|
阅读:4513回复:4
请教各位专家,如何解析如下7F蓝屏bug?
UNEXPECTED_KERNEL_MODE_TRAP (7f)
This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a *portion* of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 00000008, EXCEPTION_DOUBLE_FAULT Arg2: 801e6000 Arg3: 00000000 Arg4: 00000000 Debugging Details: BUGCHECK_STR: 0x7f_8 TSS: 00000028 -- (.tss 0x28) eax=84330000 ebx=96cf15d6 ecx=8d99d02f edx=00000000 esi=87429710 edi=8595d028 eip=8421f887 esp=8d99d000 ebp=8d99d010 iopl=0 nv up ei ng nz ac po nc cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010292 nt!KeInsertDeviceQueue+0x16: 8421f887 56 push esi Resetting default scope DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT PROCESS_NAME: svchost.exe CURRENT_IRQL: 2 LAST_CONTROL_TRANSFER: from 8421f7bd to 8421f887 STACK_TEXT: 8d99d010 8421f7bd 8595d088 87429750 87429710 nt!KeInsertDeviceQueue+0x16 8d99d034 96cef7fc 8595d028 87429710 00000000 nt!IoStartPacket+0x57 WARNING: Stack unwind information not available. Following frames may be wrong. 8d99d04c 842524bc 8595d028 87429710 8591a570 btcomport+0x7fc 8d99d064 96cf502f 8d99d084 842524bc 8591a570 nt!IofCallDriver+0x63 8d99d06c 842524bc 8591a570 87429710 00000004 RootMdm!RootModemPassThrough+0x21 8d99d084 96d05690 85932538 85932590 8d99d0f4 nt!IofCallDriver+0x63 8d99d094 96d05583 85932538 874297cb 87429710 modem!UniSendOurWaitDown+0x6a 8d99d0f4 8427eb33 85932480 87429702 00000000 modem!UniSniffWaitComplete+0x5d 8d99d138 96cf1409 874297fc 8d99d174 96cf109e nt!IopfCompleteRequest+0x128 8d99d144 96cf109e 87429710 00000000 00000004 btcomport+0x2409 8d99d174 96cef848 02000004 87429710 87429710 btcomport+0x209e |
|
|
沙发#
发布于:2010-09-20 14:49
符号阿符号,加上verifier吧
|
|
|
|
板凳#
发布于:2010-09-20 15:00
非常感谢znsoft先生。这个bug就是由于在WIN7操作系统上安装了没有签名的btcomport驱动程序引起的(当驱动签名了时就不复现该BUG)。我在Symbol File Path中添加了btcompor.pdb所在路径,也在Source File Path中添加了源文件所在路径,可还是难以定位如下等:
8d99d04c 842524bc 8595d028 87429710 8591a570 btcomport+0x7fc 真心请教znsoft,如何由上面的 btcomport+0x7fc ,来定位到源代码的哪个文件哪一行,当符合文件不起作用时? |
|
|
地板#
发布于:2010-09-25 19:19
你的符号没有正确的load,否则应该显示出具体代码行号来才对
|
|
|
|
地下室#
发布于:2010-11-24 13:25
你在WDK文档里查一下UNEXPECTED_KERNEL_MODE_TRAP。
上面基本解释的很清楚,就是你遇到除0错,内存越界错误等。 ------------------------------------------------------------------ 帆子内核驱动网 bbs.kerneldev.com |
|
|
