RtlCaptureContext+0xe9 f87ee324 80510df7 nt!KeRaiseUserException+0x71a f87ee394 80514535 nt!KeRaiseUserException+0xb97 f87ee3cc 80514f63 nt!KiCheckForSListAddress+0xc5 f87ee3e0 804030cf nt!KiEoiHelper+0x9d3 f87ee3f4 80514611 nt!WRITE_REGISTER_BUFFER_ULONG+0x853 f87ee480 8049b8d8 nt!KiEoiHelper+0x81 f87ee4ec 8049b440 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 nt!ExFreePool+0x10 f87ee644 f8b6071e btrfs+0x94d73 f87ee6a8 f8b5e72d btrfs+0x9a71e f87ee730 f8ae7efe btrfs+0x9872d f87ee854 f8ae23cc btrfs+0x21efe f87ee8a8 8046ddad btrfs+0x1c3cc f87ee8d0 80463dab nt!IofCallDriver+0xad f87eea00 804e239a nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b nt!ObQueryNameString+0x124a f87eeaec 8046225b nt!ObOpenObjectByName+0x15b f87eeb74 80460926 nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 nt!IoCreateFile+0x46 f87eecfc 80516c0b nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 nt!KiEoiHelper+0x808 f87eee50 804e3239 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 nt!KiEoiHelper+0x808 f885fc08 8040260f nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 nt!HeadlessDispatch+0x1dee f885fdc0 80514392 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0x80088000 kd> g (ntoskrnl\ke\bug.c:602) Potentially unloaded driver! (ntoskrnl\ke\bug.c:602) Potentially unloaded driver! (ntoskrnl\ke\bug.c:602) Potentially unloaded driver! (ntoskrnl\ke\bug.c:602) Potentially unloaded driver! Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {0, ffffffff, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* Probably caused by : Pool_Corruption ( nt!ExFreePool+10 ) Followup: MachineOwner --------- nt!DbgBreakPointWithStatus+0x4: 80532eb8 cc int 3 kd> k ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. f87eda50 804855e7 nt!DbgBreakPointWithStatus+0x4 f87eddf0 80515b7a nt!KeBugCheckEx+0x737 f87ede64 804036ff nt!KiEoiHelper+0x15ea f87ededc 805295bc nt!WRITE_REGISTER_BUFFER_ULONG+0xe83 f87edf00 80529590 nt!RtlCaptureContext+0x115 f87edfb8 8051097a nt!RtlCaptureContext+0xe9 f87ee324 80510df7 nt!KeRaiseUserException+0x71a f87ee394 80514535 nt!KeRaiseUserException+0xb97 f87ee3cc 80514f63 nt!KiCheckForSListAddress+0xc5 f87ee3e0 804030cf nt!KiEoiHelper+0x9d3 f87ee3f4 80514611 nt!WRITE_REGISTER_BUFFER_ULONG+0x853 f87ee480 8049b8d8 nt!KiEoiHelper+0x81 f87ee4ec 8049b440 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 nt!ExFreePool+0x10 f87ee644 f8b6071e btrfs+0x94d73 f87ee6a8 f8b5e72d btrfs+0x9a71e f87ee730 f8ae7efe btrfs+0x9872d f87ee854 f8ae23cc btrfs+0x21efe f87ee8a8 8046ddad btrfs+0x1c3cc f87ee8d0 80463dab nt!IofCallDriver+0xad f87eea00 804e239a nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b nt!ObQueryNameString+0x124a f87eeaec 8046225b nt!ObOpenObjectByName+0x15b f87eeb74 80460926 nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 nt!IoCreateFile+0x46 f87eecfc 80516c0b nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 nt!KiEoiHelper+0x808 f87eee50 804e3239 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 nt!KiEoiHelper+0x808 f885fc08 8040260f nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 nt!HeadlessDispatch+0x1dee f885fdc0 80514392 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0x80088000 kd> g Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {0, ffffffff, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* Probably caused by : Pool_Corruption ( nt!ExFreePool+10 ) Followup: MachineOwner --------- nt!DbgBreakPointWithStatus+0x4: 80532eb8 cc int 3 kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: ffffffff, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: 00000000, address which referenced memory Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ADDITIONAL_DEBUG_TEXT: Use '!findthebuild' command to search for the target build information. If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols. FAULTING_MODULE: 80400000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 0 READ_ADDRESS: 00000000 CURRENT_IRQL: 0 FAULTING_IP: +70af2faf00aed8e0 00000000 ?? ??? DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0xD1 LAST_CONTROL_TRANSFER: from 804855e7 to 80532eb8 FAILED_INSTRUCTION_ADDRESS: +70af2faf00aed8e0 00000000 ?? ??? STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. f87eda50 804855e7 00000004 00000000 00000000 nt!DbgBreakPointWithStatus+0x4 f87eddf0 80515b7a 0000000a 00000000 ffffffff nt!KeBugCheckEx+0x737 f87ede64 804036ff f87edf00 00000000 badb0d00 nt!KiEoiHelper+0x15ea f87ededc 805295bc f87ee340 f87ee484 f87edfd4 nt!WRITE_REGISTER_BUFFER_ULONG+0xe83 f87edf00 80529590 f87ee340 f87ee484 f87edfd4 nt!RtlCaptureContext+0x115 f87edfb8 8051097a f87ee340 f87edfd4 f87eed14 nt!RtlCaptureContext+0xe9 f87ee324 80510df7 f87ee340 00000000 f87ee3e8 nt!KeRaiseUserException+0x71a f87ee394 80514535 80000003 00000000 80532eb2 nt!KeRaiseUserException+0xb97 f87ee3cc 80514f63 00000000 00000000 f87ee3e8 nt!KiCheckForSListAddress+0xc5 f87ee3e0 804030cf f87ee480 80532eb3 badb0d00 nt!KiEoiHelper+0x9d3 f87ee3f4 80514611 f87ee414 f87ee410 80288ea9 nt!WRITE_REGISTER_BUFFER_ULONG+0x853 f87ee480 8049b8d8 00000000 00000000 00000017 nt!KiEoiHelper+0x81 f87ee4ec 8049b440 b002e504 00000000 f87ee644 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 b002e504 0000000c 00000001 nt!ExFreePool+0x10 f87ee644 f8b6071e b131b0d0 00000001 00000000 btrfs+0x94d73 f87ee6a8 f8b5e72d b11c8400 28000000 00000000 btrfs+0x9a71e f87ee730 f8ae7efe b11c8400 e12641c0 2ff4d000 btrfs+0x9872d f87ee854 f8ae23cc b131b018 b131b0d0 b12083f8 btrfs+0x21efe f87ee8a8 8046ddad b131b018 b12083f8 b12f38e8 btrfs+0x1c3cc f87ee8d0 80463dab 00000018 00000000 00000000 nt!IofCallDriver+0xad f87eea00 804e239a b1333038 00000000 b1309d30 nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b 00000000 f87eeac8 00000240 nt!ObQueryNameString+0x124a f87eeaec 8046225b f87eec1c 00000000 00000000 nt!ObOpenObjectByName+0x15b f87eeb74 80460926 f87eecd0 00140003 f87eec1c nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 f87eecd0 00140003 f87eec1c nt!IoCreateFile+0x46 f87eecfc 80516c0b 00222e08 00222e28 00222e30 nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 804cf940 0021fd4c 00000010 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 0021fd60 7c92f51e badb0d00 nt!KiEoiHelper+0x808 f87eee50 804e3239 00000001 00000000 00000001 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad b12265d0 00000000 00000002 nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 e1000844 00000000 f885fa54 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc 80513d05 f885fc8c b1319b18 nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 f885fac8 f885fbb8 f885fc8c nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f 00000001 00000001 02d0bf40 nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 b1226540 00000006 00000000 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b 0000076c 00000000 f885fcb8 nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 804e5970 f885fc80 0000000c nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 f885fd80 8040260f badb0d00 nt!KiEoiHelper+0x808 f885fc08 8040260f badb0d00 f885fc80 f885fc78 nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe 00000000 f885fdc0 804f8014 nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 80088000 00007bf0 8000003b nt!HeadlessDispatch+0x1dee f885fdc0 80514392 8042e8f0 80088000 f885fdf0 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 8042e8f0 80088000 00000000 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 80088000 00000000 0000027f nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 00000000 0000027f 00000000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0000027f 00000000 00000000 0x80088000 STACK_COMMAND: kb FOLLOWUP_IP: nt!ExFreePool+10 8049b440 5d pop ebp SYMBOL_STACK_INDEX: d SYMBOL_NAME: nt!ExFreePool+10 FOLLOWUP_NAME: MachineOwner IMAGE_NAME: Pool_Corruption MODULE_NAME: Pool_Corruption BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* DRIVER_IRQL_NOT_LESS_OR_EQUAL (d1) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If kernel debugger is available get stack backtrace. Arguments: Arg1: 00000000, memory referenced Arg2: ffffffff, IRQL Arg3: 00000000, value 0 = read operation, 1 = write operation Arg4: 00000000, address which referenced memory Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ADDITIONAL_DEBUG_TEXT: Use '!findthebuild' command to search for the target build information. If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols. FAULTING_MODULE: 80400000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 0 READ_ADDRESS: 00000000 CURRENT_IRQL: 0 FAULTING_IP: +70af2faf00aed8e0 00000000 ?? ??? DEFAULT_BUCKET_ID: DRIVER_FAULT BUGCHECK_STR: 0xD1 LAST_CONTROL_TRANSFER: from 804855e7 to 80532eb8 FAILED_INSTRUCTION_ADDRESS: +70af2faf00aed8e0 00000000 ?? ??? STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. f87eda50 804855e7 00000004 00000000 00000000 nt!DbgBreakPointWithStatus+0x4 f87eddf0 80515b7a 0000000a 00000000 ffffffff nt!KeBugCheckEx+0x737 f87ede64 804036ff f87edf00 00000000 badb0d00 nt!KiEoiHelper+0x15ea f87ededc 805295bc f87ee340 f87ee484 f87edfd4 nt!WRITE_REGISTER_BUFFER_ULONG+0xe83 f87edf00 80529590 f87ee340 f87ee484 f87edfd4 nt!RtlCaptureContext+0x115 f87edfb8 8051097a f87ee340 f87edfd4 f87eed14 nt!RtlCaptureContext+0xe9 f87ee324 80510df7 f87ee340 00000000 f87ee3e8 nt!KeRaiseUserException+0x71a f87ee394 80514535 80000003 00000000 80532eb2 nt!KeRaiseUserException+0xb97 f87ee3cc 80514f63 00000000 00000000 f87ee3e8 nt!KiCheckForSListAddress+0xc5 f87ee3e0 804030cf f87ee480 80532eb3 badb0d00 nt!KiEoiHelper+0x9d3 f87ee3f4 80514611 f87ee414 f87ee410 80288ea9 nt!WRITE_REGISTER_BUFFER_ULONG+0x853 f87ee480 8049b8d8 00000000 00000000 00000017 nt!KiEoiHelper+0x81 f87ee4ec 8049b440 b002e504 00000000 f87ee644 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 b002e504 0000000c 00000001 nt!ExFreePool+0x10 f87ee644 f8b6071e b131b0d0 00000001 00000000 btrfs+0x94d73 f87ee6a8 f8b5e72d b11c8400 28000000 00000000 btrfs+0x9a71e f87ee730 f8ae7efe b11c8400 e12641c0 2ff4d000 btrfs+0x9872d f87ee854 f8ae23cc b131b018 b131b0d0 b12083f8 btrfs+0x21efe f87ee8a8 8046ddad b131b018 b12083f8 b12f38e8 btrfs+0x1c3cc f87ee8d0 80463dab 00000018 00000000 00000000 nt!IofCallDriver+0xad f87eea00 804e239a b1333038 00000000 b1309d30 nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b 00000000 f87eeac8 00000240 nt!ObQueryNameString+0x124a f87eeaec 8046225b f87eec1c 00000000 00000000 nt!ObOpenObjectByName+0x15b f87eeb74 80460926 f87eecd0 00140003 f87eec1c nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 f87eecd0 00140003 f87eec1c nt!IoCreateFile+0x46 f87eecfc 80516c0b 00222e08 00222e28 00222e30 nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 804cf940 0021fd4c 00000010 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 0021fd60 7c92f51e badb0d00 nt!KiEoiHelper+0x808 f87eee50 804e3239 00000001 00000000 00000001 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad b12265d0 00000000 00000002 nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 e1000844 00000000 f885fa54 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc 80513d05 f885fc8c b1319b18 nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 f885fac8 f885fbb8 f885fc8c nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f 00000001 00000001 02d0bf40 nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 b1226540 00000006 00000000 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b 0000076c 00000000 f885fcb8 nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 804e5970 f885fc80 0000000c nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 f885fd80 8040260f badb0d00 nt!KiEoiHelper+0x808 f885fc08 8040260f badb0d00 f885fc80 f885fc78 nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe 00000000 f885fdc0 804f8014 nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 80088000 00007bf0 8000003b nt!HeadlessDispatch+0x1dee f885fdc0 80514392 8042e8f0 80088000 f885fdf0 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 8042e8f0 80088000 00000000 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 80088000 00000000 0000027f nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 00000000 0000027f 00000000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0000027f 00000000 00000000 0x80088000 STACK_COMMAND: kb FOLLOWUP_IP: nt!ExFreePool+10 8049b440 5d pop ebp SYMBOL_STACK_INDEX: d SYMBOL_NAME: nt!ExFreePool+10 FOLLOWUP_NAME: MachineOwner IMAGE_NAME: Pool_Corruption MODULE_NAME: Pool_Corruption BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner --------- kd> lmvm Pool_Corruption start end module name kd> k ChildEBP RetAddr WARNING: Stack unwind information not available. Following frames may be wrong. f87eda50 804855e7 nt!DbgBreakPointWithStatus+0x4 f87eddf0 80515b7a nt!KeBugCheckEx+0x737 f87ede64 804036ff nt!KiEoiHelper+0x15ea f87ededc 805295bc nt!WRITE_REGISTER_BUFFER_ULONG+0xe83 f87edf00 80529590 nt!RtlCaptureContext+0x115 f87edfb8 8051097a nt!RtlCaptureContext+0xe9 f87ee324 80510df7 nt!KeRaiseUserException+0x71a f87ee394 80514535 nt!KeRaiseUserException+0xb97 f87ee3cc 80514f63 nt!KiCheckForSListAddress+0xc5 f87ee3e0 804030cf nt!KiEoiHelper+0x9d3 f87ee3f4 80514611 nt!WRITE_REGISTER_BUFFER_ULONG+0x853 f87ee480 8049b8d8 nt!KiEoiHelper+0x81 f87ee4ec 8049b440 nt!ExFreePoolWithTag+0x488 f87ee4fc f8b5ad73 nt!ExFreePool+0x10 f87ee644 f8b6071e btrfs+0x94d73 f87ee6a8 f8b5e72d btrfs+0x9a71e f87ee730 f8ae7efe btrfs+0x9872d f87ee854 f8ae23cc btrfs+0x21efe f87ee8a8 8046ddad btrfs+0x1c3cc f87ee8d0 80463dab nt!IofCallDriver+0xad f87eea00 804e239a nt!IoUpdateShareAccess+0x2bdb f87eea94 804db12b nt!ObQueryNameString+0x124a f87eeaec 8046225b nt!ObOpenObjectByName+0x15b f87eeb74 80460926 nt!IoUpdateShareAccess+0x108b f87eebbc 804cfe28 nt!IoCreateFile+0x46 f87eecfc 80516c0b nt!NtFreeVirtualMemory+0x6048 f87eed1c 80514d98 nt!Kei386EoiHelper+0xa2b f87eed5c 80403e23 nt!KiEoiHelper+0x808 f87eee50 804e3239 nt!WRITE_REGISTER_BUFFER_ULONG+0x15a7 f87eee9c 804164ad nt!ObReferenceObjectByHandle+0x3e9 f885fa20 80434140 nt!CmUnRegisterCallback+0x2cd f885fa4c 80513cdc nt!ExfUnblockPushLock+0x30 f885fa80 804028c3 nt!KiUnexpectedInterrupt+0x1fac f885fac8 80492e8f nt!WRITE_REGISTER_BUFFER_ULONG+0x47 f885fb34 804e5aa9 nt!KeWaitForSingleObject+0x48f f885fba4 80516c0b nt!NtWaitForSingleObject+0x139 f885fbc0 80514d98 nt!Kei386EoiHelper+0xa2b f885fc00 80403d96 nt!KiEoiHelper+0x808 f885fc08 8040260f nt!WRITE_REGISTER_BUFFER_ULONG+0x151a f885fd80 8042e8fe nt!ZwWaitForSingleObject+0x11 f885fd8c 804f8014 nt!HeadlessDispatch+0x1dee f885fdc0 80514392 nt!PsWrapApcWow64Thread+0xb04 f885fddc 804f7fb0 nt!KiDispatchInterrupt+0x482 f885fde0 8042e8f0 nt!PsWrapApcWow64Thread+0xaa0 f885fde4 80088000 nt!HeadlessDispatch+0x1de0 f885fde8 00000000 0x80088000 kd> g Break instruction exception - code 80000003 (first chance) A fatal system error has occurred. ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {0, ffffffff, 0, 0} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* Probably caused by : Pool_Corruption ( nt!ExFreePool+10 ) Followup: MachineOwner --------- nt!DbgBreakPointWithStatus+0x4: 80532eb8 cc int 3 kd> gn