symbols cannot be found while debugging/analyzing bug checks

Discussion:

(too old to reply)

2006-11-04 04:08:01 UTC

I had a working setup a few weeks ago with windbg on a dual Xeon system
running Windows XP Pro. The symbol path included Microsoft's symbol server.
At some point, this setup stopped working. I turned on noisy output for the
symbol resolving and found that most of the symbols for the dlls, drivers,
and executables on the system could not be found on Microsoft's symbol
server. I even installed all of the recent updates and the versions still
couldn't be found.

Has anyone else encountered this recently or have any suggestions on how to
resolve this short of reinstalling the OS?

Jeffrey Tan[MSFT]

2006-11-06 09:19:37 UTC

Permalink

Hi,

Based on my understanding, you are debugging a bug check kernel dump file.
Can you tell me what version of Windows the dump is taking from, 32-bit or
64-bit?

Is this symbol loading problem specific with your windbg machine? Have you
tried to use other machines with windbg to debug the dump? Can the symols
be found on other machines?

Additionally, it would be helpful if you can provide the symbol loading
noisy output. This will be helpful for us to analysis.

I will wait for your further information. Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

2006-11-06 14:11:02 UTC

Permalink

Actually, I have 2 32-bit Windows XP machines connected with a serial cable.
Windbg is attached and running so that I can analyze the bug check right
away. Here's the output from boot time to bug check time:

Connected to Windows XP 2600 x86 compatible target, ptr64 FALSE
Kernel Debugger connection established.
DBGHELP: Symbol Search Path:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386;SRV*\\bed-d-edjo\Symbols*http://msdl.microsoft.com/download/symbols;\\bed-d-edjo\perforce\ejoo_dev_interface\packetsphere\c5\driver\c5bus\objchk_wxp_x86\i386
Symbol search path is:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386;SRV*\\bed-d-edjo\Symbols*http://msdl.microsoft.com/download/symbols;\\bed-d-edjo\perforce\ejoo_dev_interface\packetsphere\c5\driver\c5bus\objchk_wxp_x86\i386
Executable search path is:
\\tsclient\h\packetsphere\c5\driver\c5bus\objchk_wxp_x86\i386
DBGHELP: SharedUserData - virtual symbol module
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\ntkrpamp.pdb -
file not found
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\symbols\exe\ntkrpamp.pdb - file not found
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\exe\ntkrpamp.pdb - file not found
SYMSRV:
\\bed-d-edjo\Symbols\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb not found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.pdb/430480FAAC4F4A45980B99443EDC145E1/ntkrpamp.pdb not found
DBGHELP:
\\bed-d-edjo\perforce\ejoo_dev_interface\packetsphere\c5\driver\c5bus\objchk_wxp_x86\i386\ntkrpamp.pdb - file not found
DBGHELP:
\\bed-d-edjo\perforce\ejoo_dev_interface\packetsphere\c5\driver\c5bus\objchk_wxp_x86\i386\symbols\exe\ntkrpamp.pdb - file not found
DBGHELP:
\\bed-d-edjo\perforce\ejoo_dev_interface\packetsphere\c5\driver\c5bus\objchk_wxp_x86\i386\exe\ntkrpamp.pdb - file not found
DBGHELP: ntkrpamp.pdb - file not found
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
ntkrpamp.exe -
DBGHELP: nt - export symbols
Windows XP Kernel Version 2600 MP (1 procs) Free x86 compatible
Built by: 2600.xpsp_sp2_gdr.050301-1519
Kernel base = 0x804d7000 PsLoadedModuleList = 0x8055c700
System Uptime: not available
DBGHELP: Symbol Search Path:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386;SRV*\\bed-d-edjo\symbols*http://msdl.microsoft.com/download/symbols
KD: Accessing
'\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\C5eBus.sys'
(\SystemRoot\system32\DRIVERS\C5eBus.sys)
File size 37K..............
MmLoadSystemImage: Pulled \SystemRoot\system32\DRIVERS\C5eBus.sys from kd
*******************************************************************************
*
* This is the string you add to your checkin description
* Driver Verifier: Enabled for C5eBus.sys on Build 2600 E2mHBpcqq9nP3bXHN1FXQD
*
*******************************************************************************
MAC addresses 0x0005e0002080 - 0x0005e0002087RTP HD built on Nov 3 2006 at
19:08:38
TBS: version - sepdrv.sys=Dec 16 2005 10:45:24
SXS: BasepCreateActCtx()
NtOpenFile(\??\C:\??\C:\WINDOWS\system32\winlogon.exe) failed
ERROR: DavReadRegistryValues/RegQueryValueExW(4). WStatus = 127
ERROR: DavReadRegistryValues/RegQueryValueExW(5). WStatus = 127
ERROR: DavReadRegistryValues/RegQueryValueExW(6). WStatus = 127
0 - KeepSCMHappyOnStart
17 - KeepSCMHappyOnStart
34 - TellSCMGoodToGo
SavRoam: initializing communications
SavRoam: initializing COM
SavRoam: starting Transman
SavRoam: loading certs from: C:\Program Files\Symantec AntiVirus\
SavRoam: loading ScsComms
SavRoam: communication initialization SUCCEEDED!
SXS: BasepCreateActCtx()
NtOpenFile(\??\C:\??\C:\WINDOWS\system32\winlogon.exe) failed
watchdog!WdUpdateRecoveryState: Recovery enabled.
SXS: BasepCreateActCtx()
NtOpenFile(\??\C:\??\C:\WINDOWS\system32\winlogon.exe) failed
SXS: BasepCreateActCtx()
NtOpenFile(\??\C:\??\C:\WINDOWS\system32\winlogon.exe) failed
*** Fatal System Error: 0x000000c4
(0x00000060,0x00000000,0x007F82C4,0x00000003)

Break instruction exception - code 80000003 (first chance)

A fatal system error has occurred.
Debugger entered on first try; Bugcheck callbacks have not been invoked.

A fatal system error has occurred.

Connected to Windows XP 2600 x86 compatible target, ptr64 FALSE
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\ntkrpamp.pdb -
file not found
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\symbols\exe\ntkrpamp.pdb - file not found
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\exe\ntkrpamp.pdb - file not found
SYMSRV:
\\bed-d-edjo\symbols\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb not found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.pdb/430480FAAC4F4A45980B99443EDC145E1/ntkrpamp.pdb not found
DBGHELP: ntkrpamp.pdb - file not found
*** ERROR: Symbol file could not be found. Defaulted to export symbols for
ntkrpamp.exe -
DBGHELP: nt - export symbols
Loading Kernel Symbols
..............................................................................................................
Loading User Symbols
Loading unloaded module list
.........
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck C4, {60, 0, 7f82c4, 3}

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\mssmbios.pdb -
file not found
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\symbols\sys\mssmbios.pdb - file not found
DBGHELP:
\\tsclient\n\packetsphere\c5\driver\c5bus\objfre_wxp_x86\i386\sys\mssmbios.pdb - file not found
SYMSRV:
\\bed-d-edjo\symbols\mssmbios.pdb\CEAE494998B24A458588AE7866D1B9421\mssmbios.pdb not found
SYMSRV:
http://msdl.microsoft.com/download/symbols/mssmbios.pdb/CEAE494998B24A458588AE7866D1B9421/mssmbios.pdb not found
DBGHELP: mssmbios.pdb - file not found
*** ERROR: Module load completed but symbols could not be loaded for
mssmbios.sys
DBGHELP: mssmbios - no symbols loaded
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\Dbgv.sys\4124D0031d60\Dbgv.sys not found
SYMSRV:
http://msdl.microsoft.com/download/symbols/Dbgv.sys/4124D0031d60/Dbgv.sys not
found

Followup: MachineOwner
---------

nt!DbgBreakPointWithStatus+0x4:
8052a5d8 cc int 3
1: kd> !analyze -v
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************

DRIVER_VERIFIER_DETECTED_VIOLATION (c4)
A device driver attempting to corrupt the system has been caught. This is
because the driver was specified in the registry as being suspect (by the
administrator) and the kernel has enabled substantial checking of this driver.
If the driver attempts to corrupt the system, bugchecks 0xC4, 0xC1 and 0xA
will
be among the most commonly seen crashes.
Parameter 1 = 0x1000 .. 0x1020 - deadlock verifier error codes.
Typically the code is 0x1001 (deadlock detected) and you can
issue a '!deadlock' KD command to get more information.
Arguments:
Arg1: 00000060, A driver has forgotten to free its pool allocations prior to
unloading.
Arg2: 00000000, paged bytes
Arg3: 007f82c4, nonpaged bytes,
Arg4: 00000003, total # of (paged+nonpaged) allocations that weren't freed.
To get the name of the driver at fault, type
dp ViBadDriver l1; dS @$p
Then type !verifier 3 drivername.sys for info on the allocations
that were leaked that caused the bugcheck.

Debugging Details:
------------------

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\ntkrpamp.exe\42250A1E20b000\ntkrpamp.exe not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.exe/42250A1E20b000/ntkrpamp.exe not found
SYMSRV: \\bed-d-edjo\symbols\Dbgv.sys\4124D0031d60\Dbgv.sys not found
SYMSRV:
http://msdl.microsoft.com/download/symbols/Dbgv.sys/4124D0031d60/Dbgv.sys not
found

MODULE_NAME: nt

FAULTING_MODULE: 804d7000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 42250a1e

BUGCHECK_STR: 0xc4_60

DEFAULT_BUCKET_ID: DRIVER_FAULT

LAST_CONTROL_TRANSFER: from 804f96e8 to 8052a5d8

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be
wrong.
bad0b7c4 804f96e8 00000003 00000000 8aefcf08 nt!DbgBreakPointWithStatus+0x4
bad0bba4 804f9c37 000000c4 00000060 00000000
nt!KeRegisterBugCheckReasonCallback+0x77c
bad0bbc4 806579f0 000000c4 00000060 00000000 nt!KeBugCheckEx+0x1b
bad0bbec 805ac7c8 8add1618 8ae13920 8ae13948 nt!RtlCompressBuffer+0x4b86
bad0bc18 80582323 8add1618 8ae13930 8ae13910 nt!MmResetDriverPaging+0x147e
bad0bc2c 805b9e25 8ae13948 00000000 8ae13930 nt!NtWriteFile+0x66b7
bad0bc48 805257b8 8ae13948 00000000 00000000 nt!NtFreeVirtualMemory+0x84e7
bad0bc68 805b9e25 8addfb30 00000000 8addfb18 nt!ObfDereferenceObject+0x4c
bad0bc84 805257b8 8addfb30 00000000 8055a100 nt!NtFreeVirtualMemory+0x84e7
bad0bcb8 8059919d 8ae703b0 e31141d8 00000000 nt!ObfDereferenceObject+0x4c
bad0bd3c 805993de bad0bd00 806e4974 e30f6008 nt!IoReportResourceUsage+0xf847
bad0bd58 80599537 bad0bd78 89409b20 8056375c nt!IoReportResourceUsage+0xfa88
bad0bd7c 80537757 89409b20 00000000 8aeab8b8 nt!IoReportResourceUsage+0xfbe1
bad0bdac 805ce794 89409b20 00000000 00000000 nt!ExQueueWorkItem+0x1a3
bad0bddc 805450ce 80537668 00000001 00000000
nt!PsRemoveCreateThreadNotifyRoutine+0x214
00000000 00000000 00000000 00000000 00000000 nt!KiDispatchInterrupt+0x72e

STACK_COMMAND: .bugcheck ; kb

FOLLOWUP_NAME: MachineOwner

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
---------

Post by Jeffrey Tan[MSFT]
Hi,
Based on my understanding, you are debugging a bug check kernel dump file.
Can you tell me what version of Windows the dump is taking from, 32-bit or
64-bit?
Is this symbol loading problem specific with your windbg machine? Have you
tried to use other machines with windbg to debug the dump? Can the symols
be found on other machines?
Additionally, it would be helpful if you can provide the symbol loading
noisy output. This will be helpful for us to analysis.
I will wait for your further information. Thanks.
Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights

Jeffrey Tan[MSFT]

2006-11-07 06:57:32 UTC

Permalink

Hi,

Thanks for your feedback.

I will help to forward this issue to the windbg developer team to further
check why the symbol is missing in the public symbol server. Thanks

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

Jeffrey Tan[MSFT]

2006-11-08 10:04:59 UTC

Permalink

Hi,

I have discussed this issue with windbg team.

Based on the test, we are able to get the file from the external symbol
server with no problem. We used the dbh.exe program to check it out:

C:\debuggers>set
_nt_symbol_path=srv**http://msdl.microsoft.com/download/symbols

C:\debuggers>dbh -v
verbose mode on.

dbh: getfile ntkrpamp.pdb 430480FAAC4F4A45980B99443EDC145E1

SYMSRV: ntkrpamp.pdb from http://msdl.microsoft.com/download/symbols:
395641 bytes copied
DBGHELP:
C:\debuggers\sym\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb
- OK
found
C:\debuggers\sym\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb

Can you please try the same approach to use dbh.exe to give a test? Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

2006-11-09 03:50:02 UTC

Permalink

This is the output I get with version 6.6.7.5 of the Debugging Tools:

C:\Program Files\Debugging Tools for Windows>set
_nt_symbol_path=srv**http://msdl.microsoft.com/download/symbols

C:\Program Files\Debugging Tools for Windows>dbh -v
verbose mode on.

dbh: getfile ntkrpamp.pdb 430480FAAC4F4A45980B99443EDC145E1

SYMSRV: C:\Program Files\Debugging Tools for
Windows\sym\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb not
found
SYMSRV:
http://msdl.microsoft.com/download/symbols/ntkrpamp.pdb/430480FAAC4F4A45980B99443EDC145E1/ntkrpamp.pdb not found

Post by Jeffrey Tan[MSFT]
Hi,
I have discussed this issue with windbg team.
Based on the test, we are able to get the file from the external symbol
C:\debuggers>set
_nt_symbol_path=srv**http://msdl.microsoft.com/download/symbols
C:\debuggers>dbh -v
verbose mode on.
dbh: getfile ntkrpamp.pdb 430480FAAC4F4A45980B99443EDC145E1
395641 bytes copied
C:\debuggers\sym\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb
- OK
found
C:\debuggers\sym\ntkrpamp.pdb\430480FAAC4F4A45980B99443EDC145E1\ntkrpamp.pdb
Can you please try the same approach to use dbh.exe to give a test? Thanks.
Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights

Jeffrey Tan[MSFT]

2006-11-09 09:49:01 UTC

Permalink

Hi,

Thanks for the feedback.

Oh, it is strange your machine still can not find ntkrpamp.pdb on the
Microsoft symbol server, since I have tried this approach on more than 3
machines(WinXP or Win2003), they all can find the pdb file.

I recommend you try this on some other machines, does this problem still
exist? I suspect this is caused by certain network problem or some other
issue on your specific machine. Further test will reveal the suspicion.

Anyway, I will wait for your further test result. Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

2006-11-09 13:48:02 UTC

Permalink

I installed the Debugging Tools on another machine, and it worked. These two
machines are the setup that I use to debug the driver code. The command
failed on the machine I always run windbg on. The command worked on the
machine that is running the code to be debugged. The machines have different
hardware...

Is there other debugging that can be turned on to see what is causing the
failure?

Post by Jeffrey Tan[MSFT]
Hi,
Thanks for the feedback.
Oh, it is strange your machine still can not find ntkrpamp.pdb on the
Microsoft symbol server, since I have tried this approach on more than 3
machines(WinXP or Win2003), they all can find the pdb file.
I recommend you try this on some other machines, does this problem still
exist? I suspect this is caused by certain network problem or some other
issue on your specific machine. Further test will reveal the suspicion.
Anyway, I will wait for your further test result. Thanks.
Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights

Jeffrey Tan[MSFT]

2006-11-10 09:10:15 UTC

Permalink

Hi,

Thanks for the feedback.

The original debugger noisy output shows that the debugger only tried to
get symbols for one file -- and that file failed. So we think it is
possible that the problem isn't with that specific file(ntkrpamp.pdb), but
will all internet access.

We wonder if you are running behind some sort of firewall that prevents
access to Microsoft web site. You might need to check out if there are
some issues with proxy servers or the like.

Please feel free to feedback any further findings here. Thanks.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.

2006-11-10 14:00:02 UTC

Permalink

Both of those machines are connected to the same network and physical switch.
Neither have a firewall enabled. I did notice, though, that after flushing
the DNS cache and the ARP entries, that the machine that doesn't work does
not even send a DNS query for msdl.microsoft.com when I try to get the pdb
file. On the machine where the get succeeds, I can see the DNS query on the
machine that works.

Post by Jeffrey Tan[MSFT]
Hi,
Thanks for the feedback.
The original debugger noisy output shows that the debugger only tried to
get symbols for one file -- and that file failed. So we think it is
possible that the problem isn't with that specific file(ntkrpamp.pdb), but
will all internet access.
We wonder if you are running behind some sort of firewall that prevents
access to Microsoft web site. You might need to check out if there are
some issues with proxy servers or the like.
Please feel free to feedback any further findings here. Thanks.
Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.
Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights

Jeffrey Tan[MSFT]

2006-11-13 06:26:11 UTC

Permalink

Hi,

It seems that there is some problem regarding your machine network. MSDN
support mainly focuses on programming side issue, I am not a network issue
troubleshooting expert. So I recommended you contact Microsoft PSS to
troubleshoot this machine specific network issue. Also, you may post this
on some Windows general or network newsgroup to get help since there will
be more network problem experts in these newsgroups.

You can contact Microsoft Product Support by contacting us at
1-(800)936-5800 or by choosing one of the options listed at
http://www.microsoft.com/services/microsoftservices/supp.mspx

Thanks for your understanding.

Best regards,
Jeffrey Tan
Microsoft Online Community Support
==================================================
Get notification to my posts through email? Please refer to
http://msdn.microsoft.com/subscriptions/managednewsgroups/default.aspx#notif
ications.

Note: The MSDN Managed Newsgroup support offering is for non-urgent issues
where an initial response from the community or a Microsoft Support
Engineer within 1 business day is acceptable. Please note that each follow
up response may take approximately 2 business days as the support
professional working with you may need further investigation to reach the
most efficient resolution. The offering is not appropriate for situations
that require urgent, real-time or phone-based interactions or complex
project analysis and dump analysis issues. Issues of this nature are best
handled working with a dedicated Microsoft Support Engineer by contacting
Microsoft Customer Support Services (CSS) at
http://msdn.microsoft.com/subscriptions/support/default.aspx.
==================================================
This posting is provided "AS IS" with no warranties, and confers no rights.