这是昨天的蓝屏文件。
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\050414-42057-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 7601.18229.amd64fre.win7sp1_gdr.130801-1533
Machine Name:
Kernel base = 0xfffff800`0500d000 PsLoadedModuleList = 0xfffff800`052506d0
Debug session time: Sun May 4 14:35:22.791 2014 (UTC + 8:00)
System Uptime: 0 days 0:01:45.341
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
......................................................Unable to load image Unknown_Module_00000000`00000000, Win32 error 0n2
*** WARNING: Unable to verify timestamp for Unknown_Module_00000000`00000000
Unable to add module at 00000000`00000000
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 3B, {c0000005, fffff880051a5c87, fffff8800ab12c40, 0}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
Probably caused by : ntoskrnl.exe ( nt+75b80 )
Followup: MachineOwner
---------
1: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
SYSTEM_SERVICE_EXCEPTION (3b)
An exception happened while executing a system service routine.
Arguments:
Arg1: 00000000c0000005, Exception code that caused the bugcheck
Arg2: fffff880051a5c87, Address of the instruction which caused the bugcheck
Arg3: fffff8800ab12c40, Address of the context record for the exception that caused the bugcheck
Arg4: 0000000000000000, zero.
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff8000500d000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 51fb06cd
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - 0x%08lx
FAULTING_IP:
+75b80
fffff880`051a5c87 8b4b78 mov ecx,dword ptr [rbx+78h]
CONTEXT: fffff8800ab12c40 -- (.cxr 0xfffff8800ab12c40)
rax=fffffa8006866b40 rbx=4b534d41020a0010 rcx=0000000006866b38
rdx=fffffa8005cdc9d0 rsi=fffff8800ab136c8 rdi=0000000000000000
rip=fffff880051a5c87 rsp=fffff8800ab13620 rbp=fffffa8005cdc9d0
r8=fffff8800ab136c8 r9=0000000000000039 r10=fffffa80077155b2
r11=0000000000000039 r12=0000000000000000 r13=fffffa8005e2f150
r14=fffffa8005e2f1a4 r15=fffffa8005cdca56
iopl=0 nv up ei pl nz ac po cy
cs=0010 ss=0018 ds=002b es=002b fs=0053 gs=002b efl=00010217
fffff880`051a5c87 8b4b78 mov ecx,dword ptr [rbx+78h] ds:002b:4b534d41`020a0088=????????
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT
BUGCHECK_STR: 0x3B
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff880051a5c87
STACK_TEXT:
fffff880`0ab12378 fffff800`05082129 : 00000000`0000003b 00000000`c0000005 fffff880`051a5c87 fffff880`0ab12c40 : nt+0x75b80
fffff880`0ab12380 00000000`0000003b : 00000000`c0000005 fffff880`051a5c87 fffff880`0ab12c40 00000000`00000000 : nt+0x75129
fffff880`0ab12388 00000000`c0000005 : fffff880`051a5c87 fffff880`0ab12c40 00000000`00000000 fffff880`0001eeb5 : 0x3b
fffff880`0ab12390 fffff880`051a5c87 : fffff880`0ab12c40 00000000`00000000 fffff880`0001eeb5 00000000`00000000 : 0xc0000005
fffff880`0ab12398 fffff880`0ab12c40 : 00000000`00000000 fffff880`0001eeb5 00000000`00000000 00000000`00000000 : 0xfffff880`051a5c87
fffff880`0ab123a0 00000000`00000000 : fffff880`0001eeb5 00000000`00000000 00000000`00000000 00000000`00000000 : 0xfffff880`0ab12c40
STACK_COMMAND: kb
FOLLOWUP_IP:
nt+75b80
fffff800`05082b80 48894c2408 mov qword ptr [rsp+8],rcx
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt+75b80
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
---------
|
发表于 2014-5-5 18:43:28
楼主