|
机器经常是每天都出现蓝屏,分析了一下转存文件,看的不是太明白,哪位给看看。
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 8E, {c0000005, ba608bfe, ba17fba0, 0}
*** ERROR: Module load completed but symbols could not be loaded for SENTINEL.SYS
Probably caused by : SENTINEL.SYS ( SENTINEL+10bfe )
Followup: MachineOwner
---------
3: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: ba608bfe, The address that the exception occurred at
Arg3: ba17fba0, Trap Frame
Arg4: 00000000
Debugging Details:
------------------
EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - "0x%08lx"
FAULTING_IP:
SENTINEL+10bfe
ba608bfe 668b745010 mov si,word ptr [eax+edx*2+10h]
TRAP_FRAME: ba17fba0 -- (.trap ffffffffba17fba0)
ErrCode = 00000000
eax=00000000 ebx=ba8bd424 ecx=ba8bd3f4 edx=00000001 esi=00000000 edi=ba8bd428
eip=ba608bfe esp=ba17fc14 ebp=00000000 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
SENTINEL+0x10bfe:
ba608bfe 668b745010 mov si,word ptr [eax+edx*2+10h] ds:0023:00000012=????
Resetting default scope
DEFAULT_BUCKET_ID: DRIVER_FAULT
BUGCHECK_STR: 0x8E
PROCESS_NAME: dllhost.exe
CURRENT_IRQL: 0
LAST_CONTROL_TRANSFER: from 8085b4b3 to 8087b6be
STACK_TEXT:
ba17f76c 8085b4b3 0000008e c0000005 ba608bfe nt!KeBugCheckEx+0x1b
ba17fb30 808357a4 ba17fb4c 00000000 ba17fba0 nt!KiDispatchException+0x3a2
ba17fb98 80835758 00000000 ba608bfe badb0d00 nt!CommonDispatchException+0x4a
ba17fc14 ba606b49 ba8bd3f4 00000001 ba8bd3f4 nt!Kei386EoiHelper+0x186
WARNING: Stack unwind information not available. Following frames may be wrong.
00000000 00000000 00000000 00000000 00000000 SENTINEL+0xeb49
STACK_COMMAND: kb
FOLLOWUP_IP:
SENTINEL+10bfe
ba608bfe 668b745010 mov si,word ptr [eax+edx*2+10h]
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: SENTINEL+10bfe
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: SENTINEL
IMAGE_NAME: SENTINEL.SYS
DEBUG_FLR_IMAGE_TIMESTAMP: 4586ceff
FAILURE_BUCKET_ID: 0x8E_SENTINEL+10bfe
BUCKET_ID: 0x8E_SENTINEL+10bfe
Followup: MachineOwner
---------
|