много всего понаписано там.. приведу все что было написано в после analyze
kd> !analyze -v
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
KERNEL_MODE_EXCEPTION_NOT_HANDLED_M (1000008e)
This is a very common bugcheck. Usually the exception address pinpoints
the driver/function that caused the problem. Always note this address
as well as the link date of the driver/image that contains this address.
Some common problems are exception code 0x80000003. This means a hard
coded breakpoint or assertion was hit, but this system was booted
/NODEBUG. This is not supposed to happen as developers should never have
hardcoded breakpoints in retail code, but ...
If this happens, make sure a debugger gets connected, and the
system is booted /DEBUG. This will let us see why this breakpoint is
happening.
Arguments:
Arg1: 80000003, The exception code that was not handled
Arg2: f8ae6988, The address that the exception occurred at
Arg3: f88a3b38, Trap Frame
Arg4: 00000000
Debugging Details:
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!KPRCB ***
*** ***
*************************************************************************
*************************************************************************
*** ***
*** ***
*** Your debugger is not using the correct symbols ***
*** ***
*** In order for this command to work properly, your symbol path ***
*** must point to .pdb files that have full type information. ***
*** ***
*** Certain .pdb files (such as the public OS symbols) do not ***
*** contain the required information. Contact the group that ***
*** provided you with these symbols if you need this command to ***
*** work. ***
*** ***
*** Type referenced: nt!_KPRCB ***
*** ***
*************************************************************************
FAULTING_MODULE: 804d7000 nt
DEBUG_FLR_IMAGE_TIMESTAMP: 4689dbf6
EXCEPTION_CODE: (HRESULT) 0x80000003 (2147483651) -
FAULTING_IP:
tdifilter_testdriver+988
f8ae6988 cc int 3
TRAP_FRAME: f88a3b38 -- (.trap fffffffff88a3b38)
ErrCode = 00000000
eax=f88a3c1c ebx=00000e20 ecx=00000458 edx=f88a3c18 esi=82206160 edi=821a2c08
eip=f8ae6989 esp=f88a3bac ebp=f88a3bbc iopl=0 nv up ei ng nz na pe nc
cs=0008 ss=0010 ds=0023 es=0023 fs=0030 gs=0000 efl=00000286
tdifilter_testdriver+0x989:
f8ae6989 8b4508 mov eax,dword ptr [ebp+8] ss:0010:f88a3bc4=8228b870
Resetting default scope
CUSTOMER_CRASH_COUNT: 1
DEFAULT_BUCKET_ID: WRONG_SYMBOLS
BUGCHECK_STR: 0x8E
LAST_CONTROL_TRANSFER: from aaca362d to f8ae6989
STACK_TEXT:
WARNING: Stack unwind information not available. Following frames may be wrong.
f88a3bbc aaca362d 8228b870 820a6c00 00000e20 tdifilter_testdriver+0x989
f88a3c20 aaca8e39 820a6c00 00001950 f88a3d40 tcpip+0x862d
f88a3ca8 aac9cef5 8180e9d0 2101a8c0 89e66ad9 tcpip+0xde39
f88a3d08 aacbae4d 00000020 8180e9d0 aac9f076 tcpip+0x1ef5
f88a3dbc aac9b922 8180e9d0 8191a222 0000046c tcpip+0x1fe4d
f88a3dfc aac9b84d 00000000 818c15d0 8191a200 tcpip+0x922
f88a3e38 f8138f45 8180f138 00000000 f766db40 tcpip+0x84d
f88a3e8c f766801d 008c0c08 82096450 00000001 NDIS+0x22f45
f88a3ea0 f76681b4 8208aad0 82096450 00000001 psched+0x801d
f88a3ec4 f76685f9 818bb5a8 00000000 8208aad0 psched+0x81b4
f88a3edc f8138d40 818bb5a0 00000001 8193f37c psched+0x85f9
f88a3f2c f7723fe0 008c0c08 f88a3f4c 00000001 NDIS+0x22d40
f88a3f7c f771dc67 8193f004 8193f37c 821c4878 yk51x86+0xdfe0
f88a3fac f771f1ea 6093f004 f88a3fd0 f812ef09 yk51x86+0x7c67
f88a3fb8 f812ef09 8193f004 820efd98 820efffc yk51x86+0x91ea
f88a3fd0 80540f7d 8193f088 8193f074 00000000 NDIS+0x18f09
f88a3fd4 8193f088 8193f074 00000000 00000000 nt+0x69f7d
f88a3fd8 8193f074 00000000 00000000 fdb469e6 0x8193f088
f88a3fdc 00000000 00000000 fdb469e6 bf74bbbf 0x8193f074
STACK_COMMAND: .bugcheck ; kb
FOLLOWUP_IP:
tdifilter_testdriver+988
f8ae6988 cc int 3
FOLLOWUP_NAME: MachineOwner
MODULE_NAME: tdifilter_testdriver
IMAGE_NAME: tdifilter_testdriver.sys
SYMBOL_NAME: tdifilter_testdriver+988
BUCKET_ID: WRONG_SYMBOLS
Followup: MachineOwner
tdifilter_testdriver.sys это какраз мой драйвер