[求助]这样的ＩＤＴ　ＨＯＯＫ为什么在多线程运行的情况下蓝屏？-付费问答-看雪-安全社区|安全招聘|kanxue.com

最新回复 (2)
leemichael 雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 28 回帖 67 粉丝 0 关注私信	leemichael 2 楼附上DUMP kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a portion of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 0000000d, EXCEPTION_GP_FAULT Arg2: 00000000 Arg3: 00000000 Arg4: 00000000 Debugging Details: ------------------ *********************************************************************** * * * * * Your debugger is not using the correct symbols * * * * In order for this command to work properly, your symbol path * * must point to .pdb files that have full type information. * * * * Certain .pdb files (such as the public OS symbols) do not * * contain the required information. Contact the group that * * provided you with these symbols if you need this command to * * work. * * * * Type referenced: kernel32!pNlsUserInfo * * * ********************************************************************* ********************************************************************* * * * * * Your debugger is not using the correct symbols * * * * In order for this command to work properly, your symbol path * * must point to .pdb files that have full type information. * * * * Certain .pdb files (such as the public OS symbols) do not * * contain the required information. Contact the group that * * provided you with these symbols if you need this command to * * work. * * * * Type referenced: kernel32!pNlsUserInfo * * * *********************************************************************** BUGCHECK_STR: 0x7f_d DEFAULT_BUCKET_ID: DRIVER_FAULT PROCESS_NAME: MultiThreadTest LAST_CONTROL_TRANSFER: from 804f8b9d to 80528bdc STACK_TEXT: ef6de8a8 804f8b9d 00000003 ef6dec04 00000000 nt!RtlpBreakWithStatusInstruction ef6de8f4 804f978a 00000003 80538f15 02480248 nt!KiBugCheckDebugBreak+0x19 ef6decd4 80541dff 0000007f 0000000d 00000000 nt!KeBugCheck2+0x574 ef6decd4 80538f15 0000007f 0000000d 00000000 nt!KiSystemFatalException+0xf ef6ded90 f895d38c f895f1b4 16fefd3b 0054ffb4 nt!_SEH_prolog+0x5 WARNING: Stack unwind information not available. Following frames may be wrong. ef6deda0 f895d399 00000002 0054ffb4 02480248 HelloDDK+0x138c ef6deddc 80542dd2 f8312b85 82030fc8 00000000 HelloDDK+0x1399 ef6dede0 f8312b84 82030fc8 00000000 0000027f nt!KiThreadStartup+0x16 ef6dede4 82030fc8 00000000 0000027f 02480000 NDIS!___PchSym_+0xc ef6dede8 00000000 0000027f 02480000 00000000 0x82030fc8 STACK_COMMAND: kb FOLLOWUP_IP: HelloDDK+138c f895d38c 83c408 add esp,8 SYMBOL_STACK_INDEX: 5 SYMBOL_NAME: HelloDDK+138c FOLLOWUP_NAME: MachineOwner MODULE_NAME: HelloDDK IMAGE_NAME: HelloDDK.sys DEBUG_FLR_IMAGE_TIMESTAMP: 49d1ce2a FAILURE_BUCKET_ID: 0x7f_d_HelloDDK+138c BUCKET_ID: 0x7f_d_HelloDDK+138c Followup: MachineOwner --------- 2009-3-31 16:09 0
fixfix 雪币： 419 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 21 回帖 671 粉丝 0 关注私信	fixfix 3 楼发个 BIN 出来看看 2009-3-31 16:24 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

最新回复 (2)
leemichael 雪币： 201 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 28 回帖 67 粉丝 0 关注私信	leemichael 2 楼附上DUMP kd> !analyze -v ******************************************************************************* * * * Bugcheck Analysis * * * ******************************************************************************* UNEXPECTED_KERNEL_MODE_TRAP (7f) This means a trap occurred in kernel mode, and it's a trap of a kind that the kernel isn't allowed to have/catch (bound trap) or that is always instant death (double fault). The first number in the bugcheck params is the number of the trap (8 = double fault, etc) Consult an Intel x86 family manual to learn more about what these traps are. Here is a portion of those codes: If kv shows a taskGate use .tss on the part before the colon, then kv. Else if kv shows a trapframe use .trap on that value Else .trap on the appropriate frame will show where the trap was taken (on x86, this will be the ebp that goes with the procedure KiTrap) Endif kb will then show the corrected stack. Arguments: Arg1: 0000000d, EXCEPTION_GP_FAULT Arg2: 00000000 Arg3: 00000000 Arg4: 00000000 Debugging Details: ------------------ *********************************************************************** * * * * * Your debugger is not using the correct symbols * * * * In order for this command to work properly, your symbol path * * must point to .pdb files that have full type information. * * * * Certain .pdb files (such as the public OS symbols) do not * * contain the required information. Contact the group that * * provided you with these symbols if you need this command to * * work. * * * * Type referenced: kernel32!pNlsUserInfo * * * ********************************************************************* ********************************************************************* * * * * * Your debugger is not using the correct symbols * * * * In order for this command to work properly, your symbol path * * must point to .pdb files that have full type information. * * * * Certain .pdb files (such as the public OS symbols) do not * * contain the required information. Contact the group that * * provided you with these symbols if you need this command to * * work. * * * * Type referenced: kernel32!pNlsUserInfo * * * *********************************************************************** BUGCHECK_STR: 0x7f_d DEFAULT_BUCKET_ID: DRIVER_FAULT PROCESS_NAME: MultiThreadTest LAST_CONTROL_TRANSFER: from 804f8b9d to 80528bdc STACK_TEXT: ef6de8a8 804f8b9d 00000003 ef6dec04 00000000 nt!RtlpBreakWithStatusInstruction ef6de8f4 804f978a 00000003 80538f15 02480248 nt!KiBugCheckDebugBreak+0x19 ef6decd4 80541dff 0000007f 0000000d 00000000 nt!KeBugCheck2+0x574 ef6decd4 80538f15 0000007f 0000000d 00000000 nt!KiSystemFatalException+0xf ef6ded90 f895d38c f895f1b4 16fefd3b 0054ffb4 nt!_SEH_prolog+0x5 WARNING: Stack unwind information not available. Following frames may be wrong. ef6deda0 f895d399 00000002 0054ffb4 02480248 HelloDDK+0x138c ef6deddc 80542dd2 f8312b85 82030fc8 00000000 HelloDDK+0x1399 ef6dede0 f8312b84 82030fc8 00000000 0000027f nt!KiThreadStartup+0x16 ef6dede4 82030fc8 00000000 0000027f 02480000 NDIS!___PchSym_+0xc ef6dede8 00000000 0000027f 02480000 00000000 0x82030fc8 STACK_COMMAND: kb FOLLOWUP_IP: HelloDDK+138c f895d38c 83c408 add esp,8 SYMBOL_STACK_INDEX: 5 SYMBOL_NAME: HelloDDK+138c FOLLOWUP_NAME: MachineOwner MODULE_NAME: HelloDDK IMAGE_NAME: HelloDDK.sys DEBUG_FLR_IMAGE_TIMESTAMP: 49d1ce2a FAILURE_BUCKET_ID: 0x7f_d_HelloDDK+138c BUCKET_ID: 0x7f_d_HelloDDK+138c Followup: MachineOwner --------- 2009-3-31 16:09 0
fixfix 雪币： 419 活跃值： (10) 能力值： ( LV2，RANK：10 ) 在线值：发帖 21 回帖 671 粉丝 0 关注私信	fixfix 3 楼发个 BIN 出来看看 2009-3-31 16:24 0
	游客登录 \| 注册方可回帖回帖表情雪币赚取及消费高级回复

[旧帖] [求助]这样的ＩＤＴ ＨＯＯＫ为什么在多线程运行的情况下蓝屏？ 0.00雪花

[旧帖] [求助]这样的ＩＤＴ　ＨＯＯＫ为什么在多线程运行的情况下蓝屏？ 0.00雪花