kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************

KERNEL_MODE_EXCEPTION_NOT_HANDLED (8e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: c0000005, The exception code that was not handled
Arg2: 83369e57, The address that the exception occurred at
Arg3: 92465b64, Trap Frame
Arg4: 00000000

Debugging Details:
------------------

DBGHELP: F:\Symbols\ntkrpamp.exe\4CE78A09412000\ntkrpamp.exe - OK

EXCEPTION_CODE: (NTSTATUS) 0xc0000005 - 0x%p

FAULTING_IP:
win32k!_GetDCEx+32
83369e57 8b4004 mov eax,dword ptr [eax+4]

TRAP_FRAME: 92465b64 -- (.trap 0xffffffff92465b64)
ErrCode = 00000000
eax=00000000 ebx=00000000 ecx=88ca4600 edx=00000000 esi=00000000 edi=00000000
eip=83369e57 esp=92465bd8 ebp=92465c04 iopl=0 nv up ei pl zr na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00010246
win32k!_GetDCEx+0x32:
83369e57 8b4004 mov eax,dword ptr [eax+4] ds:0023:00000004=????????
Resetting default scope

DEFAULT_BUCKET_ID: VISTA_DRIVER_FAULT

BUGCHECK_STR: 0x8E

PROCESS_NAME: XPDF

CURRENT_IRQL: 0

LAST_CONTROL_TRANSFER: from 8410308c to 8412cf20

STACK_TEXT:
924656d4 8410308c 0000008e c0000005 83369e57 nt!KeBugCheckEx+0x1e
92465af4 8408cdd6 92465b10 00000000 92465b64 nt!KiDispatchException+0x1ac
92465b5c 8408cd8a 92465c04 83369e57 badb0d00 nt!CommonDispatchException+0x4a
92465b70 84086794 01000000 88d0b920 00000000 nt!Kei386EoiHelper+0x192
92465c04 8336255d 00000000 00000000 00010001 nt!ExAcquireResourceSharedLite+0x103
92465c18 83362195 00000000 0012f808 92465c34 win32k!_GetWindowDC+0x14
92465c28 8408c1ea 00000000 0012f828 774970b4 win32k!NtUserGetWindowDC+0x27
92465c28 774970b4 00000000 0012f828 774970b4 nt!KiFastCallEntry+0x12a
WARNING: Frame IP not in any known module. Following frames may be wrong.
0012f828 00000000 00000000 00000000 00000000 0x774970b4


STACK_COMMAND: kb

FOLLOWUP_IP:
win32k!_GetDCEx+32
83369e57 8b4004 mov eax,dword ptr [eax+4]

SYMBOL_STACK_INDEX: 0

SYMBOL_NAME: win32k!_GetDCEx+32

FOLLOWUP_NAME: MachineOwner

MODULE_NAME: win32k

IMAGE_NAME: win32k.sys

DEBUG_FLR_IMAGE_TIMESTAMP: 4ce7900f

FAILURE_BUCKET_ID: 0x8E_win32k!_GetDCEx+32

BUCKET_ID: 0x8E_win32k!_GetDCEx+32

Followup: MachineOwner
---------

WARNING: Frame IP not in any known module. Following frames may be wrong.
0012f828 00000000 00000000 00000000 00000000 0x774970b4

[注意]传递专业知识、拓宽行业人脉——看雪讲师团队等你加入！