找了它的memory.dmp,minidump就不贴了。
Windows XP Kernel Version 2600 (Service Pack 3) UP Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 2600.xpsp_sp3_gdr.080814-1236
Machine Name:
Kernel base = 0x804d8000 PsLoadedModuleList = 0x80555040
Debug session time: Sun Mar 1 19:39:21.690 2009 (GMT+8)
System Uptime: 0 days 0:26:12.531
Loading Kernel Symbols
...............................................................
.........................................................
Loading User Symbols
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
Loading unloaded module list
............
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 8E, {80000003, b204dc7f, f8262534, 0}
*** ERROR: Module load completed but symbols could not be loaded for Ch000001.sys
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
Probably caused by : Ch000001.sys ( Ch000001+13c7f )
Followup: MachineOwner
---------
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: 80000003, The exception code that was not handled
Arg2: b204dc7f, The address that the exception occurred at
Arg3: f8262534, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
PEB is paged out (Peb.Ldr = 7ffdc00c). Type ".hh dbgerr001" for details
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) - <Unable to get error code text>
FAULTING_IP:
Ch000001+13c7f
b204dc7f cc int 3
TRAP_FRAME: f8262534 -- (.trap 0xfffffffff8262534)
ErrCode = 00000000
eax=000000d0 ebx=00000000 ecx=821eb040 edx=00000000 esi=0000000e edi=f82626d0
eip=b204dc80 esp=f82625a8 ebp=f82626f4 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
Ch000001+0x13c80:
b204dc80 cc int 3
Resetting default scope
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: csrss.exe
LAST_CONTROL_TRANSFER: from 804fdcff to 804f9cc5
STACK_TEXT:
f82620fc 804fdcff 0000008e 80000003 b204dc7f nt!KeBugCheckEx+0x1b
f82624c4 8053f091 f82624e0 00000000 f8262534 nt!KiDispatchException+0x3b1
f826252c 8053f7a1 f82626f4 b204dc80 badb0d00 nt!CommonDispatchException+0x4d
f826252c b204dc80 f82626f4 b204dc80 badb0d00 nt!KiTrap03+0xad
WARNING: Stack unwind information not available. Following frames may be wrong.
f82626f4 80570d93 000000d0 00000000 821eb040 Ch000001+0x13c80
f82627b0 8053e648 000000d0 f826285c f8262864 nt!NtQueryInformationFile+0xcd
f82627b0 804ff985 000000d0 f826285c f8262864 nt!KiFastCallEntry+0xf8
f826283c b20436be 000000d0 f826285c f8262864 nt!ZwQueryInformationFile+0x11
f826286c b2043727 000000d0 f82628d4 f8262970 Ch000001+0x96be
f82628a8 8053e648 000000d0 00000000 bf885558 Ch000001+0x9727
f82628a8 804ffc05 000000d0 00000000 bf885558 nt!KiFastCallEntry+0xf8
f8262944 bf885498 000000d0 00000000 bf885558 nt!ZwReadFile+0x11
f826297c bf885596 e17153f0 820b2da8 f82629d4 win32k!StartDeviceRead+0x154
f826298c 804feb62 e17153f0 e1715418 00000000 win32k!InputApc+0x66
f82629d4 80501d04 00000000 00000000 00000000 nt!KiDeliverApc+0x124
f82629ec 804faaf2 804fa86e e14a4aa8 00000000 nt!KiSwapThread+0x64
f8262a24 bf807a6c 00000003 81c9d0e0 00000001 nt!KeWaitForMultipleObjects+0x284
f8262a5c bf89b6ef 00000002 81c9d0e0 bf89e63d win32k!xxxMsgWaitForMultipleObjects+0xb0
f8262d30 bf88469c bf9ab280 00000001 f8262d54 win32k!xxxDesktopThread+0x339
f8262d40 bf80108a bf9ab280 f8262d64 0078fff4 win32k!xxxCreateSystemThreads+0x6a
f8262d54 8053e648 00000000 00000022 00000000 win32k!NtUserCallOneParam+0x23
f8262d54 7c92e4f4 00000000 00000022 00000000 nt!KiFastCallEntry+0xf8
00000000 00000000 00000000 00000000 00000000 0x7c92e4f4
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
Ch000001+13c7f
b204dc7f cc int 3
SYMBOL_NAME: Ch000001+13c7f
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: Ch000001
IMAGE_NAME: Ch000001.sys
DEBUG_FLR_IMAGE_TIMESTAMP: 49a90319
FAILURE_BUCKET_ID: 0x8E_Ch000001+13c7f
BUCKET_ID: 0x8E_Ch000001+13c7f
Followup: MachineOwner
---------
kd> lmvm Ch000001
start end module name
b203a000 b2060e80 Ch000001 (no symbols)
Loaded symbol image file: Ch000001.sys
Image path: \??\C:\Documents and Settings\Administrator\桌面\天琊0228\Ch000001.sys
Image name: Ch000001.sys
Timestamp: Sat Feb 28 17:25:45 2009 (49A90319)
CheckSum: 000329F7
ImageSize: 00026E80
Translations: 0000.04b0 0000.04e4 0409.04b0 0409.04e4
kd> .trap 0xfffffffff8262534
ErrCode = 00000000
eax=000000d0 ebx=00000000 ecx=821eb040 edx=00000000 esi=0000000e edi=f82626d0
eip=b204dc80 esp=f82625a8 ebp=f82626f4 iopl=0 nv up ei pl nz na po nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000202
Ch000001+0x13c80:
b204dc80 cc int 3 |
楼主: chenhui530
[复制链接]
发表于 2009-3-1 19:23:47
楼主
我刚一运行就蓝屏了,-_-!