如何使用WINDBG?计算机因蓝屏而重启,并使用windbg分析Minidmp但输出错误。 [英] HOW TO USE WINDBG? the computer restart because of the blue screen, and use the windbg to analyze the Minidmp but output the error.
问题描述
Microsoft(R)Windows调试版10.0.14321.1024 AMD64
版权所有(c)Microsoft Corporation。保留所有权利。
Loading Dump文件[C:\ Windows \ Minidump \ 041017-6328-01.dmp]
迷你内核转储文件:仅寄存器和堆栈跟踪可用
*************符号路径验证摘要**************
回复 Time(ms) Location
OK C:\ Windows \ Minidump
*************符号路径验证摘要**************
回复 Time(ms) Location
延期 SRV * c: \ mysymbol * http://msdl.microsoft.com/download/symbols
符号搜索路径是:SRV * c:\ mysymbol * http://msdl.microsoft.com/download/symbols
可执行搜索路径为:C:\ Windows \ Minidump
无法加载图像\SystemRoot \system32 \ antoskrnl.exe,Win32错误0n2
***警告:无法验证ntoskrnl.exe的时间戳
***错误:模块加载已完成但无法为ntoskrnl.exe加载符号
Windows 10内核版本15063 MP(8触发器)免费x64
产品:WinNt,套件:TerminalServer SingleUserTS
内置:15063.0.amd64fre.rs2_release.170317-1834
机器名称:
内核基数= 0xfffff800`4ae9b000 PsLoadedModuleList = 0xfffff800`4b1e75a0
调试会话时间:星期一4月10日19:30:15.049 2017(UTC + 8:00)
系统正常运行时间:0天2:43:11.072
无法加载图像\SystemRoot \system32 \ antoskrnl.exe,Win32错误0n2
***警告:无法验证ntoskrnl.exe的时间戳
***错误:模块加载已完成但无法为ntoskrnl.exe加载符号
加载内核符号
........................................... ....................
........................................... .....................
.........................................
加载用户符号
加载已卸载的模块列表
..........
*************符号加载错误摘要**************
模块名称 错误
ntoskrnl 系统找不到指定的文件
您可以通过启用符号加载诊断(!sym noisy)并重复导致符号加载的命令来解决大多数符号相关问题。
您还应验证您的符号搜索路径(.sympath)是否正确。
错误:FindPlugIns 8007007b
错误:某些插件可能无法使用[8007007b]
************* ************************************
*
*
* 错误检查分析
*
*
*
************* ************************************
使用!analyze -v获取详细的调试信息。
BugCheck 19,{e,ffffe50206b03500,1a2d2daef8a18629,1a2d2daef8a1a629}
***警告:无法验证nvlddmkm.sys的时间戳
***错误:模块加载已完成但无法为nvlddmkm.sys加载符号
*****内核符号错误。请修复符号进行分析。
************* ******************************
***
***
***
***
*** 您指定了一个不合格的符号,或者您的调试器 ***
*** 没有完整的符号信息。 不合格的符号 ***
*** 分辨率默认关闭。请指定 ***
*** 完全限定符号模块!符号名称,或启用分辨率***
*** 通过键入".symopt- 100"来表示不合格的符号。请注意 ***
*** 使用网络符号启用不合格的符号解析 ***
*** 符号路径中的服务器共享可能会导致调试器出现 ***
*** 在错误的 ***
*** 输入符号名称或网络符号服务器已关闭。 ***
***
***
*** 要使某些命令正常工作,您的符号路径 ***
*** 必须指向具有完整类型信息的.pdb文件。 ***
***
***
*** 某些.pdb文件(例如公共操作系统符号)不会 ***
*** 包含所需信息。 联系该组 ***
*** 如果你需要这个命令来提供这些符号 ***
*** work。
***
***
***
*** 类型引用:nt!_KPRCB ***
***
***
************* ******************************
嗨Bowensnow,
感谢您在此发布。
>> 如何使用WINDBG? 计算机因蓝屏而重启,并使用windbg分析Minidmp但输出错误。
出现"打开崩溃转储"对话框时,在"文件名"文本框中输入故障转储文件的完整路径和名称,或使用该对话框选择正确的路径和文件名。选择了文件,单击"打开"。您也可以在调试器运行后使用
.opendump(Open Dump File)命令,然后是
g(Go)。
有关选项的完整列表,请参阅
WinDbg命令行选项。
以下是一些文档你作为参考。
https://msdn.microsoft.com/en-us/library/windows/hardware/ff538058(v = vs.85).aspx
希望这可以帮到你。
<顺便说一下,这个论坛是关于c ++开发的。对于您的情况,我建议您下次以
Microsoft社区发布,以获得更好的支持。
您的理解与合作将不胜感激。
最诚挚的问候,
Sera Yu
Microsoft (R) Windows Debugger Version 10.0.14321.1024 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Windows\Minidump\041017-6328-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
************* Symbol Path validation summary **************
Response Time (ms) Location
OK C:\Windows\Minidump
************* Symbol Path validation summary **************
Response Time (ms) Location
Deferred SRV*c:\mysymbol* http://msdl.microsoft.com/download/symbols
Symbol search path is: SRV*c:\mysymbol* http://msdl.microsoft.com/download/symbols
Executable search path is: C:\Windows\Minidump
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 10 Kernel Version 15063 MP (8 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS
Built by: 15063.0.amd64fre.rs2_release.170317-1834
Machine Name:
Kernel base = 0xfffff800`4ae9b000 PsLoadedModuleList = 0xfffff800`4b1e75a0
Debug session time: Mon Apr 10 19:30:15.049 2017 (UTC + 8:00)
System Uptime: 0 days 2:43:11.072
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.........................................
Loading User Symbols
Loading unloaded module list
..........
************* Symbol Loading Error Summary **************
Module name Error
ntoskrnl The system cannot find the file specified
You can troubleshoot most symbol related issues by turning on symbol loading diagnostics (!sym noisy) and repeating the command that caused symbols to be loaded.
You should also verify that your symbol search path (.sympath) is correct.
ERROR: FindPlugIns 8007007b
ERROR: Some plugins may not be available [8007007b]
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck 19, {e, ffffe50206b03500, 1a2d2daef8a18629, 1a2d2daef8a1a629}
*** WARNING: Unable to verify timestamp for nvlddmkm.sys
*** ERROR: Module load completed but symbols could not be loaded for nvlddmkm.sys
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
***
***
***
***
*** Either you specified an unqualified symbol, or your debugger ***
*** doesn't have full symbol information. Unqualified symbol ***
*** resolution is turned off by default. Please either specify a ***
*** fully qualified symbol module!symbolname, or enable resolution ***
*** of unqualified symbols by typing ".symopt- 100". Note that ***
*** enabling unqualified symbol resolution with network symbol ***
*** server shares in the symbol path may cause the debugger to ***
*** appear to hang for long periods of time when an incorrect ***
*** symbol name is typed or the network symbol server is down. ***
***
***
*** For some commands to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
***
***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work.
***
***
***
*** Type referenced: nt!_KPRCB ***
***
***
*************************************************************************
Hi Bowensnow,
thanks for posting here.
>>HOW TO USE WINDBG? the computer restart because of the blue screen, and use the windbg to analyze the Minidmp but output the error.
When the Open Crash Dump dialog box appears, enter the full path and name of the crash dump file in the File name text box, or use the dialog box to select the proper path and file name. When the proper file has been chosen, click Open. You can also open a dump file after the debugger is running by using the .opendump (Open Dump File) command, followed with g (Go).
For a full list of options, see WinDbg Command-Line Options.
Here are some documents for you as references.
https://msdn.microsoft.com/en-us/library/windows/hardware/ff538058(v=vs.85).aspx
https://msdn.microsoft.com/en-us/library/windows/desktop/ee416349(v=vs.85).aspx#analyzing_a_minidump
Hope this could be help of you.
By the way, this forum is about c++ development. For your case, I suggest you post on Microsoft Community next time for better support.
Your understanding and cooperation will be grateful.
Best Regards,
Sera Yu
这篇关于如何使用WINDBG?计算机因蓝屏而重启,并使用windbg分析Minidmp但输出错误。的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
