Witajcie, od jakiegoś czasu przy wyłączaniu komputera pojawia mi się BSOD. Po kliknięciu przycisku wyłącz lub uruchom ponownie po kilkudziesięciu minutach na ekranie “Wyłączanie…” pojawia się BSOD. Dodam jeszcze, że niewystępuje on regularnie. Czasami jest czasami nie ma ciężko mi określić dlaczego tak jest.
Co może powodować tego BSOD. To znaczy co może powodować to wiem są to błędne parametry dla programu ntoskrnl.exe. Ale jak to wyeliminować.
Poniżej zamieszczam ostatnie dumpy.
Nie wskazałeś symbols przed analizą, na nic te wyniki się nie przydadzą.
a jak to można zrobić, bo szczerze mówiąc nie wiem jak analizować tego typu dumpy bo nie zdarzały mi się one zbyt często
Dzięki za odpowiedź
Mam nadzieje, że o to chodzi:
0: kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
DRIVER_POWER_STATE_FAILURE (9f)
A driver has failed to complete a power IRP within a specific time.
Arguments:
Arg1: 0000000000000004, The power transition timed out waiting to synchronize with the Pnp
subsystem.
Arg2: 0000000000000258, Timeout in seconds.
Arg3: fffffa80066e3b50, The thread currently holding on to the Pnp lock.
Arg4: fffff80004fd33d0, nt!TRIAGE_9F_PNP on Win7 and higher
Debugging Details:
------------------
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: NT!_ETHREAD***
******
*************************************************************************
Implicit thread is now fffffa80`066e3b50
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_ETHREAD***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_TRIAGE_9F_PNP***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_KPRCB***
******
*************************************************************************
*************************************************************************
******
******
***Either you specified an unqualified symbol, or your debugger***
***doesn't have full symbol information. Unqualified symbol***
***resolution is turned off by default. Please either specify a***
***fully qualified symbol module!symbolname, or enable resolution***
***of unqualified symbols by typing ".symopt- 100". Note that***
***enabling unqualified symbol resolution with network symbol***
***server shares in the symbol path may cause the debugger to***
***appear to hang for long periods of time when an incorrect***
***symbol name is typed or the network symbol server is down.***
******
***For some commands to work properly, your symbol path***
***must point to .pdb files that have full type information.***
******
***Certain .pdb files (such as the public OS symbols) do not***
***contain the required information. Contact the group that***
***provided you with these symbols if you need this command to***
***work.***
******
***Type referenced: nt!_KPRCB***
******
*************************************************************************
ADDITIONAL_DEBUG_TEXT:
You can run '.symfix; .reload' to try to fix the symbol path and load symbols.
MODULE_NAME: nt
FAULTING_MODULE: fffff80002e05000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 55a6901f
DRVPOWERSTATE_SUBCODE: 4
FAULTING_THREAD: fffffa80066e3b50
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WIN7_DRIVER_FAULT
BUGCHECK_STR: 0x9F
CURRENT_IRQL: 0
ANALYSIS_VERSION: 6.3.9600.17237 (debuggers(dbg).140716-0327) amd64fre
LAST_CONTROL_TRANSFER: from 0000000000000000 to fffff80002e7adaa
STACK_TEXT:
fffff880`03bd9620 00000000`00000000 : 00000000`0000000f 00000000`00000000 ffffe270`b4ae9014 00000000`00000000 : nt+0x75daa
STACK_COMMAND: .thread 0xfffffa80066e3b50 ; kb
FOLLOWUP_IP:
nt+75daa
fffff800`02e7adaa 488d8c2400010000 lea rcx,[rsp+100h]
SYMBOL_STACK_INDEX: 0
SYMBOL_NAME: nt+75daa
FOLLOWUP_NAME: MachineOwner
IMAGE_NAME: ntoskrnl.exe
BUCKET_ID: WRONG_SYMBOLS
FAILURE_BUCKET_ID: WRONG_SYMBOLS
ANALYSIS_SOURCE: KM
FAILURE_ID_HASH_STRING: km:wrong_symbols
FAILURE_ID_HASH: {70b057e8-2462-896f-28e7-ac72d4d365f8}
Followup: MachineOwner