我遇到了类似的问题“BSOD-无法验证 ntoskrnl.exe 的时间戳“,因为我似乎无法读取正确的符号ntoskrnl。
我已经关注BK1E 给出的建议,但还是得不到结果。
以下是来自调试的文本:
Loading Dump File [C:\Users\XXXX\AppData\Local\Temp\WER9D78.tmp\Mini030610-01.dmp]
Mini Kernel Dump File: Only registers and stack trace are available
Symbol search path is: SRV*c:\Windows\Symbols*http://msdl.microsoft.com/download/symbols
Executable search path is:
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Windows Server 2008/Windows Vista Kernel Version 6002 (Service Pack 2) MP (4 procs) Free x64
Product: WinNt, suite: TerminalServer SingleUserTS Personal
Machine Name:
Kernel base = 0xfffff800`01e59000 PsLoadedModuleList = 0xfffff800`0201ddd0
Debug session time: Sat Mar 6 14:08:20.516 2010 (UTC + 0:00)
System Uptime: 0 days 0:42:01.723
Unable to load image \SystemRoot\system32\ntoskrnl.exe, Win32 error 0n2
*** WARNING: Unable to verify timestamp for ntoskrnl.exe
*** ERROR: Module load completed but symbols could not be loaded for ntoskrnl.exe
Loading Kernel Symbols
...............................................................
................................................................
.........................
Loading User Symbols
Loading unloaded module list
....
*******************************************************************************
* *
* Bugcheck Analysis *
* *
*******************************************************************************
Use !analyze -v to get detailed debugging information.
BugCheck A, {11, c, 0, fffff80001ec9489}
***** Kernel symbols are WRONG. Please fix symbols to do analysis.
我该如何解决这个问题?
操作系统是 Windows Vista x64 SP2。
答案1
看起来您正在加载小型转储,这需要可执行文件的路径。要么将 _NT_EXECUTABLE_IMAGE_PATH 环境变量设置为指向您的 %windir%\system32 文件夹(或任何包含可执行文件的位置),要么使用.exepathwindbg 中的命令。