Prev: SD Write protect
Next: Is there an IRC channel which talks about driver development?
From: netskink on 23 Jul 2008 13:22
Hello

I have enabled driver "verifier.exe". I have generated a crash dump.
I analyze the crash dump using windbg and I believe my symbols are
configured correctly. However, when I try to do :

x /v nt!KiBugCheckDriver

I get :
pub global 80553920 0 nt!KiBugCheckDriver * <no type information>

What gives?

!ustr nt!KiBugCheckDriver also does not work.

John
From: Pavel A. on 23 Jul 2008 13:52
netskink wrote:
> Hello
>
> I have enabled driver "verifier.exe". I have generated a crash dump.
> I analyze the crash dump using windbg and I believe my symbols are
> configured correctly. However, when I try to do :
>
> x /v nt!KiBugCheckDriver
>
> I get :
> pub global 80553920 0 nt!KiBugCheckDriver * <no type information>
>
> What gives?
>
> !ustr nt!KiBugCheckDriver also does not work.
>
> John

This is a so called "private symbol". Information of most of
internal undocumented types and functions is removed
from symbols available for public use.

Usually KiBugCheckDriver is not needed to understand a crash reason,
do !analyze -v to begin.


Regards,
--PA
 | 
Pages: 1
Prev: SD Write protect
Next: Is there an IRC channel which talks about driver development?