BSOD - Debugging a BSOD in Vista
- 25 Aug 2009 #11My System Specs
BSOD - Debugging a BSOD in Vista
Last edited by Frostmourne; 27 Aug 2009 at 08:08 PM.
28 Dec 2009 #10
Member
My System SpecsRe: BSOD - Debugging a BSOD in Vista
While trying to debug my errors i kept getting the same messages over and over again. Apparently the address i typed (And i typed it exactly, interchanging what i thought were Stars with Quotation marks when they didn't work) Doesn't work or has invalid symbols or something..
Anyways after clicking on some hyperlink i found in the debugger (Advanced analysis i think?) This is what i came up with
Code:Loading Dump File [C:\Windows\MEMORY.DMP] Kernel Summary Dump File: Only kernel address space is available Symbol search path is: SRV*C:\symbolfiles*http://msdl.microsoft.com/download/symbols;SRV*C:\sumbolfiles*http.microsoft.com/downloads/symbols;SRV*C:\symbolfiles*http.microsoft.com/downloads/symbols Executable search path is: *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrpamp.exe - Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2.286) MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 6002.16670.x86fre.lh_sp2rc.090130-1715 Machine Name: Kernel base = 0x81a02000 PsLoadedModuleList = 0x81b19c70 Debug session time: Mon Dec 28 08:50:42.889 2009 (GMT-8) System Uptime: 0 days 8:27:28.849 *** ERROR: Symbol file could not be found. Defaulted to export symbols for ntkrpamp.exe - Loading Kernel Symbols ............................................................... ................................................................ ............... Loading User Symbols PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details Loading unloaded module list ......... *** ERROR: Symbol file could not be found. Defaulted to export symbols for halmacpi.dll - ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck A, {bfb01d2c, ff, 0, 81dc2347} ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details Probably caused by : ntkrpamp.exe ( nt!Kei386EoiHelper+2951 ) Followup: MachineOwner --------- 0: kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* IRQL_NOT_LESS_OR_EQUAL (a) An attempt was made to access a pageable (or completely invalid) address at an interrupt request level (IRQL) that is too high. This is usually caused by drivers using improper addresses. If a kernel debugger is available get the stack backtrace. Arguments: Arg1: bfb01d2c, memory referenced Arg2: 000000ff, IRQL Arg3: 00000000, bitfield : bit 0 : value 0 = read operation, 1 = write operation bit 3 : value 0 = not an execute operation, 1 = execute operation (only on chips which support this level of status) Arg4: 81dc2347, address which referenced memory Debugging Details: ------------------ ***** Kernel symbols are WRONG. Please fix symbols to do analysis. ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* ************************************************************************* *** *** *** *** *** Your debugger is not using the correct symbols *** *** *** *** In order for this command to work properly, your symbol path *** *** must point to .pdb files that have full type information. *** *** *** *** Certain .pdb files (such as the public OS symbols) do not *** *** contain the required information. Contact the group that *** *** provided you with these symbols if you need this command to *** *** work. *** *** *** *** Type referenced: nt!_KPRCB *** *** *** ************************************************************************* PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details PEB is paged out (Peb.Ldr = 7ffda00c). Type ".hh dbgerr001" for details ADDITIONAL_DEBUG_TEXT: Use '!findthebuild' command to search for the target build information. If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols. MODULE_NAME: nt FAULTING_MODULE: 81a02000 nt DEBUG_FLR_IMAGE_TIMESTAMP: 4983cf0c READ_ADDRESS: unable to get nt!MmSpecialPoolStart unable to get nt!MmSpecialPoolEnd unable to get nt!MmPoolCodeStart unable to get nt!MmPoolCodeEnd bfb01d2c CURRENT_IRQL: 0 FAULTING_IP: hal!KfRaiseIrql+121 81dc2347 c9 leave DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT BUGCHECK_STR: 0xA LAST_CONTROL_TRANSFER: from 81dc2347 to 81a3f669 STACK_TEXT: WARNING: Stack unwind information not available. Following frames may be wrong. 9fb01cb4 81dc2347 badb0d00 00000000 8772fd78 nt!Kei386EoiHelper+0x2951 9fb01cc8 81a989d6 8772fd78 00000002 86f46030 hal!KfRaiseIrql+0x121 9fb01d18 81dc2347 00000008 00010046 00000006 nt!KeSetEvent+0x1e4 00000000 00000000 00000000 00000000 00000000 hal!KfRaiseIrql+0x121 STACK_COMMAND: kb FOLLOWUP_IP: nt!Kei386EoiHelper+2951 81a3f669 833d840cb38100 cmp dword ptr [nt!LpcPortObjectType+0x160 (81b30c84)],0 SYMBOL_STACK_INDEX: 0 SYMBOL_NAME: nt!Kei386EoiHelper+2951 FOLLOWUP_NAME: MachineOwner IMAGE_NAME: ntkrpamp.exe BUCKET_ID: WRONG_SYMBOLS Followup: MachineOwner ---------
21 Oct 2012 #11My System SpecsRe: BSOD - Debugging a BSOD in Vista
SRV*C:\symbolfiles*http://msdl.microsoft.com/download. The C needs to be uncapitalized, at least that is what worked for me.
Originally Posted by Israfel 
BSOD - Debugging a BSOD in Vista problems?
Similar Threads Tutorial Tutorial Starter Category Comments Last Post Debugging the Cause of a BSOD on Vista Home 32bit Jeff91 Vista General 1 09 Dec 2009 Looking for some advanced BSOD debugging help InfalliblexOne Crashes and Debugging 4 12 Oct 2009 Debugging Vista BSOD - step by step guide Frostmourne General Discussion 3 25 Aug 2009 Vista BSOD Snipedisazz Vista General 5 07 May 2009 Vista BSOD, am unable to shutdown without BSOD, logoff OK Edward Ray Vista General 4 28 Jan 2007
Reply With Quote
