|
阅读:4439回复:5
关于用windbg查看 crash dump
当打开memory。dmp文件时,windbg到最后就停住了,cpu占用100%,怎么回事? 信息如下:
WARNING: Non-directory path: 'D:\ov9657 debug\Dev\objchk\i386\AVEOdcnt.sys' Microsoft (R) Windows Debugger Version 6.6.0007.5 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [D:\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: C:\WINDOWS\Symbols\Vista;C:\WINDOWS\Symbols\Winxp;D:\ov9657 debug\Dev\objchk\i386 Executable search path is: D:\ov9657 debug\Dev\objchk\i386\AVEOdcnt.sys Windows Vista Kernel Version 6000 UP Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Personal Built by: 6000.16386.x86fre.vista_rtm.061101-2205 Kernel base = 0x81800000 PsLoadedModuleList = 0x81908ab0 Debug session time: Thu Mar 8 09:29:59.189 2007 (GMT+8) System Uptime: 0 days 15:25:24.787 Loading Kernel Symbols .............................................................................................................................................. Loading User Symbols .......................................... Loading unloaded module list ..................................................Unable to enumerate user-mode unloaded modules, NTSTATUS 0xC0000147 ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck D1, {983758e0, 2, 0, 983758e0} //就停在这里了,再执行其他cmd就没反应。 windbg version: 6.6 但有时候其他dmp又没问题,是不是dmp文件不完整? 正常情况下信息如下: Microsoft (R) Windows Debugger Version 6.6.0007.5 Copyright (c) Microsoft Corporation. All rights reserved. Loading Dump File [D:\dmp2\MEMORY.DMP] Kernel Complete Dump File: Full address space is available Symbol search path is: C:\WINDOWS\Symbols\Vista;;D:\ov9657 debug\Dev\objchk\i386\AVEOdcnt.pdb;C:\WINDOWS\Symbols\Winxp Executable search path is: D:\ov9657 debug\Dev\objchk\i386\AVEOdcnt.sys;D:\ov9657 debug\Dev\objfre\i386\AVEOdcnt.sys Windows Vista Kernel Version 6000 MP (2 procs) Free x86 compatible Product: WinNt, suite: TerminalServer SingleUserTS Built by: 6000.16386.x86fre.vista_rtm.061101-2205 Kernel base = 0x81800000 PsLoadedModuleList = 0x81908ab0 Debug session time: Tue Mar 6 16:36:42.720 2007 (GMT+8) System Uptime: 0 days 0:18:28.484 Loading Kernel Symbols ............................................................................................................................................ Loading User Symbols Loading unloaded module list ..... ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* Use !analyze -v to get detailed debugging information. BugCheck 50, {bad0b0c8, 0, 8b065411, 2} *** ERROR: Module load completed but symbols could not be loaded for AVEOdcnt.sys Probably caused by : AVEOdcnt.sys ( AVEOdcnt+1411 ) Followup: MachineOwner --------- |
|
最新喜欢: Leopar...
|
|
沙发#
发布于:2007-03-08 11:04
你设置了符号路径,你的机机正在从比尔.该死的服务器上下载需要的符号..
请等待.. |
|
|
|
板凳#
发布于:2007-03-08 12:30
引用第1楼znsoft于2007-03-08 11:04发表的“”: 应该不是吧,如果是下载符号CPU不会100$的吧. 是不是DUMP有问题或其他原因 |
|
|
地板#
发布于:2007-03-08 16:17
 肯定是在下载符号。慢慢等吧。你应该在晚上睡觉前用symchk把所有系统文件的符号都下载回来。 |
|
|
地下室#
发布于:2007-03-08 17:50
符号我已经down下来安装了啊,并且把路径设置进去了
我看到有人把ms的符号网址填进去,那样才会去下载吧? 同样一个驱动的不同时间dmp文件,有时就是好的,还是怀疑dmp文件本身问题。 |
|
|
5楼#
发布于:2007-03-14 08:35
从WinDbg的Symbol search path可以看出,楼主没有设置symserver,表误导他~~~
初步怀疑是dump file有错误,可能已经损坏或者不完全。我几个MS网站上有一个memory dump file的分析程序,是日本几个厂商做的,你用那个试试看,如果它也读不出来,那就是出错了 |
|
|