具体dump和蓝屏附件如下:
1、dump文件
Microsoft (R) Windows Debugger Version 6.12.0002.633 AMD64
Copyright (c) Microsoft Corporation. All rights reserved.
Loading Dump File [C:\Users\Administrator\Desktop\Minidump\Minidump\081417-14414-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: *** Invalid ***
****************************************************************************
* Symbol loading may be unreliable without a symbol search path. *
* Use .symfix to have the debugger choose a symbol path. *
* After setting your symbol path, use .reload to refresh symbol locations. *
****************************************************************************
Executable search path is:
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*
*
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows 7 Kernel Version 7601 (Service Pack 1) MP (12 procs) Free x64
Product: Server, suite: TerminalServer DataCenter SingleUserTS
Built by: 7601.23677.amd64fre.win7sp1_ldr.170209-0600
Machine Name:
Kernel base = 0xfffff800`01602000 PsLoadedModuleList = 0xfffff800`01844730
Debug session time: Mon Aug 14 15:08:17.631 2017 (UTC + 8:00)
System Uptime: 0 days 0:19:14.241
*********************************************************************
* Symbols can not be loaded because symbol path is not initialized. *
*
*
* The Symbol Path can be set by: *
* using the _NT_SYMBOL_PATH environment variable. *
* using the -y <symbol_path> argument when starting the debugger. *
* using .sympath and .sympath+ *
*********************************************************************
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.........
Loading User Symbols
Loading unloaded module list
...............
*******************************************************************************
*
*
* Bugcheck Analysis
*
*
*
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {fffff88015cd6668, 2, 0, fffff8000167d2eb}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
***
***
***
***
*** Your debugger is not using the correct symbols ***
***
***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
***
***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work.
***
***
***
*** Type referenced: nt!_KPRCB ***
***
***
*************************************************************************
ADDITIONAL_DEBUG_TEXT:
Use '!findthebuild' command to search for the target build information.
If the build information is available, run '!findthebuild -s ; .reload' to set symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff80001602000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 589c915d
READ_ADDRESS: unable to get nt!MmSpecialPoolStart
unable to get nt!MmSpecialPoolEnd
unable to get nt!MmPoolCodeStart
unable to get nt!MmPoolCodeEnd
fffff88015cd6668
CURRENT_IRQL: 0
FAULTING_IP:
nt+7b2eb
fffff800`0167d2eb 488b42f8 mov rax,qword ptr [rdx-8]
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: DRIVER_FAULT_SERVER_MINIDUMP
BUGCHECK_STR: 0xA
LAST_CONTROL_TRANSFER: from fffff800016709e9 to fffff80001671440
STACK_TEXT:
fffff880`01f70f28 fffff800`016709e9 : 00000000`0000000a fffff880`15cd6668 00000000`00000002 00000000`00000000 : nt+0x6f440
fffff880`01f70f30 00000000`0000000a : fffff880`15cd6668 00000000`00000002 00000000`00000000 fffff800`0167d2eb : nt+0x6e9e9
fffff880`01f70f38 fffff880`15cd6668 : 00000000`00000002 00000000`00000000 fffff800`0167d2eb fffffab0`0141b080 : 0xa
fffff880`01f70f40 00000000`00000002 : 00000000`00000000 fffff800`0167d2eb fffffab0`0141b080 00000000`00000000 : 0xfffff880`15cd6668
fffff880`01f70f48 00000000`00000000 : fffff800`0167d2eb fffffab0`0141b080 00000000`00000000 00000000`00000000 : 0x2
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
nt+7b2eb
fffff800`0167d2eb 488b42f8 mov rax,qword ptr [rdx-8]
SYMBOL_NAME: nt+7b2eb
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
---------
