Re: windows2003

Autor: oliwa <antyspam_oleksiej_at_tlen.pl>
Data: Wed 27 Jun 2007 - 13:27:50 MET DST
Message-ID: <f5ths6$qs5$1@nemesis.news.tpi.pl>
Content-Type: text/plain; charset=UTF-8; format=flowed

oliwa napisał(a):
> oliwa napisał(a):
>> Piotr B. (pb2004) napisał(a):
>>> Dnia Fri, 22 Jun 2007 09:23:54 +0200, oliwa napisał(a):
>>>
>>>> Piotr Krzyżański napisał(a):
>>>>> Użytkownik "oliwa" <antyspam_oleksiej@tlen.pl> napisał w wiadomości
>>>>> news:f4394k$9ta$1@atlantis.news.tpi.pl...
>>>>>> Piotr Krzyżański napisał(a):
>>>>>>> Użytkownik "oliwa" <antyspam_oleksiej@tlen.pl> napisał w
>>>>>>> wiadomości news:f3oh16$jqg$1@nemesis.news.tpi.pl...
>>>>>>>> nie widze nazwy sterownika, moze jak pojawil sie blue screen to
>>>>>>>> cos bylo, ale jak to teraz znalezc to nie wiem.
>>>>>>> Wyłączyłeś automatyczny restart po błędzie?
>>>>>>> Jak wyłączysz, to "ekran śmierci" powinien pozostać na
>>>>>>> ekranie.
>>>>>>> Zobacz do katalogu %SystemRoot%\Minidump, tam sÄ… pliki
>>>>>>> z datami - otwórz notatnikiem i poczytaj...
>>>>> ˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙˙ ~) *** €
>>>>>> ale nic o bledzie, moge przeslac ten plik?
>>>>> Nie ma takiej potrzeby :)
>>>>> ÅšciÄ…gnij sobie Debugging Tools for Windows
>>>>> i przy pomocy WinDbf otwórz tenże plik.
>>>>>
>>>>> http://msdl.microsoft.com/download/symbols/debuggers/dbg_x86_6.7.05.0.exe
>>>>>
>>>>>
>>>>> Piciu
>>>>>
>>>> ten program tak samo odczytuje jak notatnik, czyli nie do odczytania
>>>
>>> Skonfiguruj w windbg symbole jak na tej stronie:
>>> http://www.microsoft.com/whdc/devtools/debugging/debugstart.mspx
>>> i następnie otwórz plik przez menu File-> Open crash dump.
>>> Gdy plik zostanie (może trwać to dość długo bo muszą pobrać się pliki
>>> symboli) odczytany wpisz !analyze -v i otrzymasz pełną informację na
>>> temat
>>> BSODa.
>>>
>> ok, sprobuje i dam znac czy cos sensownego pokazalo.
> i udalo mi sie w miare czytelny obraz uzyskac, ale nie wiem co moze byc
> przyczyna oto log
> Loading Dump File [C:\WINDOWS\Minidump\Mini062107-01.dmp]
> Mini Kernel Dump File: Only registers and stack trace are available
>
> Symbol search path is: *** Invalid ***
> ****************************************************************************
>
> * Symbol loading may be unreliable without a symbol search
> path. *
> * Use .symfix to have the debugger choose a symbol
> path. *
> * After setting your symbol path, use .reload to refresh symbol
> locations. *
> ****************************************************************************
>
> Executable search path is:
> *********************************************************************
> * Symbols can not be loaded because symbol path is not initialized. *
> * *
> * The Symbol Path can be set by: *
> * using the _NT_SYMBOL_PATH environment variable. *
> * using the -y <symbol_path> argument when starting the debugger. *
> * using .sympath and .sympath+ *
> *********************************************************************
> Unable to load image \WINDOWS\system32\ntkrnlpa.exe, Win32 error 0n2
> *** WARNING: Unable to verify timestamp for ntkrnlpa.exe
> *** ERROR: Module load completed but symbols could not be loaded for
> ntkrnlpa.exe
> Windows Server 2003 Kernel Version 3790 (Service Pack 1) MP (2 procs)
> Free x86 compatible
> Product: LanManNt, suite: TerminalServer SingleUserTS
> Kernel base = 0x80800000 PsLoadedModuleList = 0x808a6ea8
> Debug session time: Thu Jun 21 10:57:18.296 2007 (GMT+2)
> System Uptime: 2 days 3:47:40.921
> *********************************************************************
> * Symbols can not be loaded because symbol path is not initialized. *
> * *
> * The Symbol Path can be set by: *
> * using the _NT_SYMBOL_PATH environment variable. *
> * using the -y <symbol_path> argument when starting the debugger. *
> * using .sympath and .sympath+ *
> *********************************************************************
> Unable to load image \WINDOWS\system32\ntkrnlpa.exe, Win32 error 0n2
> *** WARNING: Unable to verify timestamp for ntkrnlpa.exe
> *** ERROR: Module load completed but symbols could not be loaded for
> ntkrnlpa.exe
> Loading Kernel Symbols
> ....................................................................
> moze ktos w stanie jest mi powiedziec w czym lezy przyczyna restartu
> serwera?
teraz nie krzyczy ze brak sciezki do symbol path ale wywale jeszcze
jakis blad,
cos wyswietlio w stylu:

Symbol search path is: C:\websymbols\symbolspack\
Executable search path is:
Unable to load image \WINDOWS\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
Windows Server 2003 Kernel Version 3790 (Service Pack 1) MP (2 procs)
Free x86 compatible
Product: LanManNt, suite: TerminalServer SingleUserTS
Kernel base = 0x80800000 PsLoadedModuleList = 0x808a6ea8
Debug session time: Thu Jun 21 10:57:18.296 2007 (GMT+2)
System Uptime: 2 days 3:47:40.921
Unable to load image \WINDOWS\system32\ntkrnlpa.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntkrnlpa.exe
Loading Kernel Symbols
................................................................................................................
Loading User Symbols
Loading unloaded module list
.
*******************************************************************************
*
       *
* Bugcheck Analysis
       *
*
       *
*******************************************************************************

Use !analyze -v to get detailed debugging information.

BugCheck 93, {8, 0, 0, 0}

Unable to load image \SystemRoot\system32\DRIVERS\netbt.sys, Win32 error 0n2
*** WARNING: Unable to verify timestamp for netbt.sys
Probably caused by : netbt.sys ( netbt!NTSend+cca )

Followup: MachineOwner
---------

1: kd> !analyze -v
*******************************************************************************
*
       *
* Bugcheck Analysis
       *
*
       *
*******************************************************************************

INVALID_KERNEL_HANDLE (93)
This message occurs if kernel code (server, redirector, other driver, etc.)
attempts to close a handle that is not a valid handle.
Arguments:
Arg1: 00000008, The handle that NtClose was called with.
Arg2: 00000000, means a protected handle was closed.
Arg3: 00000000
Arg4: 00000000

Debugging Details:
------------------

CUSTOMER_CRASH_COUNT: 1

DEFAULT_BUCKET_ID: DRIVER_FAULT_SERVER_MINIDUMP

BUGCHECK_STR: 0x93

PROCESS_NAME: System

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 809337a7 to 80827447

STACK_TEXT:
f78cec28 809337a7 00000093 00000008 00000000
nt!IoAllocateDriverObjectExtension+0xf
f78cec54 8093389c e1001d68 e2cd0a38 00000008 nt!MiNoPagesLastChance+0x120f
f78cec98 809339b9 00000008 00000000 f78cecb4 nt!MiNoPagesLastChance+0x1304
f78ceca8 80888c7c 00000008 f78ced3c 8082e00d nt!MiNoPagesLastChance+0x1421
f78cecb4 8082e00d badb0d00 f78ced2c 00000000
nt!MiCanFileBeTruncatedInternal+0xea2
f78ced3c b9dbdfcc 886281c8 b9ddb6a8 8862823c nt!IopWriteTriageDump+0x2cf
f78ced50 b9dbda5e 00000000 886281c8 00000000 netbt!NTSend+0xcca
f78ced80 8087f92f b9ddb6bc 00000000 89d94db0 netbt!NTSend+0x75c
f78cedac 80948bd0 b9ddb6bc 00000000 00000000
nt!MmProbeAndLockSelectedPages+0x96b
f78ceddc 8088d4e2 8087f844 00000000 00000000 nt!MiBuildForkPageTable+0x218e
00000000 00000000 00000000 00000000 00000000
nt!MiDeletePageTablesForPhysicalRange+0xe2e

STACK_COMMAND: kb

FOLLOWUP_IP:
netbt!NTSend+cca
b9dbdfcc ?? ???

SYMBOL_STACK_INDEX: 6

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: netbt

IMAGE_NAME: netbt.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 42435dff

SYMBOL_NAME: netbt!NTSend+cca

FAILURE_BUCKET_ID: 0x93_netbt!NTSend+cca

BUCKET_ID: 0x93_netbt!NTSend+cca
Received on Wed Jun 27 13:30:07 2007

To archiwum zosta³o wygenerowane przez hypermail 2.1.8 : Wed 27 Jun 2007 - 13:42:05 MET DST