18.01.2015, 23:06
Witam. Proszę o pomoc z powracającym BSOD na laptopie z Vistą. Poniżej zawartość minidump.
Kod:
Microsoft (R) Windows DebuggerVersion 6.6.0003.5
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\Mini011815-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by:*
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+*
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Windows Vista Kernel Version 6002 (Service Pack 2) MP (2 procs) Free x86 compatible
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Kernel base = 0x83010000 PsLoadedModuleList = 0x83127c70
Debug session time: Sun Jan 18 22:14:22.894 2015 (GMT+1)
System Uptime: 0 days 1:49:21.932
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
* *
* The Symbol Path can be set by:*
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+*
*********************************************************************
Unable to load image \SystemRoot\system32\ntkrnlpa.exe, Win32 error 2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
*** ERROR: Module load completed but symbols could not be loaded for ntkrnlpa.exe
Loading Kernel Symbols
......................................................................................................................................................................................
Loading User Symbols
Loading unloaded module list
......
*******************************************************************************
* *
*Bugcheck Analysis*
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 1E, {c0000005, 9c3fe2b8, 0, 0}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
***Your debugger is not using the correct symbols ***
*** ***
***In order for this command to work properly, your symbol path ***
***must point to .pdb files that have full type information.***
*** ***
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information.Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
*** ***
***Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*** WARNING: Unable to verify timestamp for tcpip.sys
*** ERROR: Module load completed but symbols could not be loaded for tcpip.sys
*** WARNING: Unable to verify timestamp for tdx.sys
*** ERROR: Module load completed but symbols could not be loaded for tdx.sys
*** WARNING: Unable to verify timestamp for adgnetworktdi.sys
*** ERROR: Module load completed but symbols could not be loaded for adgnetworktdi.sys
Probably caused by : tdx.sys ( tdx+3d86 )
Followup: MachineOwner
---------
---------
1: kd> nt!_KPRCB
^ Syntax error in ''nt!_KPRCB''
1: kd> !analyze -v
*******************************************************************************
* *
*Bugcheck Analysis*
* *
*******************************************************************************
KMODE_EXCEPTION_NOT_HANDLED (1e)
This is a very common bugcheck.Usually the exception address pinpoints
the driver/function that caused the problem.Always note this address
as well as the link date of the driver/image that contains this address.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 9c3fe2b8, The address that the exception occurred at
Arg3: 00000000, Parameter 0 of the exception
Arg4: 00000000, Parameter 1 of the exception
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
***Your debugger is not using the correct symbols ***
*** ***
***In order for this command to work properly, your symbol path ***
***must point to .pdb files that have full type information.***
*** ***
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information.Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
*** ***
***Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
MODULE_NAME:tdx
FAULTING_MODULE: 83010000 nt
DEBUG_FLR_IMAGE_TIMESTAMP:49e02084
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - Instrukcja spod 0x%08lx odwo
FAULTING_IP:
+ffffffff9c3fe2b8
9c3fe2b8 8ce7 mov edi,fs
EXCEPTION_PARAMETER1:00000000
EXCEPTION_PARAMETER2:00000000
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
00000000
CUSTOMER_CRASH_COUNT:1
DEFAULT_BUCKET_ID:VISTA_BETA2
BUGCHECK_STR:0x1E
LAST_CONTROL_TRANSFER:from 830dd1fe to 830dd9bd
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
9c3fe26c 830dd1fe 0000001e c0000005 9c3fe2b8 nt+0xcd9bd
9c3fe288 830c2d5c 0000001e 830be16c 00000001 nt+0xcd1fe
9c3feb28 8c05db69 8c05db84 9c3feb4c 00000000 nt+0xb2d5c
9c3feb58 90fa7d86 86820c40 9c3feb74 86d09e28 tcpip+0x55b69
9c3feba0 90fafa52 88d404c8 86d09e00 87048888 tdx+0x3d86
9c3febbc 8305497a 881229d8 86d09e28 8676cb40 tdx+0xba52
9c3febd4 90fbfcda 8632de4c a91b4000 833cdec0 nt+0x4497a
9c3febf0 90fc0d62 0032de4c 00000000 a91b4000 adgnetworktdi+0x5cda
9c3fec20 90fc2780 02000001 864dd800 9c3fec4c adgnetworktdi+0x6d62
9c3fec30 90fc289b a91b4000 00000035 86134848 adgnetworktdi+0x8780
9c3fec4c 90fba95c 864dd800 864dd870 9c3fec6c adgnetworktdi+0x889b
9c3fec5c 90fc2d1f 8816d918 864dd800 9c3fec84 adgnetworktdi+0x95c
9c3fec6c 8305497a 8816d918 864dd800 864dd800 adgnetworktdi+0x8d1f
9c3fec84 83256e25 00000004 864dd800 864dd870 nt+0x4497a
9c3feca4 83223b13 8816d918 86134848 00000001 nt+0x246e25
9c3fed38 8305ac96 8816d918 0000061c 00000000 nt+0x213b13
9c3fed64 776f5d14 badb0d00 0815f69c 00000000 nt+0x4ac96
9c3fed68 badb0d00 0815f69c 00000000 00000000 0x776f5d14
9c3fed6c 0815f69c 00000000 00000000 00000000 0xbadb0d00
9c3fed70 00000000 00000000 00000000 00000000 0x815f69c
STACK_COMMAND:kb