Home » Personal

Debug analyze

Posted By: BioTecK on Monday 4 September 2006 with No Comments Yet

Nou, zojuist is mijn pc weer uitgevallen.. icon_evilicon_evil Ik heb een Windebugger geinstallerd om te kijken wat er nou fout gaat; maar goed, daar word ik ook niet echt wijzer op!! :S

Hieronder de analyze van de BSOD! Als je weet wat er nou mis is, email me dan!! :p ***************************************************************************
****
* *
* Bugcheck Analysis *
* *
***************************************************************************
****

Use !analyze -v to get detailed debugging information.

BugCheck 1000000A, {ffffff94, 2, 0, 80500b3a}

ANALYSIS: Kernel with unknown size. Will force reload symbols with known size.
ANALYSIS: Force reload command: .reload /f ntoskrnl.exe=FFFFFFFF804D7000,213F80,42250FF9
***** Kernel symbols are WRONG. Please fix symbols to do analysis.

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

Probably caused by : ntoskrnl.exe ( nt+29b3a )

Followup: MachineOwner
———

kd> !analyze -v
***************************************************************************
****
* *
* Bugcheck Analysis *
* *
***************************************************************************
****

IRQL_NOT_LESS_OR_EQUAL (a)
An attempt was made to access a pageable (or completely invalid) address at an
interrupt request level (IRQL) that is too high. This is usually
caused by drivers using improper addresses.
If a kernel debugger is available get the stack backtrace.
Arguments:
Arg1: ffffff94, memory referenced
Arg2: 00000002, IRQL
Arg3: 00000000, value 0 = read operation, 1 = write operation
Arg4: 80500b3a, address which referenced memory

Debugging Details:
——————

ANALYSIS: Kernel with unknown size. Will force reload symbols with known size.
ANALYSIS: Force reload command: .reload /f ntoskrnl.exe=FFFFFFFF804D7000,213F80,42250FF9
***** Kernel symbols are WRONG. Please fix symbols to do analysis.

***** Kernel symbols are WRONG. Please fix symbols to do analysis.

MODULE_NAME: nt

FAULTING_MODULE: 804d7000 nt

DEBUG_FLR_IMAGE_TIMESTAMP: 42250ff9

READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
ffffff94

CURRENT_IRQL: 2

FAULTING_IP:
nt+29b3a
80500b3a 8b8744010000 mov eax,dword ptr [edi+144h]

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: WRONG_SYMBOLS

BUGCHECK_STR: 0xA

LAST_CONTROL_TRANSFER: from 80500c35 to 80500b3a

STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
f4560a74 80500c35 b884c5c8 fffffe50 e2c54400 nt+0x29b3a
f4560b04 805820df 019a0050 00010000 f4560d30 nt+0x29c35
f4560d4c 804de7ec 00000005 019a0050 00010000 nt+0xab0df
f4560d64 7c90eb94 badb0d00 0012f074 b9b67d98 nt+0x77ec
f4560d68 badb0d00 0012f074 b9b67d98 b9b67dcc 0x7c90eb94
f4560d6c 0012f074 b9b67d98 b9b67dcc 00000000 0xbadb0d00
f4560d70 b9b67d98 b9b67dcc 00000000 00000000 0x12f074
f4560d74 b9b67dcc 00000000 00000000 00000000 0xb9b67d98
f4560d78 00000000 00000000 00000000 00000000 0xb9b67dcc

STACK_COMMAND: kb

FOLLOWUP_IP:
nt+29b3a
80500b3a 8b8744010000 mov eax,dword ptr [edi+144h]

SYMBOL_STACK_INDEX: 0

FOLLOWUP_NAME: MachineOwner

IMAGE_NAME: ntoskrnl.exe

SYMBOL_NAME: nt+29b3a

BUCKET_ID: WRONG_SYMBOLS

Followup: MachineOwner
———

«
»


Leave your response!

Add your comment below, or trackback from your own site. You can also subscribe to these comments via RSS.

Comment Guidelines
Stay on topic, Do not include affiliate links, be nice and keep it clean. Please note that all comments will be moderated (due to too much spam)!

You can use these tags:
<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>
All line breaks and paragraphs will be generated automatically.

This is a Gravatar-enabled weblog. To get your own globally-recognized-avatar, please register at Gravatar.

CommentLuv Enabled